Tucows[edit | edit source]
Tucows is a registrar in Canada. The President and Chief Executive Officer is Elliot Noss.(Picture)
Description of the Registrar[edit | edit source]
We offer Internet services to thousands of business partners and millions of end users around the world, including:
- The first and best wholesale platform for selling and integrating domain names. (OpenSRS)
- The simplest way for businesses and individuals to manage their domain names. (Hover)
- A mobile phone service that makes shockingly good sense for US families and businesses (Ting)
- 1 Tucows
- 2 Description of the Registrar
- 3 Anti-Fraud Position
- 4 Registrar responsiveness
- 5 Examples of domains used for fraud
- 6 Common IP addresses
- 7 Where to send abuse complaints
- 8 Additional Contact Information
- 9 Related information
- 10 Sources for this article
Anti-Fraud Position[edit | edit source]
To submit a report of illegal activity related to a domain name or abuse, please contact firstname.lastname@example.org. You can also reach us by telephone at +1.416.535.0123. Tucows reviews and responds to all reports received. Reports are tracked and logged through a hosted ticketing system managed by Tucows. We will subsequently take action if deemed appropriate.
Our Compliance Team will respond to all requests, but please note that we have no control over website content on Tucows domains. This would fall to the hosting provider. Often the Domain Provider is also the hosting provider, so they are a good first point of contact for content-related issues. You can also attempt to contact the domain owner directly. You can try to find this information through a Whois lookup.
Actual Behavior[edit | edit source]
Tucows is slow to respond to requests for suspension of domains used for illegal activity. This is in contrast to other domain name service providers, many of whom have a one-three day response to reports.
Registrar responsiveness[edit source]
Piechart showing the crime sponsoring contribution by each registrar.
The comparison between this registrar and others can be seen on the graphs.
It shows how many domains have not been suspended by various registrars over the past year. The higher the column, the more domains are sponsored by the registrar.
Currently the most abused registrar is Russia's R01.ru. This registrar sponsors the vast majority (often over 60%) of the fraud domains used within the Eva Pharmacy group.
The second most abused registrar is Russia's REG.RU REG.RU at over 25%
The next most abused registrar is GKG GKG at 4%.
The next most abused registrar is The Netherlands' Hosting Concepts aka OpenProvider at 3%.
Outside of Russia, most registrars have been quick to terminate the service contracts with these cyber-criminals upon seeing the obvious evidence of fraud.
Examples of domains used for fraud[edit | edit source]
See the list at Tucows_list
Common IP addresses[edit source]
A quick way to verify these sites is to examine the hosting addresses. Note that * items have been removed. Many compromised hosts used for this operation during September 2020 - May 2021 were located at these IPs.
|- - - - - - - - - - -||- - - - - - - - - - -||- - - - - - - - - - -||- - - - - - - - - - -||- - - - - - - - - -|
Where to contact the compromised hosting ISP:
Abuse contact for '18.104.22.168 - 22.214.171.124' is 'email@example.com' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'firstname.lastname@example.org' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'email@example.com' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'firstname.lastname@example.org' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'email@example.com' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'firstname.lastname@example.org' (Removed) Abuse contact for '18.104.22.168 - 22.214.171.124' is 'email@example.com' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'firstname.lastname@example.org' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'email@example.com' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'firstname.lastname@example.org' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'email@example.com' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'firstname.lastname@example.org' (Removed) Abuse contact for '18.104.22.168 - 22.214.171.124' is 'email@example.com' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'firstname.lastname@example.org' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'email@example.com' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'firstname.lastname@example.org' (Removed) Abuse contact for '126.96.36.199 - 188.8.131.52' is 'email@example.com' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'firstname.lastname@example.org' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'email@example.com' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'firstname.lastname@example.org' 'email@example.com' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'firstname.lastname@example.org' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'email@example.com' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'firstname.lastname@example.org' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'email@example.com' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'firstname.lastname@example.org' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'email@example.com' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'firstname.lastname@example.org' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'email@example.com' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'firstname.lastname@example.org' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'email@example.com' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'firstname.lastname@example.org' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'email@example.com' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'firstname.lastname@example.org' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'email@example.com' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'firstname.lastname@example.org' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'email@example.com' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'firstname.lastname@example.org' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'email@example.com' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'firstname.lastname@example.org' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'email@example.com' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'firstname.lastname@example.org' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'email@example.com' Abuse contact for '18.104.22.168 - 22.214.171.124' is 'firstname.lastname@example.org' Abuse contact for '126.96.36.199 - 188.8.131.52' is 'email@example.com' Abuse contact for '184.108.40.206 - 220.127.116.11' is 'firstname.lastname@example.org' Abuse contact for '18.104.22.168/26' is 'email@example.com' Abuse contact for '22.214.171.124 - 126.96.36.199' is 'firstname.lastname@example.org' Abuse contact for '188.8.131.52 - 184.108.40.206' is 'email@example.com' Abuse contact for '220.127.116.11 - 18.104.22.168' is 'firstname.lastname@example.org' Abuse contact for '22.214.171.124 - 126.96.36.199' is 'email@example.com' Abuse contact for '188.8.131.52 - 184.108.40.206' is 'firstname.lastname@example.org' Abuse contact for '220.127.116.11 - 18.104.22.168' is 'email@example.com'
Where to send abuse complaints[edit | edit source]
"To submit a report of illegal activity related to a domain name or abuse, please contact firstname.lastname@example.org. You can also reach us by telephone at +1.416.535.0123."
Web site http://tucows.com
Additional Contact Information[edit | edit source]
General email: (nowiki>email@example.com</nowiki>
Postal address[edit | edit source]
Tucows Inc. Toronto Headquarters 96 Mowat Avenue Toronto, ON M6K 3M1 Canada
Telephone and FAX[edit | edit source]
Main telephone: 416-535-0123 Main fax: 416-531-5584 Toll-free North America: 1-800-371-6992 Toll-free international: +800-371-69922
Related information[edit | edit source]
Pharmacy fraud operations
- Men Health
- OEM Software
Advance Fee fraud operations
Affiliate program coordinator employing spammers