Our domains v6.rocks, v6.army, v6.navy are not delegated any more and our registrar EuroDNS sent us a refund via Paypal. We don’t know what’s going on and opened a case at EuroDNS. As soon as we have news for you we’ll let you know.
Response from EuroDNS:
Please know that your account has been suspended due to the illegal use of your domain names. You will find here below several notifications regarding phishing pages associated to your domain names.
Should you wish to recover access to your domain name and account, we will need several documents proving your identity, your company along with written statement indicating that you were victim of some kind of fraud yourself and that action has been taken to prevent any further illegal use of our services.
Our reply:
this can happen if someone registers subdomains at my DynDNS service and use it for bad things. I have scripts that parse abuse messages to suspend user accounts automatically and I also do manual checks.
Take this document as a statement that my company was a victim of abuse. You can also read in my post: V6.rocks, v6.army, v6.navy suspended
I haven’t received any abuse message concering v6.rocks, v6.army, v6.navy. What happened to them? Please forward all messages and enable me to suspend the related user accounts.
Altough I’m doing a lot of effort to prevent illegal usage of my service I can not guarantee this to not happen again.
Maybe that’s another subject but v6.rocks is actually PH blacklisted on http://www.surbl.org/surbl-analysis
Interesting, I was blocked sending links to my server using my previous DDNS provider in facebook messenger, but that domain isn’t listed on the surbl link above, whilst the reverse is true for my v6.rocks domain.
Message from EuroDNS:
Please know that the numerous notifications we have received, and provided to you, send by two different security companies, pertain to v6.rocks AND v6.army.
Moreover, we received several notifications for two out of your three domain names in a recent EuroDNS account and verified that the URL was indeed redirecting to a phishing page.
In such conditions, and as you will understand, the suspension of our services is immediate and duly allowed by our Terms and Conditions you have agreed to be bound with.The fact that you were not able to find traces of this blatant illegal use of our services only indicates that the problem might not have been solved on your side.
As a result, we will need to receive a statement from you indicating what steps have been taken to prevent any further illegal use of our services.However, as you are stating that the content is currently removed, we have allowed access to your account and domain names.
Finally, you will be invoiced an administrative fee as stated in our Terms and Conditions and you will have to make payment for the refunded amount. The concerned invoice is available in your account under the billing/quote menu.
Please note that failure to make the payment, or to provide us with the requested statement within 48 hours will trigger a new suspension of our services.
Additionally, any further illegal use of our services will trigger a definitive suspension of your account and domain names.We thank you for your comprehension.
My reply:
I haven’t received any notifications from you before you suspended my account. To which address did you forward them? Did you receive any bounce messages?
It’s hard to find traces if I don’t receive notifications in time. I don’t do any data retention because I need to comply with the european GDPR. If a user deletes his/her account, it’s simply deleted with all related datasets.
I can’t take more steps to prevent illegal usage because it’s simply impossible to check the content of every single subdomains created by any of my > 50.000 users. Do you manually check the content of every domain registered via EuroDNS? I don’t think so. Please suggest feasible steps to me.
By the way: Do you think it’s clever to redirect all my customers domains to your server 80.92.65.215 ?
If you’re looking for domains to use with the service, is there any reason you couldn’t take out a few freenom domains and point their nameservers towards the dynv6 ones? Don’t remember seeing anything that goes against their ToS, and that way, it would be free
Response from EuroDNS:
The notifications were send in our previous emails as already explained.
There were no emails prior to the suspension as it was a blatant illegal use of our services.
You will find the applicable article of our Terms and Conditions for your information:https://www.eurodns.com/general-terms
15.1. In case the Customer fails to fulfil any of their obligations thereof and in particular those set forth by article 4 hereof, or in case of blatant breach of the terms of article 10 and/or any applicable legal or regulatory provisions, EuroDNS shall be entitled to suspend the whole Customer Account without prior notice and thus prevent the Customer from benefiting from the Services without the Customer being entitled to any compensation. Such suspension may result in the disconnection of the Services from the Internet.Moreover, we can not provide you with guidance regarding what action you need to take to prevent any further illegal use of our services. It is up to you to make sure your use of our services abide to our Terms and Conditions.
Finally, we would like to remind you that failing to provide us with a statement that such illegal use of our service swill not happen again and failing to settle your payment before Friday the 13th 2PM Luxembourgish time, your account will be suspended again as indicated in our previous email.
We thank you for your comprehension on this matter.
We need to find a new registrar.
How about inwx?
I have been thinking of buying a domain from them recently.
I already tried to transfer these domains to inwx. I got the error message invalid domain
- probably because they are very short. I’m awaiting their reply.
There are two inwx tld sites I’m aware of.
inwxdotcom
inwxdotch
Try the latter one.
Hmm, it says invalid on both.
this is sad. they are probably doing that with other customers as well.
After the payment via Paypal failed, I just paid the registration fee of 115,20 € via SEPA. I hope to be able to transfer the domains tomorrow.
Today the legal department wrote me:
The restriction has been removed following receipt of your payment
I was able to remove the transfer lock. EuroDNS wants me to wait UP TO 5 DAYS to receive the transfer code. No Joke!
EuroDNS received notification on 26/11/2020 that you have requested a
transfer to another domain name registrar.If you would like to cancel this transfer, you may do so before 30/11/2020.
To cancel this transfer you just need to click here
https://my.eurodns.com/registrarTransferOut/refuseTransfer/***
, then follow the instructions.You will receive within 5 calendar days a separate email detailing the
procedure for obtaining your transfer code.We sincerely welcome the opportunity to remain as your registrar. Please
don’t hesitate to let us know if there is anything we can do to change your
mind.However, if you would like to continue with this transfer, no further
action is needed at this time.
After I had sent a message to the legal department I’ve received the required auth codes and started the transfers.
Maybe moving to https://njal.la/ would be a good idea.
At least sci-hub.se is registered there…
root@bananapi:~# whois sci-hub.se
# Copyright (c) 1997- The Swedish Internet Foundation.
# All rights reserved.
# The information obtained through searches, or otherwise, is protected
# by the Swedish Copyright Act (1960:729) and international conventions.
# It is also subject to database protection according to the Swedish
# Copyright Act.
# Any use of this material to target advertising or
# similar activities is forbidden and will be prosecuted.
# If any of the information below is transferred to a third
# party, it must be done in its entirety. This server must
# not be used as a backend for a search engine.
# Result of search for registered domain names under
# the .se top level domain.
# This whois printout is printed with UTF-8 encoding.
#
state: active
domain: sci-hub.se
holder: zxxdfc1902-84764
admin-c: qxdkda1902-24463
tech-c: emhkkb1902-95127
billing-c: mpeyuw1902-42708
created: 2017-11-27
modified: 2020-10-05
expires: 2021-11-27
transferred: 2019-02-26
nserver: 1-you.njalla.no
nserver: 2-can.njalla.in
nserver: 3-get.njalla.fo
dnssec: unsigned delegation
registry-lock: unlocked
status: ok
registrar: Frobbit AB
We’re currently moving to inwx.de. They classified us as a reseller and they will forward abuse messages to us instead of suspending our domains.
v6.rocks, v6.army and v6.navy has just been transferred to INWX. It takes up to 24 hours to propagate our nameservers around the world.
Hello, does this also affect dns.navy? The domain is also not working at the moment.