Tutorial How to get a .es domain for free?

iKaros

Restricted
Joined
Oct 4, 2017
Messages
91
Points
34
Age
29
Location
Spain
Hi all!
I have been inactive for a long time in R4P3 and would like to return.
The .es domain costs about $ 10 approximately, but I have a trick to get it for FREE.



Steps:
  1. We open this links: https://generadordni.es/#dni / https://generadordni.es/#iban to generate an identity card and a false IBAN account.
  2. We are going to go to this link where we will obtain the domain: https://www.ionos.es/
  3. We write the domain we want.
  4. We create an account (do not give real information but be credible).
  5. Select payment as IBAN.
  6. Enjoy your domain, If you did everything right, it will activate in a few minutes / hours.

* Warning: This is an illegal method, do not give any personal data if you do not want to have problems. You can create the domains you want by creating different accounts (1 domain = 1 account).
 

Asphyxia

Server Monkey
Administrator
Joined
Apr 25, 2015
Messages
1,212
Points
252
Age
26
Location
North America
@iKaros very awesome tutorial - thank you for providing this information to our community! Keep up the awesome work ;)

Only slight issue is I am guessing this just tricks the system into using a fake IBAN (International Bank Account Number) payment. Eventually the domain/account may be shutdown for lack of payment.

Have you used this for more than a couple months to test the method?
 

iKaros

Restricted
Joined
Oct 4, 2017
Messages
91
Points
34
Age
29
Location
Spain
@iKaros very awesome tutorial - thank you for providing this information to our community! Keep up the awesome work ;)

Only slight issue is I am guessing this just tricks the system into using a fake IBAN (International Bank Account Number) payment. Eventually the domain/account may be shutdown for lack of payment.

Have you used this for more than a couple months to test the method?
Good day!
I am running +50 domains since +7 months with out problems. Idk if tomorrow it will cancel, but if you haven't money its a good option to try.
 

plenet

New Member
Joined
Dec 17, 2017
Messages
1
Points
19
Age
21
guys wtf fucking domain costs 10-90$ for 1year no problem or you so poor ?
 

Asphyxia

Server Monkey
Administrator
Joined
Apr 25, 2015
Messages
1,212
Points
252
Age
26
Location
North America
guys wtf fucking domain costs 10-90$ for 1year no problem or you so poor ?
Actually some people are poor. Maybe your mom bought you cupcakes for your birthday growing up. Some people have no family and no money. He has exposed a security flaw that gains a free domain.

Also your placement of the $ bothers the $h1,000,000T out of me lol ;) and welcome to the community. We are welcoming of poor and rich people.
 

iKaros

Restricted
Joined
Oct 4, 2017
Messages
91
Points
34
Age
29
Location
Spain
guys wtf fucking domain costs 10-90$ for 1year no problem or you so poor ?
'Manolito has 500 € / week because he is a poorly raised child, as Manolito has money, he does not aspire to look for it and waste it.
Juan does not have enough to pay the internet because he lives in Venezuela, Juan wants to try to earn money to buy a game.
'

The problem here is not that it costs more money or not, is that I give a solution so you do not have to spend anything. It does not matter if you have money left over or not.
 

0x03D4D5

Member
Joined
Oct 13, 2015
Messages
19
Points
35
Location
Munich, Germany
You better not do this. In Germany it's called "Lastschriftbetrug" which basically means you're cheating your way through systems by paying with fake IBAN.
Back then you could've bought something off of strato.de, nitrado.net and deposit hundreds of euros on your sim card which then you can use to pay for stuff such as steam games (back then the gateways was called "ZONG", they removed it in 2013 or so).
Just saying to be aware of what you're doing.

About buying domains with that, they are going to remove it from your account sooner or later. This is what happened on namecheap and uniteddomains (where I had over 220 domains running). It took them around 4 months to ban me. Good thing was I was connected via VPN, otherwise I would've gotten in big trouble.
 

iKaros

Restricted
Joined
Oct 4, 2017
Messages
91
Points
34
Age
29
Location
Spain
You better not do this. In Germany it's called "Lastschriftbetrug" which basically means you're cheating your way through systems by paying with fake IBAN.
Back then you could've bought something off of strato.de, nitrado.net and deposit hundreds of euros on your sim card which then you can use to pay for stuff such as steam games (back then the gateways was called "ZONG", they removed it in 2013 or so).
Just saying to be aware of what you're doing.

About buying domains with that, they are going to remove it from your account sooner or later. This is what happened on namecheap and uniteddomains (where I had over 220 domains running). It took them around 4 months to ban me. Good thing was I was connected via VPN, otherwise I would've gotten in big trouble.
If they like report you to the police, one "VPN" don't protect you...
I am using a good security, i am not use chrome or opera for example i recommend Tor.
I am using one vps windows with this browser.
I use proxys etc.
 

0x03D4D5

Member
Joined
Oct 13, 2015
Messages
19
Points
35
Location
Munich, Germany
If they like report you to the police, one "VPN" don't protect you...
I am using a good security, i am not use chrome or opera for example i recommend Tor.
I am using one vps windows with this browser.
I use proxys etc.
Explain your statement.
 

0x03D4D5

Member
Joined
Oct 13, 2015
Messages
19
Points
35
Location
Munich, Germany
If they like report you to the police, one "VPN" don't protect you...
I am using a good security, i am not use chrome or opera for example i recommend Tor.
I am using one vps windows with this browser.
I use proxys etc.
Alright, lemme break down everything you've listed there ..

~ "i recommend tor"
"good security" is not provided by using TOR. Especially not since last years the machine learning "correlation attack" has become a big thing.
read this: https://blog.torproject.org/traffic-correlation-using-netflows
and this: https://arxiv.org/abs/1808.07285

~ "vps, windows"
Which your host logs activity and bandwidth pretty much 24/7 cuz the host doesn't advertise their servers as "use it for w/e, we do not log your ip!" (correct me if I'm wrong, if so tho, lemme know what host it is. I think most of us would like to know where you get a VPS whom host doesn't care what's happening on their network)

~ "proxy"
Do I seriously have to say something about proxies? Public (PUB) proxies as well as Web (WEB) proxies are usually accessible by anyone who has its IP, Port and if needed, Creds for it.
Private proxies are still used by other than just you which makes you by far not "invisible". Proxies advertise as high quality (HQ) are just another marketing strategy for newbies to pay for their services.

Sidenote:
By being connected to all the services you wrote, I strongly assume your latency and packet loss must be over 10% on every request which makes it worst than using a VPN that provides technically no logs. (usually saying their hardware doesn't even allow them to create logs in any way ~ generally speaking about the VPN Nodes you connect to. Not the backend itself where they may log when you've been connected to a single node and for how long you've been connected to)

Let's assume you got this system running:
You -- Proxy -- VPS -- TOR -- Website -- TOR -- VPS -- Proxy -- You

1. You are connected to your VPS via proxy - others know that you are connected to the IP of your VPS.
2. The VPS connects via TOR to the website - with the method I mentioned above, it shouldn't take long to actually track and it back from where the request came from.
3. Now, since we know from where the TOR node gets accessed, we now know the IP address of your VPS.
4. We then "kindly" ask for the activity and bandwidth logs by messaging your host. The host gives us the IP (If not even your real IP address if you've been logged in your UCP of your host without using a VPN or proxy) of the proxy
5. Read step 1.


Conclusion is, you may say your "good security" is actually a good security for those who like to stay behind 3+ vulnerable walls of ip addresses.
But it is..
a) by far the one that costs the most. (say its just the vps and "hq" proxies in some private l33t groups you have to pay for, and the time you spent setting everything up)
b) by far the one you have to make sure every single node you're connected to is stable and is somewhat "userfriendly" (doesn't make sense to spend 10 hours of maintaining it when you could've made at least $50 by just going to work)
c) the worst when it comes to latency

All people need know that use false ID it's ilegal, it isn't necessary explain this on the post
Before you've edited your post, you wrote "If they like report you to the police, one "VPN" don't protect you... ". This is why I wanted you to explain why it wouldn't be enough.
 
Last edited:

iKaros

Restricted
Joined
Oct 4, 2017
Messages
91
Points
34
Age
29
Location
Spain
Alright, lemme break down everything you've listed there ..

~ "i recommend tor"
"good security" is not provided by using TOR. Especially not since last years the machine learning "correlation attack" has become a big thing.
read this: https://blog.torproject.org/traffic-correlation-using-netflows
and this: https://arxiv.org/abs/1808.07285

~ "vps, windows"
Which your host logs activity and bandwidth pretty much 24/7 cuz the host doesn't advertise their servers as "use it for w/e, we do not log your ip!" (correct me if I'm wrong, if so tho, lemme know what host it is. I think most of us would like to know where you get a VPS whom host doesn't care what's happening on their network)

~ "proxy"
Do I seriously have to say something about proxies? Public (PUB) proxies as well as Web (WEB) proxies are usually accessible by anyone who has its IP, Port and if needed, Creds for it.
Private proxies are still used by other than just you which makes you by far not "invisible". Proxies advertise as high quality (HQ) are just another marketing strategy for newbies to pay for their services.

Sidenote:
By being connected to all the services you wrote, I strongly assume your latency and packet loss must be over 10% on every request which makes it worst than using a VPN that provides technically no logs. (usually saying their hardware doesn't even allow them to create logs in any way ~ generally speaking about the VPN Nodes you connect to. Not the backend itself where they may log when you've been connected to a single node and for how long you've been connected to)

Let's assume you got this system running:
You -- Proxy -- VPS -- TOR -- Website -- TOR -- VPS -- Proxy -- You

1. You are connected to your VPS via proxy - others know that you are connected to the IP of your VPS.
2. The VPS connects via TOR to the website - with the method I mentioned above, it shouldn't take long to actually track and it back from where the request came from.
3. Now, since we know from where the TOR node gets accessed, we now know the IP address of your VPS.
4. We then "kindly" ask for the activity and bandwidth logs by messaging your host. The host gives us the IP (If not even your real IP address if you've been logged in your UCP of your host without using a VPN or proxy) of the proxy
5. Read step 1.


Conclusion is, you may say your "good security" is actually a good security for those who like to stay behind 3+ vulnerable walls of ip addresses.
But it is..
a) by far the one that costs the most. (say its just the vps and "hq" proxies in some private l33t groups you have to pay for, and the time you spent setting everything up)
b) by far the one you have to make sure every single node you're connected to is stable and is somewhat "userfriendly" (doesn't make sense to spend 10 hours of maintaining it when you could've made at least $50 by just going to work)
c) the worst when it comes to latency


Before you've edited your post, you wrote "If they like report you to the police, one "VPN" don't protect you... ". This is why I wanted you to explain why it wouldn't be enough.
Mister anonymous, all VPN companys must give your info if the police need it.
 

0x03D4D5

Member
Joined
Oct 13, 2015
Messages
19
Points
35
Location
Munich, Germany
Mister anonymous, all VPN companys must give your info if the police need it.
You didn't read what I wrote ..
using a VPN that provides technically no logs. (usually saying their hardware doesn't even allow them to create logs in any way ~ generally speaking about the VPN Nodes you connect to. Not the backend itself where they may log when you've been connected to a single node and for how long you've been connected to)
And about your "police" stuff .. just an example @nordvpn:
NordVPN is based away from the EU and US jurisdictions
That’s why we don’t have the legal obligation to collect your personal data. If someone asks for it, the best we can do is shrug our shoulders. And we like it that way.
read here: https://nordvpn.com/features/strict-no-logs-policy/
 

rosebud

New Member
Joined
May 31, 2019
Messages
1
Points
3
Age
26
OPs comments are so hard to read. So this is a bad idea, yeah? or could it work for an .xx domain?
 

Top