Thanks to all those who made the necessary reports to achieve quick results, these two domains (.cc and .center) are now suspended. The rewards will be distributed accordingly after 1 month of suspension as stipulated in the rules in the first post. We will contact you by email in due time.
Domain: exch.cc
Registered On: 2024-12-30
Expires On: 2025-12-30
Updated On: 2025-03-18
Status:
client delete prohibited
client hold
client renew prohibited
client transfer prohibited
client update prohibited
Domain: exch.center
Registered On: 2025-02-02
Expires On: 2026-02-02
Updated On: 2025-03-17
Status:
client delete prohibited
client hold
client renew prohibited
client transfer prohibited
client update prohibited
About Tucows answers:
Thank you for your feedback. These are excuse emails because they seem to tolerate phishing, which is contrary to what they state on their website.
As registrars, it is their responsibility to act and do what is necessary to suspend the domain.
It is not right to redirect you to the hoster, that is not the goal. You can answer them that they are required to act, moreover they say it themselves on their website:
You can reply to them and remind them of their responsibilities (they must take actions and suspend domains that violate the registrar's ToS), do not hesitate to include the link mentioned above as well as this one: https://tucowsdomains.com/report-abuse/#phishing
Domain: exch.cc
Registered On: 2024-12-30
Expires On: 2025-12-30
Updated On: 2025-03-18
Status:
client delete prohibited
client hold
client renew prohibited
client transfer prohibited
client update prohibited
Domain: exch.center
Registered On: 2025-02-02
Expires On: 2026-02-02
Updated On: 2025-03-17
Status:
client delete prohibited
client hold
client renew prohibited
client transfer prohibited
client update prohibited
About Tucows answers:
Five domains are still active and no real reply from abuse@namecheap.com, support@nic.cd, complains@nic.cy or domains@nic.cy whatsoever.
However, I got this response from tucows, and looks like they can't remove it, since they are not that position to do so.
After investigation we have found that Tucows only provides the registration for this domain.
We are not the webhost, internet service provider, or administrator for the reported domain. Given that we are not the webhost for the reported domain, the allegedly infringing material identified in your notification does not reside on Tucows servers. Accordingly, we do not have the technical ability to remove or disable specific items of objectionable content.
Again, due to the limited technical sphere in which Tucows operates, we do not believe that we are the correct party to contact regarding this matter. In this instance, we suggest that you contact the party operating the website or the party hosting the website to have this matter properly resolved. A "ping" of the website you indicated often reveals the IP address of the party which probably hosts this website. A "ping" of the website you indicated often reveals the IP address of the party which probably hosts this website. You may then use https://hostingchecker.com, https://search.arin.net/ or another similar tool to identify this party.
....snip
However they redirects users to the phishing sites. Maybe we can modify our reports a little, explain the support that these blogging sites are being used as a channel for fake exchanges. And that they should immediately remove them to avoid any loses.
However, I got this response from tucows, and looks like they can't remove it, since they are not that position to do so.
Quote
After investigation we have found that Tucows only provides the registration for this domain.
We are not the webhost, internet service provider, or administrator for the reported domain. Given that we are not the webhost for the reported domain, the allegedly infringing material identified in your notification does not reside on Tucows servers. Accordingly, we do not have the technical ability to remove or disable specific items of objectionable content.
Again, due to the limited technical sphere in which Tucows operates, we do not believe that we are the correct party to contact regarding this matter. In this instance, we suggest that you contact the party operating the website or the party hosting the website to have this matter properly resolved. A "ping" of the website you indicated often reveals the IP address of the party which probably hosts this website. A "ping" of the website you indicated often reveals the IP address of the party which probably hosts this website. You may then use https://hostingchecker.com, https://search.arin.net/ or another similar tool to identify this party.
....snip
It’s still up. However, I didn’t report this domain along with the other one (monero[.]forex) because they don’t have the same look as exch to be considered as phishing, unless specific URLs is provided to be reported. Both sites appear more like blogs when accessed directly, so I didn’t report them at all.
However they redirects users to the phishing sites. Maybe we can modify our reports a little, explain the support that these blogging sites are being used as a channel for fake exchanges. And that they should immediately remove them to avoid any loses.
I guess I already reported some before, it was posted in eXch ANN thread. I will join this one again.
BTC address: bc1qwe09lhuvlpamhqqp7sfv9qtww68lyuydfp0ddn
Response I received from reporting exch[.]cash:
BTC address: bc1qwe09lhuvlpamhqqp7sfv9qtww68lyuydfp0ddn
Response I received from reporting exch[.]cash:
Quote
Hello;
After investigation we have found that Tucows only provides the registration for this domain.
We are not the webhost, internet service provider, or administrator for the reported domain. Given that we are not the webhost for the reported domain, the allegedly infringing material identified in your notification does not reside on Tucows servers. Accordingly, we do not have the technical ability to remove or disable specific items of objectionable content.
Again, due to the limited technical sphere in which Tucows operates, we do not believe that we are the correct party to contact regarding this matter. In this instance, we suggest that you contact the party operating the website or the party hosting the website to have this matter properly resolved. A "ping" of the website you indicated often reveals the IP address of the party which probably hosts this website. A "ping" of the website you indicated often reveals the IP address of the party which probably hosts this website. You may then use https://hostingchecker.com, https://search.arin.net/ or another similar tool to identify this party.
As per the implementation of GDPR, we are mandated to remain compliant with data privacy regulations. Therefore, we are no longer displaying whois information publicly and/or forwarding to the listed registrant. You can read more via the following link opensrs.com/the-gdpr/
However, you may contact the owner via the following link
https://tucowsdomains.com/whois-search/ under registrant email
or via the corresponding registry's whois tool
If this is an issue of trademark, then you may want to review the documentation on how to lodge a formal dispute through the UDRP (www.icann.org/udrp) or a court of competent jurisdiction.
Essentially, we are an administrative body and do not judge or adjudicate issues of dispute.
If the domain does go to arbitration, please send any legal documentation (court filed or filed with an ICANN recognized arbitrator) by email to disputes@opensrs.org, fax 416-531-2516 attn: Disputes or by post to Tucows, Inc, 96 Mowat Ave, Toronto, Ontario, Canada M6K 3M1.
If you would like to find out the whois data, please send a separate email to tieredaccess@tucows.com to find out the process for obtaining whois data
Thank you again for your report, and please do not hesitate to contact us should you have any further questions.
Regards
* Compliance Officer * Tucows Inc/Ascio/Epag/Enom
https://www.tucowsdomains.com/compliance-form/
https://tucowsdomains.com/report-abuse/
After investigation we have found that Tucows only provides the registration for this domain.
We are not the webhost, internet service provider, or administrator for the reported domain. Given that we are not the webhost for the reported domain, the allegedly infringing material identified in your notification does not reside on Tucows servers. Accordingly, we do not have the technical ability to remove or disable specific items of objectionable content.
Again, due to the limited technical sphere in which Tucows operates, we do not believe that we are the correct party to contact regarding this matter. In this instance, we suggest that you contact the party operating the website or the party hosting the website to have this matter properly resolved. A "ping" of the website you indicated often reveals the IP address of the party which probably hosts this website. A "ping" of the website you indicated often reveals the IP address of the party which probably hosts this website. You may then use https://hostingchecker.com, https://search.arin.net/ or another similar tool to identify this party.
As per the implementation of GDPR, we are mandated to remain compliant with data privacy regulations. Therefore, we are no longer displaying whois information publicly and/or forwarding to the listed registrant. You can read more via the following link opensrs.com/the-gdpr/
However, you may contact the owner via the following link
https://tucowsdomains.com/whois-search/ under registrant email
or via the corresponding registry's whois tool
If this is an issue of trademark, then you may want to review the documentation on how to lodge a formal dispute through the UDRP (www.icann.org/udrp) or a court of competent jurisdiction.
Essentially, we are an administrative body and do not judge or adjudicate issues of dispute.
If the domain does go to arbitration, please send any legal documentation (court filed or filed with an ICANN recognized arbitrator) by email to disputes@opensrs.org, fax 416-531-2516 attn: Disputes or by post to Tucows, Inc, 96 Mowat Ave, Toronto, Ontario, Canada M6K 3M1.
If you would like to find out the whois data, please send a separate email to tieredaccess@tucows.com to find out the process for obtaining whois data
Thank you again for your report, and please do not hesitate to contact us should you have any further questions.
Regards
* Compliance Officer * Tucows Inc/Ascio/Epag/Enom
https://www.tucowsdomains.com/compliance-form/
https://tucowsdomains.com/report-abuse/
Quote
A request (5471228) has been created. To add additional comments, reply to this email.
exch.cash is impersonating and phishing the official website https://exch.cx/
exch.cash is impersonating and phishing the official website https://exch.cx/
Thank you for your feedback. These are excuse emails because they seem to tolerate phishing, which is contrary to what they state on their website.
As registrars, it is their responsibility to act and do what is necessary to suspend the domain.
It is not right to redirect you to the hoster, that is not the goal. You can answer them that they are required to act, moreover they say it themselves on their website:
Quote
'In our corner of the world, there is rampant DNS Abuse (DNS Abuse refers to five broad categories of harmful activity: malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS Abuse)) and, as advocates for a better Internet, we believe there is a fundamental need for the industry to come together to create a unified approach to handle it. Right now, some registrars, registries, and hosting providers take action on illegal activity, but others do not, and they become a breeding ground for it.'
Source: https://tucowsdomains.com/making-the-internet-better/You can reply to them and remind them of their responsibilities (they must take actions and suspend domains that violate the registrar's ToS), do not hesitate to include the link mentioned above as well as this one: https://tucowsdomains.com/report-abuse/#phishing