Testing for Banned Info

What is Payment Failed?

Payment fail is a message your bot will likely return when it is unable to queue for payment. There are several reasons why this can happen, which can be anything from a blacklisted card or IP to the item selling out while trying to checkout.

Causes of Payment Fails

The most common causes of payment failures seem to come from the following items:

• Bot Flagged by Antibot

• Low Checkout Delay

• Running Captcha Bypass

• Item Sold Out

• Blacklisted IP/Subnet/ASN

• Blacklisted Email

• Blacklisted Address

• Blacklisted Card

Checkout Delay

If you are running a low checkout delay for Supreme, you'll often see a payment failed message when trying to checkout.

For drops, you should set your checkout delay to about 7000-7500.

For restocks when ticket is down, you can typically run 3500-4500.

Item Sold Out

In some cases, the item may have sold out while that task was attempting to process payment. If this happens, it may return a payment fail. You can restart tasks that reach this error and see if it can catch a restock. If you are seeing it on specific profiles, it is possible that profile is using information that has been temporarily or permanently blacklisted by Supreme.

Blacklisted IP/Subnet/ASN

Supreme in the past has flagged some proxies/IPs that would result in some payment failures. However, as of October 23rd, 2020, they have introduced a new form of “proxy protection.”

Their proxy protection is similar in a sense to Shopify’s proxy protection, where your proxy can ping fine and access the site, but be unable to go to checkout or cart an item. With Supreme’s new proxy protection system, they are now blocking a wide scale of proxies from being able to queue for payment. If they see you are using a flagged IP, then you will receive a payment failed status in your bot.

This proxy protection system seems to be up 24/7 now. This has resulted in a lot of proxies being unable to queue for payment. This includes both residential, DC and ISP proxies. A very wide majority of DC/ISP proxies no longer are able to queue for payment.

It is unclear at the moment if they are targeting and flagging specific IPs, subnets or even ASNs.

Subnet - A subnet basically refers to the range of IP addresses in one block, which you can often tell from the starting numbers from your proxies. An example of a subnet would be:

208.220.155.1:65073

208.220.155.2:65073

208.220.155.3:65073

.

.

.

208.220.155.253:65073

208.220.155:254:65073

In this case, it’s possible that the subnet 208.220.155.X was flagged, where X is a number from 1-254. If you use a proxy from that subnet that Supreme has flagged, then it can cause a payment fail.

ASN - Autonomous System Number. It is a unique number assigned to an autonomous system (AS) by the Internet Assigned Numbers Authority (IANA).

This essentially refers to blocks of IP addresses which have a distinctly defined number registered to their IP addresses that are managed by an organization/ proxy company.

An example is shown here https://www.whatismyip.com/asn/US/.

An ASN ban is a higher level ban than a subnet ban, that can affect multiple subnets. This type of ban targets all IP blocks that are associated with a registered ASN.

Let’s say 10 different subnet blocks are registered to a company called Proxy Corporation, with an assigned ASN number of AS301. If the website detects too much abusive behavior coming from traced back IPs associated with the ASN number of AS301, then they can do a wide ban on these types of IPs. In this scenario, all 10 different subnet blocks are effectively banned, regardless of individual subnet behavior.

You can see the ASN number associated with your proxies often by visiting a website such as https://ipinfo.io/ or https://www.ultratools.com/tools/asnInfoResult. If you plug in proxies from your provider, you will see that they have the same ASN associated with them.

Blacklisted Email

This could be related to a flagged catchall domain or an email that was blacklisted from overuse in a short period of time potentially. If you’re using a catchall domain, then a reputable domain works best on Supreme to get around this. Reusing an email address too often may also cause this.

If you ran an email address too many times through their payment processor, then it’s possible it is temporarily blacklisted. Supreme does not seem to blacklist emails often in this sense other than some catchall domains however.

Blacklisted Address

Supreme can and often does ban addresses. An address is usually banned after it has purchased too many items from them either from one drop or a period of drop because it’s flagged as a botter/reseller address. If your address was also run through their payment processor too many times, it can result in a temporarily flagged address.

If your address has been banned, you will have to jig your address properly in order to bypass their filtration system.

Blacklisted Card

If your card has been used across too many tasks within a short period of time, then Supreme is likely to ban it. This is why many bot devs have started to suggest running 1 task per 1 card/profile. If your card is blacklisted, then you won’t be able to queue for payment with it.

Sometimes, bot devs will have a card ban bypass in place, that allows you to run more tasks per profile. Check with your bot to see if they have a working card ban bypass solution in place before running more than 1:1. If they do not have a good solution for this, then it is advisable to not run more than 1 task per profile, or you will see a lot of payment failed errors.

Blacklisted Card BIN

If the BIN of the card is flagged, then it can also lead to a payment failure decline. This includes using a card from Privacy for example. If the first 6 digits of that card are flagged, then it can cause a decline.

Duration of Blacklists

The exact duration of an info blacklist isn’t known. Some blacklists are temporary, while others are permanent.

An address ban is generally permanent. My address has been banned since December 2019 and is still banned almost a year later.

Card bans are usually temporary. The bans should lift after a while as long as enough time has passed. This could be a few hours up to a few days. If your bot utilizes a card ban bypass, then potentially you won’t need to worry about this as long as you follow their instructions for how many tasks per profile/card you can run.

IP bans are currently unknown. Their new proxy protection system seems to be enabled at all times, so while it is on, the IP flag will likely be permanent. Prior to the proxy protection update, an IP soft ban would be a few hours up to a few days.

Testing for Payment Failure

If you are getting a lot of payment failures in your Supreme tasks even though your bot appears to have a good antibot solution in place, then you can attempt to figure out which element of your task or billing profile has been flagged by Supreme.

The goal of testing a profile or IP is to make sure it can queue for payment. This means as long as you can reach a valid decline, then that means you are able to queue for payment successfully and that information and IP should be fine.

When making a test profile and task, keep the following in mind for what you’re trying to test.

Name

Test any first and last name. I strongly believe that Supreme does not flag names at all, so this is unlikely to be an issue.

Email

Use any email that you want to test to see if it works or not. This can be a real email or a catchall domain email.

Phone Number

Supreme does not care if phone numbers are real or fake. Feel free to just use a fake phone number here.

Address

You can check to see if your address has been blacklisted or not. If you’re checking your real address, you can just not jig it at all. If you want to see if a specific address jig has been blacklisted, you can use that

Note that this is different than orders getting mass cancels. Supreme has additional filters in place after placing orders that has resulted in recent cancels. The purpose of this is to see if that address can queue for payment and not banned from placing orders.

Cards

You likely will not be able to use a test card from paypal or a dummy credit card generator site. This is because most of these cards are flagged or blacklisted from overuse from people testing out profiles. This includes card numbers such as 4242 4242 4242 4242 and so on.

The card you use will depend on what you are trying to test. It is preferred to reach a decline when testing and not an actual purchase, unless you want to do that. You can use your real card and change the CVV of it. However, some cards like Amex will allow the charge to go through regardless of incorrect CVV.

The best solution I’ve found is to use virtual cards from either Capital One Eno or Citi Virtual Cards that will decline if your information is not flagged. Note that Privacy and Revolut do not work for testing and will get instantly rejected. You will learn nothing by using these two cards to test.

Eno - Go to your Eno card management page (try https://myaccounts.capitalone.com/VirtualCards) and locate the test card you are going to use. Once you’ve found your test card, select the lock virtual card option to stop the card from being able to make purchases.

Citi - Go to the card creation page and select advanced options. You will want to create a card with a limit. Simply choose a limit of $1.

Utilizing these methods will mean you will only reach a decline and not actually charged for your purchase attempt. Reaching a valid decline is a good sign and equivalent to a successful order as far as testing for payment fails go.

Proxy

If you want to see if your localhost is temporarily flagged, simply don’t use proxies when testing.

To see if your proxies are banned by their new proxy protection system, you will want to use a proxy from that subnet to test.

It’s unknown if they flagged proxies at a subnet or ASN level, so you can test a few proxies from a subnet to determine if those proxies work. It’s possible your entire provider has been flagged at the ASN level and has no working proxies so keep this in mind.

Proxy flags can apply to your localhost, DC, ISP and residential proxies so keep that in mind.

Identifying Cause of Payment Failure

Try changing one of these variables at a time and see if you can queue for payment or reach a valid decline instead of payment failure.

Blacklisted IP - Swap the task proxy to a different one. If multiple proxies from a subnet are unable to queue for payment, then likely the subnet has been silently flagged by Supreme and will no longer work while they enforce this protection.

Your localhost should be unflagged as long as you have not abused it in the past. If you are unable to reach payment decline with your localhost, try to vary your address and use a fresh card before concluding localhost flag.

Blacklisted Address - If swapping the address to a different jig allows you to reach a payment decline, then your address has likely been banned by Supreme.

Blacklisted Card - Try using a different card. Remember that it is preferable to use a fresh and locked Eno card or $1 limit Citi card when testing. If you tested too many times with the same card, then it’s possible that the card itself will have been flagged and not give accurate results for what else may be flagged in your profile or IP.

Testing Manually

• Go to Supreme’s site.

• Add any item such as Hanes Tees to cart. Anything here will work fine. https://www.supremenewyork.com/shop/all/accessories

• Go to checkout - https://www.supremenewyork.com/checkout

• Fill in the information you want to test. Refer to Causes of Payment Fails and Testing for Payment Failure.

• Keep an eye on what happens when you click process payment. You can tell if you’re banned or not depending on what you see:

Blacklisted Info

If you have blacklisted information, then you will generally see the high traffic error shown below. Additionally, the item will often be removed from your cart automatically which is a good sign of an info flag

Unflagged Info

If you do not have blacklisted information, then you will see a decline message like the one below. If you click go back, the item will also be in your cart still.

Note if you want to test for a proxy ban manually, you can utilize a proxy switching extension such as Proxy SwitchyOmega or BP Proxy Switcher.

Testing with a Bot

You can utilize a bot to test for blacklisted information as well. It is best to test on an item that sits so you know it’s not related to the item being out of stock. Hanes Tees should work great for testing.

You want to receive a valid card decline in your bot task/webhook. If you receive payment fails, then that is a sign of an info flag.

You can test different info flags such as card, address, or IP to determine which element is flagged exactly.