Carding 👑 d0c's Carding Setup for 2025 👑

[max0011]

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

Tks

 

[pattyosborne1]

gg

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

 

[uhjahamez]

Tyyy

 

[jr809]

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

 

[stream.consuming]

So much wisdom in this one post!

 

[fuckthedea]

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

marry me d0c

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

 

[Breesh]

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

thanks

 

[mylove55]

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

Thank you so much

 

[menis921]

Thank you once again keep up the good work

 

[ginko7]

Thanks

 

[Black1k]

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

Yo

 

[chainz]

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

d0ctrine is really something else

 

[negsousa]

Good work

 

[LakkGreen]

thanks bro your guides pushing forward more and more

 

[shh8]

View attachment 51543
Configuración de cardado de d0c para 2025

---

Muchos de ustedes, los recién llegados, siguen inundando mi bandeja de entrada con las mismas preguntas de siempre: "d0ctrine, ¿cuál es tu configuración? ¿Qué proveedor de proxy usas? ¿Qué anti-detector usas?" ¿Saben qué? Estoy harto de esto. Así que dije "al diablo" y escribí esta guía. Esta es la mierda que uso personalmente y por qué la uso. Con suerte, esto engordará sus billeteras mientras atraviesan los tiempos difíciles de la tarjeta de crédito en el próximo 2025.

View attachment 51544​

Comprender la configuración

Si has estado prestando atención a mis guías, sabrás que soy un gran defensor del iPhone como dispositivo de tarjetas . He hablado extensamente sobre por qué es una tontería aquí:

El iPhone: la herramienta definitiva para el cardador

Por lo tanto, no debería sorprender que el 60 % de todo mi cardado se realice con un iPhone . Pero decirte que simplemente compres un iPhone sería una gran decepción, ¿verdad? Entonces, para el 40 % restante, donde uso mi computadora portátil, esta guía desglosará mi configuración. La mayoría de las herramientas y servicios aquí son multiplataforma, lo que significa que puedes usarlos en cualquier sistema operativo, pero para obtener los mejores resultados y la mayor tasa de éxito, recomiendo ceñirte a los dispositivos Apple . Te brindan baja entropía ya que la mayoría de los dispositivos tienen el mismo aspecto, por lo que tienes un gran margen de error al cardar.

---

Proveedor de proxy

Cambio de proveedor de proxy como un comerciante paranoico cambia de teléfono de prepago. Hay muchas razones para hacerlo, pero durante mucho tiempo he estado usando SmartProxy .

ENLACE A SMARTPROXY

¿Por qué? Porque cumple con cuatro de mis criterios imprescindibles:

• Gran grupo de servidores proxy: cuanto mayor sea el grupo, mejor. Este grupo se comparte entre todos los usuarios, por lo que un grupo más grande implica menos posibilidades de encontrarse con algún otro idiota que use la misma IP y genere sospechas .
• Rápido y confiable: otros proveedores de proxy me han fallado en mitad de una sesión de tarjeta y me han obligado a cambiar de IP, lo que básicamente ha puesto una enorme bandera roja en la transacción. SmartProxy ha sido sólido y me ha mantenido en el juego sin esos problemas.
• Códigos postales: Seamos realistas, los códigos postales son el pan de cada día de cualquier operación de identificación exitosa. ¿El hecho de que SmartProxy te permita enfocarte en códigos postales específicos? Eso es un gran cambio.
• Alto porcentaje de direcciones IP únicas: no se trata solo de tener el mayor grupo de direcciones IP. PIA , por ejemplo, tiene un grupo enorme, pero a menudo terminas con la misma dirección IP varias veces. SmartProxy tiene un porcentaje sólido de direcciones IP únicas, que es lo que necesitas para pasar desapercibido.
• Bloquea un montón de sitios financieros: esto es oro puro. Si lees mi guía sobre cómo obtener las direcciones IP más limpias posibles, sabrás que para obtener los servidores proxy más limpios necesitas proveedores que bloqueen los sitios financieros y bancarios. Luego, puedes evitar ese bloqueo. SmartProxy es un campeón en esto, ya que bloquea todo, desde Shopify hasta Stripe y sitios bancarios.

IP únicas

View attachment 51545

Bien, dejemos de lado la tontería de marketing de la "IP única". Proxyway hizo un buen experimento para exponer la verdad sobre los grupos de servidores proxy residenciales. No se limitaron a tomar las afirmaciones exageradas de estos proveedores al pie de la letra. Los pusieron a prueba martillándolos con cientos de miles de solicitudes y haciendo referencias cruzadas de las IP con MaxMind e IP2Location .

Querían descubrir cuántas IP únicas entregaba realmente cada proveedor, cuántas estaban en diferentes subredes de nivel C (importante para evitar que te bloqueen) y si eran direcciones residenciales legítimas.

PROXY INTELIGENTE
View attachment 51546

Smartproxy salió en la cima con un 57% de direcciones IP únicas y un 37% en subredes únicas de clase C. Afirman tener 10 millones de direcciones IP y estos números sugieren que no están completamente llenos de mierda. Oxylabs quedó en un cercano segundo lugar, pero ¿el resto? Jodidamente vergonzoso. Luminati, el supuesto rey de la colina, solo logró un patético 15% de direcciones IP únicas . RSocks y PacketStream tuvieron un desempeño aún peor. NetNut tuvo una cantidad decente de direcciones IP únicas, pero casi todas estaban en la misma subred. La mayoría de los demás jodidos proxy solo revenden desde estos grupos más grandes, por lo que son más o menos la misma mierda.

OXILABOS
View attachment 51547

NETNUTA
View attachment 51548

¿En resumen? La mayoría de estos proveedores inflan sus números . Probablemente estén contando las direcciones IP durante semanas o meses, no las que están disponibles en un momento determinado. Smartproxy parece ser el menos engañoso, pero siempre pregunte a estos proveedores cómo calculan el tamaño de su pool antes de que les entregue su dinero ganado con tanto esfuerzo.

---

Script de Smartproxy

Mira, yo me dedico a la eficiencia. Nadie tiene tiempo para configurar manualmente los servidores proxy cada vez. Así que, para hacerme la vida más fácil, preparé un pequeño script que ejecuto en mi terminal. Simplemente introduzco el código postal que quiero y listo, obtengo una nueva IP.

View attachment 51552

Generalmente Smartproxy utiliza este formato:

[código]usuario-${nombre de usuario}-sesión-${sesión}-duración de la sesión-60-país-código postal de EE. UU.-${código postal}:${contraseña}@gate.smartproxy.com:7000[/código]

Pero soy un genio, así que creé un script que automatiza esto. Aquí está el código:

Script de bash (Mac/Linux)

View attachment 51551

[código]#!/bin/bash

# Su nombre de usuario y contraseña de Smartproxy
nombre_usuario='SU_NOMBRE_USUARIO'
contraseña='TU_CONTRASEÑA'

# Verificar si se proporciona el argumento del código postal
si [ $# -ne 1 ]; entonces
echo 'Error: proporcione un código postal como argumento'
echo 'Uso: $0 <código postal>'
salida 1
en fin

# Almacenar el código postal desde el argumento de la línea de comandos
código postal=$1

# Generar un número de sesión aleatorio de 8 dígitos
sesión=$(printf '%08d' $(($RANDOM % 100000000)))

# Generar cadena de proxy
proxy_str='usuario-${nombre de usuario}-sesión-${sesión}-duración de la sesión-60-país-código postal de EE. UU.-${código postal}:${contraseña}@gate.smartproxy.com:7000'

# Probar el proxy
echo '=== Información de IP del proxy ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
eco
echo '=== Configuración de proxy ==='
eco '${proxy_str}'[/código]

Cómo usarlo (Mac):

1. Guarde este script como `prox.sh` en algún lugar de su Mac.
2. Abra la Terminal y navegue hasta donde guardó el script.
3. Hazlo ejecutable: `chmod +x prox.sh`
4. Ejecútalo: `bash prox.sh 90210` (reemplaza 90210 con el ZIP que desees).

Para la pandilla de Windows:

Puedes usar PowerShell para un script similar:
***Texto oculto: no se puede citar.***

Cómo usarlo (Windows):

1. Guarde esto como `prox.ps1`.
2. Abra PowerShell como administrador.
3. Navega hasta la ubicación de los scripts.
4. Ejecútalo: `.\prox.ps1 10001` (reemplaza 10001 con tu ZIP).

Importante: No olvides reemplazar `'YOUR_USERNAME'` y `'YOUR_PASSWORD'` con tus credenciales reales de Smartproxy en ambos scripts. Asegúrate también de tener `curl` instalado en tu Mac y de que PowerShell tenga los permisos necesarios para realizar solicitudes web.

---

Antidetectores

He probado más navegadores antidetección de los que quisiera contar, pero solo dos han demostrado su eficacia: GoLogin y Linken Sphere . No te preocupes, pronto haré un análisis detallado de todos los navegadores antidetección que he probado, pero por ahora, centrémonos en lo que realmente funciona, especialmente si estás utilizando una configuración Mac .

ENLACE A LINKEN SPHERE

Actualmente, utilizo exclusivamente Linken Sphere . ¿Por qué? Es muy sencillo: es el único que funciona bien con las configuraciones DNS personalizadas, algo que es absolutamente necesario cuando se trabaja con los sitios bloqueados de SmartProxy . Su opción de identificación híbrida mantiene mi entropía estable y me permite integrarme a la gente común sin levantar sospechas.

View attachment 51554

Otra característica destacada de Linken Sphere es el calentamiento de perfiles . Antes de acceder a los sitios de destino, especialmente los que tienen registros, puedes generar confianza automatizando los patrones de navegación normales (búsquedas de productos, listas de deseos, lectura de reseñas). Cambia los sitios que visitas y deja que los perfiles se envejezcan durante unos días. Los perfiles nuevos son una señal de fraude, pero los que tienen un historial de navegación establecido se mezclan perfectamente con el tráfico legítimo.

View attachment 51553

Los resultados hablan por sí solos: mi tasa de éxito ha sido sólida y apuesto a que esta configuración solo se volverá más efectiva a medida que avancemos en 2025. Cuando se trata de sistemas antifraude sofisticados , tener un antidetección confiable no solo es bueno, es jodidamente esencial.

---

Otras herramientas

Por supuesto, mi sistema de cardado no estaría completo sin estos malos chicos.

Análisis del sitio:

• Caido : tu mejor amigo para analizar sitios web. Cuando necesitas entender cómo funciona un sitio y cómo funciona su seguridad.
• Burp Suite : el campeón de peso pesado de las pruebas web. Esta bestia hace de todo: intercepta, reconoce y todo lo que se le ocurra.

Comprobaciones de huellas dactilares:

• demo.fingerprint.com : simple pero eficaz. Te muestra exactamente lo que ven los sitios cuando los visitas.
• Creepjs : analiza en profundidad la huella digital de tu navegador. Te sorprenderá la cantidad de datos que revelas.
• fv.pro : un sólido verificador de huellas dactilares que desglosa su firma digital pieza por pieza.
• browserleaks : el paquete completo para ver qué información filtra tu navegador. Créeme, es más de lo que crees.

Comprobaciones de IP:

• IPQS (IPQualityScore) : tu primera línea de defensa. Si tu IP está quemada, IPQS te lo dirá antes de que pierdas tu tiempo probando cartas.
• Scamalytics : una copia de seguridad decente para la comprobación de IP. No llega al nivel de IPQS, pero vale la pena tenerla en tu kit de herramientas.

Consejo profesional: conecte su clave API de IPQS a Linken Sphere . Vigilará su reputación de IP automáticamente, lo que le ahorrará muchos dolores de cabeza y verificaciones manuales.

VPN

Utilizo ProtonVPN junto con todo lo demás. No tanto por cuestiones de seguridad operacional, sino por cómo gestiona las fugas de DNS . Solo tienes que hacer coincidir la ubicación de tu VPN con el país de tu proxy. De esa manera, incluso si algo se filtra, todo el tráfico parece provenir del mismo lugar. Limpio y consistente.

Ejemplo de una fuga de DNS expuesta si no hace coincidir la VPN del país con su proxy:

---

Conclusión

Esa es mi configuración personal de tarjetas para 2025: navegadores y servidores proxy antidetección y las herramientas para integrarse y realizar sus transacciones. Con el aumento de la detección de fraudes mediante inteligencia artificial , los comerciantes están mejorando su desempeño, pero eso significa mayores puntajes para aquellos que se adapten.

Esta configuración es solo un punto de partida. Encontrarás tu propio ritmo, tal vez con un navegador diferente o una nueva herramienta. Este juego se basa en una evolución constante. Por lo tanto, espero que lo actualice a medida que cambie mi propia configuración de vez en cuando.

Como siempre: manténgase a la vanguardia. La autocomplacencia lo llevará a la ruina . Mantenga sus herramientas afiladas, mantenga su seguridad operacional estricta y nunca deje de aprender. Cada error es una lección, cada golpe es una experiencia.

El mundo digital es una maldita jungla, pero con la preparación adecuada y una buena dosis de paranoia, puedes desenvolverte en él. En 2025, los mayores premios los obtendrán quienes se adapten.

Mantente peligroso, sé inteligente y que tus cartas salgan limpias. Aquí va un 2025 rentable, malditos degenerados. Doctrina fuera.

thanks

 

[ledezma2003]

Thanks

 

[skatpat420]

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

thanks doc

 

[gheeked]

yeah t

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

this is clean im going to see where this goes

 

[GokhanWinchester]

Ty

 

[looterin]

View attachment 51543
d0c's Carding Setup for 2025

---

A lot of you newcomers keep blowing up my inbox asking the same old shit: 'd0ctrine whats your setup? What proxy provider do you use? What anti-detect do you use?' You know what? Im sick of it. So I said 'Fuck it' and wrote this guide. This is the shit I personally use and why I use it. Hopefully this will fatten your wallets as you navigate the tough times of carding this coming 2025.

View attachment 51544​

Understanding the Setup

If youve been paying any attention to my guides you know Im a huge fucking proponent of the iPhone as a carding device. Ive talked about why its the tits extensively on here:

The iPhone: A Carder's Ultimate Tool

So it should be no surprise that 60% of all my carding is done with an iPhone. But telling you to just buy an iPhone would be a massive letdown right? So for the remaining 40% where I use my laptop this guide will break down my setup. Most of the tools and services here are cross-platform meaning you can use them on any OS but to get the best results and highest success rate I recommend sticking with Apple devices. They give you low entropy since most devices look the same so you get a large margin of error when carding.

---

Proxy Provider

I switch up proxy providers like a paranoid dealer changes burner phones. There are plenty of reasons to do this but for the longest damn time Ive been riding with SmartProxy.

LINK TO SMARTPROXY

Why? Because it hits four of my must-have criteria:

• Large Pool of Proxies: The bigger the pool the better. This pool is shared among all users so a larger pool means less chance of running into some other jackass using the same IP raising red flags.
• Fast and Reliable: Ive had other proxy providers shit the bed mid-carding session forcing me to switch IPs and basically waving a giant red flag at the transaction. SmartProxy has been solid keeping me in the game without those fuck-ups.
• ZIP Targeting: Lets be real ZIP codes are the bread and butter of any successful carding operation. The fact that SmartProxy lets you laser-focus on specific ZIPs? Thats a fucking game-changer.
• High Percentage of Unique IPs: Its not just about having the biggest pool. PIA for example has a huge pool but you often end up with the same damn IP multiple times. SmartProxy has a solid percentage of unique IPs which is what you need to stay under the radar.
• Blocks a Shitload of Financial Sites: This is pure fucking gold. If you read my guide on Strategic Carding: Getting the Cleanest Possible IPs youd know that to get the cleanest proxies you need providers that block financial and banking sites. Then you work around that block. SmartProxy is a fucking champ at this blocking everything from Shopify to Stripe to banking sites.

Unique IPs

View attachment 51545

Alright lets cut through the 'unique IP' marketing crap. Proxyway did a nice experiment to expose the truth about residential proxy pools. They didnt just take these providers inflated claims at face value. They put them to the test hammering them with hundreds of thousands of requests and cross-referencing the IPs with MaxMind and IP2Location.

They wanted to find out how many unique IPs each provider actually delivered how many were on different C-level subnets (important to avoid getting your ass blocked) and whether they were legit residential addresses.

SMARTPROXY
View attachment 51546

Smartproxy came out on top boasting 57% unique IPs with 37% on unique C-class subnetworks. They claim 10 million IPs and these numbers suggest theyre not entirely full of shit. Oxylabs was a close second but the rest? Fucking embarrassing. Luminati the supposed king of the hill only managed a pathetic 15% unique IPs. RSocks and PacketStream fared even worse. NetNut had a decent number of unique IPs but almost all were on the same subnet. Most other proxy fuckers just resell from these larger pools, so they are more or less the same shit.

OXYLABS
View attachment 51547

NETNUT
View attachment 51548

The bottom line? Most of these providers are inflating their numbers. Theyre probably counting IPs over weeks or months not whats available at any given moment. Smartproxy seems to be the least deceptive but always grill these providers on how they calculate their pool size before you hand over your hard-earned cash.

---

Smartproxy Script

Look Im all about efficiency. Aint nobody got time to manually configure proxies every damn time. So to make my life easier I whipped up a little script that I run in my terminal. I just punch in the ZIP code I want and boom I get a fresh IP.

View attachment 51552

Usually Smartproxy uses this format:

user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000

But Im a genius so I made a script that automates this. Heres the code:

Bash Script (Mac/Linux)

View attachment 51551

#!/bin/bash

# Your Smartproxy username and password
username='YOUR_USERNAME'
password='YOUR_PASSWORD'

# Check if ZIP code argument is provided
if [ $# -ne 1 ]; then
  echo 'Error: Please provide a ZIP code as argument'
  echo 'Usage: $0 <zipcode>'
  exit 1
fi

# Store ZIP code from command line argument
zipcode=$1

# Generate random 8-digit session number
session=$(printf '%08d' $(($RANDOM % 100000000)))

# Generate proxy string
proxy_str='user-${username}-session-${session}-sessionduration-60-country-us-zip-${zipcode}:${password}@gate.smartproxy.com:7000'

# Test the proxy
echo '=== Proxy IP Information ==='
curl -s --proxy 'https://${proxy_str}' ip-api.com/json | jq .
echo
echo '=== Proxy Configuration ==='
echo '${proxy_str}'

How to Use It (Mac):

1. Save this script as `prox.sh` somewhere on your Mac.
2. Open Terminal and navigate to where you saved the script.
3. Make it executable: `chmod +x prox.sh`
4. Run it: `bash prox.sh 90210` (replace 90210 with your desired ZIP).

For the Windows Gang:

You can use PowerShell for a similar script:
*** Hidden text: cannot be quoted. ***

How to Use It (Windows):

1. Save this as `prox.ps1`.
2. Open PowerShell as an administrator.
3. Navigate to the scripts location.
4. Run it: `.\prox.ps1 10001` (replace 10001 with your ZIP).

Important: Dont forget to replace `'YOUR_USERNAME'` and `'YOUR_PASSWORD'` with your actual Smartproxy credentials in both scripts. Also make sure you have `curl` installed on your Mac and that PowerShell has the necessary permissions to make web requests.

---

Antidetects

Ive burned through more antidetect browsers than I care to count but only two have proven their worth: GoLogin and Linken Sphere. Dont worry Ill drop a detailed analysis of every antidetect browser Ive tested soon but for now lets focus on what actually works especially if youre running a Mac setup.

LINK TO LINKEN SPHERE

These days I exclusively roll with Linken Sphere. Why? Simple - its the only one that consistently plays nice with custom DNS settings which you absolutely need when dealing with SmartProxy's blocked sites. Their hybrid fingerprinting option keeps my entropy stable and lets me blend in with the normies without raising any red flags.

View attachment 51554

Another killer feature in Linken Sphere is profile warming. Before hitting your target sites especially with logs you can build trust by automating normal browsing patterns - product searches wishlist adds review reading. Mix up the sites you visit and let profiles age for a few days. Fresh profiles scream fraud but ones with established browsing history blend right in with legitimate traffic.

View attachment 51553

The results speak for themselves - my success rate has been solid and Im betting this setup will only get more effective as we push through 2025. When youre dealing with sophisticated antifraud systems having a reliable antidetect isnt just nice to have - its fucking essential.

---

Other Tools

Of course my carding setup wouldnt be complete without these bad boys.

Site Analysis:

• Caido: Your best friend for picking apart websites. When you need to understand how a site works and how its security operates.
• Burp Suite: The heavyweight champion of web testing. This beast does everything - intercepting and reconaissance you name it.

Fingerprint Checks:

• demo.fingerprint.com: Simple but effective. Shows you exactly what sites see when you visit them.
• creepjs: Gets into the nitty-gritty of your browser fingerprint. Youll be shocked at how much data youre giving away.
• fv.pro: Solid fingerprint checker that breaks down your digital signature piece by piece.
• browserleaks: The full package for seeing what info your browser spills. Trust me its more than you think.

IP Checks:

• IPQS (IPQualityScore): Your first line of defense. If your IP is burned IPQS will tell you before you waste your time trying cards.
• Scamalytics: Decent backup for IP checking. Not quite IPQS level but still worth having in your toolkit.

Pro tip: Hook your IPQS API key up to Linken Sphere. Itll watch your IP reputation automatically - saves you a ton of headache and manual checks.

VPN

I run ProtonVPN alongside everything else. Not really for OPSEC but for how it handles DNS leaks. Just match your VPN location to your proxys country. That way even if something leaks all the traffic looks like its coming from the same place. Clean and consistent.

Sample of an exposed DNS leak if you don't match the country VPN with your proxy:

---

Conclusion

Thats my personal carding setup for 2025 - anti-detect browsers and proxies and the tools to blend in and get your transactions through. With AI fraud detection on the rise merchants are stepping up their game but that means bigger scores for those who adapt.

This setup is just a starting point. Youll find your own rhythm maybe a different browser or a new tool. This game is about constant evolution. As such expect that I will update this as I change my own setup from time to time.

As always: stay ahead of the curve. Complacency gets you busted. Keep your tools sharp your OPSEC tight and never stop learning. Every fuck up is a lesson every hit is experience.

The digital world is a fucking jungle but with the right knowledge preparation and a healthy dose of paranoia you can navigate it. In 2025 the biggest scores go to those who adapt.

Stay dangerous stay smart and may your cards hit clean. Heres to a profitable 2025 you degenerate fucks. d0ctrine out.

brother, please how do you work around smartproxy??