A lesson in teaching typical carding

[Hacker]

Hello!
By the way, you all need to install Windows 10 in English from the torrent for now.

I think everyone knows how to use it?
If not, write.

Hello, I will give a lesson now, at 8 pm I will not be able to, tk. on business you will need to leave, all questions if you can ask, I will come to answer

In the first lesson, you had to install Windows, deal with the cryptocontainer, configure the tunnel and download vpn too
File: Vbivotron_2014_1.2_fixed_Eng.rar

So far about the Vbivotron program, we do as on the screenshots below! We open it, we turn it off!
What is this program for? To measure a person!
You can copy some text, for example, card number or address mb name or surname, etc.
And in the input form, press CTR + Z and the text is entered by itself.

After installing the Jabber client, open it and then do everything according to the list!

We go to the folder where Jabber was installed, open the pidgin.exe file Opened, click
Add accounts, select the XMPP protocol.
We enter everything as in the photo, only your username and password.
As a result, after that the

software for Dedicated computers should be registered above, and here is the instruction on how to go to Dedicated Server (RDP), open RDCMan
Click Session on Connect To, the rest is as in the photo

Now I will drop contacts, different services, etc.

List of sells selling Dediks (RDPs)
You need to buy RDPs for driving, home and under the data of the card so that the state matches!
one). Telegram:https://t.me/Diego22222
Jabber: [email protected]
Site: http://dedic.store

2). Jabber:
[email protected]
[email protected]

3). Jabber: [email protected] (there is a site you can register there, write to the contacts)

4). Websites:
rdpx.pw
rdpx.su
rdpx.xyz

Contacts:
Jabber 1: [email protected]
Jabber 2: [email protected]
Telegram support: rdpxx
Telegram channel: rdpxshop

5). Jabber: [email protected]
Telegram: @ best1kbest1k

Site: http://dedic.store -

I get it mostly here For you to understand, I use Dedics when I can't work from a working PC, and then I buy a RDP and work with him.

Well, the Jabber client should have been disassembled in the first lesson.
You need to register, because many services use only jabber.
For the first lesson, whoever does not succeed, write to help.

Software for connecting to Dedicated Servers There was nothing left to go to the PC.

File: Dedicated server.rar

Now analysis of cards!
There are 4 types of cards in total. These are Visa, American Express (Amex), MasterCard, Discover.
Visa - start at number 4 (for example: 4000). American Express (Amex) - start at 3 (example: 3751). MasterCard - beginning at number 5 (for example: 5412). Discover - start at number 6 (for example: 6011).
Cards come with full info or without, most often the date of birth (DOB or Date Of Birth), ssn (like our TIN), etc. You can also punch this info separately if you wish. More often than not, this is unnecessary. But sometimes you have to. For example, when a shop suspects something, and you really need to get a pack and you are ready to do a drawing, etc.
Drawing - scans of the cardholder documents, the card itself, etc. are made through Photoshop.

How to determine the bank by the bin of the card? site below!
Bin is the first 6 digits of the bank
exactbins.com

There are 2 types of card protection: VBV and AVS
AVS - bill address reconciliation = shpping. This applies in the United States.
VBV - when an SMS confirmation is sent out during a payment.

Initially, it is impossible to check the balance on the card.

So - there are types of cards Visa platinum, gold, etc. you should know all this!

Here is a list of where you can buy cards!
Immediately I say the validity of cards in the region of 40-50%
http://meum.pw/ru/
This is not the whole list I will add a little later today!

Drops / Scoops
1). Drops to usa \ forwarding liquid from 0 to 60 $ / 50:50 and 2k1
Jabber - [email protected]

2). "Staffship - usa, eu, ua, ru." stingy, release, 50/50!
Telegram - @staffship
Jabber - [email protected]

3). Drop / pickup service | 100 salary drops | liquid ~ 50% | illiquid | sports food | clothing | cosmetics | forwarding | 50x50
Jabber - [email protected]
Telegram - @StrongBoxPro

4) .Usa drop service. stingy and forwarding.
Jabber - [email protected]
Telegram - @www_walmart

5). Us salary drops for staff, payment for delivered liquid up to 60%, illiquid 40%
Jabber -[email protected]
Telegram - @chaplinsup

6). Salary usa drops! illiquid stock up to 40%! mailing $ 40! redirect your packages! pick-up by trust!
Jabber - [email protected]
Telegram - @leon_support

7). MoHomax Drop Service USA
Jabber - [email protected]
Telegram - @hooklook

Document Rendering / Scans
1) Document Rendering! your reliable partner
Jabber - [email protected]
Telegram - @feyonadok

2). [reality docs] service for drawing / producing documents [dl, bill, passport, statement, etc]
Jabber - [email protected]
Telegram - @ realitydocs

3) .High quality rendering! by diligent [modernized card rendering]
Jabber - [email protected]
Telegram - @diligentsrv

Calls to shops / Flood Email
1) .Fbi call-service
Jabber - [email protected]
Telegram - @fbi_call

2) .Call service "dispatcher"
Jabber - [email protected]
Telegram - @ dispatcher0001

3). Calling the "champion" service - redirects, holds, refs, etc.
Jabber - [email protected]
Telegram - @gasxr

4). Calling services, calls with number substitution, holds / reuts.
Jabber - [email protected]
Telegram - @ Delonge1993

5).Fraudshop.cc-flood service(email,call,sms-usa|ca),google voice,finddl/ssn/bg service,sms spam usa/ca
https://fraudshop.cc/register?code=2996

Mediators
1). https://polexp.com
2). https://www.pochtoy.com
3). https://shopfans.ru

SS / FULL INFO / BA / PAYPAL / pr material
1). Sale of logs. High Quality.
Telegram - @ Goodwingood6

2). Selling | full info (ssn + dob + mmn, dl) usa
Jabber - [email protected]
Telegram - @Simple_Joni

3) Ross logs store - store of top logs on the market 24/7
Jabber - [email protected]
Telegram - @@RossBellfort

4 ) .Usa + vbv (usa bins with changing vbv by zip and ssn / dob)
Jabber - [email protected]

5). Sale of logs from the stealer (paypal / amazon / ebay / walmart / booking)
Jabber -[email protected]
Telegram - @malfeypro

6). Sale of bank accounts 24/7 - [en] sale of bank accounts 24/7
crd2.life
crdlifeq6t5qdd3a.onion

7). [foxroll] service for the sale of enroll 24/7 [public / non-public]
Jabber - [email protected]

8) .Ssndob! ™ - there are fullers!
Jabber - [email protected]
Telegram - @workerforever

9). Selling bank accounts - bank accounts
http://darknet-shop.cc

10). fresh logs (づ ｡◕‿◕｡) づ | paypal | ebay | banks | amazon | accounts | etc
Jabber - raccoon13 [at] jabb.im

11). account sale paypal + valid / invalid e-mail + ssh + ba / ss + cookie +
Jabber snacks - [email protected]

12).
trueacc.info

13) .Stores SS
Unicc - Login
http://meum.pw/ru/#/

Contacts of the e-Gift buys
1). ICQ-603199437
Skype-trebynskih
jabber - [email protected]

2). @deepdishvip
[email protected]

3). Jabber - [email protected]
Telegram - @cytrongift or ( https://t.me/cytrongift )

4). Telegram - @ liker1
liker (sabaka) prv.name
liker (sabaka) alpha-labs.net

5). @Mark_Buy_Gifts

6). [email protected]

7). @buykey

8). jabber:
[email protected]
Telegram:
@DonnyRumba

9). jabber [email protected]
If the first one is offline, write to [email protected]

10). @ReadyTDTC

eleven). jabber: [email protected] , [email protected]
telegram: @ helsenki1

12). Telegram: @cdkeymasterskup
Skype: live: vladimirskup
ICQ: 711055215
Toad: [email protected]

13). [email protected]

I would like to tell one more topic. Such a story in general! There is such a video chat site, there chicks twist their cunt and pay them with tokens, so I decided to share with you what and how, first you need to buy a Dedicated Server and ss, register on the site and try first a transaction for $ 10-30 and gradually increase, after a while find any model girl, negotiate with her about working 50/50 and fill her with money, you can have from $ 300 or more per day!
Link -http://bongacams.xxx

http://simsms.org/ - here SMS activation can be used for qiwi wallet

If someone does not vkurse, etc.

Now about the merch!
1. Shopify is a tough merchandise.
Every month he tightens the screws tighter and tighter. - firing RDPs and other IP substitutions;
- verifies the address of the cardholder and the delivery address
- does not even bother with order cancellation letters and letters about possible fraud on your part.

The way out is either to look for innovations in the system settings, or the freshest shops that are not afraid of possible fraud.
BUT - from my own experience I can say that it is well received by the European CC.
DO NOT BE AFRAID OF HIM, HE ALSO GIVES NORMALLY!

2. WooCommerce is an interesting merch.
- The permeability depends on the shop, individually, on the security level of the shop.
Some shops ship in tons, some of them can't even get a buck.
You can and should try.

3. BigCommerce - basically the same as the merchant above.

4. Magento is one of the most easily traversed merchant.
- easy to work with and, fortunately, not particularly capricious.
It is possible and necessary to work on it.

5. Shoprunner - aka the merch / engine of many mono-brand shops.
- easy enough to work with.
As Vanya Urgant says: "We are working, guys."

Shop search
And so, I say right away that it makes no sense to look for shops with requests to buy iphone 12 or where to buy Macbook, because large shops such as Amazon, Best Buy, Walmart, and so on will open in the search. They also fight, but this is a separate and rather private topic. Everything is comprehended with experience, as they say.
So how to find the shops we need? There are many options, here are the most common ones:
1. Query operators. Query operators are words / phrases for which SEO site optimization in a search engine + special commands. Let's take a closer look: Seo optimization is a set of measures for internal and external website optimization, for its promotion in search engines. Accordingly, the higher the position of the site in the search engine, the more traffic, and accordingly, higher-frequency queries are used to promote it.
Special commands are a set of command symbols, thanks to which you can compose a more precise search. These symbols include the signs +, -, /, "", etc. Depends on the specific search engine. You can look at the symbols of each search on the Internet.
I will give an example: if you enter the buy totes request in Google, we will see the following: http://prntscr.com/igx59a, and if you type in "totes" + "add to cart", we will see the following: http://prntscr.com/igx5s3
Therefore, my advice is to carefully study all the special teams in order to find good shops without unnecessary problems.
You can also experiment with other queries, for example: clothes shop + inurl: e-gift - will give us a list of shops that have the phrase e-gift in the link, or "clothes totes egift" - Double quotes allow you to find only the expression that they contain.
I also advise you to hang out for a while on seo-forums, both Russian and foreign - you can find out for yourself a bunch of everything new and interesting. It happens that SEOs leak gold information for carders without even knowing it.
2. Search for shops through ibey. Most of the big sellers in Ibea have an online shop in addition to akka. Not all of them, however, finding such sellers is not difficult. To find such sellers, you just need to go to the product we are interested in, and look at the information about the seller, if this is a shop - we will see that usually the page is colorfully framed, and the seller's name is like: freeshippngshoes, bestshoes, goodwatches, etc. We just have to drive these names into Google and see if they have an online shop. I repeat once again, everyone has shops, since today Ibei remains the largest online platform for selling staff in the world. And so many large online shops can envy sales on Ibei.
Actually, therefore, many large sellers on Ibei do not open online shops, sales are going great anyway + excellent protection against fraud.
3. Amazon can also be used to find shops. The principle is the same as above, we find it is sold - we look at the name, we drive it into Google, we look for it!
Now if we compare Ibei and Amaz, then personally I prefer the first. Firstly - a wider assortment of goods, Secondly - it can be fucked and fucked using a stick, or SS.

If you disassemble Ibey as a merch, then it has both its pros and cons. To the pluses, I would include:
1. complete absence of antifraud system, with normal settings. That is: when paying with a stick, the situation is as follows: if the stick is good and pumped, it will give, it will give without problems. If not, then he does not climb into either ibey or other shops.
2. In 99% of cases, sellers send them to different addresses, since the stick is just drop dead trust from everyone, which actually suits us.
The disadvantages, of course, include the system first of all, if the system is curved, then do not expect anything but socks and panties. Well, and accordingly, the disadvantages also include the fact that you can be deceived. Drive in percent and the Lego constructor will come, and you will prove to hell. Actually, our brother is sitting there too) Well, or just sold, he burned that you are a carder - and gave you a present)
3. Shops can also be searched with parsers, such as Butterfly. A huge minus of parsers is that they find a heap of garbage, which, as a result, all have to be raked equally by hand. But it is worth giving credit, all the same, they are also needed on the
farm. 4. Dumpers. Yes, you can also look for shops with them. Using query aggregators, you can create good dorks, on the basis of which you can find a lot of good shops to work with. However, dumpers eat a merciless amount of proxies, and the search can take several days. So here's how it goes on, not for everybody. However, there are also pluses, in addition to a good shop, it will also be possible to drain the base of accs and beat from under them)))
5. SI is our everything. We go to thematic forums, fishing, hunting, group sex .. it doesn't matter)) We communicate with the people and get the coveted shops. Almost a year ago I went to the forum of Texan moms, where I got a bunch of children's shops with strollers, and, accordingly, made a bit of profit))
6. You can search for shops on the website http://www.resellerratings.com. I must say right away that the site is old, updates are rare, the shops will be quite subdued, but you can still work. It's worth a try.
At the top is the store ratings drop-down menu. There we select browse all stores by category and on the left there will be a menu with categories. For example, we choose apparel and jewelry. We see "sort by" and double click on the rating.
This will show the sites with the lowest rating on the first page. But there are 468 pages of these sites in the clothing and jewelery section. About 70% of them have a zero rating and about three quarters of those 70% of shops are small, good givers. Sometimes you come across shops, it seems like there is no rating on this site at all, but in fact the shop is large and just send it out.
In fact, there are many ways to find the shops we need, with the right product, but I most often use these methods of work. I recommend that you experiment with query operators, as this is the fastest and most convenient way to search for shops.
In my experience, sometimes large stores send much better than small ones, but this is more an exception and straight hands than just luck). You need to try to break through all the shops you like.
Sometimes it happens that a scammer shop will come across, for example, I met one where Canada Goose cost 200 bucks, so it's better not to beat a mate in such shops, they were created by our colleagues to collect mate. Study the shop carefully before driving.

Analysis of merch and their features.
Merch is an electronic aggregator for processing incoming payments, in other words, it is the program that directly accepts payments through the site. There are a lot of merchs, both large and self-written.
To determine the merch, I most often use the site http://builtwith.com/- whoever has the opportunity can buy a subscription there for their hard-earned money, it costs 500 bucks a month, do not try to scard - it will not work. We drive the shop address into the line, and we will be given all the information on the shop, in the E-commerce section, we will need the merchandise. Sometimes the merchandise is not shown, then you have to look out for redirects in the browser or beat at random, this also happens.
Below is a list of the most common merchs across the world:
1. Shopify - it is believed that every month it becomes more and more difficult to drive in, but no. Everything is much simpler, you need to adjust the system for this merch. Merch loves real hardware, and he practically does not care about socks and tunnels, the main hardware and the unique fingerprint of the system. Very important fine and competent tuning of the system. In general, both RDPs and the replacement of IPs are firing merch. Doesn't even bother with cancellation letters and letters about possible fraud on your part. The way out is to ideally set up your system for driving.
Shopifi does not like when ports are open, and proxy fires. The sock should be perfect, + it is better to drive from a portable, not from the main browser, the passability is better. Well, and accordingly, change the system configs to the maximum: network card, screen resolution
For each merch I have a separately configured virtual, and accordingly I just change my socks and beat.
To find shops on this engine, we use the following search query: Ecommerce + Software + by + Shopify + dildo
2. WooCommerce is quite an interesting merch. I did not meet so often, in terms of traffic it all depends on the shop. That is, at what level of security the merchant is configured. Some shops ship in tons, some of them can't even get a buck.
3. BigCommerce - basically everything is the same as above.
Shops are searched like this: dildo + giftcertificates.php - will find all shops with dildo gift))
4. Magento and its derivatives. My favorite merch. Easy to work with and not particularly moody.
Shops are searched for dildo + .com / checkout / cart / - the actual cart, dildo + .com / customer / account / - account.
5. Zen Cart is also quite common. It beats a little more difficult than the previous ones, but does not cause much trouble.
6. PrestaShop - basically everything is the same. Clean sock + well-tuned system and you will be happy.
7. OpenCart is my least favorite merch. Even with a perfect drive, it can send. And hammering on "ot * beis" pass. I still can't understand him.
8. X-Cart - it is not so easy to find, but if the shop has started to give - then prepare trucks.
Taking into account the peculiarities of setting up the ABC system in shops, it often happens that shops do not see the full address of the holder, but only see the spare parts and accessories. Therefore, sometimes it is advisable to take a card for a zip in the middle / drop, and drive a beat = thorn into their address. Such shops can only be found by tests.
I also recommend taking a video (the same van credit), and punching the shops you like for small amounts to the holder's address in order to see the movements on the card. Some shops write off the money right away, some hold, some write off at the time of sending the pack, so having this information, you can easily choose a mat and a method of working with a particular shop.
I used to love the moment to drive in yus shops that send international tickets with euro cards. Because EU cards do not have ABC, and yusa shops do not see anything from cards issued not in yus, so they always beat = thorn = ey / ru. Everything depended on the specific shop, either sent to EU for drops, then to myself, or directly to RU for drops.

I will also give examples of euro merchant:
1. SagePay (Saga) - vbv always, each shop loves different types of cards. There is no safe for amex. UK and USA eats by dump, but not all bins. If the card is entered, it is almost always sent. With regard to air, the principle is the same.
Stub Hub + virtual pos terminal - very often found on sites that sell tickets for all kinds of events. It is quite difficult to drive in this merchant, VBV is always, Yusu has not been able to cram it even once, only EU. Fires everything, down to the color of the socks on you, but it's worth it).
https://prnt.sc/gpr913 - this is how it actually looks like.
2. BancaSella is one of the great vbv merchs. With a bang yusa and yuk under the discharge. There is a miracle and there is no vbv. 100% hit if the tranza passed.
3. Adyen is also handsome, all countries are climbing, there is no safekeeping, there is a discoverer in most shops, and this is a sure bypass of the VBV. However, even with the included card, the shop can get to the bottom. As for air / hotels - if the card is entered, 100% hit. Reservation and tickets, count in your pocket.
4. Bucharoo is a sophisticated Dutch merch. VBV / Safes, You can also drive in with a yusoy - but extremely rarely - rather an exception. However, there are shops with which, having shown SE, you can drive in a yusu or other ey mat.
5. Wirecard - there is no safe kei, as well as amex practically, USA has been eating great, at least for the last 2 months. It also happens without a vbv.
6. Erstes - the same wirkaird.
7. SaferPay - safe key, ey only. Sometimes without vbv.
8. Nochex, datacash, ingenico e-commerce (not to be confused with ordinary engineering) - always vbv. On izheniko ekommers, if my memory serves me right, there is a Ferrari shop, at one time I collected a complete collection of Ferrari watches of 25 pieces, which is also gathering dust somewhere under the sofa. Well, of course, jackets, T-shirts and caps - classics are always in fashion). ingenico e-commerce - for air - gold merch - if the card is included - consider your vacation a success. You shouldn't push the card from the same config a second time, and it won't fit.
9. Euro payment service - the yusa mat goes well for dumping. Yuk mate eats at least 10k, without any complaints.
Non VBV.

PayPal and all its brothers - it is clear here, I do not consider, there will be separate lectures.
Net - a - porter - all monobrands in Europe, yoks, the flagship itself is not a porter. Rarely does it happen. Yusa is also driven in, but good bins are needed. The purchase amount is blocked and the final write-off occurs at the time of the spike. Therefore, it is extremely important that the card has lived up to this moment. This is a maximum of 2-3 days. After the charge arrives on the card, it enters the address of the spike into the emergency situation, so do not be surprised if the card is alive, and the shop has not sent it - the address is most likely black.
Zerogrey - as before eats everything, only serve fresher beans. 99% chance that the first order will need rendering. If done well (photo, not scan), then success is guaranteed. I advise you to always start an account in the shop, if the card survives after the first sending, squeeze the maximum out of it.
Stripe - until recently, it was believed that YUSA mate is not their favorite, - a big mistake, climbs and climbs with a bang, with some nuances (ringing, minikis, etc.).
Skrill - EU, very rarely JSA, billing does not fire.
Qenta - ey or exotic. Rarely does it happen.
Computop - anything you like, very rarely vbv.
Dibs payment, QuickPay, Commdoo, klik & pay, heidelpay - whatever you want.
Nitrosell- more and more capricious and capricious, you have to beat ey more.
Sella - not to be confused with the sell bank, only ey, rarely seen in shops.

Friends, to go to the joker site to buy a card, you need to install the extension in the Google browser Blockchain DNS, then you will be taken to the site, you do not need to look for links in Google there are fakes, now one person flew in for $ 20 well that he didn’t start throwing any more!

I understand that you can no longer wait to get down to action, rather than just talk about the theory BUT, you should not run ahead of the locomotive!
We will start driving on Mon, most likely, tomorrow it will be too early, on Mon you will already be working.

Today we will talk about warming up shops
Warming up a shop means communicating with it - SI (Social Engineering) simply put there are several warming up options:
1. Communication via email.
2. Communication via live-chat (it may not always be available! Depends on the time zone)
3. Communication via phone
I'll tell you about each option
Communication via email is essential: You have the opportunity to prepare your questions / answers in advance, build a certain strategy for your communication, predict it to some extent let's say so
but even here one cannot do without drawbacks, namely that the shop can respond within a few days. here you need to take into account that due to a long wait, the obligations of the seller who sold you the SS (for replacement) will naturally no longer be relevant.In
this case, you need to warm up the shop in advance and only then buy the material.
2) Communication via live-chat - pluses: no need to wait a day / two, as in the case of e-mail, all communication will take no more than 10 minutes! After which you can start the process of driving our CC. NOTE!: For those who do not speak English well enough, I recommend using Yandex translator! the rest make the translation crooked and not natural
And of course, the most top-end liquidity can be pulled out through the "CALL" even in those cases when it would seem that there is no longer any hope of breaking the anti-fraud with the first 2 options, a competent call by you personally or by a call service will play a decisive role here
Now let's talk in more detail about various situations. As we all know, YUSA is famous for its natural disasters and a sense of compassion and tolerance for everyone without exception. So, in YUSA, almost every month, nature arranges another test. Be it: fires, floods, tsunamis, hurricanes, etc., etc. And this news is always spread all over the world - and we must follow it. Here's the thing, Americans are kind people and always ready to come to the rescue, to go to a meeting. Therefore, we find the mat of the state in which the trouble happened, and write to the shop that so and so, we have become a victim of disaster. And then according to the situation. The house burned down, and with it a laptop and phones, etc. ... that's why I write from a friend's or relative's laptop. Ask the manager to pick you something in the middle price range of a laptop or phone and ask to send it to the address of a friend or relative. all that remains of your house is the torn American flag. The options are different, it all depends on your imagination.
Follow the news and give it a try. He also works with Canada. The people there are also extremely friendly. In Canada, too, AVS, plus they can request a drawing or other verification. If you do everything as requested, they will send everything ok. Now how to do it is NOT WORTH.
Forget about gifts, departures and other accordions. Be original and convincing.

I had a case when a difficult shop wrote me a letter after the order. Like what are you sending to different billships, and I said that my house was denied by termites, now there is disinfection (this often happens with them), etc. etc. I live with my relatives.
Do not forget that a manager sits at the other end, and he is first of all a person, with a bunch of problems of everyday problems just like yours.
Also good topics: bachelor / bachelorette parties, family showdowns (quarrels, divorces, infidelities), etc. In general, fantasize and go.
You can send both to the drop and to the middle. And so, and so it works.

Now about another method of driving. Having driven through the form the
Form is called authorization form
So, we go to the shop, walk around the shop, add the product to the basket
When we reach the checkout, we write to the chat that we cannot pay.
You will be prompted to clear the cookies / restart the browser, in general, according to the standard, you are like that, yes ok, I tried everything, but even nothing has changed. We reach the checkout again, and write again. You ask what other payment methods are there. In response, you may be offered: PayPal, Bank, Form or drive in for you.
We are interested in either the form or by driving in for us.
If they give you a form, then you need to fill it out: enter the ss number, name, address, the amount to be entered and the name of the product and send them by email.
You can do it yourself if you have a printer and a scanner. You can give the renderer the second option, by driving in for us.
The shop manager will drive in ss himself and send us checks to write off the money. It is better in this case to beat the euromat, because the charge will go on for a couple of weeks.
Driving in the form as well as driving in by ringing is an offline purchase, i.e. The shop does not see the settings of our computer and fraud will not work.
Are there those in the conference who are more or less fluent in English?
My advice to you. Learn to speak English over the phone with shops. Just call and talk. And in a couple of months you will be able to easily place an order by phone without paying the dialers.
Of course, the first times will be difficult, but everything comes with experience. Over time, you will drive into your lungs with your voice.
A couple of tips, let's say we have a shop with a clock
Before calling, create the atmosphere that you are in America, turn on the TV in English in the background, it is desirable to hear it louder on the other end, or the radio, in general something in English. or shooting in the background :-D
Next, let's say the watch costs 1.5 kilobax. We walk around the site and find a review about our watch. And when we talk to the manager, we say, like my friend (or father, anyone) bought a watch from you
I really liked them and I would like to buy the same for myself or give it to someone (husband, wife, etc.)
Only now I do not know the brand of watches. And then they drove off, the manager begins to guess the hours that we want, according to the parameters that we gave him,
And in the end he offers ours. Well, then, having already driven in on the phone, it goes: billing address, card number, etc.
Do not worry about the accent. America is a country created by immigrants and everyone has an accent there.
Of course, at first you will encounter the fact that you will not understand what you are told. Refer to a bad connection, ask for a repeat, and so on.
Watch TV shows in English, helps to quickly master the language. I recommend calling the sip-system-service to change the number. That is, when they call the shop, they will see the number we need - the kx number.
They say I'm making money on the checkout and nothing happens. You will be prompted to clear the cookies / restart the browser, in general, according to the standard
Considering that the anti-fraud fills cookies and the browser, is it really worth clearing the cookies and the browser when typing in the authorization form.

Successful driving tactics. The main thing for a successful drive is to give / replace the store with the information that he himself wants.
This option is quite suitable for driving into large shops. Certainly not for ebay, bestboy or amazon. For shops just below the rank.
For many, it is no secret that every year more and more orders of large online retailers are processed through mobile versions and through applications.
Carders don't have this analogy. The lion's share of the staffers hits from XP virtual machines or sevens with disabled webrts and / or flash, which immediately comes under close scrutiny from the shop.
Our goal is to be like an ordinary holder, without any special knowledge in the IT sphere, trying to buy socks, fotiki or anything else for himself or a friend.
Knowing the maximum that how to download an application from the market, climb in social networks, make a call. What is needed for this?
A. Phone / tablet with root rights. B. Straight arms. V. Ss yusy, sock, vpn. The first thing we need to do is prepare the phone.
If there is or once was a SIM card, be sure to pull it out. Reset to factory settings.
The phone of the brand that people know about in Yus is not a Chinese brand name. Next, you need the required minimum package of applications, everything is on the market.
Namely ccleaner, xposed installer, fake my gps, rootcloak, morelangs, proxydroid, root checker.

In general, let's start setting up.
1. Install the morelangs application and select the en_US setting in it. Requires root.
This application will completely bring the language and regional settings to the one we need.
2. We translate the clock format to 1:00 pm.
This lies in the android settings, usually the general tab.
3. We put the xposed installer application.
More details about the xposed framework module can be found here. http://w3bsit3-dns.com/forum/index.php?showtopic=425052
4. Install the xprivacy module, then upgrade the version to xprivacy pro.
How to do it is described here. http://w3bsit3-dns.com/forum/index.php?showtopic=483684 Briefly.
This application helps to completely replace all kinds of phone data. Which is exactly what we need.
5. Install the rootcloak application. From the name it is clear that the application hides the root rights for certain applications.
It is the only one that works fine, of all the tests. Checking the application. First, install the rootchecker, check the rights.
There should be a green check mark that the rights are available. After opening the rootcloak, add the rootchecker to the rootcloak list (add / remove apps-button "+" on the top right - look for rootchecker in the list).
If everything is done correctly, then after checking the rights, a red cross should appear, that there are no rights.
This action helps to hide the root of the rights from the application into which we will drive.
6. Next, install the fake my gps application. I did not find a topic about him on w3bsit3-dns.com. Here is a link to the off site xposed http://repo.xposed.info/module/com.fakemygps.android This application is good because it replaces location data without using the "Allow mock location" function, which is also fired by shops.
Checking the application. We turn on the gps on the bucket, select a random location in the application, then launch Google maps. Should show the new location. If so, everything is good. Let's continue.
7. Proxydroid. Well this app is for socks use. Everything is clear here. I take socks on the suites.
The quality seems to be quite good. Perhaps someone is using ssh. I still haven't figured out how to do it on a bucket. Who will tell - I will be grateful.
8. Application vpn. Use vpn that you can buy on the site that I dropped off for you, there is also a platform for smartphones. For example, mine which is HMA VPN is also for smartphones.

Openvpn application is also present on the market. In fact, the device for driving is ready. Someone may want to be more sophisticated (like me) and proxy the router so that it can immediately issue ip / dns yusy - please.
Another minus N is the number of fraud points, which is important. One VERY important point. Do not surf on android ru ipom.
It was noticed that Google, when searching from ru ipa, transfers the domain from .com to .ru. After that, the market also becomes Russian-speaking.
And it allows you to download applications focused on Russia. Which is not very good for us. And of course, I forgot to say only English kewboard. No ru.
Further. Now what to do with all this. It's simple. First, we clean the google market, chrome using force stop (standard procedure, google).
Then we start up ccleaner. We also clean everything. There is one more subtlety. There is such a thing as adversting ID from Google. She's firing too. It also needs to be changed - we are changing.
Then we start up the sock + vpn under the billing address. the closer the better. Get under the zip-finally beauty. We use the soap on gmeil. Here you need to pay attention.
I register the soap under the name of the drop. And I enter the name of the drop. If you plan to spike the bill not = spike, the mail should be sent to the holder. Applications are scorching.
We registered the mail, added it to the Google account on the bucket. We launched fake my gps under the billing address, launched the gps. We start downloading the app from the shop. Downloaded.
We launch the rootcloak. We add this application to the list so as not to fire the root of the law. All is ready. We launch the application. Windows begin to pop up.
This xprivacy shows what the application is accessing and what information it wants to know about you.
At this stage, it is better to screen and parse each request (google, etc.) in order to correctly replace the data afterwards.
Red requests are critical, without which the application will not be able to function normally. They are always allow. The rest are at your discretion.
Therefore, it is better to initially specify deny for all of them, then change everything in xpricacy (give the info closest to the holder / billing), which will not give you away, and then give the application permission to read this data (by setting it in xprivacy, or by reinstalling the application).
Also, large applications request data from the Facebook application.
Therefore, if your shop is interested in this (xprivacy will show it), then it is better to register a fb account in the name of the holder. One very important point.
When an application requests the connected function, it can receive the ssid data of the rest of the wifi networks.
Using this data, it can identify your real location.

Therefore, you can also work through a smartphone, if not, it is possible with a PC) so - through the android emulator, in general, as you already understood the variations, there are a lot of driving in

Someone asked about the gift, let's try to disassemble the gift and I think everything will be fine today, maybe a head off I myself am already boiling, besides, the end of the day, I think you have no less)) Do not forget to ask your questions.

Now about the Gift. Physical Gift and Egift. For those who do not know: Gift - translated from English - Gift.
This is a gift certificate, a prepaid card, in the amount of which you can buy goods in the shop of this Gift.
Gifts are physical and electronic, Gift and E-Gift. The physical ones come to the recipient (or the buyer) by mail or in the mailbox in real life, while the electronic gift arrives to the recipient (buyer) by email (e-mail).
The main difference between driving in physical and electronic gifts (hereinafter referred to as eGift) is manifested in the following subtleties of work:
Under the physical gift, you need addresses for receiving, most of the official intermediaries do not accept them, in most shops they cannot be revoked, the time difference between driving in and receiving the finished to use Gift on hand, and the AVS system will not let the order go everywhere.
Physical Gift can be purchased directly in an offline store, come and just pay them at the checkout. With an eGift, this is also possible, but not in all shops.
Although the anti-frauds are stronger for eGifts, there is no need to bypass AVS with them, there is no need for drops, intermediaries and waiting for several days between driving in and receiving, therefore, it is possible to wrap funds inside work much faster.
Gifts are sold mostly in denominations of $ 1 to $ 1000. In some shops, you can add several Gift cards when paying.

Shops are divided into several basic types:
- Spot. The shop sells its own gift cards from its shop. Such shops have weaker anti-fraud in relation to the following two types of shops.
- Multi-lift, resellers. The shop sells dozens or hundreds of Gift from various shops, for example: ebay.com. These shops have an average anti-fraud.
- Aggregates. Direct manufacturers and sellers of gift cards at the same time, they have some of the strongest antifrauds.
It is worth immediately realizing that if the antifraud of point shops is weaker than that of aggregates, this does not mean that it will be easy to break through them.
Driving directly into the Gift - driving directly into the shop, whose Gift you plan to get. (Buy Gift ebay on ebay).
Driving into a reseller - obviously driving into a reseller. Resellers usually make their way easier (especially non-public ones), focus on that.
Search for shops in the same way as everyone else, there will be a couple of additional lifepacks.

The following parameters will directly affect the result of the work:
1. Device + system
2. IP
3. Cards

1 - Device. Top shops are difficult to penetrate from an ordinary virtual machine, since their antifraud detects. Therefore, I advise you to better install Windows on your PC and not work from a virtual machine.
For top shops, you need to use either real devices (for example, a mobile phone wrote about this above), or remote access (Dedicated computers, VNC machines), or antidetects.
2 - Much depends not only on the purity of the IP address, but also on the provider. There are providers at risk for anti-fraud, and there are hosting providers as well.
The use of such providers has a negative impact on driving. Pay attention to this and write down the provider.
A couple of examples of well-proven Internet companies from personal experience: qwest, charter, cox, att, verizon, comcast.
You can watch them in the shop when buying a sock or a tunnel. A couple of examples of poorly performing providers: rr.com, myfairpoint.net.
But this does not mean that you can forget about cleanliness. On the contrary, the purity of the black metal and risk proxy IP is no less important.
3. Cards. I recommend using the least popular banks. NOT like Chase, BofA, CapOne, WellsFargo and others.
Naturally, from these and other popular banks it is possible to drive, however, from the less well-known cross-country ability is higher.
The level and type of the card is not critical. Most often, MasterCard and Visa are used for driving.
Amex is also possible, but bins play a key role with amex, and the charges are much faster. Therefore, it is best not to use.

Check cards before driving
Cards should not be checked before driving in Gift if you are not sure about the bin and checker.
Firstly, because the purchase of Gift itself is one of the high-risk operations with banks.
Secondly, because a checker often kills cards and is an even more fraudulent operation than buying gift cards, the sum of these two parameters increases the risk of card death, and therefore a waste of time and an unsuccessful drive.
Well, for this there is a 15-minute guarantee on the joker for the validity of the card, I buy the last card and already work. If not valid, then you will receive a refund for the card.

Since tomorrow I will reveal these points in the lecture "Driving from A to Z", here I will tell you in a nutshell what directly affects the work specifically with Gift.
Brute accounts + billing change
You can also write brutes for shops, upload mail-pass databases and collect accounts for these shops.
Often in the shop, the holder leaves his card tied, and you can also buy Gift from it. But, there is a problem here - CVV.
Even if the card is saved, in most shops (and in all large ones) CVV will have to be entered every time you purchase, and since we do not own it, we have 3 options for using brute accounts, namely:
A) Search for shops where CVV is saved. There are some, but they are mostly small, so it's not easy to find them.
B) Changing billing (adding a new one) in addition to the billing holder. We take a bruised account and simply tie a new card and billing to it.
What's the point, you ask? - The point is that this account was created by a real person, he made successful purchases without charges, therefore, the antifraud is more loyal to him than to the newreg.
But do not forget that adding a new card and billing address to an existing account is a relatively fraudulent action, so this method of driving is not a panacea, but it does take place.
Sometimes you can cheat accounts, add cards / billing and stay for a week or two, it makes sense.
I am talking about this type of driving not because it is a priority, but because it exists.
In fact, for most large shops (for example, mircosoft, walmart and others) brutes are incredibly small, or they work extremely unstable, which makes this type of work difficult - to find a coder, pay, find good proxies for brute, a bulletproof server, and so on. ...
If you decide to try yourself in this niche - at first, never start with large world-famous shops
C) Purchase for bonuses. Some shops have this, accumulative points and discounts, but I almost never met this.

Driving from a PayPal.
Driving paypal from brute is possible as well as from cards, but here shops play a key role.
Because Gift, basically, come to the mail of the Paypal account, to which we almost never have access (if we do not twist the soap + a stick) or do not buy PPs with access to soap.
When driving from a stick, shops need to be selected carefully and tested intensively.
Driving sticks from self-registers is real and functioning, but there are other ways more profitable and easier to pour self-registers, so few people are engaged in this.
You can drive in gift cards by ringing in the same way as other goods. But not all shops treat this well, and some, on the contrary, only ring out and drive in.
I do not recommend starting with this, but it is necessary to take note of this option.

With the buyer sorted out, now about the recipient - here everything is the same as with the holder, with the exception of the domain zone.
For a change, it is recommended to use a different mail domain from the buyer (that is, if @ gmail.com is the buyer, then @ yahoo.com is the recipient), in fact this is not critical, otherwise everything is the same.
If a weak fantasy, the recipient's name can be generated, for example, here: http://www.fakenamegenerator.com/
Of course, there are shops where you can send directly to your mail, but if the shop asks you to enter the recipient's email, it will be suspicious to enter the holder's mail there and unnatural in most cases.
On the page for placing an order and choosing an egift number, it will be possible to enter a personal message to the recipient.
This is a really influential fad, and it directly affects the result of driving.
Even if everything is perfect (system, card, mail, and so on), but something unimaginably stupid or suspicious is written in the message, then during order processing (especially manually), order cancellation may follow even because of this.
There have been cases when the cancellation of Gift was due to illiterately written texts where it was obvious to the store manager that the buyer was not an American, it happened due to the complete absence of a message.
Give free rein to your imagination and write, at least, of course, not necessarily cool and a lot. Write a greeting, wish, congratulation or thesis / quote from a book.

Imagine that you are giving this Gift to your girlfriend or sister and do not think that you are buying it from someone else's card.
Sometimes it can skip the text from special sites, which you can find by googling "birthday greetings in English" or "engagement greetings", etc.
The downside is that these sites are already fucked up, so they can and should be used to create a "skeleton" and develop imagination / vocabulary, but they are not suitable as a full-fledged tool for everyday use.
Do not neglect this parameter for driving in egifts.
Continuing the topic of parameters when driving in Gift boxes, consider a phone number.
With eGifts, especially in US stores, the passage of antifraud according to the AVS parameter plays a very important role. Very important, but not critical.
For beginners, when driving middle and higher hands into shops, I advise you to write exactly the holder's number. The reason is simple - 90% of shops do not call, or they call only in special cases - when you have not passed the anti-fraud and they need verification in this way.
However, there are fewer of these cases than cancellations due to AVS mismatch. Of course, there are top liquid shops that periodically call the holder to confirm the order, but they can only be calculated empirically, that is, by tests and tests.
Smaller shops can call, so you can try to write another phone number or your google voice / skype. Personally, I always write only the holder's number.
Buyers and shop lists.
I threw off the contacts of the stingy ones above.
Before starting work, I recommend comparing the conditions, percentages and reviews from various misers, choosing your own miser is a delicate matter.But
I started talking about them not for this, but in order to show you the simplest thing - the shops right in front of your eyes, you can find the shops as liquid shops, as well as illiquid ones, the gift of which is easier to get.
There are also stingy of purely illiquid Gift, at a lower percentage, but it's easier to work this way.
The Internet is full of sites where you can resell Gift even to Americans who think they are buying a white gift certificate. The simplest example: https://localbitcoins.net/ - here gift cards can be bought even at a higher percentage, but sometimes verification is needed, so you need to pick up the buy one no less carefully.
There are dozens of such sites, each needs to be tested and analyzed, on each you can find some interesting shop that is not on the list of the stingy. Having put the case on stream, the sale of gift boxes can be launched not only on specialized sites, but even on ebay.com, but beginners will understand this only with great experience, and with great experience, the complexity of the work will increase a hundred times, keep in mind.

Liquid and illiquid Gift can be determined by the proposed percentage. The classic interest rate for non-liquid assets: 25-45%, for liquid assets - 45-90%.
Exhibiting or offering to buy a gift not from the list and offering a percentage, focus on the store's assortment. If there is a technique in it, ask for from 40 to 70%, if things - 25-50%, depending on the brands.

Emails and messages
When buying an eGift in most shops, you will be asked to enter the recipient's email, then, when registering or typing in, your email.
Not only domain zones of mails (gmail.com/yahoo.com/etc.) Are important, but also the text in it before @, since the anti-fraud pays attention to this and it happens when the order is canceled only because the anti-fraud did not like your email.
When registering, I recommend entering the name and surname of the cardholder from the card, and choosing the most natural domain zone (not mail.ru) and the least fraudulent (not mail.com).
The best options are corporate mail (mysite.com), gmail.com, hotmail.com (outlook.com), yahoo.com.
A good mail under the holder will look like "[email protected]" after registration, for example, [email protected] .
The numbers in the mail are okay, because often the name is already taken when registering - [email protected] .

Purchasing
Purchasing of gifts to the address of intermediaries or drops is made from an ip for a state or city, from a deed, socks or a tunnel.
In this case, it is not necessary to use the same name that was indicated in the recipient of the Gift upon purchase.
Basically, only very small shops can "ask" for this, and in which case you can solve it by ringing.
When redeeming liquid gifts from top shops, try not to use the expired addresses of public intermediaries, otherwise the account may be banned and you will lose the Gift.
It is better to check the balance of the Gift (validity check) on the shop's website from the IP of the country of the shop, do not check with the VPN of Germany or your home IP address, otherwise the system may block the Gift.
Day-to-day shopping for Gift is not recommended, wait a day, and here the working time is already important, since on weekends the physical staff is generally not sent.
Thorn of small staff on kx and adding an item to the cart.
Sooner or later, many gift drivers ask themselves the question: "What if you add socks for a dollar to the shopping cart in addition to Gift and buy them at the holder's address? Will this add antifraud loyalty?" The answer is NO.
Everything remains exactly in your bargaining chip, and the analysis of the order by antifraud will still proceed as an order with an eGift.
It makes sense to do this only at different times - today you bought socks and warmed up the shop with this, tomorrow you bought Gift from the same account.
It is possible to add and remove an item to the cart as a warm-up for the shop, but it is not necessary. Surf the shop, read the description of the goods, look at the catalog before buying the eGift directly - yes.
Re-engaging previously used cards and shop accounts Re-engaging as a phenomenon can be divided into two options for actions with a card:
A) interlocking cards after declline or chancell
B) interrupting cards after a successful order and spent money
Let's consider each of the options in more detail.
A - this is done in cases where you are not sure that the cancellation or declining was due to a dead card.
Roughly speaking, the antifraud didn't pass - let's try our luck in another shop. It makes sense, since sometimes it works, and no material costs are needed, the only thing is that if you drive into 2 different shops served by the same merchandise, it will almost always be useless, since your data is already in the system, because the merchandise has two different shops are common, so pay attention to the merchandise.
With option B, we have several decisions that need to be made before driving. First and foremost - to hit the same shop, or another? On the one hand, the shop already knows us, we placed a successful order and it seems like this should add loyalty, on the other hand, it can also cause suspicion in the shop because of the monotony of the product and the actions of the buyer.
From the recommendations for making this decision, I can only say - make a decision yourself, depending on whether your access (Sox, tunnel, deed) is still alive or not. If he's alive, then you can try to drive into the same shop from the same IP, if not, replace the IP and go to another shop.

The second question is how much to re-insert the card? More, or the same, or less? I usually focus on the level and type of card. If this is a low-level debit (classic), then I hit for the same amount as before. Accordingly, if the level of the card is higher (platinum and so on) or the type of credit, then you can try to increase the amount.
The downside of the interruption is that we don’t know if this card is still alive, but the plus is that we don’t need to buy it; re-driving brings an intuitive understanding of the work of antifraud of specific shops and their attitude to repeated purchases, it also gives working bins. It is recommended to change the recipient when rewinding.
The most important plus of re-screwing is a simple truth: it will significantly reduce the time to identify the cause of declines and chancellors, direct you on the right path and point out where to look for errors, and, therefore, sooner or later will lead to a solution.
Decline or kancel? But did you go to another shop? - The conclusion is simple, the antifraud shop or bank did not pass!
Decline or office in several shops? - Conclusion: bin shit / card dead or bad sox / system.
You can try to find a trouble-free shop with wild illiquid assets and check the cards on it.
Based on this, create your own methodology for identifying the problem, because Learning is Learning. Learn to learn, as they say
Time of day for driving in and response time from the shop (end result)
Often beginners ask themselves the question - At what time of day do they still beat? Answer: depends on the shop, its schedule and working days.
Some large shops may issue Gift instantly even at night on weekends, while in small shops you will have to wait for business hours on weekdays. Start hitting on weekdays, as you gain experience, you can hit at any time of the day and thus find out how the shop reacts (test it).

Several types of reaction of shops to understand:
1 - Gift came instant (instantly, up to 5 minutes)
2 - Gift came within 1-12 hours. - this is the average processing time based on the working hours of the store. This is normal. But, if the same shop has previously given you Gift by an instant, it means that this time you missed somewhere during the passage of the anti-fraud and the verification process was delayed or switched to manual verification.
3 - The shop has requested verification. I will tell you about verification tomorrow at the lesson "Driving from A to Z".
4 - Instant cancellation (multiple order cancellation) - the shop did not like something so much that he sends a refusal instantly. Sometimes it can mean a cancellation by the bank or a dead card. You can try to interrupt in another shop.
5 - The processing lasted for a day or more - manual checking in large shops, sometimes means trying to call the holder or driving in after hours. In a nutshell: either they didn’t make it, or they didn’t hit it then.
Record the time and results (reactions) of each shop and merchandise to learn how to work with them.
That's all for today, study, ask questions, tomorrow we will continue the lessons!

Let's start friends, what is driving in and what they eat with

In general, driving in looks like this:
1. Found a shop
2. Picked up materials for driving (card, socks / tunnel / RDP, address / intermediary)
3. Driven
4. PROFIT

But ... when, instead of Order Success, you start to receive order canceled / decline, you realize that, in fact, there are more details / dumps / devils in a still pool - call it what you want - much more than 3.
Perhaps you are talking about this never thought about it, but this is what could / could be the reason for your chancellors.
Right now, I propose to disassemble what the hammer consists of and what it is eaten with.
Let's take the naming of each part "variable" as a basis.
Let's call a group of variables that fit one category - a block; each block consists of several sub-items and variables inside it, let's proceed to a detailed examination of the blocks and variables inside them:

CREDIT CARD block:
- bin (the first 6 digits of the card, determines the issuing bank, country of issue, card level, presence / absence of vbv)
This or that bin may have a restriction on payments, spending limits / payment limits on the Internet, or it just might be "penniless", various types of VBV / MCSC and its reset (reset is variable depending on the bin);
autovbv bins - when there is vbv on the card, but does NOT require a password and is processed automatically.
You should not get hung up on this sub-item, but at least you need to take note of it.
Therefore, write down each bin you encounter in your work, as well as the result of working with it.
- Card level, card type
Card level, Classic / Platinum / Premier / Gold, etc., as well as Debit / Credit. Based on the level of the card, it can make assumptions about the presence of a balance on it.
It is logical that there will be more on platinum credit cards than on debit classics - purely statistically.
- card validity
Nothing matters: neither the quality of the ip, nor the system setting, if - the card is dead.
One can be sure of this only by calling the bank (or if there is an enroll to the card).
Checkers often kill cards, so you cannot blindly trust them, and it is better not to check the USA cards before driving them in at all.
- billing info / address - credit card address (billing address, billing - the address of the cardholder's residence), unfortunately, billing curves occasionally slip on the cards, and in the case of driving a crooked card into the merch that AVS checks (for example, almost all USA shops) the card will not fit.
The reasons contributing to this are the method of obtaining cards, almost always the information about the card gets to us the one that the holder entered somewhere CAM.
He can order something to work, to his mother-in-law's house, and so on.

There are various methods of dealing with this, I will tell you about several that I used personally:
A) Breaking through the billing holder before driving in the card
B) Search for information about the holder in publicly available sources, for example, by searching in Google Name + zip (John Woods 18462) and checking the correspondence of the address and name on various sites and social media. networks.
C) Driving in certain bins and types of cards. The types of cards include Business Cards (cards for business).
the working cards, which are often recorded on the company / organization (this do not be surprised if all of a sudden instead of a name on a card to see something like "Mike Stewart Washington Water Restoration")
Plus by driving of such cards is that in the billing have even in 99% of cases, which other types of cards cannot boast of, due to the fact that the company orders goods or pays for services in conjunction with its work address, that is, billing. Minus - not all bins will give.
- card check. There are several types of card checks:
A) Authorization and debiting. A random amount of money is authorized on the card (from $ 0.01 to infinity, but usually no more than $ 1), according to the same principle, a check is driven somewhere when the amount is debited.
B) Pre-authorization and / or revocation of authorization. In case of pre-authorization, the amount is not debited due to the quick cancellation thereof; when authorization is canceled, zeroing (cancellation) occurs after the direct authorization of the amount
C) Calling the bank

Each bank and bin treats different types of card checks differently, but this effect is mostly negative (especially when working in the USA) and sometimes kills cards (even pre-authorization)
Next block - Masking block:
The first item will be called "human factors". At the moment, many banks automatically analyze the amount of monthly expenses and the type of transactions of the cardholder, and because of the absurd behavior (this is when a 65-year-old lady buys a snowboard for herself), transaction failures from the bank are possible (I emphasize, possible).
This point is not critical, but it is impossible not to mention it. The shop transmits information about the transaction to the bank, so you need to set the minimum fraud speed to bypass anti-fraud systems - be guided by this.
To this point there is a sub-item "Behavior". By this I mean the motivation and purpose of a person buying something at a given moment in a particular shop.
Create an image for yourself, become a holder, you drive your card, not someone else's, believe it! Are you a 65-year-old woman and have decided to give your son a laptop? Talk about this with the shop support and ask for advice, read the product description, make a mistake when entering text, your eyes are no longer the same as in your youth!)

Sox and the tunnel as a whole can be grouped and called an ip-address block, then the variables in this block are as follows :
- cleanliness of ip according to black lists
- open ports
- geolocation of ip addresses based on maxmind (or other important)
base whoer.net and a number of other sites have an outdated max-mind geo base connected, so the consumption of geolocation information from the driven site in comparison with whoer and some similar sites can be very coordinated and critical, all the way to out-of-state.
Certain sites have their own geo-bases, often on these sites you are offered to automatically fill in the zip code, city and state, so when driving into such shops it is better to focus on the information provided by them and select material based on it.
- proxy & risk score
- provider, host name, DNS, ip belonging to the hosting provider
Internet provider ip, host name can tell about the ip belonging to the cloud hoster
- zip code ip range from zip code cc
For example: we own a card with a zip code in billing 97401, which means that the zip ip should be as close as possible to the zip, that is, 97401/9740 * / 974 **, etc. - however, it directly depends on your theme and the place where you drive, for e-Gift you need to pick it up as close as possible, for a thing, depending on the situation: for a drop / middle or holder.
Dedik, virtual and physical machines are included in the second masking group, respectively, they are a single block and have their own groups of variables, namely: - OS

Windows / Linux version, etc.
- browser (Browser, version, WebRTC settings, coockies)
Serious merchandise can also ask the browser for information about installed plugins (they can only check by requesting the id of a specific plugin (s)), check the sites on the list where you are logged in (https://browserleaks.com/social - you can check here, for example). In practice, when logged in, for example, Facebook is a plus, but not critical.

What is coockie stuffing?
- Stuffing cookies, surfing on various sites - imitation of a real user BEFORE driving.
It looks strange when a person with a "naked and empty" browser goes to buy Gift for a thousand bucks, doesn't it? Therefore, we create the image of an ordinary user-hamster, having previously surfed the sites of any local clinics / restaurants, Amazons, eBay's, Facebooks, etc.
- all kinds of fingerprints (fonts, fingerprint, audiofingerprint and many others)
The collection of fingerprints generates your unique user impression that remains in the system, is solved by changing the system (changing the Dedicated Dedicated Device, etc.), replacing a number of dot fingerprints (such as fonts, screen resolution, frequency video cards, etc.) and / or using antidetect.
Driving block process. In my opinion, the driving process itself consists of several things that, like all variables, can vary and / or modify themselves:
- the way to get into the shop (for example, from Google, or from Facebook / Twitter, other places)
Yes, this is also important. Yes, shops see it too! To one degree or another, this also matters. There are several types of transition, I will talk about them starting from less trustful moving to more trustworthy, respectively:
A) directly from the link from the browser home page, for example, browser> amazon.com
B) from search engines, for example, google.com> amazon
C) Social networks, affiliate programs, various coupon / cashback services.

The shop keeps track of where you came from, the most advanced methods = the most trustworthy!
- manual input of text or copy-paste - antifraud fires it, do you copy your name from the clipboard when making purchases from your card? I don’t think so.
- shop warming up
Surfing the shop, CONSCIOUS product selection, reading reviews, delivery methods. Removing / adding goods to the cart [from], registering an account in the shop (and possible temporary storage thereof), preliminary dialing or communicating with the support.
- by dialing / no.
Some shops have the option to order by phone - order by phone. It happens that the holder's website does not load / is buggy, and then a support operator comes to the rescue, who personally enters your card details and so on. The plus is that in fact the anti-fraud does not see your system / ip address, and accordingly does not assess the risks based on these factors.
- billing = / ≠ shipping
Correspondence between the input billing address and the shipping address, it happens that orders are canceled due to the difference. You can fight in the following ways: go through antifraud for all other indicators / warm up the shop (for example, chat in a live chat and say that you want to buy a gift for a friend, etc.) / search for shops that allow you to do this / drive billing = shipping = drop / middle (when checking AVS system will not work in most cases), having driven in illiquid assets, which will not "tighten antifraud".
- shipping
A number of addresses of well-known intermediaries can be blacklisted in many point shops and merchandise, duplicates are also monitored (whether they bought to this address earlier in the same shop)
- email for the holder and for the recipient (in the case of gifts)
Mail also has a certain risk-speed. The most trustworthy are corporate mails like [email protected] . The most fraudulent are all those that have a simplified registration process (for example, mail.com, in other words, those where you do not need to receive SMS during registration).
Among other things, some merchandise pay attention to the name in the mail address ( [email protected] ) - can check the presence of the holder's first / last name - also not critical, but also an important plus sign.
As you can see for yourself, there are quite a few variables. Therefore, when there are chances, think twice about the number of other variables that directly affect the result of the work. The analogy of creating this list can be carried out in any job, be it working with a stick, poker, banks or affiliate programs.
The block of the consequences of driving. There are many different options for the consequences of your driving, consider the main ones:
- Decline. The shop did not even allow you to place an order, often this means that you have problems with the card, so first of all it is worth paying attention to it. In other cases, the site either has technical problems and the screws are tightened (rarely), or you do not pass antifraud (or shop or bank) from the word at all and burn somewhere.
- Cancel. The order was hanged, but after a while (or immediately) the order was canceled on the email, the reasons: the antifraud did not pass / the shop called the holder / something was wrong with the card and the shop could not write off the money.

Antifraud did not pass and he didn’t like something - 2 options for the development of further events:
1 - cancellation directly from the antifraud system of the shop (or the bank did not allow the transaction)
2 - by the sum of the points scored by the fraud indicators, the order was processed manually (this is when the manager manually approves / cancels orders) and the manager canceled it, or called the holder.
Otherwise, if everything is clear with the first case, then the rest should be analyzed in somewhat more detail.

The shop called the holder - yes, there are such shops that always call, there are also shops that can only call certain orders (for example, for eGifts) and / or from a specific specified order amount (for example, all orders are $ 500 +)
The methods of dealing with this are as follows: indicating your / your own phone number in order to receive a call if necessary / indicating the left number (for example, some neighboring cafe with a holder) or a non-existent number.
However, due to the AVS system in a number of countries, such orders can also suffer, personally, I never shaman with the holder number, since in my work the AVS match should be 99.99%, so look at your needs and desires / topics.
The third and last option is a cancellation due to problems with the card. It means that the holder either managed to burn, or your shop does not process the orders immediately, but after the buyer left the order, and then he can even grab a dead card and give you an order, but, of course, he will not write off the money from it.
- a shop request for additional verification in the form of a photograph of an identifying document (passport / driver's license) or a photo card. It means that you have missed somewhere the anti-fraud or your order seemed suspicious. It also arises in cases when the shop is already well done and asks for verification at the slightest suspicion.
- request for additional verification by dialing, they ask you to call to "clarify" some details. Usually they drive along the backgrand (see the lecture on punching), depending on the shop, you can also mean that the card has a billing curve.
How to fight? Punch, call, draw. If the order or tests are worth it. We write the results in the records and draw conclusions.
The last point of the lecture is Checklist. Checklists, my method of working on point shops by developing and working out an approach in relation to them.
It consists of a list of points (usually 10-20) telling how you can break through a particular shop based on tests of driving in this shop, various useful notes derived from experience again (for example, how quickly orders / tickets arrive) - this helps me in work, a kind of creation of a template that must be guided by for success.

An example of my check-list for one large shop:
"SHOP *****. COM
- There should be equal billing
- Driving should be done with one attempt per 1 IP. Exception: 2 attempts
- Only manual input and previously unrepeated variables (a- for mail)
- Consider the option of driving in from dediks
- If the anti-fraud has not passed, but the card is even, the ticket will be sent to the mail within 25 minutes
- When the anti-fraud system does not pass the order, the merch gives a decline with the text: Unable to process credit card at this time, processor reported (Authorization Failed)
- If the card lacks balance or billing curve, the merchandise gives a decline with the text: Please double-check your billing address and credit card information.
- The following bins entered: 517805 464018 for such and such amounts ... *
And so on.
As you may have noticed, the blocks are divided in point and group order, you can classify the groups in order as follows:
Credit Card blocks, Masking (system) - consolidated - preparation for driving.
Blocks Driving process, consequences and checklists - the result of preparation for driving and, in fact, the consequences. It is important to trace the causal relationship between preparation and the result in order to learn to understand where and when you are to blame, and where the shop or the supplier of the material is.
"Those who give themselves up to practice without knowledge are like a sailor setting off on the road without a rudder or compass ... practice should always be based on a good knowledge of theory."

So like all friends!

Well, friends, let's start, I'll tell you about chargeback.
Chargeback is a procedure for protesting a card transaction by a cardholder, in which the payment amount is deducted from the recipient without acceptance and returned to the payer to the card, after which the recipient is responsible for proving the truth of the transaction.
The challenge procedure is applicable to the chargeback, to which, on the one hand, the recipient (online store) and the acquiring bank act, on the other, the issuing bank and the payer (card holder).
The procedure is strictly regulated by the rules and terms of Visa, MasterCard, etc., including a time limit - a chargeback can be challenged no later than 180 days from the moment of its occurrence.
If one party succeeds in protesting the chargeback, the previously withheld amount is returned to the recipient.
If not, the recipient is still charged a $ 25 fine as a rule.
According to the instructions, it is like this .. According to the instructions, the conductor - the controller in the trolleybus works. In real life, however, everything may differ depending on the country and the specific bank.

A refund is when a customer asks the shop (merchant) to return the money, and if the merchant does not want to return it for some reason, the customer goes to the bank - he says that he did not buy it and asks for a chargeback and the money will be returned to him. they will be written off from the merchant and fined.
If you overuse chargebacks, it spoils the cardholder's credit history. Chargeback for small sums is done easily and naturally; for large banks, they can arrange a dispute with a cardholder - chargeback disputes.
The bank investigates and decides on a refund if it believes that the buyer was cheated or the transaction was fraudulent.
It is worth noting that sometimes refunds are made even without the knowledge of the cardholder himself, an example of a person who admin transits in a shop didn’t like something about your input and he simply cancels the transaction through billing without the knowledge of the cardholder and the bank, thus saving himself and his business. from chargeback and fine.
The most common reasons for refund:
1.Chargeback history at another bank
2.Client called, claimed fraud asked for refund.
3.Bank negative database match
4.Customer called, demanding refund.
5.Stolen card - from processing bank
See below appendix - Chargeback and Refund differ from each other.

Q. But it turns out - a legal collapse on a legal collapse, of some kind? Can a cardholder buy anything for nothing and then make chargebacks and get the goods for free?
A. This is called a Friendly Fraud. Buy something with your card and then do a chargeback. Many nigras and latinos in pendosia do just that, they don't need a credit history anyway - tomorrow, the day after tomorrow they will be jailed. A law-abiding citizen does not need such a swing, as it can affect his future very, very much. Legal chargebacks are also undesirable to him - this is a headache and time spent running around the banks. In our country, this type of fraud is not very common due to the cunning of bank employees of all Sevdepia. But nevertheless, even the humorist Zadornov mentioned him in his speech, which caused a lot of lulz on the boards.

Q. In detail and in detail about the chargeback procedure?
A. Call (write, come) to your bank where your card is open - they will tell you what to do. The procedure is different for everyone. In the West and the USA, all banks are always on the side of the consumer, if there is no signature on the transaction, there is even no right for polemics / dispute with them. The cardholder will always get the money back, if not by refund or by chargeback. One ring takes.

Q. Chargeback timing
A. Everything is very individual here, depends on the country, depends on the specific bank and its policy. It happens that they do it in 2-3 days, but sometimes it takes up to 3 days.

Q. How long does the charge come after driving?
For small amounts on average UP TO 3 months. Provided that the holder does not use SMS transit notification. In the USA - sms notification is not widespread, in the EU it is more common.

Q. I would like some fresh information about antifraud.
And there is no fresh one. Everything was invented before us. As of 2011, nothing new was invented for this plan, except that now, in addition to ringing, there is also a video ringing - where you need to not only speak but also show your face to the camera.
You can write a lot on this topic for a long time. Therefore - Google help you.

Read this interestingly, if you do not have time to save, later you will read it on your PDA / phone.

Search keywords:
Zero Liability (it is different for each bank)
bankname + zero liability
Antifraud system Plug n Play
Claim cycle for Visa.
MasterCard claim cycle.

Bank negative database match - this means that such a cardholder has already done chargebacks with this card. I have done it with other billing / merchants since the first transaction. Some billing systems have a common Black List. If you previously made a purchase with a charge / refund in one billing, then the same card can then be detached when you try to buy in another.

Q. Chargeback for transactions that were carried out using 3-D Secure - Verified by Visa and MasterCard Secure Code is not possible in principle?
A. Chargebacks are not possible only with codes 23 - cardholder not present and code 83 - account used without permission. Chading with VBV is possible, it just happens differently. Transactions with the input of the VBV password are equated to transactions with the input of a pin, so if the VBV password is compromised through the fault of the cardholder, then he has no chance of winning a chargeback dispute. For shops / merchants, 3-D Secure technology partially solves the problem of friendly fraud. Carholder can't tell - it wasn't me. 3D secure technologies differ by region VISA and MasterCard (with a visa, the world is divided into regions according to its principle). If by default the processing (acquirer) is offered by VBV and the issuer does not support, all responsibility is on the issuer and the operation takes place without a 3D-Secure code. It is already the issue of the issuer that it is not certified by VBV.

Q. Chargeless cards exist?
A. The Matrix exists! (c) Certain types of pripeed with certain sums of driving in under certain coincidences of circumstances and weather. But no one will tell you the details. Time is knowledge. I have personally seen both chargeback and refund from entropy. Even though they come much later.

Q. And how can you reduce the likelihood of chargebacks with regular driving, are there any preventive measures?
A. Use cards with exp.date close to their expiration date. Use PLATINIUM and GOLD cards.

Q. If the card has expiry date 04/12 and I beat it on March 31st in the evening, will the cardholder be able to charge?
A. Of course! This is his card which belongs to him, he will be able to do it in a year. In these matters, he is a king and a god. Another thing is that there are rumors that with such a drive, the probability of a charge decreases.

Q. I drove in the amount of no more than $ 50 from the card, six months or a year have passed, will the holder be able to make a charge after such a time limit
A. Again, delve into Zero Liability, I remind you that it is different for each bank.

Q. And if I drive a small amount of $ 5-10 from each card, the cardholder won't notice this and will not charge back?
A. Will notice and do even 50 cents. I guarantee it. If he doesn't notice, they will help him to notice.

Q. Can I chargeback on checks?
A. Yes, the charge for checks is called - void

Q. What do all these people (wess, ODS) do with so many cards without CVV2 code? Do they run them through their merchant?
A. xs.

Q. I would like to create my own direct merchant.
A. It all starts with the firm. To accept VISA cards, you need to open a company in the EU, US or offshore islands. Or buy ready-made.

For the mastercard, a non-EU company will also work. But in this case, you lose 70% of buyers who use only VISA and do not have MasterCard.

Q. Expensive even.
A. Try to connect without a firm, as a solo propriator to one of the billing systems such as segpay, verotel, etc. See also PayPal, 2CO, Plimus.

Q. Acceptable percentage of chargebacks on different merchants?
In us - 2%. On EU - merchants -1% there are offices where up to 5 is possible, but this is mega-cool. All adult billing systems and their transactions have the code "5967" (high risk / adult / porn) attached. For such transactions there is no right to argue "dispute rights" This type of merchant. No signature, no way to prove. Tickets / hotels / goods are a completely different code and they have the right to argue with the bank.
Approximate EU merchant
Chargeback Fee (Under1%) $ 50.00
Chargeback Fee (Over 1%) $ 150.00
But if more than 2% - they will be disconnected.

Q. I have questions that I could not find answers to in this article.
A. Use google search to find answers. Use the google query syntax, AND, OR, and more for efficient searches.
google.com/search?q=Syntax+ queries+google
google.com/search?q=Search

operators+Google Chargeback - the process of refunding the buyer's card from the merchant, if the buyer has provided sufficient evidence to consider this transaction fraudulent.

In the case of a chargeback, the merchant loses the sold goods, payment and payment commission, as well as the penalty paid by the seller to the bank in case of each chargeback.

A list of reasons why an application for a refund can be submitted, if it is proven:
1. The cardholder did not receive the transaction details.
2. The transaction was not approved by the cardholder.
3. The account number does not match.
4. The transaction went through more than once by mistake.
5. The transaction details were not printed.
6. The refund was not carried out at the buyer's request.
7. Authorization has not been performed.
8. The buyer has not received the product or service.
9. The card was not used until the expiration period.
10. Services were not provided in full
11. Error in the payment amount field.
12. The statement on the confirmation of the transfer is incorrect, incomplete or incomplete.
13. The payment was made for the wrong amount.
14. In fact, the product is different from what was promised earlier.
15. Fake transaction.
16. Transaction execution time is longer than set by VISA or MasterCard.
17. Buyer's signature has not been received.
18. There is no sample signature on the card itself.
19. The signature on the card and on the invoice is different.
20. The seller changed the transaction amount without permission.
21. The seller knowingly participated in a fraudulent transaction.
22. Invalid date and time of the transaction.
23. A controversial transaction made through an order by phone or email.
24. The seller refused to accept the goods back.
25. The transaction was not successfully canceled (refund).
26. The customer is dissatisfied with the product or service.
27. The transaction was accidentally approved by the issuing bank, but later it turned out that it was a mistake, for example, there was not enough funds or the card was already blocked.
28. In case it turns out that the seller was incompetent.

Refund is a refund from the seller's account to the buyer's account, which is initiated by the seller himself. In this case, the bank or processing is not involved in resolving disputes between the seller and the buyer, they agree among themselves. The seller himself decides on the refund, in this case he does not pay fines to the bank, but loses the commission for the transfer and conversion.

No one is immune from chargebacks, the seller strives to minimize both chargebacks and refands. Subsequently, if the number of chargebacks exceeds the level allowed by the bank, the trading account may be closed. Therefore, if the seller is threatened with a chargeback, then it is more profitable for the seller to get out of this situation by making a refund voluntarily, that is, a refund. Even if he loses the goods, the funds received for the goods and payment of commissions, then at least he does not pay a fine to the bank and does not spoil his reputation with a chargeback. Although the bank also takes into account the statistics of refunds, it is not so critical.
All about the chargeback! Now I'll tell you a little about bins and that's it for today!

I mentioned a little above about bins, now I'll tell you in more detail. Bins
aka BIN is
4479720060601264
CVV: 877
EXP: 03/15
First Name: Julie
Last Name: Hamlet
DoB: N / A
email: N / A
Phone: 8473086347
Country: Refunded USA
State: IL
City: Chicago
ZIP: 60613
Address: 4060 N. Kenmore Ave. Apt 202

4479720060601264 - this is the bin
It contains all the information on the card
What is it?
3 - Amex
4 - Visa
5 - MasterCard
Which digit starts

Next BIN answers which card is debit or credit
What level is it from Classic to platinum, plus which bank and country

But the most important thing is a card with a VBV code or not
vbv - the code is on the example of, say, Russia and Sberbank, or let's say you make an order to an Internet store, everything is done, and so on. You press the button to pay and it will give you something like answer what is your favorite animal or in what year were you born, etc., etc.
Some shops (shops, they are also merchandise) eat everything (they don't care with or without a vbv card).

Well, of course, the cards (with bins but vbv) are of interest to us, they can be found either from someone else and buy the bins themselves stupidly a set of numbers and then in the SS (cards) shop. And look for them or it is stupid to take a pack of cards and try to recognize them yourself.

Ask your questions, we'll continue tomorrow!

1 - a lesson, who needs something if that

1) Installing windows 7 in English (United States) along with drivers

You need to download and install Windows, I think everyone knows how to use torrent

Next, download VeraCrypt - a program for encrypting files
After installing Windows, you will need to download https://launchpad.net/veracrypt/trunk/1.23/+download/VeraCrypt Setup 1.23-Hotfix -2.exe

If you can download the installation file from here, if someone cannot download the above

File: VeraCrypt Setup 1.23-Hotfix-2.exe

We install Windows not on a virtual machine

File: windows-7-sp1-lite-by -a_l_e_x_-x86-v_10_01_2018_iso.torrent

Security: data encryption is the key point of your security, because freedom is the most precious thing, no one wants to waste their lives just like that, sit down for fraud for 5 years and after 5 years go out into the free world by no one, because time is the most important resource, there is nothing more valuable than money and freedom!
Data encryption will help you even if you are tied up, you can decrypt this data after a few years, of course, no one will!

We launch the already installed VeraCrypt program and proceed as follows!

Here we select the first one and click Next.

Here we write the name of our container. For example, a movie of some sort Plastic_2014.mp4 or Homeporno.mp4

You need to select the type of encryption, in order to determine which one will be better for us, click Benchmark

A new window will open, so click Benchmark.

Select AES.
Select 2-4 GB.

No more need.

This is the most IMPORTANT part) you need to choose a good password. Signs from 20 and above
In no case should you write it down anywhere, just memorize it. http://passgen.ru/ password generator, if you yourself cannot come up with passgen.ru

When you come up with a password and enter it, click Next.

This window will appear.

Leave the file system FAT and the default cluster, in general, we do not touch anything there and move the mouse cursor over the window ) until the lower scale is full.

Here we have created a container.
Now let's figure out how to open it.
To open a container, you need to select it. Click here.
There we select our file that we made. Select a drive, any letter, for example B and click Mount. A window pops up where you need to enter your password:
After entering, click OK and wait until it is mounted, when the mount will look like this.
That's it, now we have opened the container.
We press in the program twice on it with the mouse or in my computer we open this disk we put there all the files related to the work
(textbooks with accounts in the future, work notes, etc.), programs for work After we have finished working
with the container, we go into the script and press the Dismount button I advise you to always mount the container in a certain letter
so that the programs work normally (the installation path is tied to a letter)

If you still have questions, ask, I can record a video tomorrow how to create a veracript and open it to make it more understandable.

By the way, you don't need to be afraid that someone will come to you, you won't be stealing millions here, it's hard and can't be done alone, you need to encrypt files just in case, you never know what happens, who will take the pc, etc.

I'll tell you about VPN
First, I recommend using free, if funds are limited, for example Windscribe and other vpn services, where you can buy cheap vpn, now I'll tell you about it
Go to http://deer.ee/ru/search/ and write vpn in the search bar and there we already choose any store that suits you and buy!
Personally, I buy here http://karma.deer.io/ and http://kess.pro/and personally i use this vpn HMA! Pro VPN has been around for a long time!

It's better to buy vpn than to use free vpn right away I say, it's not so expensive for 100-200r you can find a decent vpn on the sites above, but about the fact that some vpn servers do not log this is a myth, everyone sees it and if you do something serious they will take you) Well, there is nothing special in karzhe, especially since I mostly do things, I don’t do anything awesome.

I personally use HMA! Pro VPN this vpn. I have never let down, I have been using it

for several years, of course I never bought it for my own money) So - on the sites of the Software for connecting to Dedicated servers
To enter the PC there was nothing left
File: Dedicated server.rar

So far, that's all for today, tomorrow we will analyze the proxyfair and bitvays programs, they are needed to use proxies and ssh tunnels!
This is necessary to ensure anonymity on the network and impersonate a cardholder.

Hopefully everyone knows how to use the archive? And we all have it to unpack.

Here is one of the good services where they sell SSH tunnels not expensive! https://getssh.net/ru/ and they have software, now it's better to work through it then, the software itself is in the second archive, I threw it off! We rebuild here.

If we use a proxy for the place of the tunnel, we do everything like this.

And so, how to connect to the tunnel, open the proxy fireer and turn it off further open the getSSH program
A window opens, just to check, first we use free tunnels, they are in the software itself, click FREE SSH, select any from the list, click 2 times with the mouse and click
Create tunnel, then a new window should appear, wait 5-10 seconds, it will load and there will be a choice y / n write y and press Enter and wait a couple of seconds, go to any browser, open the site https://whoer.net/ and check the IP if everything converges correctly, everything is correct!
If you bought a tunnel, after the purchase, we enter it into our software getSSH

If you buy a tunnel for a dollar, it costs 0.80 with a discount, for half a dollar there is a tunnel in the blacklist, I have been using this service for more than 3 years

Now we will disassemble the Jabber client.

I dropped the file for download above, after downloading, open the file and install it, just press Enter everywhere until the installation of the file appears
File: pidgin-2.10.12.exe

download too
Vbivotron_2014_1.2_fixed_Eng.rar

Another shop with tunnels if that new.tunastock .ru forgot

So far about the Vbivotron program, we do as in the screenshots below! We open it, we turn it off!
What is this program for? To measure a person!
You can copy some text, for example, card number or address mb name or surname, etc.
And in the input form, press CTR + Z and the text is entered by itself.

After installing the Jabber client, open it and then do everything according to the list!

Go to the folder where you installed Jabber, open the pidgin.exe file
Opened, click
Add accounts, select the XMPP protocol.
Enter everything as in the photo, only your username and password.
As a result, after the software for the Dedicated Server should be registered, I threw it higher, and here is the instruction on how to log into the Dedicated Server, open RDCMan
Click Session further Connect To, the rest is as in the photo.

By the way, update the software via tunnels, the old something is troit and does not connect
File: getssh-2.0.5-win-x86.exe

Today I will tell you about the hype direction, which is now on everyone's lips and many are doing this, profit everyone has it!

Working with logs.
In the log, the most basic information about the system is contained in the System.txt file, or Information.log. Screenshot: https://prnt.sc/lx4rp1... In the screenshot, I have highlighted the parameters that we need to configure the system.

1. Windows - This parameter contains information about the Windows version and the bitness of the system (32-bit or 64-bit, 64-bit is much more common). Most often you will come across logs of Windows 7, Windows 10, less often - Windows 8, 8.1, XP. We will need this parameter to configure "navigator.UserAgent" and some derivatives.
2. Display Resolution - This parameter contains information about the user's screen resolution. Required to configure all settings related to screen resolution and browser window size and projection settings.
3. Display Language, Keyboard Languages - These parameters contain information about the system language / languages. Needed to configure the parameters “navigator. Language "," navigator. Languages ”and HTTP_ACCEPT_LANGUAGE.
4. CPU Count - This parameter contains information about the number of processor threads. Needed to configure the parameter "navigator.hardwareConcurrency"
5. RAM - This parameter contains information about the amount of RAM. Required for setting "navigator.deviceMemory"
6. Videocard - This parameter contains information about the video card of the system. Required to configure WebGL. Please note that the system can contain two video cards: one discrete and the other integrated. This is usually used on laptops. And which of them runs for the browser is 100% unknown. Firstly, the user can manually set what kind of video card will be used, and secondly, for example, it can be like this: if the laptop is charging, a discrete video card is used, if from a battery, then an integrated one. Therefore, in laptops, you should not rely on this parameter 100%.
7. [Network] We take almost all parameters, except Geo (Latitude and Longitude); This information will be useful to you for a more competent selection of Socks / SSH tunnel. There is no ZIP in my log, but it is not difficult to break through it. To do this, you just need to punch the IP address through the MaxMind database, or find the user's home address in the browser autocomplete, or by mail or in a shop. It is advisable to select the IP not only as close as possible to the ZIP address, but also, if possible, with the same IP mask and the same Internet provider.

Our next step will be to determine the type of browser and browsers to create the configuration.
It happens that PC owners use multiple browsers, not just one.
Therefore, if necessary, it is better to create two sessions in the sphere, i.e. two configurations, rather than loading cookies into one.
To do this, we look at the sites we need with logins and passwords in the file "passwords.txt" parameter "Soft" Screenshot: https://prnt.sc/lx5ofi , as well as files in the "Cookies" folder for the presence of the necessary sites (files in this folder divided into browsers; it is possible that the Cookies files can be stored in a shared folder.
It all depends on which stealer the log is from). Example: http://prntscr.com/lx5oag
In my case, there is only one Google Chrome browser in the log, so I mark myself only 1 browser.
Moving on to more interesting information that does not lie on the surface.
Determine if there is FLASH in the system and its version, determine the browser version (if possible)

To do this, go to the System.txt or Information.log file and look for "Adobe Flash Player" in the [Software] section of the installed programs.
If found, then we mark that Flash is, write down its version.
There are two types of Adobe Flash Player: Adobe Flash Player NPAPI - for the Firefox browser. Adobe Flash Player PPAPI - for Opera / Chrome browser.
Screenshot: http://prntscr.com/lx5ztv
Next on the same screenshot we see the version of Google Chrome, if not, then we try to find it in the file at the request “Google Chrome”. We also mark the version for ourselves.
We will need the type of browser and its version to configure the "navigator.UserAgent" parameter, and, in exceptional cases, to disable Canvas substitution.
The Mozilla Firefox browser is searched for by the request "Firefox", we should find something like this "Mozilla Firefox 64.0 (x64 en-US) [64.0]".
The name of the Firefox browser contains the bitness of the program (32 or 64 bit), which is also useful in setting "navigator.UserAgent".
We are looking for the Opera browser for the query "Opera", we should find something like this "Opera Stable 57.0.3098.106 [57.0.3098.106]".
For various reasons, it is not always possible to determine the version of the browser, one of which is that the browser can be Portable, i.e. not installed on the system.
IE browser will not be visible, because it's already natively in Windows, with Edge in Win 10 the same hat.
We need Flash and its version in order to add it to plugins and, if necessary, enable its physical version in the antidetect.
Determine the user's desktop or laptop.
You can determine this using various options.
1. According to the screenshot of the screen in the log. On the screenshot of the screen, we are looking for what is typical for a laptop on the taskbar in the lower right corner, or on the desktop for what is typical for a laptop (software icons for a laptop, etc.).
On the taskbar, you can find Battery icon, Wi-Fi connection icon. Now I will show this with examples.
Examples: http://prntscr.com/lx86z7
https://prnt.sc/lx871y
2. By information about the processor in the system. To do this, go to the System.txt file, or Information.log and look at the "Processors" Screenshot parameter: https://prnt.sc/lx88az
Copy the value and google the processor information. Here is an example of information on this processor from the Intel website, which shows us that the user has a desktop computer.
Screenshot: https://prnt.sc/lx89jp
Sample processor information for a laptop. Screenshot: http://prntscr.com/lx8g8y
Well, another option is to look in the processes or installed programs in the System.txt file, or Information.log for processes / programs that belong to the laptop.
For example, these are processes in which the keyword "Bluetooth" appears, programs specific to a particular laptop manufacturer (ASUS, DELL, MSI, ACER, etc.).
Examples of processes: "Intel (R) Wireless Bluetooth (R)", "Dell Touchpad ".
It is necessary to know several options, because sometimes there may not be a screenshot, or a screenshot is obtained in a certain area without the taskbar, sometimes the taskbar is hidden.

Taskbar: we determine the position of the taskbar on the screen, the size of the icons and whether the taskbar is hidden (if possible)
The first question that comes to mind: "Why the heck do you need it?" The answer is: this is necessary in order to set the screen size; the size of the browser window and the size of the working area of the browser in full-screen mode of the browser (parameters "window.innerWidth", "window.innerHeight", "window.outerHeight", "window.outerWidth").
Of course, not every log will have such an opportunity to look at and understand 100% of everything. Sometimes there may not be a screenshot, there may be a screenshot of an incomplete area of the screen.
Now I will show you how to properly evaluate these parameters. Screenshot: https://prnt.sc/lxy3x0
These examples are made on OS Windows 7. If you wish, you yourself can then look and play with these settings on any OS Windows.
1) Position of the taskbar. Happens: horizontal and vertical. For most users, the default position is horizontal.
2) The size of the taskbar icons. There are two sizes of icons: large and small. By default, the size of the icons is large. Most users have large icons. On Windows 7, there is a peculiarity: if the icons are small, then the "start" button icon protrudes beyond the taskbar area. Sometimes it is not always possible to understand the size of the icons even from the screenshot, I advise you to also pay attention to the Display Resolution in the log; One thing is a screenshot of the screen size "1024 x 768", another thing is "2560 x 1440"
3) Hidden taskbar. By default, the taskbar is not hidden for most users. A hidden taskbar doesn't mean it's not there at all. It just does not appear on the screen, but appears when you hover the mouse cursor. If you have a full screenshot of the screen in your log and there is no taskbar there, then it is just hidden.
4) If in the screenshot the owner of the PC has the type of browser you need open, mark this as well, it will be useful in setting up. Screenshots with an open browser are quite common.
User's network: we define an approximate router and its model (if possible)
Sometimes, from the log, you can determine the brand of the user's router or its approximate model.
This may be necessary for more precise configuration of WebRTC, or rather, Local IP Address.
To do this, you need to look in the log in the file with logins / passwords or in the file where the browser history is stored, the popular masks of the IP addresses of routers.
Here is a link to the table of brands of the most popular routers and default local ip addresses:
https://docs.google.com/spreadsheets/d/1GySRwS_QAmvPSJEDxYcsGnz_7Vu_mtj0nn_RvY4wgl4 / edit? usp = sharing
The most popular masks for searching in the log are: "192.168.", "10.0.", "10.1.", "10.90.". I highlighted the most popular brands in the table in light blue.
If there will still be a login and a password, you can try here to look at the brands of the standard login / password bundles by brands: https://192-168-1-1ip.mobi/default-router-passwords-list/
For example https: / /prnt.sc/ly3sww it can be assumed that the PC user has a D-Link router. But this is not 100%, since several more routers have the same bundle.
The browser history file can sometimes show us much more accurate information. Here's an example: https://prnt.sc/ly41tw

In the browser history, we see the Local IP Address and plus the page title, which gives us a huge plus in defining the router.
If you google "B593s-931", then you can determine that this is the name of the router "HUAWEI B593s-931". Another example: https://prnt.sc/ly49nx
If you google "userRpm / DdnsAddRpm.htm", you can see that the router belongs to TP-Link TL-WR741N / ND, or TL-WR841N or some others.
In addition to the Local IP Address of WebRTC, the information will be useful if someone changes the MAC address, since the "beginning" of the MAC address is different for each manufacturer.
Browser plugins: identify popular plugins that are installed in the browser.
Plugins in any program are add-ons that allow you to expand its capabilities.
Most of the popular browsers have the ability to install plugins that extend its capabilities. For example, it can be a Flash plugin from Adobe, the ability to read PDF pages in a browser; in Chrome, this plugin is already included by default; the ability to run any Audio / Video codecs.
With each new release of updates, the number of new features and variations of the supported content increases, so plugins are gradually losing their relevance.
As a result, in the browsers Chrome, Firefox, Opera, Edge, there are only built-in plugins and one added: Adobe Flash Player.
Therefore, the search for plugins is more relevant for the Internet Explorer browser, or for older versions of Firefox (up to version 52), Chrome, Opera.
Most popular plugins: Flash, Java, Microsoft Office, Adobe PDF Reader, Windows Media Player, Real Video / Audio.
At the beginning of the article, we already determined whether Flash is on the system. So Flash Player is also a plugin in the browser.
Therefore, if there is Flash, then in some types of browser it will be in plugins. We mark ourselves, if available.
We will also search for other plugins in the System.txt file, or Information.log in the [Software] section of the installed programs.
Find the QuickTime plugin by request "QuickTime", the approximate name of the plugin: "QuickTime 7
[7.79.80.95]"
Find the Java plug-in by the query "Java", the approximate name of the plug-in: "Java 8 Update 191 [8.0.1910.12]" We
find the RealPlayer plug-in by the query "RealPlayer", the approximate name of the plug-in: "RealPlayer [18.1.15.]"
Plugin Adobe Acrobat ( for reading PDF files) we find by request "Adobe Acrobat Reader DC", in the end it will be something like "Adobe Acrobat Reader DC [19.010.20064.]"
There are many other different plugins, this was just an example of popular plugins. The list can be continued for a very long time.
This completes the collection of information from the log. As a result, we have collected the following information:
Windows: Windows 10 Home [x64]
Display Resolution: 1920x1080

Display Language: en-US
Keyboard Languages: English (United States)
CPU Count: 4
RAM: 8139 MB
VideoCard: NVIDIA GeForce GTX 970
[Network]
IP: 38.104.174.234
Country: United States (US)
City: Pleasant View (California)
ZIP: 93260
ISP: Cogent Communications (Txox Communications)
-
Browser: Google Chrome ver ... 68.0.3440.106
Flash: available, ver. 30.0.0.154
-
PC: Laptop
-
[Taskbar]
Position: Horizontal
Icon size: Large
Hidden taskbar: No
Is there a browser in the screenshot: YES
-
Router: ~ TP-Link TL-WR741N or TL- WR841N
---
[Browser Plugins]
Adobe Flash Player
RealPlayer
Adobe Acrobat

Of course this example has too much information. In practice, it may be less.
Manual for setting up real configs from scratch using antidetect.
Let's move on to the most interesting section of this article. The basis of all the basics - UserAgent UserAgent is the basis for creating a config.
As building a house begins with a foundation, so creating a config begins with UserAgent (abbreviated as UA). Let's start with theory. Let's figure out what UA is.
UserAgent is a property (parameter) that contains properties that are used to determine which browser, which operating system, which version, and what specific software the user has.
In the configs of any Antidetect, this parameter is located in navigator.UserAgent and in HTTP_USER_AGENT. Note: navigator.UserAgent and HTTP_USER_AGENT are always the same, but there is an exception: Internet Explorer browsers.
Very often in these browsers, navigator.UserAgent contains information about the user's software. Example: HTTP_USER_AGENT: "Mozilla / 5.0 (Windows NT 6.3; WOW64; Trident / 7.0; rv: 11.0) like Gecko" navigator UserAgent: "Mozilla / 5.0 (Windows NT 6.1; WOW64; Trident / 7.0; SLCC2; .NET CLR 2.0 .50727; .NET CLR 3.5.30729; Media Center PC 6.0; rv: 11.0) like Gecko »Let's take a look
at how to compose the UA of the most popular browsers in Windows. Let's start with the simplest - Mozilla Firefox.
UserAgent structure:
Mozilla / 5.0 (<Windows version>; <bit tags>; rv: <Firefox version>) Gecko / 20100101 Firefox / <Firefox version>
Above, I have highlighted the parameters that you need to know to create a real UA.
<Windows version> - Operating system versions.
Options:
Windows NT 6.0 - Windows Vista, Windows Server 2008.
Windows NT 6.1 - Windows 7, Windows Server 2008 R2.
Windows NT 6.2 - Windows 8, Windows Server 2012.
Windows NT 6.3 - Windows 8.1, Windows Server 2012 R2.
Windows NT 10 - Windows 10, Windows Server 2016 & 2019.
This parameter is available in all UAs on Windows. Note: on Edge browsers it is static i.e. does not change, because the browser is sharpened just for Windows 10.
<bit tags> - "bitness" of the system. I think everyone knows and everyone has met with the fact that there are two 32-bit Windows systems and 64-bit ones.
It is the browser that transmits the possible variations:
Win64; x64 - this value is passed if the system is 64-bit.
Empty value (nothing is passed) if the system is 32-bit. Example UA: Mozilla / 5.0 (Windows NT 6.1; rv: 60.0) Gecko / 20100101 Firefox / 60.0

WOW64 - this value is passed when a 32-bit browser application is running on a 64-bit system.
<Firefox version> - this value shows the version of your Firefox browser.
Note: the value is transmitted with only one digit after the dot, even if the browser version is "63.0.3", then only "63.0" will be transmitted to the UA.
Here is a link for a list of all current Firefox versions: https://www.mozilla.org/en-US/firefox/releases/
By combining these values, we get different UserAgent's. Do not forget that the value of "rv:" and "Firefox /" must be the same.
Examples:
Mozilla / 5.0 (Windows NT 10.0; Win64; x64; rv: 64.0) Gecko / 20100101 Firefox / 64.0 - UserAgent Windows 10 [64bit] with Firefox 64.
Mozilla / 5.0 (Windows NT 6.1; rv: 52.0) Gecko / 20100101 Firefox / 52.0 0 - UserAgent Windows 7 [32 bit] with Firefox version 52.0.1 or 52.0.2
Mozilla / 5.0 (Windows NT 6.1; WOW64; rv: 43.0) Gecko / 20100101 Firefox / 43.0 - UserAgent Windows 7 [64 bit] with Firefox browser, which is designed for 32-bit systems version 43.0.1, or 43.0.2, or 43.0.3, or 43.0.4

Let's go to the Google Chrome browser.
UserAgent Google Chrome framework:
Mozilla / 5.0 (<Windows version>; <bit tags>) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / <Chrome version> Safari / 537.36
Although UA Chrome seems more complicated, in fact it is even a little simpler, tk. version. chrome does not need to be duplicated twice.
<Windows version> and <bit tags> are exactly the same values as in Firefox.
<Chrome version> - this value shows the version of your Chrome browser.
Here is a link for a list of current versions of Chrome: https://filehippo.com/download_google_chrome/history/
Example: Chrome / 71.0.3578.98
71.0.3578 is the browser version.
98 - Build. It shows how many fixes of various bugs, improvements were in this version.
Examples:
Mozilla / 5.0 (Windows NT 6.3; Win64; x64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 71.0.3578.98 Safari / 537.36 - UserAgent Windows 8.1 [64 bit] with Google Chrome browser version 71.0.3578 with build 98 .
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 70.0.3538.110 Safari / 537.36 - UserAgent Windows 10 [64 bit] with Google Chrome browser version 70.0.3538 with build 110.
Mozilla / 5.0 (Windows NT 10.0) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 70.0.3538.110 Safari / 537.36 36 - UserAgent Windows 10 [32 bit] with Google Chrome browser version 70.0.3538 with build 110.

Go to Opera.
Mozilla / 5.0 (<Windows version>; <bit tags>) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / <Chrome version> Safari / 537.36 OPR / <Opera version>
Opera browser is implemented on the WebKit engine and V8 in the Chromium shell, that's why UA also has "Chrome / <Chrome version>", we can say UserAgent is not very different.
<Windows version> and <bit tags> and <Chrome version> are absolutely all the same as I described above. The only moment with chrome versions, but more on that below.
<Opera version> - this value shows the version of your Opera browser. Here is a link to the list of current versions of Opera: https://blogs.opera.com/desktop/

We are most interested in "Stable update", "beta update, developer update, initial release" - to a lesser extent.
56.0 - Browser Version
3051 - Browser Build
116 - Browser Patch.
I will clarify what is the peculiarity of Chrome. A specific version of Opera has a specific version of Chrome. You can't write a version of Chrome from the bulldozer or vice versa. These two values must be consistent.
Here is a table, I threw in 11 versions of the Opera browser as examples.
https://docs.google.com/spreadsheets/d/1OglvdCpkWxr0GztpQ3Nzi3Ij0Ep4oEZxdfZnPVwdqU/edit?usp=sharing
Examples:
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.3 /537.36 OPR / 55.0.2994.44 - UserAgent Windows 10 [64 bit] with Opera browser version 55.0
Mozilla / 5.0 (Windows NT 6.2; WOW64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 68.0.3440.106 Safari / 537.36 OPR / 55.0.2994.44 - UserAgent Windows 8 [64 bit] with the browser Opera 32-Bit Version 55.0
Proceed to the Edge browser.
UserAgent Edge framework:
Mozilla / 5.0 (Windows NT 10.0; <bit tags>) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / <Chrome version> Safari / 537.36 Edge / <Edge version>
<bit tags> and <Chrome version> absolutely the same, as I wrote above.
<Edge version> - This value shows the version of your Edge browser. Just like Opera, a certain version of Edge has a certain version of Chrome.
Here is a link to current versions of Edge: https://en.wikipedia.org/wiki/Microsoft_Edge
Note: We need the values "EdgeHTML version" and not "Version".
Example: Edge / 17.17134
17 - EdgeHTML Version
17134 - Window Build.
Table with examples of Chrome Edge versions
https://docs.google.com/spreadsheets/d/1QkUj5f0oPIUGU6aGyZSS9DNUpGCaywv9W50ytvSVPM/edit?usp=sharing
Examples:
Mozilla / 5.0 (Windows NT 10.0; Win64; x64) Apple.36Kit / 5 Chrome / 64.0.3282.140 Safari / 537.36 Edge / 17.17134 - UserAgent Windows 10 [64 bit] with Edge browser version 17.
Mozilla / 5.0 (Windows NT 10.0) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 64.0.3282.140 Safari / 537.36 Edge / 17.17134 - UserAgent Windows 10 [32 bit] with Edge browser version 17.
On this topic UA will be completed, there is still a lot to say about existing UAs, since I have analyzed only the most basic browsers and the most popular and simple options. If at all this article goes, then I will reveal in more detail about more complex variations of UserAgent from different types of browser; about mobile UserAgent and new types of browsers.

Other options where you can get UA:
1) Real devices.
2) https://developers.whatismybrowser.com/useragents/explore/ Many different UAs by browser type, by OC, mobile UA, etc. There are a lot of sample options. The disadvantages are that there is a lot of any "slag", there are not so many newer versions; there is a parameter of UA popularity, but I would not advise you to focus on it.
3) Configshop. Actually, in the config shops, you can safely see this parameter without buying a config. The option is very convenient, because you can make a selection according to the necessary parameters and the most relevant UAs in the config shops. In some, you can simply register easily. I will not throw links here, who will really need it - write to the LAN or by contact.
Let's go through the simple config settings in Linken Sphere (Extended session settings).
Navigator.vendor - This parameter displays the name of the browser vendor. In our browser types, the Value is empty, or "Google Inc." The parameter is static, i.e. does not change. Values in our browser types:
Firefox - Blank
Edge - Blank
Chrome - Google Inc.
Opera - Google Inc. [/ QUOTE]
Navigator.ProductSub - this parameter shows the Build number of the browser. The parameter is static, i.e. does not change. Values in our browser types:
Firefox - 20100101
Edge - 20030107
Chrome - 20030107
Opera - 20030107
Navigator.hardwareConcurrency - this parameter shows the number of processor threads, not the number of physical processor cores, as many believe.
The parameter does not depend on the type of browsers we are considering. Popular values for this parameter: "2", "4", "8", "12".
For a better understanding, I will consider a new processor on laptops: Intel Core i7-8750H.
This is a 6-core processor, but it has 12 threads, therefore the parameter will be set to "12" and not "6".
Sometimes the number of threads matches the number of cores. By the name of the processor, you can always look at these values on the Internet.
As for the information in the logs, there is just information about the number of threads, so you can safely set this parameter, but just in case, double-check (parameters: # of Cores and # of Threads)
Navigator.MaxTouchPoints - this parameter shows the maximum number of simultaneous touch clicks, which the device supports, i.e. if the device has several touch screens with different maximum values, the maximum value is shown.
The parameter does not depend on the type of browsers we are considering. In general, they usually say that this parameter is more relevant for mobile configs and this is true, but not quite.
An ordinary stationary computer or laptop with a connected mouse and keyboard will show the value "0". Most often this is the value of the parameter.
But there are touch monitors in laptops, touch monitors for stationary PCs. Therefore, in this case, the parameter value is usually "1" or "2".
Therefore, when setting up our types of config, it is permissible to set these values.
According to the information from the log, it is impossible to determine in 95% which particular laptop or which display, so it is better to set the default value "0".
Navigator.Platform - this parameter shows the platform on which the browser is running. Within our browser types and OS, there can be two values: "Win32" and "Win64".
But even if Windows is 64-bit and the browser software is 64 bit, the value "Win32" is still used. Therefore, we set only this value.
Navigator.doNotTrack - this technology allows you to enable or disable the ban on tracking by sites, various systems.
The most popular values used are: "Null" - the user did not set this parameter, therefore, it is not enabled.
This is the most commonly used parameter. "1", "true" - the user has enabled this function, "0",
"false" - the user has disabled this function. All three values can be used in configs, preferably "null" or "0".

As for the substitution without antidetects, Google has instructions for each type of browser with pictures on how to enable / disable this technology.
Navigator.gamepads - this technology shows connected gamepads and their properties (joysticks like on Xbox and Playstation).
By values in the sphere: "True" - the function is enabled, "False" - the function is disabled.
Feature: Even if there are no gamepads connected to the system, this function is enabled. So basically we use the value "True" for our browser types regardless of the OC version. Even on most mobile browsers, the feature is also enabled.
Navigator.battery - this technology shows information about the state of the battery (whether charging is in progress, the level of charging in %, the amount of time to fully charge / discharge, etc.).
By values in Linken Sphere: “True” - this function is used without substitution, “False”, “Fake” - identical to True, only the parameters of the battery itself are substituted.
By use: in Edge, Firefox (after version 52) set only "False", in Chrome and Opera set either "true" or "fake".
This feature, as one might think, applies not only to laptops. On desktop computers, the Battery function is enabled.
The difference is that the parameters will be static, as if it were a laptop on a charge at 100%.
Information on setting this parameter from the log: if you have determined that a PC user can enable "fake" from a laptop, but if on your system where Linken Sphere is installed, Battery static parameters and the log user have a stationary computer, then it makes sense to enable "True ".
On real systems, if you have a laptop, it is very easy to change this parameter, you just need to discharge / charge the battery. Then the values of this function will change.
Navigator.webdriver. Webdriver in a browser is a software library (driver) that allows other programs to interact with the browser; manage your browser.
This technology appeared in the browser not so long ago, therefore it is experimental, there is not much information on it already.
The webdriver technology is supported by all major types of latest browsers. The main values of the Webdriver property are "true", "false", and "undefined" (undefined).
On use in Linken Sphere: if we make configs of old browser versions (below 63 Chrome and 50 Opera, then use the value "undefined").
In other cases, the values "true" and "false" are allowed. But taking into account the specifics of this technology and how it is implemented in browsers, I advise you to use "false" in 95% of cases.
Navigator.Online - this parameter shows the status of the browser. Parameter options: "True", "False", "1", "0".
Here and a no brainer that the value should be "True" or "1". In the sphere, the ability to set only these parameters is specially established.
Navigator.deviceMemory - This parameter shows the amount of RAM in GB.
Values: 0.25 - 256 MB of RAM, 0.5 - 512 MB, 1 - 1024 MB, etc. to a value of 8. If the RAM is more than 8 GB (12 GB, 16 GB, 32 GB, 64 GB), then the value will still be "8".
If you are configuring the Firefox browser config, then set the value to "False", since. there is no given
parameter. If you configure the config of Chrome, Edge, Opera, then we set this parameter (Works in Chrome from version 63, Opera 50 and in Edge 17 version).
The most popular values are "2", "4", "8".
Incognito - the parameter shows whether the incognito mode (private mode) is enabled or disabled in the browser. For work, set only "False".
Incognito mode in the browser, this is when the browsing history is not saved in the browser, cookies, autocomplete, etc. An excellent option for schoolchildren to watch porn so that the mother or father does not burn))

Setting the language in the config
Three parameters are responsible for the language in the config in antidetects. Two in navigator (language, languages) one in browser headers (HTTP_ACCEPT_LANGUAGE)
Navigator.language - this parameter shows the language of the browser interface (i.e., roughly speaking, which language of your browser, not the system, will be displayed in this parameter.) Example: "en-US", "en-GB", "ru-RU", etc.
This parameter is composed as follows:
[Name of Language] - [Country codes]
Name of Language - below is a link to a list of all languages and designations: http://www.loc.gov/standards/iso639-2/php/code_list.php ( take the value from "ISO 639-1 Code")
Country codes - below is a link to a list of all languages and designations:
https://www.iso.org/obp/ui/#search/code/(take value from "Alpha-2code")
Navigator.languages - this parameter shows the user's preferred languages and is taken from HTTP_ACCEPT_LANGUAGE
Example: "en-US, en, ru-RU, ru", "de-DE, de, en-US , en "
The parameter is composed like this for EACH language (each language is separated by a comma without a space):
[Name of Language] - [Country codes], [Name of Language]
HTTP_ACCEPT_LANGUAGE - this parameter shows the preferred languages that the user can understand (system language , browser interface language) and language "preference".
Example: "ru-RU, ru; q = 0.9, en-US, en; q = 0.7"
The parameter is composed as follows for EACH language (each language is separated by a comma without a space):
[Name of Language] - [Country codes], [Name of Language]; q = [quality values]
quality values - language preference value. It can range from 0.1 to 0.9. The higher, the preferable the language. I advise you to set for the main language from 0.6 to 0.9, for the second from 0.4 to 0.7.
In the realm, you only need to configure HTTP_ACCEPT_LANGUAGE
(https://prnt.sc/lypoyp ) to configure language settings . The easiest way to change the language without HELL is to simply change the language in your browser.
The log also contains information about the user's language and the languages of the keyboard layout.

Configuring display settings
Moving on to the parameter settings that are related to the user's system screen. I will not go into theory too much, I will try to explain these parameters in practice very simply.
First, let's see the main screen parameters in Linken Sphere clearly in the screenshot:
http://prntscr.com/lz6cwt
Screen.width | device-width - these parameters show the width of the screen in pixels. Of course, in some subtleties, these are different parameters, but within the framework of our article I combined them, since the values will be the same.
Screen.height | device-height - these parameters show the height of the screen in pixels. Combined for the same reason.
device-width and device-height in the sphere can be configured in the general settings (Physical screen size).
Configure Screen.width and Screen.height in the session screen setting (NOT in Extended settings)
Screen.availWidth - this parameter shows the width of the screen in pixels that the browser can occupy.
In the screenshot, we have the taskbar at the bottom, therefore, it is associated not with the width, but with the height; the browser can take full length.
Therefore Screen.availWidth = Screen.width | device-width
Screen.availHeight - this parameter shows the height of the screen in pixels that the browser can occupy.
In the screenshot, in order for the browser to occupy the full height, the taskbar "interferes", so this parameter will be calculated as Screen.width MINUS taskbar height.
Let's look at the examples from the first part of the article, when we looked at the taskbar there.
Now in even more detail and with an example. Take a Full HD 1920x1080 screen.
If the default taskbar (at the bottom, with large icons as in the screenshot), then its height will be 40 px.
With these values, “Screen.availWidth” will be 1920, and “Screen.availHeight” will be 1040 px (1080-40 = 1040)
If the icons in the taskbar are small, the height of the taskbar will be 30 px, and the value “Screen.availHeight” will be 1050 px
If the taskbar is hidden, then the “Screen.availHeight” value will be 1080 px.
The story will be exactly the same if the taskbar is located not at the bottom, but at the top.
Further, the taskbar can be placed to the right or to the left, and then the "Screen.availWidth" parameter will change.
By default it will be 1858 (1920 MINUS taskbar width is 62 px).
If the icons are small, then with this arrangement of the taskbar nothing changes in the width of the panel, and the value will be 1858; if the taskbar is hidden, then the value will be 1920.
That's why we looked at the taskbar from the screenshot in the log.
Screen.availTop - shows the first top (vertical) pixel screen coordinate that is not occupied by the taskbar.
Screen.availLeft - Shows the first top (horizontal) pixel screen coordinate that is not occupied by the taskbar.
If the taskbar is located at the bottom or on the right, these parameters will have a value of "0".
Exception: if there is a second monitor, then the "Screen.availLeft" parameter can be negative or even positive.
If the taskbar is located at the top or on the left, then these parameters will have values depending on whether the icons are large or small.
If the taskbar is hidden in this case, these parameters will have the value "0".

Otherwise: if the taskbar is on the left by default, then "Screen.availLeft" will have a value of 62 px, if the taskbar icons are small, then also 62 px (since when it is placed sideways, the width does not change)
If the taskbar is at the top, then "Screen.availLeft" will have a value of 40 px, if the taskbar icons are small, then the value will be 30 px.
Simply put, Screen.availTop shows the height of the taskbar if it is at the top, Screen.availLeft shows the width of the taskbar if it is on the left.
Knowing the location of the taskbar about the screenshot in the log, we can calculate these parameters.
The above values are valid for a Full HD screen of 1920 px by 1080 px.
In the attachments of the theme (at the very bottom), I attached the simplest, but very convenient checker for calculating the parameters of the screen and browser window.

I'm not a programmer and I'm not fond of this, so the checker works correctly and stably only on Chromium browsers (Chrome, Opera).
Therefore, you should not use this checker on Firefox. I hope there is someone who knows jQuery and adapts this simple checker for Firefox as well.
As a bonus, a link to a table where I indicated the most popular screen resolutions for OC and calculated the parameters for different browser resolutions:
https://docs.google.com/spreadsheets/d/12KM12QLMdwdmBKDuxlMuh31WZNMQ6hdlIz_QnipAVg/edit?usp=sharing
Screen.colorDepth and Screen.pixelDepth - these parameters show the color rendering quality. The values of these parameters are the same. Possible values are "24" and "32".
Within the framework of our article, we put only "24". The value "32" has such devices as Iphone, Ipad, etc.
Screen.orientation - this parameter displays information about the screen orientation. The easiest way to explain this is by a screenshot. https://prnt.sc/lz7j8w
We use only the "landscape-primary" parameter within the PC; other parameters for mobile devices, tablets, etc.
Screen.angle - this parameter shows the screen rotation angle. "Landscape-primary" value 0;
"Portrait-primary" value 90; Landscape-secondary value 180; "Portrait-secondary" value 270

Configuring browser window parameters
To begin with, let's see all the main parameters of the browser window in Linken Sphere clearly on the screenshot for better understanding (the screenshot was honestly stolen and modified):
https://prnt.sc/lz7r9g
We will consider the setting with two options:
1) Full screen mode, when we expand the browser to full screen.
2) Windowed mode, when the browser occupies only some part of the screen. The screenshot shows just this option as an example.
Window.outerWidth - this parameter shows the width of your browser window, including the scrollbar, toolbar, etc.
Window.outerHeight - This parameter shows the height of your browser window, including toolbar, URL bar, browser tabs, loading area, etc.
The screenshot above demonstrates these parameters perfectly, and how they differ from others.
If the browser is in full screen mode, then we can specify the exact values.
If we work in windowed mode, then there can be a huge variety of values, the main thing is that the values are "consistent" with other parameters (innerWidth, client.Width, innerHeight, clientHeight, screenLeft, screenTop, screenX, screenY).
The best and easiest way to get values for windowed mode is to use the script that I attached to the theme.
In full-screen mode, these parameters correspond to the parameters "availWidth" and "availHeight"
Window.innerWidth and body.clientWidth - these parameters show the width of the browser's working area, in other words, the entire width in pixels to which your sites are loaded, excluding the width of the scroll, panel tasks, if it is placed to the right, and other elements that narrow the given width. I combined these parameters, since they will coincide within the framework of our article.
Window.innerHeight and body.clientHeight - these parameters show the height of the browser's working area, in other words, the entire height in pixels to which your sites are loaded, excluding the height of the horizontal scroll, the height of the tab area, the height of the URL line in the browser and other elements that decrease the given width. I combined these parameters, since they will coincide within the framework of our article.
These parameters are the most dynamic and unpredictable in comparison with other parameters.
Even in fullscreen mode besides outer.Width / Height a bunch of other windows are affected.
For example, in Google Chrome, the setting of the browser appearance settings ("Show bookmarks bar") affects whether the downloaded files bar is displayed in the browser (Example: http://prntscr.com/lzd3r5 ), etc.
Firefox is affected by the settings in the Customize section ( https://support.mozilla.org/en-US/k...e=en-US&redirectslug=Navigation+Toolbar+items ). Specifically, the Toolbars (Menu, Tabs, Title) parameters, the "Density" parameter.
And so in each browser, different settings affect these values.
In windowed mode, in addition to these parameters, the parameters “screenLeft, screenTop, screenX, screenY, outerWidth / Heght) also affect.
In any mode, the devicePixelRatio parameter affects, but more on it below. Again, the best and easiest way to get the values is to use a script.
In the table I will give setting options for different screen resolutions in full screen mode with default browser settings.
https://docs.google.com/spreadsheets/d/12KM12QLMdwdmBKDuxlMuh31WZNMQ6hdlIz_QnipAVg/edit?usp=sharing
window.dexicePixelRatio - this parameter shows the ratio of the physical pixel size to the logical one.
Simply put, as far as our browser types are concerned, it is the page scale parameter. By default, it is 100% and the parameter is "1".
If we increase the scale of the page or decrease it, then this parameter changes.
We increased the page scale by 125%, the parameter changed to "1.25", reduced the page to 90%, the parameter changed to "0.9".
Clarifications: changes to this parameter affect the parameters “Window.innerWidth, body.clientWidth, Window.innerHeight, body.clientHeight) in full screen mode and in windowed mode.

To change the parameter naturally, you need to use the increment or decrement step as in a real browser. Example:
Firefox browser zoom values:
"50%", "60%", "70%", "80%", "90%", "100%", "110%", "120%", "130%" "," 140% ", etc. (10% step)
Chrome browser scale values: "33%", "50%", "67%", "75%", "80%", "90%", "100%", "125%", , "150%", "175%", "200%", "250%", "250%", etc. (Dynamic step).
And so for every browser.
One more subtlety with the values of this parameter. Let's take the Chrome browser:
100% - the value of the parameter "1"; 110% the value of the parameter is not "1.1", but "1.100000023841858"; 125% value of the parameter "1.25". Those. the meaning may not always be exactly the same; in different browsers in different ways
The last subtlety: the size of the working window, decreases or increases NOT EXACTLY by the value of devicePixelRatio. Those. if we increase the scale by 25%, it is not a value that the height of the browser work area will decrease EXACTLY 25%. The percentage values will be different.
window.screenLeft and window.screenX - these parameters show in pixels how much the browser window in windowed mode is shifted to the right from the first pixel.
window.screenTop and window.screenY - these parameters show in pixels how much the browser window in windowed mode is shifted down from the first pixel.
In the screenshot, I clearly showed these parameters. Combined these parameters, since they coincide within the framework of our article.
All these parameters are used in browsers Chrome, Opera, Edge. Mozilla Firefox browsers use only these parameters: ScreenX and ScreenY.
If the browser is in full screen mode and the control panel is at the bottom or on the right, then these parameters are equal to "0".
If you use full screen mode in the browser and the control panel is on the left or on the top, then the values of these parameters are equal to the width or length of the control panel.
If the windowed mode of the browser is used, the parameters will depend on how far they are shifted from the left first pixel of the screen and the top first pixel of the screen.
It is best to use a script to calculate these parameters. These parameters do not directly depend on the Outer.Width / Hegiht, innerWidthHeight parameters, i.e. the rule "Screen Width = screenLeft / screenX + Outer.Width" DOES NOT WORK, since there are no parameters responsible for the right and bottom sides of the screen, and, therefore, the value "outer.Width" with a value of screenLeft / screenX 50 px can be the same as 600 px, 500 px and 900 px - it all depends on how much we "stretch" the browser window in width. This rule also applies to screen height.
window.pageXOffset - this parameter shows how much the page is scrolled to the right (vertically in pixels) using the scroll bar relative to the top left window.
window.pageYOffset - this parameter shows how much the page is scrolled down (horizontally in pixels) using the scroll bar relative to the upper left window.
For a better understanding, see the screenshot.
In full screen mode, the window.pageYOffset parameter is dynamic, because on almost any large popular site, we scroll down the page, rarely when the site completely fits into the working window, the main page of google search does not count.Therefore , this parameter is best simply NOT to change.
In full screen mode, the window.pageXOffset parameter is mostly equal to "0", since sites are adapted to different screen resolutions, and side scrolling is wildly inconvenient. But if we have a windowed browser mode, then it can also be, depending on the site and the size of the browser window.
Therefore, it makes no sense to set constant values for these parameters. As for me, if we really take a substitution, then the only possible meaning is to make it random within the limits of any values.

Setting up plugins in the config
I described in detail about plugins in section 1 of the article. In the new versions of Chrome, Firefox, Opera, Edge, there are only built-in plugins and 1 plugin that can be installed - Adobe Flash Player.
There are two types of Adobe Flash Player: Adobe Flash Player NPAPI - for the Firefox browser. Adobe Flash Player PPAPI - for Opera / Chrome browser.
Now we will take a closer look at how to customize plugins and what variations you can make.
Firefox has two built-in plugins by default "Widevine Content Decryption Module" and "OpenH264 Video Codec provided", but these plugins are not shown when requested.
In Firefox, the only plugin you can add is Flash.
Subtleties: when installing in the Flash system, the default setting is "Ask to Activate"; with this setting, Flash is shown only when the site is requested; the plug-in does not light up in the checkers; if the "Always Activate" parameter is selected, then the physical Flash and the plugin are lit.
Therefore, by installing Flash into the system, we can uniqueize this fingerprint without an antidetect.
With antidetect, we have two options: either we add a Flash plugin or not. If we add, then we have different variations in the form of Flash versions.
This gives us the ability to make different Flash plugins in different configurations, and not add the same one.
Below there will be a link to a table for the type of Firefox browser, what the Flash setting in the plugin looks like, as well as a list of different versions.
As a reminder, in the realm of plugins are configured in "Extended session settings".
https://docs.google.com/spreadsheets/d/1BPCD97WmsiSsHoFDZ3MJjtbbvtqBMgpJfXpF4SGnjc0/edit?u sp = sharing
Google Chrome has 4 plugins by default, some of them can be enabled / disabled; the only plugin that can be added is also Flash.
Plugin parameters are static by default; they don't change. The Flash plugin has the same parameters that change depending on the version of the plugin and depending on the bitness of the system: 32-bit; 64-bit.

Learn more about default plugins:
Chrome PDF Plugin and Chrome PDF Viewer - these plugins are responsible for PDF documents in Chrome and allow, for example, to open PDF directly in Chrome online, without downloading the file to your computer.
These plugins are linked; so you either add both plugins to the config, or neither. You can turn it on / off in a regular browser in Advanced settings -> Content settings -> PDF documents.
Widevine Content Decryption Module - this plugin is responsible for prohibiting copying of audio and video content by the copyright holder.
From version 57 of Chrome, the plugin cannot be disabled. But at the same time, I have repeatedly seen in systems and configs that this plugin did not glow, although the versions of Chrome were one of the most recent.
Native Client - the plugin is responsible for launching some online games and applications. You cannot disable it, so add this plugin 100%.
Here is a table for configuring plugins in the sphere for the type of Google Chrome browser and variations of settings with Flash:
https://docs.google.com/spreadsheets/d/1BPCD97WmsiSsHoFDZ3MJjtbbvtqBMgpJfXpF4SGnjc0/edit?u sp = sharing
In the Opera browser, everything is identical to Chrome, except for some subtleties ...
1) The names of the plugins responsible for PDF are different. Instead of "Chrome PDF Plugin" the value is "Chromium PDF Plugin"; instead of "Chrome PDF Viewer" the value is "Chromium PDF Viewer".
2) There is no Native Client plugin. 3) Plugin "News feed handler". Responsible for feeds, i.e. for receiving content from the site directly into the browser using the RSS protocol. Activated by default. Therefore, we add this plugin.
Here is a table for configuring plugins in the sphere for the browser type Opera and variations with Flash:
https://docs.google.com/spreadsheets/d/1BPCD97WmsiSsHoFDZ3MJjtbbvtqBMgpJfXpF4SGnjc0/e dit? Usp = sharing

Setting the font list
All antidetects on the market allow you to change the font list . The configs of most antidetects contain a list of fonts.
The sphere allows you to conveniently edit the list of fonts in the config or create from scratch by loading font names from a file.
In the system itself, without an antidetect, you can very easily edit the list of fonts. To do this, go to the control panel -> design and personalization -> fonts.
There you can add new fonts after downloading them, delete existing fonts. By performing such manipulations, we change our list.
On each system, due to the installed various programs and other factors, the list of fonts and the number of fonts will be different.
But there are basic fonts for every version of Windows OS.
List of basic fonts and their styles for Windows 7
https://docs.microsoft.com/en-us/typography/fonts/windows_7_font_list
List of basic fonts and their styles for Windows 8
https://docs.microsoft.com/en-us/typography/fonts/windows_8_font_list
List of basic fonts and their styles for Windows 10
https://docs.microsoft.com/en-us / typography / fonts / windows_10_font_list
These base fonts can be used as a starting point for your list. Some clarifications: all links in the font family are clickable.
Inside you can find information about which Windows operating systems and programs use a given font family.
You do not need to specify all font styles in the list, you can only specify the font family.
Check the font families on the site; for example, the "Wingdings" family actually contains 3 fonts.
Here's a great list for building your font list. It lists a large number of fonts and which Windows operating systems and programs use them.
https://docs.microsoft.com/en-us/typography/font-list/
Configuring WebRTC and .MediaDevices.enumerateDevices substitution
.MediaDevices.enumerateDevices - this function allows you to get a list of all devices (audio and video devices of the system, USB cameras, microphones, etc.).
You can get deviceID of device data, device name and device type.
The function in Linken Sphere has settings: "True" - the function is enabled, but the parameters are not changed. "False" - the function is disabled, "Fake" - the function is enabled; parameters are overridden.
In our types of browsers, we only use the "Fake" parameter.

Let's move on to configuring WebRTC. We use spoofing on all types of browsers, which we are discussing with you today. Let's consider some subtleties.
1) Checkbox IPv6. Enable this checkbox if your system is leaking ipv6. You can check it here: https://browserleaks.com/ip (item "IPv6 Address")
2) External (Public) IP in WebRTC. Everything is simple here: the external IP matches the IP of your sock or tunnel.
But when working with logs, I have come across such an unusual approach. Its essence lies in the fact that the external IP is set to the IP of the user's system.
Yes, at the same time, checkers will show that it is wrong, but this approach takes place.
3) Internal (Local) IP in WebRTC. Here, too, everything seems to be simple: there are local IP ranges that can be used.
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
But again there are subtleties. Let me remind you of this table:
https://docs.google.com/spreadsheets/d/1GySRwS_QAmvPSJEDxYcsGnz_7Vu_mtj0nn_RvY4wgl4/edit ? Usp = sharing
So, there is a Default Local IP column. This is the default local IP of the router, by which you can just get into its settings.
Therefore, it is better not to set these IPs when setting up the config.
The next trick is to work with logs and local IP. In the first part, we tried to find out the approximate brand of the router, and ideally its model.
So in some cases, we can assume an approximate local IP address.
In general, where does this local address in WebRTC come from on your system? Most routers have a DHCH server in their settings.
The DHCH server assigns each device that connects to the router a local IP.
Usually, the DHCH parameter settings are approximately the following, depending on the brand and model of the router: Start IP, End IP and the time at which the IP address is issued. Take, for example, that the router has the following settings:
Initial IP: 192.168.0.2
End IP: 192.168.0.100
Time: 1440 min (24 hours)
We connect our laptop to the router, the DHCH server gives it a local IP: 192.168.0.2 on 24 hours;
We connect our mobile phone, the DHCH server gives it a local IP: 192.168.0.3 for 24 hours;
We connect our refrigerator with Wi-Fi to the router, the DHCH server gives it a local IP: 192.168.0.4 for 24 hours, etc.
Let's say 12 hours have passed, the lights were turned off, and the router rebooted; and the refrigerator was the first to connect to our router.
Now the DHCH server gives him a local IP: 192.168.0.2 for 24 hours;
Then the mobile phone connected - the DHCH-server gives it a local IP: 192.168.0.3 for 24 hours;
Then the laptop connected - the DHCHserver gives it a local IP: 192.168.0.4 for 24 hours.
Thus, in this example, you can see that the local IP is a dynamic parameter and can vary within the limits specified in the DHCH server setting in the router.
Knowing the brand of the router and the approximate model, you can look at this IP range, and put the approximate local IP in the log.
Again, in the example above, the owner has a D-Link router; we have defined the start and end IP.
The owner, most likely, has 2-4 more devices in addition to the computer that connect to the router (for example, a phone and a TV).
Therefore, we can safely set the local IP "192.168.0.2" or "192.168.0.3" or "192.168.0.4" or "192.168.0.5".
On the Internet, you can find emulators of most popular routers and see the basic IP range in the settings; in the table, I have also added a start and end IP to some of the models.

Configuring substitutions in the config.
Although this does not apply to setting up a real config, I will go through some of the features.
You can find a bunch of different information about all the prints that the sphere replaces, so I will not describe the same thing 10 times.
As for the use of substitutions: I advise you to use all substitutions in any of our browser types, but with some subtleties.
1) Enable Flash - enables Flash. Turning on flash unnecessarily is not recommended by every antidetect author, as this is an additional variation to get you detected.
As for the use of Flash, they can advise such options, it does not matter whether we create a config for working with a log or a config of any of the browser types:
A) Add Flash to the config plugins, but leave the physical flash (enable flash) disabled. Here we get an interesting situation, for plugins we have it as it is, but there is no physical version.
B) Add Flash to the config plugins and enable physical flash (enable flash). I described the disadvantages of this option above.
One more point, in some antidetects you can configure Flash settings, so if there are such settings, and you decide to use Flash, be sure to remember to configure them (such parameters as OC, language, screen resolution, Flash version and others)
2) Canvas substitution. We enable this substitution, but now I will write options when you can try to disable this substitution in our browser types.
There are only two of them: A) When the created config has the same browser type as the antidetect, i.e. Linken Sphere is written on the basis of Chromium, therefore, if you create a Chrome configuration, then it is allowed to disable spoofing as an option. The second option is slightly worse: when the browser is made in the Chromium shell. In our case, this is the browser type: Opera.
3) Substitution of AudioFingerprint. The substitution by itself must be included. But audio also has parameters ( http://prntscr.com/lyqeto ). Some of them can be changed in the system, so below there will be information for thought: as an option, in addition to the print, they can also be replaced. For example, the first parameter on the screen (ac-sampleRate) is very easy to change: for this you need to change the Default Format (https://prnt.sc/lyqgop ).

Tips, life hacks using the Linken Sphere antidetect and when working with logs.
1. Installing Linken Sphere: Virtual Machine or Base? Should you install on a Virtual Machine or on a Basic Machine?
Also a very popular question. Again, you can find the best option for you.
Linken Sphere on the Main Machine Pros:
1) Convenience of work
2) Does not require large RAM resources, less load on the computer compared to using a virtual machine, for example, on Win 10 x64, especially if the paging file is disabled for security and the PC is not very powerful.
3) If suddenly there is some kind of detection or detection of a virtual machine in the world, which no one knows about yet, then this will undoubtedly be a plus, compared to using an antidetect on a virtual machine. Let me explain in more detail what I had in mind: Almost any antidetect in the world, if it does not replace any parameter, then it is most likely taken from your system, or simply disabled.
4) Security. I do not presume to say 100%, but from the point of view of security, in the chain of anonymity, perhaps this option is worse than using Linken Sphere on a Virtual Machine or a supervisor. Linken Sphere on a Virtual Machine It's the other way around, and the minuses become a plus, and the pluses - minuses. 3 use case: some people use Linken Sphere on a dedicated server, which is also, in its own way, an interesting option, which has some advantages from those two options above. 2. What type of configs is better to use for driving. "Good" options for using configs for different types of OS. Actually, given that this Antidetect is written on the source code of the Chromium engine, it is ideal to use configurations with the Chrome browser and browsers based on the Chromium platform.
If Linken Sphere is on your Windows OS, then "good" configuration options are:
1) Win XP, 7.8, 10 + Chrome
2) Win XP, 7.8, 10 + Opera
3) MAC OS + Chrome 4) Win 10 + Edge (Most recently, Microsoft announced the replacement of the engine with Chromium)
Mobile options:
1) Android + Chrome
2) Windows Phone + IE (Internet Explorer)
3) Iphone, Ipad + Chrome If Linken Sphere is on your OC MAC X, then “ good »config options:
1) MAC OS + Chrome
2) MAC OS + Safari 3) Win + Chrome Mobile options:
1) Iphone, Ipad + Chrome
2) Iphone, Ipad + Safari Of course, you can use any configs on any OS, but these are preferred because the OC and / or platforms are the same.
3. Life hack: Using "Non-standard" configs when driving in. As a good and unusual alternative to those variations that I wrote above, there can be the use of "non-standard" configs.
In my understanding, non-standard configs are those systems that are not common in general and that are rarely used for driving.
For the sphere and some other AD, the criterion may still be that these configs cannot be found in the configshop.
I will give examples of such configs: Xbox One, PlayStation 4, Blackberry, PlayBook, Kindle, etc.
It is, of course, difficult to imagine holders driving from Playstation 4 or PlayBook, but nevertheless, these options take place in some topics and as one of the factors "Non-standard" drive.
How to get these configs for a sphere? There is only one option - to do it yourself. After reading the entire manual, it will be more or less clear to you how to make configs.
The only problem is, where can I get all the data (UserAgent, WebGL, WebRTC, Window.Screen, Window.Navigator, etc.) for these devices? Everything is very simple here) Either look at a real device for all the necessary checkers, or take it from the configs of another antidetect.
4. Using the "Web Emulator" tool The Web Emulator is a tool in Linken Sphere that allows you to automatically visit a list of sites, simulating human behavior.
This tool is useful in that it automates the process of receiving cookies, thereby reducing our time spent on routine work, i.e. you enter a list of sites, turn on the emulator, and wow, we already have a browser of cookies for various sites.

In practice, this tool is very useful because shop antifraud systems may well collect and analyze your cookies. Thus, using this tool correctly, we will be more like an ordinary user.
According to the settings of this tool (Screenshot: https://prnt.sc/jkvy3p ) Check the Disable popups (disable pop-up windows) and Enable alert after complete (Enable alerts after the Web Emulator has finished working).
MaxVisited Page is how many maximum pages on each site will be open. Here everyone decides how much to bet, I would recommend 3-4 to 12-30. Max time on page, min - I would recommend setting from 30 seconds to 2 minutes.
Start delay - this item is responsible for the delay (in minutes) before starting to turn on the emulator itself. It's up to you.
Each site must be specified on a new line and with https: //.
About the list of sites. I would recommend everyone to make their own list of sites to bypass depending on the country of your drive (in my case, this is USA).
In my list, I would have collected about 30-40 such sites, in order to be able to alternate between different sites, and not every time to bypass the same ones.
For example, TOP sites by ALEXA RANK: (https://www.alexa.com/topsites).
There you can select the TOP 500 sites for different countries, find out the average depth of page views, the average duration of users on the site for the last 3 months.
5. Detect Social Media Login http://www.tomanthony.co.uk/tools/detect-social-network-logins/ Here is a typical public example demonstrating that sites can easily see if you are logged into popular social services.
Therefore, in order to be more like a real user's PC, you need to create accounts in popular networks and log into them immediately before your work (well, or buy ready-made accounts).
The most popular services: Facebook, Twitter, Gmail, Youtube, Google+, Instagram, Pinterest, Battle Net, Xbox, PSN, Tumblr, etc. This rule also applies to logs.
We look in the accounts, what popular social services our user has, log in to them (if we do not automatically get it with the help of our cookies) and only then go to the sites we need.
Now let's move on to working with logs.

By all parameters, all logs can be divided according to the degree of importance (in descending order of importance):
1. A log that has a set of standard services complete with BA and cryptocurrency exchanges.
2. Log, which has a set of standard services such as Paypal, Amazon, various shops
3. A log that has a couple of services / not interesting small shops; We do not particularly admire the cookies of this log.
4. Useless log For beginners, first of all, there will be advice not to disdain category 2 and 3 logs, treat them with the same seriousness as logs in the first category in order to gain experience, get your hand, technically learn how to use the log and the chosen a tool for processing it.
On the forums, spent logs of different categories are often distributed; this option is also a good option for starting work with logs.
You can determine the degree of importance by the Logins / Passwords of the log, auto-fill, and sometimes even by the splash screen on the desktop, you can distinguish the log of a nerd student from a good log.
With experience, depending on your skills, financial situation, you yourself will determine once or twice with which log to work painstakingly, with which not very much, and which one should be thrown out and not wasted your time.
Working out logs in Linken Sphere is very convenient because, using different tabs, you can process several logs at the same time, which also saves time.
Log processing can be complex, or processing for one specific request. It often happens that newbies work out logs for only 1 request, for example, on Paypal, and if they can't work out, they get upset and throw out the log.
This is a bad approach to work, because with it you will not get a normal profit and knowledge; if you have a lot of time and little experience, work out the log to the fullest, fill your hand.

Let's move on to interesting tips and life hacks when working with logs.
1. Determine your "attack vector".
Simply put, you need to understand where the holder has money, what means of payment he uses most often.
You can see the popular payment methods of the holder in Amazon, Paypal, Ebay, etc.)
After you have determined where the money is, you need to try to find out how much money is kept with the holder, if possible.
To do this, you need to get into online banking, look at statemans, etc.
2. Operator services such as AT&T, Verizon and others may have the function of blocking a SIM card, losing a phone and other useful things that can complicate the restoration of the holder's access, or even complete loss.
3. Always put messages from unwanted services and shops from which messages may come in the mail of the holder in the spam filters. Redirect the necessary messages through filters to your mail.
4. Check all cloud storages (Google drive, icloud, onedrive, dropbox, etc.) There is a good chance that you will find Photo ID, Drive License, Credit Cards, Wallet Seed, 2FA and other useful information there.
5. Live the life of a holder. After collecting all the information on the holder, read it on Facebook and other social media. networks, look where he is going tomorrow, when he is not at home, when he is in the gym, when he eats, with whom he fucks, this will help to compose a psychological portrait for psychological impact, as well as give the opportunity to choose the best attack time.
For example, you can urgently call the holder to work, send a wreath with threats (Having said that this is from the mafia, the insurance company will return everything, do not rock the boat until we rob you).
It is important to understand the essence of these thoughts, and the imagination in the options for using useful information can be limitless.
6. Leave behind backdoors. Put your secret questions on mails, link up your 2FA, phones, backup mails.
Then, with a high probability, the holder will not be able to quickly and painlessly return his account, and even if he does, he may not notice your backdoor, which you can use again.
7. Passwords. Many holders use the same passwords, therefore, even if the required service is not in the log, you can choose it yourself by brute-force
8. Activity. By letters in the mail, you can determine the most popular and latest by date services that the holder uses.
Of these, choose the ones you need that you know how to work out. These services will be more fraud-loyal, since the holder often uses them, and, therefore, they have more recent cookies compared to other services.

log.rar download
here and see what the logs look like.

And I will tell you how to load logs into a regular browser using the extension

Contacts of log sellers!
one). https://t.me/tonylogs_store
jabber: [email protected]
telegram: @tonylogs

2). Telegram store @Mr_robot_logs_bot
Telegram support @TMviktor

3). Jabber + OTR: raccoon13 [at] jabb.im / raccoon13 [at] exploit.im

4). Telegram: @ Goodwingood6

5). TG - @@RossBellfort
TG support - @RossBellfort_Sup
Jabber - [email protected]

6). http://sqlbazar.shop/

By the way, the pzdts buys out the logs as quickly, especially usa

How to add cookies from the stealer to a regular browser?
The first step is to download Mozilla Firefox version no higher than 53.
Link to Portable Version: https://sourceforge.net/projects/portableapps/files/Mozilla Firefox, Portable Ed./Mozilla Firefox, Portable Edition 53.0 / FirefoxPortable_53.0_English.paf. exe / download

Next, move the extension file to the browser, click install the plugin and click restart.
After restarting the browser, click on F10, this should appear on top

Click on Tools and if the plugin has been successfully installed, we will see the following

Click on Import Cookies ... select the desired .txt file with cookies (unpack the log archive).
After successfully importing cookies. We can see how many cookies were imported and if it was successful.

After that, you can use Mozilla Firefox as the victim's native browser.

Why add cookies in this way?
In fact, you are already sitting in the victim's browser, all services, including mail, banks, and so on, I think that you enter from your native browser and do not check you for confirmation by phone, additional email, and so on.

File: [email protected]
Extension

Hello! I was busy, tomorrow I will write how to choose the right cards to buy, who will work with cards, well, I advise you to start with logs, buy a Dedicated Server and work with logs

Dropped out of the schedule, so excuse me.

This is how the.
CARD ITEMS card looks like:
bin | cc_number | year | month | cvv | fname | lname | address | phone | dob | ssn | email | country | bank | state | city | zip | brand | card_level | card_type
406068 | 4060687038940709 | 2020 | 01 | 216 | Gabby | Romero | 2835 Vía Encinitas | | | | [email protected] | United States | Jpmorgan Chase Bank, Na | | San Jose | 95132 | Visa | Classic | debit

Start with the logs better, they give very well

Contact us by contacts, buy, USA PayPal logs, download according to the instructions above and try to drive something, you can do it on ebay if there is an account there, you can make gift, the main thing is to warm up the shop normally.

Good luck to everyone, I hope you enjoyed this lesson and you can put it into practice!

 

[0101010]

Hello,@Hacker
How is those Seller?
do you ever Deal with them?
are they somewher verified?
did you buy from them anything?

 

[Teacher]

Your first carding
Seems like everything is fucking simple, right?
To drive in clothes for 400-1000 bucks, pull out the pack to you, rejoice. But no, fucking like that. The psychology of some individuals works differently.

Yes, fuck me this stuff, I want iPhones and liquidate to beat!
I mean, things beat? So I will have to save ten years for Lamba!
Yes, that shop that you threw off is not very good, I need Gucci for 2000 thousand green!
Yes, I don't want to be stingy, I don't understand why I have to sell iPhone 12 for 30%? This is a robbery!
And stuff like that.

During training, I say a million times that "guys, do not get involved in liquidity right away, the chance of fucking is great, start small, and then climb into this whole lumpy path."

You start small, then you come to great.

And not the other way around, you start with great and you go fucking out of the topic, because "carding doesn't work."
The higher the difficulty level, the higher the cost, and the more chances of failure. It would seem that everyone understands this, but no.
I think it's all about greed and mentality. And the first question does not arise, everyone understands this native feeling of greed.

As for the mentality, I think that we, ordinary people, always want to grab more, and if there is an opportunity, then we need to realize it. It will work out or not - the dick knows it, but you have to grab it.

Better to start off successfully, and gradually gain momentum.
Each new level is taken gradually, accordingly, you feel your development, and if something happens, it doesn't hurt to fall. The main thing is not to crap from the very beginning.

Remember this and everything will be fine.