Cricktor
Legendary
 Offline
Activity: 1232
Merit: 2931
|
 |
March 22, 2025, 08:41:35 AM |
|
As I mentioned in my earlier post, hosting providers can takedown scam domains sometimes. IP Volume is the hosting provider of exch.cash and they replied to me saying that the reseller has been informed to take immediate action.
Taking down the hoster is only a short nuisance for the fraudster. He'll hop to another hoster and point the domain name to the new one. Nothing changes. Used ICANN domain lookup and found out that easyDNS technologies inc is the reseller. Sent an abuse report to them too. Let's see what happens.
The fraudster may have a contract with easyDNS Technologies Inc., it can't hurt to report the fraudster there, too. As Tucows refuses to take responsibility and cut the wire for the malicious actor, I'm going to try to report their inactivity one level higher. Will need to figure out who that might be. Any hints are much appreciated. It's sad that Tucows doesn't want to acknowledge that it's key for the fraudster to have control where the domain name exch[.]cash points to. |
|
|
|
mirtotanota
Copper Member
Member
Offline
Activity: 106
Merit: 80
|
|
March 22, 2025, 08:59:25 AM |
|
i received this message few days ago, and reported in mentioned link too https://i.imgur.com/KM2osPz.jpegand did you get paid for domains that suspended |
|
|
|
Cricktor
Legendary
Offline
Activity: 1232
Merit: 2931
|
|
March 22, 2025, 09:23:22 AM |
|
You're Copper Member and still don't use proper [img]<picture URL>[/img] BBcode tags for inline pictures? And before asking if anyone already has been paid for taken down domain names, you should read the terms after which reporters will share a payout for documented reporting, especially the part that a domain name needs to be suspended for at least one month. |
|
|
|
igebotz
Staff
Legendary
Offline
Activity: 1848
Merit: 2135
World Club Cup Champions 2025! Shameless CFC Fan
|
|
March 22, 2025, 12:43:31 PM |
|
The below quote was their reply, and I hope they’ll take action now. Who are the corresponding provider! This is an attempt to pass responsibilities to non-existed "corresponding provider". They're the provider. and did you get paid for domains that suspended
Read the OP thoroughly. |
|
|
|
|
|
| ..stake.com.. | | | ▄████████████████████████████████████▄
██ ▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄ ██ ▄████▄
██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██ ██████
██ ██████████ ██ ██ ██████████ ██ ▀██▀
██ ██ ██ ██████ ██ ██ ██ ██ ██
██ ██████ ██ █████ ███ ██████ ██ ████▄ ██
██ █████ ███ ████ ████ █████ ███ ████████
██ ████ ████ ██████████ ████ ████ ████▀
██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
██ ▀▀▀▀▀▀▀▀▀▀ ██
▀█████████▀ ▄████████████▄ ▀█████████▀
▄▄▄▄▄▄▄▄▄▄▄▄███ ██ ██ ███▄▄▄▄▄▄▄▄▄▄▄▄
██████████████████████████████████████████ | | | | | | ▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█ ▄▀▄ █▀▀█▀▄▄
█ █▀█ █ ▐ ▐▌
█ ▄██▄ █ ▌ █
█ ▄██████▄ █ ▌ ▐▌
█ ██████████ █ ▐ █
█ ▐██████████▌ █ ▐ ▐▌
█ ▀▀██████▀▀ █ ▌ █
█ ▄▄▄██▄▄▄ █ ▌▐▌
█ █▐ █
█ █▐▐▌
█ █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█ | | | | | | ▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀ ▐█▌ ▀█▄
██ ▐█▌ ██
████▄ ▄█████▄ ▄████
████████▄███████████▄████████
███▀ █████████████ ▀███
██ ███████████ ██
▀█▄ █████████ ▄█▀
▀█▄ ▄██▀▀▀▀▀▀▀██▄ ▄▄▄█▀
▀███████ ███████▀
▀█████▄ ▄█████▀
▀▀▀███▄▄▄███▀▀▀ | | | ..PLAY NOW.. |
[center][table][tr][td][url=https://stake.com/?c=Igebotz][font=Arial black][size=24pt][glow=#0f212e,2][color=transparent][size=8pt].[/size].[size=9pt][sup][size=16pt][color=#fff]Stake.com[/size][/sup][/size].[size=8pt].[/td]
[td][/td][td][/td]
[td][size=2pt][tt] [color=#2d4454]▄████████████████████████████████████▄
[glow=#fff,2]██ [color=#ccc]▄▄▄▄▄▄▄▄▄▄[/color] [color=#ccc]▄▄▄▄▄▄▄▄▄▄[/color] ██[/glow] [color=#ed5564]▄████▄[/color]
[glow=#fff,2]██ [color=#ccc]▀▀▀▀▀▀▀▀▀▀[/color] [color=#0c79ed]██████████[/color] [color=#ccc]▀▀▀▀▀▀▀▀▀▀[/color] ██[/glow] [color=#ed5564]██████[/color]
[glow=#fff,2]██ [color=#0c79ed]██████████ ██ ██ ██████████[/color] ██[/glow] [color=#ed5564]▀██▀[/color]
[glow=#fff,2]██ [color=#0c79ed]██ ██ ██████ ██ ██ ██[/color] ██[/glow] [color=#ccc]██[/color]
[glow=#fff,2]██ [color=#0c79ed]██████ ██ █████ ███ ██████ ██[/color] ██[/glow][color=#ccc]██▄ ██[/color]
[glow=#fff,2]██ [color=#0c79ed]█████ ███ ████ ███ |
|
|
mirtotanota
Copper Member
Member
Offline
Activity: 106
Merit: 80
|
|
March 22, 2025, 12:47:59 PM |
|
Read the OP thoroughly.
Sorry about that original post edited, and I didn't read that again, I just check that |
|
|
|
Cyberczar
Full Member
Offline
Activity: 377
Merit: 100
Crypto and blockchain writing service
|
|
March 22, 2025, 08:42:29 PM |
|
BTC wallet: bc1q0qnlt9w3t8p0vwkm7csz7tdzxmyedhcrar0e0d
|
Crypto and blockchain writing service
|
|
|
NotATether
Legendary
Offline
Activity: 2072
Merit: 8891
Search? Try talksearch.io
|
|
March 22, 2025, 09:10:29 PM |
|
Taking down the hoster is only a short nuisance for the fraudster. He'll hop to another hoster and point the domain name to the new one. Nothing changes.
Unless the scammer has no backups, but any competent scammer would. Tucows is the registrar for Njalla, one of the "privacy-focused" domain name sellers (they are not authorized to register domains themselves), but they chicken out and suspend domains as soon as you report them. I am saying this because Tucows probably makes them do this or else they terminate their contract with them. It seems that Tucows won't do anything unless threatened with legal action. |
|
|
|
Cricktor
Legendary
Offline
Activity: 1232
Merit: 2931
|
|
March 23, 2025, 11:18:13 AM |
|
It seems that Tucows won't do anything unless threatened with legal action.
I'm not sure what the correct instance is to report the ignorance of Tucows as registrar. If it's ICANN or whatever, I'm fine to report to them that Tucows refuses to take action to cut malicious use of the domain name for the fraudster. If many from here report Tucows registrar for their negligence, then that might put enough pressure on them to reconsider their lame stance. |
|
|
|
|
ovcijisir
|
|
March 23, 2025, 11:48:22 AM |
|
It seems that Tucows won't do anything unless threatened with legal action.
I'm not sure what the correct instance is to report the ignorance of Tucows as registrar. If it's ICANN or whatever, I'm fine to report to them that Tucows refuses to take action to cut malicious use of the domain name for the fraudster. If many from here report Tucows registrar for their negligence, then that might put enough pressure on them to reconsider their lame stance. If you send mail to ICANN please share the contact here, I'm also willing to send them mail to highlights that Tucows refuse to take responsibility for their work. |
█████████████████████████
████████▀▀████▀▀█▀▀██████
█████▀████▄▄▄▄██████▀████
███▀███▄████████▄████▀███
██▀███████████████████▀██
█████████████████████████
█████████████████████████
█████████████████████████
██▄███████████████▀▀▄▄███
███▄███▀████████▀███▄████
█████▄████▀▀▀▀████▄██████
████████▄▄████▄▄█████████
█████████████████████████ |
BitList | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
REAL-TIME DATA TRACKING
CURATED BY THE COMMUNITY
.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | |
List #kycfree Websites |
|
|
|
Sekhmet_
Copper Member
Newbie
Offline
Activity: 11
Merit: 23
|
|
March 23, 2025, 12:09:48 PM |
|
It seems that Tucows won't do anything unless threatened with legal action.
I'm not sure what the correct instance is to report the ignorance of Tucows as registrar. If it's ICANN or whatever, I'm fine to report to them that Tucows refuses to take action to cut malicious use of the domain name for the fraudster. If many from here report Tucows registrar for their negligence, then that might put enough pressure on them to reconsider their lame stance. If you send mail to ICANN please share the contact here, I'm also willing to send them mail to highlights that Tucows refuse to take responsibility for their work. Found on https://www.icann.org/compliance/complaint |
|
|
|
Pmalek
Legendary
Offline
Activity: 3234
Merit: 8457
|
|
March 23, 2025, 01:13:21 PM |
|
I'm not sure what the correct instance is to report the ignorance of Tucows as registrar. If it's ICANN or whatever, I'm fine to report to them that Tucows refuses to take action to cut malicious use of the domain name for the fraudster.
If many from here report Tucows registrar for their negligence, then that might put enough pressure on them to reconsider their lame stance. I will report them for not being willing to take action as well but we need to know what the right party to send those reports to are and who is the correct higher authority than Tucows. |
|
|
|
Cricktor
Legendary
Offline
Activity: 1232
Merit: 2931
|
|
March 23, 2025, 01:21:49 PM
Last edit: March 23, 2025, 01:32:21 PM by Cricktor |
|
I checked that Tucows is an ICANN-accredited registrar. I'll have to read through below mentioned agreements first. ICANN has executed certain agreements with registrars and registry operators. ICANN's Contractual Compliance authority is limited to the obligations set forth in these agreements. These agreements are the Registrar Accreditation Agreement, the Registry Agreements and the Consensus Policies. If your issue is outside of this contractual scope or if it involves a party over whom ICANN has no compliance enforcement powers, ICANN will provide you with alternative avenues you may want to pursue. Additional information on how to submit complaints concerning requests for access to non-public registration data can be found here. In a table from above quoted ICANN site it's stated: | Take_mitigation_action(s)_to_stop_or_disrupt_the_use_of_a_domain_name | | Issue | Additional information & Submit Complaint |
|
| A registrar's failure to:
...
- Take mitigation action(s) to stop or disrupt the use of a
domain name for DNS Abuse (malware, botnets, phishing,
pharming, and spam when spam is used to deliver any of
the other four types of DNS Abuse).
| Abuse/DNS Abuse (Registrar) |
|
|
At first glance, it seems to me that this could be the right place to complain about Tucows' refusal to act to mitigate the phishing abuse of the malicious domain exch[.]cash. |
|
|
|
Haunebu
Legendary
Offline
Activity: 3528
Merit: 1003
www.Crypto.Games: Multiple coins, multiple games
|
|
March 23, 2025, 01:30:15 PM |
|
ICANN does put pressure on registrars to fulfill their obligations sometimes, but I feel it's a long shot based on my research. We could all complain to ICANN about Tucows, but I wouldn't expect much.
Instead, I recommend everyone to report properly to Google Safe Browsing and Microsoft Security Intelligence(Done myself) so that all of these domains could get blacklisted as malicious sites which is the next best thing.
|
|
|
|
xOrpian
Member
Offline
Activity: 84
Merit: 13
💫 Milky... Way
|
|
March 23, 2025, 01:32:51 PM |
|
The host 'IP Volume Inc' can be changed by the scammer who's phishing, but the registrar will remain the same 'Tucows', I sent them an email yesterday night and am waiting to hear back from them about it. I think I'll wait a few days to hear from them before I proceed to ICANN since they mentioned they're assisting with the case, but still, the Registrar's inability to suspend the domain does raise some bells. |
...
|
|
|
yamin_galib
Jr. Member
Offline
Activity: 178
Merit: 2
|
|
March 23, 2025, 05:31:28 PM |
|
I am also going to join to fight against phishing links..
Here is my Bitcoin address :- bc1q6yccqrshgad26hkdyq4qsyat2kagqra5wtwnj4
|
|
|
|
|
Haunebu
Legendary
Offline
Activity: 3528
Merit: 1003
www.Crypto.Games: Multiple coins, multiple games
|
|
March 24, 2025, 05:47:10 AM |
|
Exch.live down people. This new addition to the list got taken down pretty quickly. Cloudflare could have possibly have had something to do with this, but I am not sure. Anyway, let's keep applying pressure on the remaining scam domains.
|
|
|
|
apogio
Legendary
Offline
Activity: 896
Merit: 1861
Duelbits.com - Rewarding, beyond limits.
|
|
March 24, 2025, 08:01:02 AM |
|
Exch.live down people. This new addition to the list got taken down pretty quickly. Cloudflare could have possibly have had something to do with this, but I am not sure. Anyway, let's keep applying pressure on the remaining scam domains.
Awesome, it must be the third one that's taken down. |
|
|
|
examplens
Legendary
Offline
Activity: 3752
Merit: 4045
Daily Cashbacks 🐳
|
Tucows points us all to their partner where the exch [.] cash domain is registered, but they can't confirm which partner it is. At the very end of the report from the whois database, there is information that it is easyDNS Technologies Inc I just reported this domain to them, so I invite others to do the same. email address is: abuse@easydns.com https://whois.domaintools.com/exch.cash |
|
|
|
|
katanic97
|
|
March 24, 2025, 12:37:36 PM |
|
Reported
bc1qv6xskpde03lz6crl0ur5d7e9420w4k8usnj6hr
|
▄▄█████████████████▄▄
▄█████████████████████▄
███▀▀█████▀▀░░▀▀███████
███▄░░▀▀░░▄▄██▄░░██████
█████░░░████████░░█████
████▌░▄░░█████▀░░██████
███▌░▐█▌░░▀▀▀▀░░▄██████
███░░▌██░░▄░░▄█████████
███▌░▀▄▀░░█▄░░█████████
████▄░░░▄███▄░░▀▀█▀▀███
██████████████▄▄░░░▄███
▀█████████████████████▀
▀▀█████████████████▀▀ | Rainbet.com
CRYPTO CASINO & SPORTSBOOK | | | █▄█▄█▄███████▄█▄█▄█
███████████████████
███████████████████
███████████████████
█████▀█▀▀▄▄▄▀██████
█████▀▄▀████░██████
█████░██░█▀▄███████
████▄▀▀▄▄▀███████
█████████▄▀▄███
█████████████████
███████████████████
███████████████████
███████████████████ | | | |
▄█████████▄
█████████ ██
▄▄█░▄░▄█▄░▄░█▄▄
▀██░▐█████▌░██▀
▄█▄░▀▀▀▀▀░▄█▄
▀▀▀█▄▄░▄▄█▀▀▀
▀█▀░▀█▀
| 10K
WEEKLY
RACE | | 100K
MONTHLY
RACE | | |
██
█████
| ███████▄█
██████████▄
████████████▄▄
████▄███████████▄
██████████████████▄
░▄█████████████████▄
▄███████████████████▄
█████████████████▀████
██████████▀███████████
▀█████████████████████
░████████████████████▀
░░▀█████████████████▀
████▀▀██████████▀▀ |
████████ ██████████████ |
|
|
|
Basels
Newbie
Offline
Activity: 19
Merit: 0
|
|
March 24, 2025, 03:12:10 PM |
|
wallet: bc1qutflramv4sjd7p8enhputfrqa2j9u5dsy8l6h9
|
|
|
|
|
|
