Acceptable Use Policy

Last updated: April 28, 2026

This policy lists what you cannot do with a subdomain registered through this service. Violating it is grounds for immediate suspension of the subdomain and termination of your account, with no refund (since the service is free) and no notice. We are the sole judge of what counts as a violation.

Not allowed, no exceptions

• Phishing: pages designed to capture credentials, payment details, or personal information by impersonating any other entity.
• Malware distribution: hosting, linking to, or commanding-and-controlling malware, viruses, ransomware, stalkerware, info-stealers, or unwanted software of any kind.
• Botnet C2: command-and-control infrastructure for any kind of compromised devices.
• CSAM: any sexual content involving minors. Reported to NCMEC and law enforcement immediately.
• Sexual content involving real people without consent: revenge content, deepfakes, or impersonation of real persons in sexual contexts.
• Doxxing or harassment: pages dedicated to harassing, threatening, or revealing the personal information of identifiable people.
• Trademark or brand impersonation: pretending to be a brand, company, government, or service you are not affiliated with.
• Credential stuffing or scraping infrastructure: hosting endpoints, proxies, or relays designed to attack other systems.
• Spam infrastructure: bulk-email senders, link cloakers for spam, comment-spam relays, SEO link farms, or scaled spam-content publishing.
• Illegal pharmacy, weapons, or controlled-substance markets.
• Infringing content: pirated software, movies, music, or other copyrighted material; counterfeit goods.
• Sanctioned-party content: content from or for entities under US OFAC, UK, EU, or UN sanctions.
• Anything illegal in the United States, the United Kingdom, or your own jurisdiction.

Things we restrict

• NSFW / adult content: not allowed. The parent domains are general-purpose and we don't want them on adult-blocklists.
• Cryptocurrency projects: legitimate ones are fine, but the category attracts scams and impersonation. Wallet-drainers, fake airdrops, fake exchanges, fake mints, and similar will be removed without warning.
• Free email forwarding to suspicious destinations: we may block MX records that point to known spam/phishing infrastructure.
• URL shorteners or open redirects: only allowed if you implement abuse handling for them.
• Disposable / throwaway email address services: not allowed.

Reserved subdomains

Common operational and brand-impersonation names are reserved and cannot be claimed. This list is non-exhaustive and may be updated at any time.

Phishing-target keyword filter

We block subdomain claims that contain names of commonly impersonated brands, banks, payment providers, and platforms. This is automated, non-negotiable, and intentionally over-inclusive. If you have a genuine business need for such a name, contact us first.

What happens when we receive a report

1. If the abuse is clear (CSAM, active phishing kit, active malware payload), we suspend immediately and investigate after.
2. For ambiguous reports we contact the account owner with a summary of the report and ask for a response, usually within 48 hours.
3. We respond to law-enforcement requests through the contact details on the WHOIS record of the parent domain. We require properly served legal process for non-public account information except in emergencies involving imminent risk to life.

Reporting abuse

Use the abuse report form or email [email protected]. Include the full subdomain (FQDN), what's wrong with it, and supporting evidence (screenshots, URLs, log lines). We acknowledge reports within 72 hours.

DMCA

For copyright complaints, send a notice that complies with 17 U.S.C. § 512 to [email protected]. Counter-notices follow the same statute. We honor valid takedowns and may terminate repeat infringers.