![stackscc](https://files2.bender-search.ru/data/avatars/m/8/8006.jpg?1746591188"){kind=avatar}
stackscc
User
- Joined
- 05.05.25
- Messages
- 3
- Reaction score
- 4
Carding Guide: Ulta Beauty (Difficulty 9/10)
One thing I can admit is that I take my hygiene seriously. A decent hygiene routine will get you better luck with the ladies, and I know some of you dirty fuckers need that. Cologne also has a thriving resell market and if youâve read my previous guides you know I love niche items. This is why weâre taking a deep dive into Ulta Beauty (ulta.com).
Ulta isnât the easiest target, but if youâre not a dumbass, youâll have your overpriced colognes shipping to your drop in no time.
Security Analysis
Looking at Ulta on Wappalyzer, we donât uncover much. It doesnât look like they have anything obvious on the surface. But if we use Caido, we can see theyâre in bed with Braintree. If youâve ever tried to hit Braintree, you know theyâre a major pain in the ass.
I also uncovered that Braintree starts spying on us the minute we step foot on the website. This means we have to browse around like "real peopleâ.
In my experience, Braintree also forces 3DS on every transaction over $500 or if your fraud score is ridiculously high.
One good thing I can say is that Ulta thinks Braintree is enough protection to stop us carders (it probably is for some of you), but with the right approach, your orders will slide right through.
Set Up
⢠Good Anti-Detect
⢠Clean Proxies (no data center bullshit)
⢠First-Hand Cards (NON-VBV on orders over $500)
⢠A Fresh Drop
⢠Aged Account (not needed but preferred)
The Heist
Fire up your anti-detect with a proxy in the same city as your cardholder. Look up some shit you want, like your overpriced cologne. Once an Ulta link pops up, click it.
This entry will boost your trust score with Braintree.
Next, browse around for 20â30 minutes. I know some of you dumbasses will try to test your luck, browse for 2 fucking minutes, and brute force your way through. Youâll get a decline every fucking time, I promise.
When youâve got what youâre really after in your cart, head to checkout. If youâre using an aged account (which you should), just continue with checkout as normal. If not, select guest checkout and input the cardholderâs email. Braintree likes to check email age and cross-reference it with other sites. Using the cardholderâs email will boost your trust score.
When inputting cardholder information, make sure not to copy-paste or alt-tab. Braintree will have a fucking aneurysm, and your trust score will be cooked.
Once you place the order, youâll get that sweet âWeâve received your order. Weâre on it!â If thatâs the case, congratulationsâyour order will ship within the next couple of days. Remember to unleash hell with an email spam bot on the cardholderâs email. If you get the âdeclinedâ screen, itâs tricky to pinpoint what caused the decline.
It could be multiple things. The card could be dead or have insufficient funds. Your fraud score might be above 70, in which case theyâll outright decline it. You could also have a burned ass drop. Thereâs no telling the exact reason for the decline, but thatâs just part of carding.
My advice would be to get a new card and set up a new address too, preferably.
Conclusion
Ulta is tricky. They leave you in the dark about a lot of information, but with the right approach and a little bit of luck, youâll have that perfect hygiene routine I was talking about. Hopefully, that helps you with the ladies. Stay safe, my fellow white-collar criminals!
One thing I can admit is that I take my hygiene seriously. A decent hygiene routine will get you better luck with the ladies, and I know some of you dirty fuckers need that. Cologne also has a thriving resell market and if youâve read my previous guides you know I love niche items. This is why weâre taking a deep dive into Ulta Beauty (ulta.com).
Ulta isnât the easiest target, but if youâre not a dumbass, youâll have your overpriced colognes shipping to your drop in no time.
Security Analysis
Looking at Ulta on Wappalyzer, we donât uncover much. It doesnât look like they have anything obvious on the surface. But if we use Caido, we can see theyâre in bed with Braintree. If youâve ever tried to hit Braintree, you know theyâre a major pain in the ass.
I also uncovered that Braintree starts spying on us the minute we step foot on the website. This means we have to browse around like "real peopleâ.
In my experience, Braintree also forces 3DS on every transaction over $500 or if your fraud score is ridiculously high.
One good thing I can say is that Ulta thinks Braintree is enough protection to stop us carders (it probably is for some of you), but with the right approach, your orders will slide right through.
Set Up
⢠Good Anti-Detect
⢠Clean Proxies (no data center bullshit)
⢠First-Hand Cards (NON-VBV on orders over $500)
⢠A Fresh Drop
⢠Aged Account (not needed but preferred)
The Heist
Fire up your anti-detect with a proxy in the same city as your cardholder. Look up some shit you want, like your overpriced cologne. Once an Ulta link pops up, click it.
This entry will boost your trust score with Braintree.
Next, browse around for 20â30 minutes. I know some of you dumbasses will try to test your luck, browse for 2 fucking minutes, and brute force your way through. Youâll get a decline every fucking time, I promise.
When youâve got what youâre really after in your cart, head to checkout. If youâre using an aged account (which you should), just continue with checkout as normal. If not, select guest checkout and input the cardholderâs email. Braintree likes to check email age and cross-reference it with other sites. Using the cardholderâs email will boost your trust score.
When inputting cardholder information, make sure not to copy-paste or alt-tab. Braintree will have a fucking aneurysm, and your trust score will be cooked.
Once you place the order, youâll get that sweet âWeâve received your order. Weâre on it!â If thatâs the case, congratulationsâyour order will ship within the next couple of days. Remember to unleash hell with an email spam bot on the cardholderâs email. If you get the âdeclinedâ screen, itâs tricky to pinpoint what caused the decline.
It could be multiple things. The card could be dead or have insufficient funds. Your fraud score might be above 70, in which case theyâll outright decline it. You could also have a burned ass drop. Thereâs no telling the exact reason for the decline, but thatâs just part of carding.
My advice would be to get a new card and set up a new address too, preferably.
Conclusion
Ulta is tricky. They leave you in the dark about a lot of information, but with the right approach and a little bit of luck, youâll have that perfect hygiene routine I was talking about. Hopefully, that helps you with the ladies. Stay safe, my fellow white-collar criminals!