Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

Abuse prevention

We want the .nl domain to be as secure and trustworthy as possible. We're therefore committed to tackling the abuse of .nl domain names for criminal activities such as phishing, malware distribution and fake webshop scams. But fighting domain name abuse is a shared responsibility: everyone in the chain has a role to play.

We therefore work with registrars to make .nl domain names as unattractive to criminals as we possibly can.

SIDN's policy on taking down domain names (part 2) Taking down domain names as a sanction of last resort (part 1)

If problems are spotted on your site, you'll get an e-mail

The e-mail will come from Netcraft, our anti-abuse partner. Netcraft specialises in detecting internet abuse. Their e-mails can be recognised by the 'From' address: Netcraft Takedown Service <takedown-response+nnnnnnnn@netcraft.com>.

What to do if you get an e-mail from Netcraft

Please contact your registrar (hosting service provider). Your registrar will be able to help you remove infected files. Your registrar can also advise you on preventing anything similar happening again.

If nothing's done to stop the abuse, we'll disable your domain name

If the issue that Netcraft e-mails you about isn't dealt with quickly, we may have to intervene. In that case, we'll change your domain name's name servers, so that people can't reach your site. Our aim is always to protect internet users.

The earliest that we'll intervene is 66 hours after the first abuse report.

NB: We intervene only in exceptional cases. And we take a very careful approach to abuse prevention. We'll intervene only after Netcraft has sent multiple messages to the abuse reporting address or the other contact addresses we have for the registrant, the hoster and the registrar, asking for action to be taken. Where possible, we follow up those messages with e-mails of our own. And, before we actually take the name offline, we check via another source whether the malicious content is still live. We also check that disabling the website isn't going to have any disproportionate negative impact.

Disclaimer SIDN and Netcraft are dedicated to minimising abuse in the .nl zone. We go about our work very carefully. Nevertheless, because the abuse detection process is largely automated, errors do occasionally occur in the identification of abusive websites. SIDN cannot therefore guarantee the accuracy of abuse reports. If you've received a report that you think is mistaken, or if you require further support, please mail takedown@netcraft.com.

Frequently asked questions

What should I do if I get an e-mail from Netcraft?

Contact the person or firm that manages your website. They'll be able to help you find and remove the infected files. It's very important that all infected files are removed. See Google webmaster tools for help and advice about removing phishing files and malware.

You should also change all the passwords for your hosting account, so that the criminals can't use them to compromise your site again. Make sure that you're using the latest, fully updated version of your CMS.

What happens before a domain name will be disabled?

After discovering an infected website, Netcraft sends e-mails to everyone connected with the domain name registration. The e-mails are sent at intervals of 18 hours, until 66 hours after the detection.

Meanwhile, we send e-mails of our own to you (the registrant), the hoster and the registrar. After 66 hours, we check via another source whether the malicious content is still live. We also check that disabling the website isn't going to have any disproportionate negative impact. If no one responds to the e-mails and the second source confirms that the infection is still present, we delink the name servers from the domain name. That effectively makes the domain name and therefore the website unreachable. Once the domain name has been disabled, we'll let the domain name's registrar and administrative contact know by e-mail.

What does Netcraft look for?

Netcraft scans .nl websites for the following forms of abuse:

  • Fake webshops Fake webshops tempt buyers with very low prices, but don't deliver. Shoppers are sent fake goods, or nothing at all. Some fake webshops also steal confidential information, such as bank logins and credit card details.

  • Phishing Phishing typically involves sending an e-mail with a link to a website. For example, you might get a message saying, 'Click here to keep your internet banking account.' But, if you click the link, you land on a fake site that looks just like your bank's website. You're then asked to enter sensitive information, such as your account details or PIN. Phishing e-mails and sites used to be easy to spot because they were littered with mistakes. But nowadays many are very convincing. Phishing messages are also sent by text, WhatsApp and social media.

  • Malware Malware is harmful software. It often gets onto a victim's computer without them realising, when they visit an infected website.

  • Shopping site skimmer A shopping site skimmer is a tool that criminals install on a legitimate webshop's checkout page. The skimmer then harvests customers' payment details and sends them to the crooks.

  • Defaced website Defacement is a practice that involves a legitimate web page being replaced by hackers. The replacement page often carries political material. Defacement is a form of malware. Websites that get defaced usually have poor security and are therefore vulnerable to further criminal exploitation.

  • Cryptocurrency investment scam A cryptocurrency investment scam involves a website offering fake cryptocurrency. The site will typically feature falsified endorsements and use lots of crypto-jargon to bewilder visitors. And visitors will be promised huge returns on continued investments. Sadly, the promises don't materialise. To make matters worse, victims often find that confidential information has been stolen as well.

  • Package scam A package scam is a fraud in which the victim gets a message, seemingly from a delivery firm with a parcel for them. But there isn't really a parcel, and the message is from a scammer trying to steal confidential information.

  • Survey scam The aim of many survey scams is to get hold of consumers' personal data for re-sale, or for identity theft.

  • Crypto-miner Crypto-mining involves the use of malicious JavaScript to mine cryptocurrency. It's an abuse of the computational power of the victim's computer or mobile.

  • Command and control centre Also known as a C&C or C2, a command and control centre is a central server or computer used by internet criminals to send out malware and/or to run a botnet.

  • Web shell A web shell enables remote access to a web server, often for use in a cyber-attack.

What language are Netcraft's mails in?

By default, all e-mails that Netcraft sends for us are written in both Dutch and English. They are also sent in the language of the country where more than six abuse sites have been hosted in the last six months.

What can we do to prevent problems?

Make sure that the software you use for your site is secure and up to date:

  • Use a strong password.

  • Use virus scanners and other security tools.

  • Ask your web designer or administrator for help.

Where do I report a .nl domain that I think is involved in abuse?

First, go to the registrar for the domain name. You can see who that is by looking up the domain name in the Whois – the search bar on the homepage at https://www.sidn.nl/.

You can also report your suspicions to support@sidn.nl, and we'll follow it up.