Free Method/Part Two for NOOBs.

Free Method/Part Two for NOOBs.

Free Method Introduction; Hello, sorry for the long post in Part one, here is part two for noobs. Please remember to like this post as well, it would be appreciated!. If I see you copying this guide please try to give credit!, thanks.

Webrtc: About webRTC: ( Web Real-Time Communication) is an API definition drafted by the World Wide Web Consortion (W3C) that supports browser-to-browser applications for voice calling, video calling and P2P file sharing without the need of either internal or external plugins.

Free Method/Part Two for NOOBs.
Free Method/Part Two for NOOBs.


We might be vulnerable to Webrtc IP leaks, WebRTC leaks your actual IP address from behind your VPN, by default. Luckily Fraudfox can spoof Webrtc, the latest Antidetect has a Webrtc changer too.

You can do a WebRTC leak test here:

Please don’t disable Webrtc from about:config, it really doesn’t look legit.

Plugins: Plugin Detection: all the plugins that you have installed can leave a footpring, both AD and Fraudfox can help to avoid this.

Time zone and Clock: when you perform operations of carding or impersonating identities of people residing in different places with different time zone you are in the position of having to change your time zone to have to align with the one of the victim.

You should match the time zone of the socks you are currently using, fortunately, with Windows this operation is very simple, just go to the clock in the bottom right of windows and click: ̈Edit Time and Date Settings.

Font Detection: Font fingerprinting – is what fonts you have, and how they are drawn. Based on measuring dimensions of the filled with the text HTML elements,it is possible to build and identifier that can be used to track the same browser over time. Long story short, if we install new fonts, that would leave a fingerprint. This is really a minor facto from my experience but we can still randomize and spoof that, so, no problem.

IP Spoofing: We will need to spoof the Cardholder location, we do that via SSH, RDP, Socks5, etc.
1) The IP should Country/State/City match the cardholder. The closer the better. 2) The chosen IP should have immaculate blacklisting (you can check blacklists on: and click MORE BLS) but truth be told, somethis its hard to tell whether a sites has really blacklisted a given IP or not, as most have an internal blacklisting,for instance, Paypal might have its own internal blacklisting.

Checking blacklists is still a good indicator though. Also you might notice that your personal IP might be blacklisted, even if you never did spam/fraud with it,

so take that in consideration, even my real IP is blacklisted for I don’t know what reason. 3) The chosen IP should have a low RiskScore, try to keep this riskscore at less than 5 it’s a metric from Minfraud, you can read more here: minfraud-riskscore. I use: for checking RiskScore. You can also check it on 4) Low Proxyscore:

Go at and test the IP, the proxy score should be 0. 5) The IP has to be residential: you want to avoid datacenter IPs as they don’t really

look legitimate in the eyes of anti-fraud systems, also business IPs look good. If you are wondering whether the IP is residential or not, simply go to, and on the top you will read ISP.

Generally if the IP has an American ISP, the you are on a good track, simple google: ̈list of American Internet service Provider ̈to get a good list of American ISP. Datacenter IPs have ̈data ̈ , ̈hosting ̈ ̈Cloud and related words as ISP. 6) The IP should be as close as possible to FULLZ location, at least within 80 miles, I use Ok, I also like to discuss about socks5 RDP and SSH.

Socks5 is a protocol that works with the proxy server, a popular choice amongst carders, I believe it’s the most effective way of spoofing you IP. However, most of fraudster are carding through SSH nowadays, so I suggest SSH as you main way of IP Spoofing. I use like to use; proxifier or Foxyproxy to link socks to my machine.

Some proxy providers: has closed registration but still worth mentioning ),,,, (overly blacklisted but they have plenty of locations worth mentioning)

For linking socks to machine I recommend you proxifier and Foxyproxy. RDPs stands for Remote Desktop Protocol, you are basically connecting to a remote computer. In fraud they are generally used to maintain Bank Drops and PayPal Middleman Accounts. But they are also used for carding. You can get RDPs from the clearnet, just googling rdp will do. The problem with non-hacked RDPs is that their IPs come from a range of database IPs that have some history with fraud.

That’s where HACKED RDP comes in handy, hacked RDP generally have a clean residential IP, there are plenty of illegal autoshops selling them: You can buy them from:, http://uas-,,,

Once you login to the RDP, remember to change the password and create an hidden username aka ghost user, so

that the real owner will not notice, there is a tutorial on both xdedic and for it. Also, you can card from there, you don’t have to think much about spoofing as they are an identity themselves and a real device.

Socks5 vs RDO vs SSH.
RDPs are more expensive but they are identify themselves, you can card from there, absolutely no spoofing needed whereas socks

are more cost effective but they require a spoof setup. There’s a rumor that in 2019 carding with socks is

dead, I say its bullshit its probably because these peope have bd socks and/or crappy spoof setup. I sugest

to start from RDP carding then move onto Socks one you are more confident. SSH is a middle way and should be the most used way of spoofing IP for intermediate carders, they cost slightly more than socks.

SSH Tunnel: Port forward via SSH (SSH Tunneling) creates a secure connection between a local computer and a remote machine

through which services can be relayed. Because the connection is encrypted, SSH tunneling is useful for transmitting information that uses an encrypted protocol, such as IMAP, VNC or IRC.

Long story short thanks to SSH you can connect to a remote machine and get its IP. Now the thing about SSH Tunnels, is that we get the IP of another machine and we can use it in our machine, I generally make a new virtual machine, use SSH Tunnel, and there we go. I buy SSH from: and in order to use SSH you need to:

1) Download and install bitvise client from 2) Launch the software and go to SSH tab, click on all

the blue links such as Key Exchange Algorithms and tick all the Checkboxes for all links. 3) Go to services tab and tick the ̈enabled ̈ box in the SOCKS/HTTP proxy forward part 4) Now, on that part,

the listen interface should be, Listen Port on 5555 5) You are done with bitvise, you will need to click on ̈login ̈ tab and put the login data for SSH. Another step is to install proxifier if you have not done it already, proxifier allows to tunnel SSH IP to ALL you VM softwares.

  1. open Proxifier and go to profile -> Proxy Servers ->Add
  2. on ̈Server ̈ put and on Port put 555 3) On Protocol check SocksV5 Server
  3. Go to Profile -> Name Resolution -> Uncheck “Detect DNS automatically” -> Check “Resolves Hostnames Through Proxy”
  4. We are done with Proxifier, now all we have to do is to go on or and get an SSH.

Accept Language: is together with the User-Agent HTTP header another HTTP header, which identifies the network, the language used by the system that is making the navigation.
Use an Accept Language header that matches language of the victim.
Flash version spoofing: Always spoof the latest flash version.

Email Spoofing: We will need to use an e-mail that looks legit. This is not really that discussed on forums, according to emailage, Square and Western Union are their clients
So emailage checks on plenty of things:

  1.  checks if the email has the name and surname of the customer.
  2.  calculates the score of the email domain.
  3.  calculates the age of a specific email, fraudster are well known for creating quickly e-mails, and that how they can spot us.

So depending on the score you get from them, they will either approve you attempt, put your order on review or simply decline it. To make thins worse, they have an internal blacklist of e-mails, so reusing emails with them isn’t wise. They also have all the other IP validation stuff that any other anti-fraud protection provider has.

For private emails, I suggest to get an anonymous email provider, one like domain cheap (They accept BTC) and get who is protection. Also, will you attach the domain to an anonymous hosting provider. You can make as many emails as you wish with same domain from cPanel. Email age doesn’t reveal all the info about their measures, but I think somehow they can also check the age of

free emails, private emails are very easy as you can check the domain age of a website. Now let’s go to the actual spoofing softwares, I believe there are 3 mainly choices here: A Configured Portable Browser, Antidetect and Firefox.

Hope you guys enjoyed this free method/how too. I will be making multiple posts for noobs as well if you need any more help. So please feel free to glance at those as well!.

You can also buy instant:

Cashapp Money Transfer Click here

Paypal Money Transfer Click here

Western Union  Money Transfer Click here

Venmo Money Transfer Click here

Bank Money Transfer Click here to Contact Us


Leave a Reply