Proxies for Depop: The Right Type, Setup, and Avoiding Bans

Proxies for Depop: which type fits stealth shops versus sourcing, how many IPs you need, sticky versus rotating, and how to avoid Depop bans and blocks.

HProxy Team 10 min read
Proxy.Use case

Free proxies won't hold up here.

Shared datacenter IPs get flagged and dropped fast. When it has to hold, gaming, streaming, accounts, you need mobile and residential IPs that read as a real device, from $0.65/GB, pay as you go.

See plans & pricing

Proxies for Depop do one of two jobs: keeping a selling shop off Depop's linking radar, or sourcing and scraping listings without tripping its bot checks. The right proxies for Depop are almost always residential: a dedicated static (ISP) IP under each shop, and a rotating residential pool for reading data at volume. Depop is a mobile-first resale marketplace (owned by Etsy), and it links accounts and rate-limits automation closely enough that the wrong proxy gets a shop banned or a scraper blocked in a handful of requests.

We run a proxy network, so we see both sides: the Depop shops people keep alive for years, and the batches that get banned in a week. This is the honest version: which proxy type fits which Depop job, how many IPs you need, why shops want sticky and scrapers want rotating, and the part a proxy cannot fix. No provider can promise an unbannable Depop shop, but the wrong setup guarantees the ban.

What proxies are best for Depop?

For running Depop shops, static residential or ISP proxies, one dedicated IP per shop, held in place and geo-matched to the shop's country. For sourcing and scraping Depop, rotating residential, because the site distrusts datacenter ranges and rate-limits repeat visitors. Datacenter is the fast way to get a shop linked; mobile (4G/5G) is the durable option for the highest-risk shops.

Why people use proxies for Depop

Four jobs cover almost everything, and they pull in different directions.

  • Stealth and multiple shops. Depop bans shops for policy breaks, counterfeits, chargebacks, or just for being a second account, and a banned seller who wants back on (or a reseller running several themed shops) needs each shop to look like a separate person. The moment a new shop touches the same IP, device, or payout details as a banned one, Depop links and bans it, often before the first item sells.
  • Sourcing and scraping. Resellers mine Depop for underpriced vintage and branded pieces to flip onward (to Vinted, eBay, or Grailed), plus sold-price history and sellers worth watching. Depop's web app reads from an internal JSON API, and scrapers hit those endpoints directly, into its rate limits and bot wall. Rotating proxies spread the requests so no single IP looks like a machine.
  • Growth automation. Follow/unfollow bots, auto-bumping (relisting items so they climb the feed), and bulk listing tools all fire far more actions per hour than a human thumb would. From one flagged IP, that pattern reads as a bot instantly.
  • Region and market access. Depop's catalog, pricing, and shipping differ by country (it leans on the US and UK), so a UK IP sees the UK market and a US IP the US one. Sourcers and sellers point an IP at the market they want.

What Depop actually reads

Depop links shops and detects bots off a stack of signals, and a proxy touches only the first.

  • IP address and subnet. The loudest network signal. Two shops on one IP, or one small subnet, read as one owner. Hosting and datacenter ranges are distrusted on sight, and an IP a banned Depop shop already used is dirty before you start.
  • Device and app fingerprint. Depop is mobile-first, so the app carries a device identifier and the web app a browser fingerprint (canvas, fonts, user agent). Two shops from one phone or browser share it and cluster even behind clean IPs.
  • The bot wall. Depop's web app and API sit behind Cloudflare-style bot management: JavaScript challenges, TLS and header checks, and 429 rate limiting when traffic looks automated. Datacenter IPs and fast repeat requests trip it quickly.
  • Cookies and tracking IDs. Depop sets long-lived session and device cookies. Log into a second shop in a browser still carrying the first shop's cookies and you have linked them by hand.
  • Hard identifiers. The Depop-specific killer. Selling requires a payout method (Depop Payments, which runs on Stripe, or historically PayPal) plus a phone, email, and address, and Depop links shops by those regardless of the IP. Reuse a PayPal or phone number from a banned shop and no proxy saves you.
  • Location consistency. A shop that always logged in from London then suddenly appears from Vietnam gets a hold.

Which proxy type fits which Depop job

Four proxy types show up in Depop setups, and the sweet spot differs for shops and for scraping.

Datacenter proxies come from hosting providers, and Depop's front door can tell. Fast and cheap, but for shops they are the quickest route to a ban, and for scraping they trip the bot wall almost as fast as you point them at the API. Usually the wrong tool here.

ISP proxies are static residential IPs on datacenter-grade hardware: a real home connection that stays fast and always on. For Depop shops this is usually the sweet spot: the IP is residential and never changes, so a shop keeps logging in from one trusted home address for months, exactly what Depop expects from a real seller.

Residential proxies are IPs from real home connections. For sourcing and scraping they are the right call: they look like ordinary shoppers and rotate across a large pool so no single address stands out. Held sticky they also serve for shops, though ISP is steadier for a fixed IP. If the type is new, our explainer on what a residential proxy is covers how it differs from datacenter.

Mobile proxies are carrier 4G and 5G IPs, shared by thousands of real phones behind Carrier-Grade NAT. Depop cannot hard-ban one without hitting genuine customers, so mobile is the most durable tier for a shop that keeps getting burned, and on a phone-first platform it matches how real users connect. It is the priciest option, and most setups never need it.

Depop jobProxy type that usually worksSession modeNotes
Stealth or second shopISP or static residentialStatic, one IP per shopGeo-match the shop's country; datacenter gets linked
Several selling shopsISP or static residentialStatic, one IP eachNever share an IP across your own shops
Sourcing and price scrapingRotating residentialRotate, short sticky per readBeats the bot wall and rate limits; datacenter flagged
Follow/unfollow or auto-bumpThe shop's own IPStatic, sticky to that shopAccount-bound, so no rotation; pace it like a human
Repeatedly burned, high-risk shopMobile (4G/5G)Static or stickyHardest IP to ban; natural fit for a phone-first app
One-off region peek or a testFree list, then verifyn/aFine to look; never to build a shop on

Use the cheapest tier the job tolerates, and step up only when links or blocks prove you must.

Sticky or rotating: the job decides

A shop wants to stay put. A real seller logs in from the same connection every day, so a Depop shop should hold one static IP and never move off it. Rotate a shop's IP and you have told Depop it is either traveling impossibly or being shared, and both get flagged. If you only have a rotating pool, pin it to a sticky session so the shop still sees one steady exit.

A scraper wants the reverse. Pulling thousands of listings from one IP is the fastest way to trip Depop's bot wall, so scraping wants rotation: a fresh IP per request, or a short sticky window long enough to read one listing before moving on. Growth automation is the trap in between: follow/unfollow and bumping act on a logged-in shop, so they are account-bound and must run on that shop's own stable IP, never a rotating pool. Getting this backwards is behind a large share of the Depop problems we see.

How many IPs you actually need

For shops, the unit is the shop: one dedicated static IP each, never shared. Two shops on one IP is the exact pattern Depop links, so five stealth shops means five separate IPs, geo-matched and ideally on different subnets.

Depop shops (one dedicated static IP each, never shared):
  shop A  ->  198.51.100.20   ISP, UK,     matches its registered country
  shop B  ->  198.51.100.21   ISP, US,     its own device / profile
  shop C  ->  203.0.113.10    mobile, UK,  high-risk, keeps getting burned

Sourcing / scraping Depop (rotating residential, sized by bandwidth):
  one pool  ->  rotate per read, short sticky while paging one listing

For scraping there are no named IPs to count. You buy bandwidth through a rotating pool and size by how much you pull against Depop's per-IP rate ceiling, which is why residential is metered per gigabyte rather than per address. Our pricing is pay-as-you-go with a balance that does not expire, so a long-held shop IP and a bursty sourcing run both bill for what they use, not for idle time.

The free versus paid reality for Depop

Free proxies and Depop are a bad match, and here is why.

Most free proxies are datacenter IPs that die within minutes, and only a small fraction work at any given moment, so for scraping they fail against the bot wall almost as fast as you load them. For a shop it is worse: a free public IP has been used by hundreds of other people, some of whom ran banned Depop shops through it, so the address is already dirty, and a stealth shop built on it can get linked the day it opens. Free proxies are also the shared, logged, sometimes hostile kind we cover in are free proxies safe.

Where free is genuinely fine: a one-off look at how a listing appears in another country, or testing that your scraper's plumbing works before you point paid IPs at it. Our free proxy list at /free-proxy-list re-checks and refreshes every few minutes and spans 100+ countries across HTTP, HTTPS, SOCKS4, and SOCKS5, so it is a real tool for a quick job. Just do not build anything you care about on an IP you did not choose and cannot keep.

For real Depop work the paid line is simple: sourcing and scraping want rotating residential billed for the bandwidth you use, and shops want a dedicated static IP that stays yours. Our residential proxies start at $0.99/GB pay-as-you-go with no KYC, which suits both the metered scrape and the held shop.

Setting it up without linking shops

For scraping, setup is ordinary. Put a rotating residential proxy in your HTTP client or headless browser, region-match it to the Depop market you are pulling, pace the requests, and drive a real or headless browser (not a bare HTTP call) so you clear the JavaScript challenge, backing off on the first 429 instead of retrying into a hard block.

For shops, setup is where stealth is won or lost, and the proxy is only the first layer:

  • One dedicated IP per shop, held static, geo-matched to the shop's country, and never touched by any other shop of yours.
  • A separate device or profile per shop. Because Depop is mobile-first, that usually means a separate phone or Android emulator profile per shop (or a separate antidetect browser profile on the web), each with its own fingerprint, cookie jar, and bound proxy. The proxy fixes the network identity; the separate device fixes the fingerprint one.
  • Fresh hard identifiers. New email, new phone number, and a payout method (Depop Payments or PayPal) not tied to any banned shop. This is the layer people skip and the one Depop leans on hardest.
  • Never cross the streams. Do not log into the new shop and the old, burned one from the same IP, device, or browser, ever. One slip links them.
  • Verify the IP before you build on it. Confirm it is alive, residential, and in the right country first. Our free checker at /proxy-checker shows the real exit location, and our walkthrough on how to check if a proxy is working covers what to look for.

The honest part

A proxy solves one problem completely: it makes each shop, or each scrape request, come from a clean, separate, believable connection. On Depop that matters, because Depop links by network and blocks datacenter traffic at the door. But it is one layer. The one no proxy touches is the hard-identifier stack: selling on Depop means a payout method, a phone, an email, and an address, and Depop links shops by those no matter how clean the IP is. A reused PayPal account or phone number relinks a banned seller instantly, and the device fingerprint follows you across shops on one phone. That is the honest ceiling, and any provider selling proxies as a guarantee against a Depop ban is selling a story.

What good proxies do is give your setup a fair, isolated shot: shops that look like separate real sellers, scrapes that look like ordinary shoppers. For shops that means ISP or static residential, one held IP each (or mobile for the ones that keep getting burned); for sourcing it means rotating residential, sized by bandwidth. Start free on our free proxy list, good for a region peek or a plumbing test. When it is a real shop or a real sourcing run, move to residential at $0.99/GB pay-as-you-go with no KYC, and let the rest of your setup do its part.

Frequently asked questions

What kind of proxy is best for a Depop shop?

ISP or static residential, one dedicated IP per shop, held in place and geo-matched to the shop's country. A static residential IP reads as a real home broadband line and never changes, which is what Depop expects from a genuine seller who logs in from the same place every day. Because Depop is mobile-first, a mobile (4G/5G) proxy is the most durable option for a shop that keeps getting burned, since a carrier IP matches how most real users actually connect. Datacenter proxies are the fastest way to get a shop linked and banned.

Can a proxy stop my new Depop shop from being linked to a banned one?

Only partly. A clean, separate IP removes the loudest link (the network one), but Depop also links shops by device and app fingerprint, tracking cookies, and hard identifiers: the payout account (Depop Payments or PayPal), phone, email, and address. A dedicated IP is necessary but not sufficient. Open the new shop on a fresh device or profile with new contact and payout details, because Depop relinks a banned seller instantly off a reused PayPal or phone number.

How many proxies do I need for Depop?

For shops the unit is the shop: one dedicated static IP each, never shared, so five shops means five separate IPs, each geo-matched and ideally on different subnets. Two shops sharing one address is the exact pattern Depop links and bans together. For sourcing and scraping there are no named IPs to count: you buy bandwidth through a rotating residential pool and size by how fast you read against Depop's per-IP rate ceiling.

Do free proxies work for Depop?

For a real shop, no. Most free proxies are datacenter IPs shared by hundreds of people, already flagged, and sometimes already used by banned Depop shops, so building a stealth shop on one can get it linked the day it opens. Free proxies are fine for a one-off look at another country's Depop catalog or for testing that your scraper's plumbing works before you point paid IPs at it. Verify any proxy with a checker before you rely on it.

Should Depop proxies be sticky or rotating?

The job decides. A shop wants a sticky or static IP held in one place, because a real seller logs in from the same connection every day, and an account that hops IPs looks shared or hijacked. Sourcing and scraping want the opposite: a rotating pool that hands out fresh IPs so thousands of reads do not all trace to one address. Growth automation (follow/unfollow, bumping) is account-bound, so it runs on that shop's own stable IP, never a rotating pool.

HProxy Team
We run a proxy network

Keep reading

Proxies that don't die mid-job

Residential, ISP, datacenter and mobile, verified by the same engine that runs tens of millions of checks. They read as a real device and hold up under load. Pay as you go, and your balance never expires.

47M+ proxy checks run · 100+ countries · HTTP / HTTPS / SOCKS · re-checked every few minutes · no signup