Maximillian Laumeister
Illustration of Miku the bird-fox shouting through a megaphone while flying in the sky

How I Removed My Profile Pic from Sydex.net and Alumnius.net People Search

privacy tech

Using internet backbone records, I traced Sydex and Alumnius to a Dutch web host involved in Russia-USA election interference.

Sydex.net Screenshot

Note about Sydex.com: Sydex.com is a tech company in Oregon. They are unrelated to the subject of this article (Sydex.net). Unless you need data recovered from floppy diskettes/tapes, they cannot help you. Please stop bugging them!

Section Navigation

Introduction

A couple months ago, I decided it was time to change up the profile pic that I use on GitHub, Twitter and LinkedIn. The old picture was a self-portrait that I hastily took in 2013, and while it served its purpose well, it depicts me much younger than I am now. Plus the composition is a little janky, so it looks kind of derpy.

So I replaced my portrait everywhere on the internet. Since there were many copies out there, I made a game of it. I changed my profile pic on Google, LinkedIn, GitHub, Keybase, Twitter, Crunchbase, Codepen, GitLab, Ko-Fi, everywhere. I deleted accounts. I deleted old Reddit posts. I finally sniped all the indexed copies out there, and asked google to remove the broken links from its search results.

Sydex.net Example Profile
Example Sydex.net profile, using a randomly generated person.

Except one.

Sydex.net and Alumnius.net, two “people search” sites running on the same infrastructure, had crawled my headshot from LinkedIn and rehosted it without my permission, and their image was ranking in Google for my name.

The business model of Sydex.net and Alumnius.net is quite simple. They scrape data from public sources such as LinkedIn, and rehost it on their own website. Then they charge you a fee if you want to remove it. Redditor RandomComputerFellow explains it well:

From a legal perspective this service is 100% illegal and they know this. Their business model is to expose people and then charging 20 bucks from them so they delete this information.

The problem is that they are based in Cyprus and there is no way to proceed against them because authorities down there are corrupt as fuck and will not do anything.

If you look at Alumnius.net, you can see what RandomComputerFellow was referring to: a “Rapid Removal” page where they ask for payment in exchange for the removal of your profile.

This is the removal page for sydex.net:

Sydex.net Rapid Removal

And the removal page for alumnius.net, a bit more explicit about the payment part:

Alumnius.net Rapid Removal

As you can see, they are almost identical.

Motivated by the desire to expose a shady company (and not willing to cough up $20 to opt out even if it were moral), I decided I would (1) learn as much about Sydex/Alumnius as possible, (2) try to remove my profile pic by going through their hosting company, and (3) dox their hosting setup as thoroughly as I can on my personal blog, so that other people who want to remove their own profile pics don’t have to re-do any legwork.

Luckily, there was an angle for me to take. All that Hollywood anti-piracy legislation was actually good for something, it seems. In their frenzy to take down pirated movies on the internet, they left in their wake a legal tool that would come in useful to take down my profile picture, the Digital Millenium Copyright Act, or DMCA.

Attempt 1 (Failure): King Servers

Knowing that the owners of Sydex/Alumnius were not likely to give me their “service” (removal) for free, I figured my first stop for complaint should be with their hosting provider.

Unfortunately, Sydex.net and Alumnius.net are hosted by King Servers B.V., a well-known bulletproof hosting company based in Russia notorious for hosting shady websites, ignoring abuse complaints, and selling anonymous server space to Russian hackers who attempted United States election fraud in Arizona and Illinois. But I didn’t know that at first, so here’s the abuse message I sent them:

On Sun, May 17, 2020 at 10:1 PM, I wrote:

I believe you are hosting content that infringes my copyright. The domain hosting the infringing content is sydex.net, which has IP address 204.155.30.162. Can you confirm whether King Servers controls this IP address?

They responded to tell me that the domain and IP address are not under their control:

Mon, 18 May 2020 07:47:52 +0000

Hello,

This domain and IP address are not owned by our customers

Vladimir K. from King Servers

But that’s jiggery-pokery.

See, if you do a dig lookup on sydex.net, you get the IP address 204.155.30.162.

And if you do an ARIN whois lookup on that IP address, you can see that that IP address is part of IP block AS14576, owned by Hosting Solution Ltd., with contact information listed as king-servers.com. In other words, in the backbone internet records, King Servers is listed as the abuse contact for this IP address.

I emailed them saying in a polite way that they are listed as the network operator and contact for that IP address, so either the whois information is inaccurate, or the claim that they don’t control it is a load of baloney. It’s been several weeks. I haven’t heard back, and I don’t expect to. They also haven’t “corrected” their whois registry entry, and I don’t expect them to.

Here is the full whois record for AS14576 (containing IP block 204.155.30.0/23), as of this article’s publication, for archival purposes:

ASNumber: 14576
ASName: HOSTING-SOLUTIONS
ASHandle: AS14576
RegDate: 2013-10-17
Updated: 2013-10-17
Ref: https://rdap.arin.net/registry/autnum/14576

OrgName: Hosting Solution Ltd.
OrgId: HSL-50
Address: Office:
Address: Hosting Solution Ltd.
Address: 201 Rogers Office Building
Address: Edwin Wallace Rey Drive
Address: George Hill,
Address: Anguilla
Address:
Address: Data Center:
Address: Hosting Solution Ltd.
Address: C/O Hurricane Electric
Address: 48233 Warm Springs Blvd
City: Fremont
StateProv: CA
PostalCode: 94539
Country: US
RegDate: 2013-05-31
Updated: 2017-01-28
Comment: http://king-servers.com/
Ref: https://rdap.arin.net/registry/entity/HSL-50

OrgAbuseHandle: ABUSE4868-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-408-622-0063
OrgAbuseEmail: abuse@king-servers.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE4868-ARIN

OrgTechHandle: NOC32063-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-408-622-0063
OrgTechEmail: noc@king-servers.com
OrgTechRef: https://rdap.arin.net/registry/entity/NOC32063-ARIN

OrgNOCHandle: NOC32063-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-408-622-0063
OrgNOCEmail: noc@king-servers.com
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32063-ARIN

Attempt 2 (Failure): Hurricane Electric

While looking at the whois record above, I noticed that while the IP is assigned to Hosting Solution Ltd, it’s allegedly being served by a Hurricane Electric datacenter in Fremont, CA, USA.

Hurricane Electric is an “Internet Backbone and Colocation Provider”. In other words, they route core internet traffic, and also have a side business of providing on-site server rooms for business customers (e.g. the hosting company/reseller who hosts Sydex/Alumnius). The name Hurricane Electric wasn’t new to me, as a few years back I had considered using their services to host DNS for my personal site that you’re reading right now.

So I sent an email to Hurricane Electric’s abuse address:

Hi,

Can you confirm that this IP address is hosted at HE datacenters?

204.155.30.162

The HE ARIN whois record seems to indicate that your datacenters are serving up this IP for your customer “Hosting Solution Ltd.” in connection with “King Servers B.V.”:
https://bgp.he.net/net/204.155.30.0/23#_whois

This IP is serving up content that violates my copyright under US law, at the domain sydex.net. King Servers B.V. is based in the Netherlands/Russia, and when I messaged them about copyright abuse, they denied that the IP address or domain are connected to them.

From what I’ve read, King Servers B.V. is seen as a “bulletproof” host in the piracy industry due to their policy of ignoring abuse emails, so I am hoping that I can work with you in taking down this copyrighted content instead, since it seems to be hosted at your datacenter in Fremont.

In that respect, this customer also seems to be violating your Acceptable Use Policy:
https://he.net/aup.html

If you can confirm that you host this IP address, I will be able to send a proper DMCA notice to make the takedown request official.

Thank you,
Maximillian Laumeister
maxlaumeister.com

It’s been several weeks since I sent that message. Because Hurricane Electric is an internet backbone company, I have every reason to believe that they are the “good guys” and want to keep scummy websites out of their datacenter, or at least respond to copyright complaints. Indeed, their acceptable use policy says that their customers must not “do anything illegal or anything that adversely affects Hurricane’s legal interests”. Perhaps they haven’t gotten to my abuse email yet, or it flew under their radar - or the whois record was inaccurate, they don’t actually host that IP, and so didn’t bother responding.

In the mean time, I found a last angle of attack.

Attempt 3 (Success): Webzilla

While scouring the source code of sydex.net to figure out how it was hosted, something finally jumped out at me that I missed the first time.

When you inspect a profile image on sydex.net, you can see that it’s generally of the form http://photo.sydex.net/000000000.jpg, where the zeroes are a string of numbers that serve as an id number for the image.

In other words, the images are loaded from photo.sydex.net, a different domain than sydex.net proper.

I clicked through on one of the images directly, and sure enough it redirected me to a cdn12.com subdomain - a separate hosting provider solely for Sydex’s images. I ran another dig lookup, this time on photo.sydex.net, which confirmed that cdn12.com is indeed the next “layer of the onion” behind it.

So I started doing research on cdn12.com. There is no website at the apex domain (in other words, http://cdn12.com and http://www.cdn12.com do not yield any website in a web browser). The only real information I could find out there on the internet was a listing from a data aggregator called Apollo.io.

According to Apollo.io:

CDN12 is an international service provider focusing on delivering the best possible CDN to its customers, while keeping its prices fair. Rock-solid reliability together with 24/7 tech support ensure impeccable results and establish CDN12 as a worldwide leader in the industry.

So in other words, a load of marketing speak that doesn’t mean anything and doesn’t convey any useful information.

Here’s a screenshot of the listing for archival purposes:

cdn12.com listing on apollo.io

Who was this mysterious CND12, and why were they providing services to sydex.net and alumnius.net?

If only there were a way to find out who is hosting cdn12.com. Hey, let’s do another ARIN whois lookup.

I dug 10727-6.b.cdn12.com and got IP addresses 204.155.145.195 and 204.155.145.210.

Then I did an ARIN lookup on 204.155.145.195 and got IP block AS40824.

And we get another whois entry:

ASNumber: 40824
ASName: WZCOM-US
ASHandle: AS40824
RegDate: 2008-04-24
Updated: 2012-03-20
Ref: https://rdap.arin.net/registry/autnum/40824

OrgName: WZ Communications Inc.
OrgId: WZCOM
Address: 110 E.Broward blvd
Address: Suite 1700
City: Fort Lauderdale
StateProv: FL
PostalCode: 33301
Country: US
RegDate: 2008-03-19
Updated: 2010-04-12
Ref: https://rdap.arin.net/registry/entity/WZCOM

OrgAbuseHandle: WZCOM1-ARIN
OrgAbuseName: WZCOMM Abuse
OrgAbusePhone: +1-954-237-3587
OrgAbuseEmail: abuse@webazilla.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/WZCOM1-ARIN

OrgTechHandle: WZCOM-ARIN
OrgTechName: WZCOMM NOC
OrgTechPhone: +1-408-404-3912
OrgTechEmail: bk@webazilla.com
OrgTechRef: https://rdap.arin.net/registry/entity/WZCOM-ARIN

So, the subdomain of cdn12.com that is serving images for sydex.net is hosted by WZ Communications Inc. in Fort Lauderdale, FL., and they list an abuse contact of abuse@webazilla.com.

Before I sent an email there, I visited webazilla.com myself to get a sense for the sort of hosting company I was dealing with. It redirected me to webzilla.com, without the first “a”. Thinking that their whois data might have been outdated and pointing to an email address at their old domain, I decided to look up their abuse email myself to verify the whois entry.

One google search of “webzilla dmca” later, I found a document stating that they comply with the DMCA (pdf), and giving instructions for how to file a notice. Bingo.

So I sent them a proper DMCA takedown notice.

Do note that when you send a DMCA takedown request, you are signing under penalty of perjury that you are the copyright owner or acting at the copyright owner’s request. If you are not sure if you own the copyright to your photo like I did, do your own research.

Here’s the DMCA takedown notice I sent to Webzilla at abuse@webzilla.com:

Subject: DMCA Takedown Request - Notice of Infringement

To Whom It May Concern,

The following information serves to assert my rights and request removal of allegedly infringing web content under the Digital Millennium Copyright Act (DMCA). The following is a report, in good faith, of alleged copyright infringement. I am contacting you as the designated agent for the site upon which the infringing work currently appears. This letter is a Notice of Infringement as authorized in §512(c) of the U.S. Copyright Law.

I am the copyright owner of the works and the following is true and accurate.

  1. A copy of my original copyrighted work is attached to assist you in your evaluation and determination. The following is a short description of the work:

    This work is a self-portrait that I took using my own camera. I own the copyright to it. It depicts me, a young adult male, wearing a black shirt in front of a cloudy gray background.

  2. The allegedly infringing image appears at the following location(s) online:

    https://<redacted>.b.cdn12.com/<redacted>.jpg

    …in connection with the following web pages:

    https://sydex.net/page<redacted>
    https://alumnius.net/university_of_califo<redacted>

  3. My contact information, as copyright holder, is as follows:

    Maximillian Laumeister
    <phone redacted>
    <email redacted>
    https://www.maxlaumeister.com/

    <street name redacted>
    <city, state and zip code redacted>

  4. The information of the alleged copyright infringers are:

    Owner of Sydex.net
    sydex.net

    Alumnius Corp.
    alumnius.net

    Owner of CDN12
    cdn12.com

  5. I have a good faith belief the use of the above referenced copyrighted work(s) that appear on the website for which you are the designated DMCA agent is not authorized by the copyright owner, its agent, or by law.

I declare, under penalty of perjury, this notice is true and correct and that I am the copyright owner entitled to exclusive rights which I allege are being infringed.

Signed this <redacted> day of May, 2020 in Santa Cruz, CA, United States of America.

Maximillian Laumeister

Be aware that the hosting provider will forward your details to the scammers to serve the notice, so be sure to use a burner phone number and an address other than your residential address that you can receive mail at.

Two days later, I received a brief email from Webzilla stating that the allegedly infringing content has been removed. Maybe if everyone sends in DMCA takedowns for their profile pics, Webzilla will eventually kick these extortionists off of their CDN.

Hopefully the article you’re reading should rank for search engine queries such as “sydex.net removal”, “remove profile from alumnius.net” and the like. If people searching for these sites find this blog article with the image removal shortcut, that is as close to vigilante justice as I’m going to see as a law-abiding citizen.

Backup Strat (Search Engine Removal)

I was lucky that Sydex/Alumnius’s hosting provider, Webzilla, is based in the US and therefore could be served a DMCA notice. If these images were hosted in a country without strong copyright laws, my image could have been much more difficult to take down.

The backup strategy would have been to serve the DMCA request directly to Google and Bing. That way, the image at least wouldn’t show up in search results anymore, though it would stay up on the original website. Another added effect is that if a domain receives enough DMCA complaints, Google will start demoting it in search results.

Do note that if you serve a DMCA request to Google, they will publish a somewhat redacted version of it in their transparency report, as well as forward it to LumenDB to become public record. So don’t do anything stupid, like try to claim copyright on an image that you don’t actually own copyright on, because that stupidity will be enshrined on the internet permanently.

It’s also worth noting that if your DMCA request is accepted, Google will show the following at the bottom of the search results page, where the searcher can click through to LumenDB and get a copy of the taken-down URL anyways:

In response to a complaint we received under the US Digital Millennium Copyright Act, we have removed 1 result(s) from this page. If you wish, you may read the DMCA complaint that caused the removal(s) at LumenDatabase.org.

Lumen does gate their notices such that you have to enter your email to see the URLs, but that’s not much of a roadblock for someone who really wants to find them.

How To Remove Your Profile Pic from Sydex.net and Alumnius.net

Whew, that was a lot. Did you only come here to learn how to take down your own photo, and you could care less about my whole story around it? Sorry about all that.

Without further ado, here’s a step-by-step for how to remove your profile pic from sydex.net, alumnius.net, or really any web host that responds to DMCA requests:

Step 1: Find your profile pic URL

Find your profile on sydex.net or alumnius.net, or whatever shady foreign “people search” site that wants you to pay to remove your profile. Right click your picture and click “view image” or “open image in new tab”. At Sydex, for example, you should get an image url that’s in a similar format to this:

http://photo.sydex.net/000000000.webp or http://XXXXX-X.X.cdn12.com/000000000.webp

Step 2: Find the IP address(es) hosting that URL

Take the domain portion of the URL only (for example just photo.sydex.net or XXXXX-X.X.cdn12.com) and do an “A” dig lookup on it. It should give you one or several IP addresses under the ;ANSWER section next to where it says “IN A”, in my case these were 204.155.145.210 and 204.155.145.195.

It can also be useful to pay attention to the “IN CNAME” section, if there is one. “IN CNAME” means “the domain you typed in is fronting this other domain behind it”, so you can use it to find intermediary companies, in my case CDN12.

Step 3: Find the hosting company behind the IP address(es)

Take these IP address(es) you found, and look them up using the search bar in the HE BGP toolkit. Then click on the Whois tab to get abuse contact information tied to the IP address. You may also find additional information by clicking through to the Origin AS page on the IP Info tab, then clicking the Whois tab there to get the abuse contact tied to the entire AS block.

Step 4: Sanity-check the abuse contact address

Do some light Google searching. At the time of writing, the abuse email for the IP address of photo.sydex.net was listed both as abuse@webazilla.com and abuse@webzilla.com. I went to webzilla.com and discovered that there was a legitimate company named “Webzilla” selling hosting services there. Then I googled “webzilla dmca” and found their DMCA policy and instructions to send a request.

Step 5: Send a DMCA takedown request

Send a DMCA request per the hosting company’s instructions, or if they don’t provide any specific instructions, send it to their abuse email. You can model your DMCA notice after the one I sent. Only send a DMCA request if you are sure you own the copyright to the image of you. Make sure to use a valid burner phone number and valid mailing address separate from your residential address, as this info will be forwarded to the website owner / scammer.

Conclusion

I did it. I won. I think.

Different people will take different things away from this article, all of which have some speck of truth to them:

They say that the shorter the chain, the more fiercely the dog guards its territory. Staying at home in quarantine on my computer 24/7, I can only feel protective of my small corner of the internet.

Bah.

Are you having any trouble removing your own profile from people search sites? Any success stories? I’d love to hear all of it in the comments!

P.S. Sydex/Alumnius: If you are reading this, do be aware that if you contact me, I plan to publish it here publicly.

Bonus Tip for MyLife.com!

Since you made it so far, here’s a bonus tip for removing your profile from MyLife.com, another shady data broker website. Apparently they were not smart enough to incorporate outside the USA, so they have been sued multiple times. So as soon as you lightly infer the possibility of legal action, all of a sudden it’s possible for them to remove your profile for you!

For more details, click through to my companion mini-article about how I removed my MyLife.com profile.

Ongoing Updates

Update 7/1/2020

I found a website called Scamion that lists a physical address for Sydex.net along with some consumer complaints:

Sydex.net
77 Spyrou Kyprianou Avenue
Larnaca, Cyprus

It’s worth noting that a commenter on Reddit also mentioned that Sydex is based in Cyprus.

Furthermore, a Google Search of that address reveals a third data broker site called “European Graduates” also claiming to be owned by Alumnius Corp! It’s hosted at https://graduates.name/ and lists the same physical address in its footer:

Alumnius Corp.
77 Spyrou Kyprianou Avenue
6052 Larnaca, Cyprus

Update 8/5/2020

An anonymous user tipped me off in the comments that Sydex/Alumnius also runs a fourth data broker site called US Staff, hosted at https://bearsofficialsstore.com. I can confirm this with reasonably high confidence, because they list the same data as Sydex/Alumnius, link to the exact same URLs for the pictures on their CDN, and use the same registrar for their domain.

Update 8/26/2020

Another user tipped me off that the website Ufind.name and the Android app People Finder are also affiliated with Sydex and Alumnius:

Saturday, August 15, 2020

From: xxx xxx <xxxxx@xxxxx.com>

Subject: Some more Sydex information. Say hello to Cyril

This is the name and email of one of the men in connection with sydex.net & alumnius.net. Кирилл Симогин his email is senice@gmail.com This was the owner of the PayPal account that was used to collect ransoms for “QUICK MANUAL REMOVAL”.

Also connected to the following projects.

https://ufind.name/

https://play.google.com/store/apps/details?id=name.ufind.peoplefinder_ufind_name&hl=en_US

Some more interesting information comes up while researching this email address,.
https://website.informer.com/Simogin+Kirill+Vladimirovich.html

I have also attached a screen capture of the profile picture of the PayPal account. I hope this is interesting. It cost me $20 to get this info. lol

Кирилл Симогин PayPal

I asked the person who sent me this if they would mind if I credit them by name, and I haven’t yet received a response. But in any case, thank you for this additional info!

Also, in light of another person who came forward in the comments section here trying to get their photo removed, today I confirmed (via DNS lookup) that the scammer has recently hopped CDNs to ahacdn.me, a CDN that is run by AdvancedHosting, located in the Netherlands. I can only hope that they hopped CDNs because their previous CDN account with Webzilla was terminated. AdvancedHosting has an abuse contact email on their contact page, so I’ve just emailed them to confirm that they are the owners of ahacdn.me.

Update 8/27/2020

I received a reply to my email to AdvancedHosting. My email told them that they have a scammer using their CDN, and that I was tracking them and had published the details in the article you are reading now. This is what AdvancedHosting wrote back to me:

In reference to your enquiry below we want to make sure you are aware that we are the hosting company of this domain, not the owner and we don’t have access to the customer’s servers.

This doesn’t make sense. The definition of being a hosting company is that you own and provide the customer’s servers, and therefore have access to them. Maybe something was lost in translation.

They also wrote:

So we can’t alter the content in any way, but we have forwarded your complaint to the owner of the domain.

So they forwarded my info to these scammers. *facepalm*. I just sent them a reply email:

You’re joking. You just forwarded my complaint email to someone who I just told you is an extortionist?

Tell me you’re joking.

So, thanks AdvancedHosting for forwarding my detailed complaint email straight to the scammers. If they don’t already know about this article and about me following their breadcrumbs on the internet, they do now.

Update 9/3/2020

Another reply from AdvancedHosting came in last week:

Dear Sir/Madam,

According to your request we have contacted our customer and infringing content has been successfully removed and replied:

Hello. The user did not like that we were caching user avatars on our server. We remove user avatars upon request. Also all information about Maximillian Laumeister was removed from our sites. Thank you.

I wrote a reply today:

They do not remove user avatars upon request, they normally charge $20 to do so (extortion). They only removed my profile for free after I reported them to their previous CDN provider, causing them to switch CDNs to yours. It’s apparent that you did not read the article I wrote or the complaints on Reddit that I sent you, as they detail how this company’s scam works.

My article where I publish this email chain and explain how AdvancedHosting is complicit is currently the #1 Google result for “sydex removal” and “alumnius removal”.

Expect more abuse complaints to roll in.

Regards,
-Max

Update 9/4/2020

I received another anonymous tip yesterday via email, saying that the police visited Sydex’s address and found nobody there:

Thursday, September 3, 2020

From: xxx xxx <xxxxx@xxxxx.com>

Subject: Some more Sydex information

Thanks for your work on the Sydex stuff. Your DMCA approach worked great but I still can’t get them to remove my full profile yet. Anyway, a couple months ago on a whim I kicked this over to GDPR authorities in Cyprus and they actually visited the address (see attached screenshot). Bogus, but it appears they have now removed this address from sydex.net. Anyway, thought you might get a kick out of that.

Sydex Cyprus Police

I did get a kick out of that. Thanks Anon.

Update 6/11/2021

Google recently updated their removal policy. If you can’t get Sydex or Alumnius to directly remove your profile, you may be able to at least get Google to remove it from search results. For more info, visit Google’s exploitative practices removal page.

Update 7/2/2021

I received an email from someone who was able to get their profile picture removed from alumnius.net, with the help of these instructions! Here is our email exchange:

On Jun 29, 2021, xxx wrote:

Hello Max,

I just want to thank you for writing such detailed, well-written instructions on how to serve Alumnius Corp. and its hosting provider, AdvancedHosting, with a DMCA Takedown Request.

I received the same boilerplate response. It looks like they either don’t have an in-house legal team with adequate knowledge of the Digital Millennium Copyright Act (DMCA) or this may actually be their what their legal team advised (i.e., never admit responsibility or accountability and be sure to pass the buck down the line to the infringer.) Whatever the case may be, it is worrisome that they forward your Takedown Request with all your private details to these hooligans.

In their response, AdvancedHosting also included “a legally privileged and/or confidential information” disclaimer. There’s nothing confidential or privileged about a DMCA Takedown Response–especially if it’s being forwarded to an infringing party who tries to extort copyright owners in exchange for removing their portraits. I may reply with my own disclaimer stating that no client lawyer confidentiality privilege has been asserted. I attached a redacted copy (as a .png) of my email to AdvancedHosting & DataWeb along with their boilerplate response.

As I was following your steps, I also came across another hosting company connected with Alumnius Corp.: Data Web Global Group. Data Web is also located in the Netherlands. I don’t know if you came across them during your own search/investigation. I copy/pasted their ICANN information below. I hope it helps the next person who has to deal with these alleged web-crawling crooks.

Again, thank you so much for your help. If you have any questions, I’m happy to help in any way I can.

Sincerely, xxx

Attachment 1 - ICANN Info for Data Web Global Group:

as-block:       AS38912 - AS39935
descr:          RIPE NCC ASN block
remarks:        These AS Numbers are assigned to network operators in the RIPE NCC service region.
mnt-by:         RIPE-NCC-HM-MNT
created:        2018-11-22T15:27:34Z
last-modified:  2018-11-22T15:27:34Z
source:         RIPE

aut-num:        AS39572
as-name:        ADVANCEDHOSTERS-AS
org:            ORG-DGGB1-RIPE
remarks:        -- AMS-IX
admin-c:        DGGB1-RIPE
tech-c:         DGGB1-RIPE
status:         ASSIGNED
mnt-by:         RIPE-NCC-END-MNT
mnt-by:         MNT-DGGB
created:        2015-11-11T11:06:07Z
last-modified:  2020-08-27T09:53:02Z
source:         RIPE

organisation:   ORG-DGGB1-RIPE
org-name:       DataWeb Global Group B.V.
country:        NL
org-type:       LIR
address:        Lierseschans 12 Unit 2A1
address:        3432ET
address:        Nieuwegein
address:        NETHERLANDS
phone:          +31202170228
admin-c:        IS5780-RIPE
tech-c:         DGGB1-RIPE
abuse-c:        DGGB1-RIPE
mnt-ref:        MNT-DGGB
mnt-ref:        RIPE-NCC-HM-MNT
mnt-by:         RIPE-NCC-HM-MNT
mnt-by:         MNT-DGGB
created:        2015-04-20T13:26:42Z
last-modified:  2021-05-07T07:06:40Z
source:         RIPE # Filtered

role:           DATAWEB GLOBAL GROUP NCC
address:        DataWeb Global Group B.V.
address:        Lagendijk 1, A 207
address:        1541KA
address:        Koog aan de Zaan
address:        NETHERLANDS
abuse-mailbox:  abuse@datawebglobalgroup.com
nic-hdl:        DGGB1-RIPE
mnt-by:         MNT-DGGB
created:        2015-04-27T15:23:49Z
last-modified:  2015-11-19T12:16:24Z
source:         RIPE # Filtered

Attachment 2 - Alumnius DMCA Takedown Notice:

Alumnius DMCA Takedown Notice

Attachment 3 - Boilerplate Response From AdvancedHosting:

Boilerplate Response From AdvancedHosting

I replied to them, asking them for permission to post this message in my article, to which they responded:

Absolutely! I actually received a follow up email two days ago saying that they had removed the image from alumnius.net, which I can confirm 100%. The image and any profile details were removed from their site.

Once again, thank you so much for your write-up. It was super helpful. I’m glad to be able to pay it forward and help those that come across your site in the future.

Good luck to you and wish you great success!

Take care.

So they were able to remove their image from alumnius.net. Awesome!

Update 1/16/2023

Another reader emailed me today to say that their sydex image removal was a success! Here is the DMCA takedown notice they sent to abuse@advancedhosting.com.

To Whom It May Concern,

The following information serves to assert my rights and request removal of allegedly infringing web content under the Digital Millennium Copyright Act (DMCA). The following is a report, in good faith, of alleged copyright infringement. I am contacting you as the designated agent for the site upon which the infringing work currently appears. This letter is a Notice of Infringement as authorized in §512(c) of the U.S. Copyright Law.

I am the copyright owner of the works and the following is true and accurate.

A copy of my original copyrighted work is attached to assist you in your evaluation and determination. The following is a short description of the work:

This work is [description of photo]. It depicts me, [description of person], wearing [description of clothing].

The allegedly infringing image appears at the following location(s) online:

https://cdn.sydex.net/li/webp/#########.webp

…in connection with the following web pages:

http://sydex.net/dir####
http://sydex.net/page######
http://sydex.net/page######
http://sydex.net/page######

My contact information, as copyright holder, is as follows:

[Legal Name]
[Phone Number]
[Email Address]

[Physical Address: Street Name]
[Physical Address: City, State, ZIP]

The information of the alleged copyright infringers are:

Owner of Sydex.net
sydex.net

I have a good faith belief the use of the above referenced copyrighted work(s) that appear on the website for which you are the designated DMCA agent is not authorized by the copyright owner, its agent, or by law.

I declare, under penalty of perjury, this notice is true and correct and that I am the copyright owner entitled to exclusive rights which I allege are being infringed.

Signed this Xth day of January, 2023 in [City, State].

[Legal Name]

More Articles Tagged #privacy

Comments