UltaHost Exposed: ICANN-Breached, DMCA-Ignored Hosting Linked to 728+ Phishing Domains, Data Loss & Fraud
Officially cited by ICANN for failure to mitigate DNS abuse. Rated medium fraud risk by Scamalytics. Graded D by the BBB. Independent testing recorded 43.78% uptime — down for 17 straight days.
They market “freedom of material,” sell anonymous servers requiring no identity, and deploy AI chatbots that send customers into endless loops — while ignoring abuse reports that enable harassment, defamation, phishing, and fraud.
Their Business Model — “Freedom to Violate the Laws”
UltaHost doesn't hide what they offer. Their own marketing materials promote services designed to evade legal accountability. These aren't interpretations — these are direct quotes from their website.
“Freedom of Material: ... complete freedom of material.”
— UltaHost marketing copy
“Legal Control: It is possible to violate the laws, rules, or cultural norms of one or more countries...”
— UltaHost marketing copy
“DMCA-ignored servers allow you to stream or share content that lawyers and governments believe violates copyright law.”
— UltaHost official blog (their own admission of the bulletproof-hosting model)
“We can do up to 70% per sale or a stable amount per sale such as 100 to 300$ per sale... The minimum payment threshold for Crypto transfer is 500$.”
— UltaHost affiliate FAQ (industry standard is 20-40%, paid in cash)
“In cases of blatant payment or criminal fraud chargebacks, the service will be discontinued without any opportunity for recovery. This policy is non-negotiable and enforced permanently.”
— UltaHost refund policy (pre-classifies customer chargebacks as criminal fraud)
“This includes UltaHost Dubai, UltaHost Istanbul, UltaHost Ltd UK, and UltaHost Inc USA.”
— UltaHost Terms of Service (their own admission of 4-jurisdiction shell structure)
“Ultahost beats everything, Get a free setup for any of your Envato scripts with 20X faster servers, We are the Recommended Envato Hosting provider.”
— UltaHost Envato Hosting page (the install pipeline for DoughouzForest scripts — the same family also sells the scripts)
Actively marketed product line
Actively marketed product line
No real email or credit card required — pay with cryptocurrency
UltaHost is listed in multiple third-party guides as “bulletproof hosting” and categorized alongside offshore providers. According to CISA (Cybersecurity & Infrastructure Security Agency), bulletproof hosting providers “neither engage in good faith with legal processes nor with third-party or victim complaints.”
CISA's guidance states that BPH infrastructure is used for “command and control, malware delivery, phishing, and hosting illicit content in support of ransomware, data extortion, and denial of service attacks.”
Leadership & Official ICANN Breach
Who runs UltaHost, and why has the global domain authority formally cited them for non-compliance with their own registrar agreement?
Elin Doughouz
CEO & Co-Founder
Founder of Doughouz Group Ltd, ScriptSun Ltd, WoWonder (social network script), PlayTube, DeepSound, PixelPhoto, and Wolvor Global. Multinational operation established in 2018.
Deen Doughouz
CTO & Co-Founder
Brother of Elin. Also involved with ScriptSun Ltd, WoWonder, and Wolvor Global. UltaHost was incorporated in the USA in 2021.
Other Products & Customer Complaints
WoWonder — a PHP social network script sold on CodeCanyon under the author name “DoughouzForest” — has faced repeated customer complaints over several years. Users in developer Facebook groups, CodeCanyon reviews, and YouTube comments have accused the developers of:
- ●Refusing refunds on lifetime subscriptions
- ●Failing to provide promised updates and support
- ●Effectively abandoning the product, with users calling it “dead” and labeling the support team as unresponsive or “scammers”
- ●A Trustpilot reviewer alleging the software “has backdoors, and creates automatic accounts on the site to publish ads after you purchase it”
These complaints mirror broader patterns seen with UltaHost regarding support quality, refund denials, and unresponsive communication.
Disclaimer:No personal legal actions or criminal allegations have been found against Elin Doughouz or Deen Doughouz individually. The concerns documented on this page relate to their companies' business practices and customer treatment.
Official ICANN Notice of Breach
Issued February 5, 2025 to UltaHost, Inc. (IANA #4331)
On February 5, 2025, ICANN issued a formal Notice of Breach to UltaHost, Inc. for multiple violations of the Registrar Accreditation Agreement (RAA). UltaHost was given 21 days to cure the breach (deadline: February 26, 2025). This was one of only a very small number of such notices issued to any registrar that year.
Failure to Mitigate DNS Abuse
RAA Section 3.18.2
ICANN found that UltaHost failed to take action on reported DNS abuse. A specific example cited was the phishing domain pictetcapital-limited[.]com — impersonating a financial institution — which remained active despite reports.
Failure to Provide Abuse Records
RAA Section 3.18.4
UltaHost was required to maintain and provide records relating to abuse complaints. ICANN found they failed to comply, making it impossible to verify whether any abuse mitigation was occurring at all.
RDAP Non-Compliance
Registration Data Access Protocol
No IPv6 support and conflicting version information between their RDAP service and required specifications, making it unreliable for domain lookups and abuse investigation.
Additional Violations
Data Escrow, Contact & Policy
Additional issues with data escrow compliance, inaccurate registrar contact information, and failure to properly disclose required website policies — systemic governance failures.
Their own published policy contradicts their own ICANN breach
UltaHost's official Abuse Handling Policy (at ultahost.com/abuse-handling-policy) makes this claim, verbatim:
“UltaHost... strictly adheres to Section 3.18 of the Registrar Accreditation Agreement (RAA), which mandates the timely handling of abuse reports and cooperation with relevant authorities.”
ICANN's February 5, 2025 Notice of Breach cited UltaHost specifically for failing RAA §3.18.2 (mitigate DNS abuse) and RAA §3.18.4 (provide abuse records). The company wrote down exactly what they were supposed to do, then got formally cited for not doing it. The policy page remained live throughout the 13-month cure period.
Official ICANN Compliance Notice PDF
Hedlund to Doughouz — February 5, 2025
Phishing, Malware & Abuse Stats
The numbers paint a clear picture of a hosting provider that attracts and enables malicious activity at scale.
Documented: Hosting Criminal Content
A public review on HostDean (December 2025) reported that UltaHost was knowingly hosting a website selling counterfeit Euro banknotes. The reviewer stated they submitted a detailed abuse report with evidence, but UltaHost “rejected my report completely” — citing the use of a Gmail address as the reason for dismissal.
Reported Customer Abuse Patterns
VPS Servers Hacked
Repeated reports of VPS servers being compromised — backdoors added, forced restarts, one customer reporting all 3 of their virtual servers were hacked. Support blames customers rather than investigating infrastructure.
100GB Data Loss — Server Deleted
A customer in Mumbai reported their server was completely deleted after two weeks of downtime, losing approximately 100GB of data including several high-traffic business websites. UltaHost denied a refund citing policy.
False DDoS Protection Claims
False advertising on DDoS protection. UltaHost later clarified they only provide “basic DDoS protection” with no specific protection for game servers — contradicting marketing claims.
Blacklisted IPs
Customers commonly report being assigned blacklisted IP addresses, causing email deliverability failures and SEO penalties — a direct consequence of sharing infrastructure with abusive clients.
April 2026 Update: Dramatic Escalation in Criminal Enabling, Review Manipulation & Abuse Gatekeeping
The situation has worsened dramatically since our initial investigation. Fresh data from PhishDestroy, Bolster AI, VirusTotal, and public review platforms reveals an accelerating pattern of criminal enabling.
Phishing Stats Have Worsened Dramatically
Wallet-Drainer Malware Detected on UltaHost Domains
Brands Impersonated via UltaHost Infrastructure (Partial List)
Live High-Threat Phishing Examples (VirusTotal Score)
Note: walletdrainer.site — the domain name itself literally advertises the crime, and it remains live on UltaHost infrastructure.
Bolster AI Cybersecurity Report — Explicitly Named as Bulletproof Host
“Bolster researchers have found some high-profile hosting providers in the cyber world which was detected while analyzing multiple phishing and scam URLs. Some of them are listed below: Private Alps, Alex Hosting, EliteTeam, FlyHosting, FiberGrid, Warez-Host, Ultahost”
— Bolster AI, anti-phishing cybersecurity research report
This is independent third-party cybersecurity researcher confirmation — not a review site or customer complaint. UltaHost is named alongside known criminal-friendly infrastructure providers.
Criminal-Community Insider Confirmation
BlackHatWorld Forum — Grey-Hat/Cybercrime Community
“Comparing apples with pears, as Ultahost are more lenient with abuse complaints of a certain nature and Hostinger are very aggressive with accepting complaints and actioning them.”
This is confirmation from the criminal/grey-hat community itself that UltaHost is the preferred choice for operations that generate abuse reports.
UltaHost Recommended in BlackHatWorld Threads For:
- ●“DMCA Ignored Hosting” — users asking for hosts for illegal adult content
- ●“How to make Movie Streaming website with 100% DMCA ignored offshore hosting”
- ●“Looking for Best DMCA-Ignoring Offshore VPS Hosting (Adult + Piracy-Friendly)”
“Ultahost is also a new entrant in adult hosting market. But their reviews seem fake... I'm using them. They suspended my account without notice and without a reason.”
— BlackHatWorld user
Confirmed Review Manipulation — Dual Trustpilot Profiles
UltaHost operates two separate Trustpilot profiles to manipulate their public image: ultahost.com (main, where 5-star reviews concentrate) and ultahost.io (secondary, where negatives pile up).
Combined Star Distribution (Both Profiles)
Bimodal signature: 67% five-star + 24% one-star with almost nothing in between. This is the classic mathematical pattern of paid/fake 5-star reviews combined with genuine angry 1-star customers. Real organic distributions follow a bell curve.
May 2026 update: the ultahost.io profile alone has now grown to 833 reviews with the bimodal split deepening to 57% five-star + 29% one-star(TrustScore 3.7/5). The middle is even emptier than before — exactly the pattern you'd expect if both the paid-review tap and the genuine-anger flow continued in parallel.
Late May 2026 — the dam breaks: The main ultahost.com Trustpilot profile is now at 1,737 reviews, and the public TrustScore has dropped to 3.4/5 — Trustpilot now labels UltaHost as “Average”, no longer the “Excellent”tier that UltaHost still cites in its own marketing (e.g. the “4.9-star” claim on its affiliate page). Combined with ultahost.io's 833 reviews that's ~2,570 total Trustpilot reviews, and the paid-review machine has visibly been overwhelmed by organic angry customers. The headline rating UltaHost is allowed to display has changed without their permission.
Sitejabber Warning: “Ultahost has been reported to offer discounts, coupons, or other compensation in exchange for reviews. This has been shown to lead to biased or misleading reviews.”
Trustpilot Warning:“We 've removed a number of fake reviews for this company.” Customers also report UltaHost falsely flagging their negative reviews for removal.
Abuse-Report Gatekeeping — Victims Blocked Unless They're Corporate Lawyers
“Ultahost is hosting a site that impersonates my brand and scams people out of large sums of money. After refusing to reply for several weeks I was told they take abuse seriously and are investigating. After no response and clearly no investigation I was told by their rep on LinkedIn that they do not investigate abuse unless I submit a trademark or court order. There is a reason they are in breach of compliance with ICANN.”
— Trustpilot victim, 2026
The Gatekeeping Pattern
Individual citizens, small businesses, and anyone without legal department resources has no path to get UltaHost to act — which is precisely why criminals choose them.
Customer IPs Actively on Abuse Blacklists
These are just two samples. UltaHost IPs are regularly flagged for attacks on third parties.
Scam Detector Rating
ScamDetector.com rates ultahost.com as “Active. Medium-Risk” — “ultahost.com is a problematic website, given all the risk factors and data numbers analyzed in this in-depth review.”
Hidden Ownership / Shell Companies
A HostScore reviewer actively suing UltaHost states: “Be warned this company are a bunch of Turkish people with scam companies pretend names in the UK and US stealing money.” UltaHost was founded in Istanbul in 2018/2019 and re-incorporated in Delaware — a registered-agent address, not an operational office.
Additional Deceptive Sales Practices
False 'Dedicated' Mac VPS
Marketed as dedicated Mac VPS but actually running on shared MacBooks.
Wrong Server Specs Delivered
Ryzen 9 7950X3D / 64GB RAM ordered but EPYC machine with lower specs delivered without notice.
GPU Purchase Not Delivered
Paid extra for NVIDIA Quadro T1000 but it was never provided.
PayPal Payment Blocked
Forcing customers into payment rails with weaker chargeback protection, then threatening legal action.
Paid Review — $800 Never Paid
Content creator commissioned for a review — completed and published — UltaHost then ghosted and refused to pay the $800 owed.
Counterfeit Currency Site Protected
peeslow.group openly sold fake Euro banknotes. Detailed abuse report rejected because reporter used Gmail.
Customers Continue to Be Hacked — New 2026 Reports
“Very very bad. I got hacked multiple times. Do not use this service. I have an account and have 3 virtual servers. All 3 of them hacked multiple times.”
“It used to be a good company, but now it's completely abandoned!”
“Their VPS IP is banned, to try another country VPS they want new payment...”
“They terminated my hosting just few days of suspension without notice... making me lose my data... I won't recommend this to my enemy.”
Official Policy Contradicts Actual Practice
UltaHost's own Abuse Handling Policy states: “For cases involving confirmed malicious intent (such as phishing attempts, malware distribution, financial scams, or child exploitation content), the domain will be immediately disabled without prior notice.”
Yet 57% of reported phishing domains remain active. UltaHost claims complaints are “typically processed within 72 hours” — yet the ICANN breach was triggered by complete non-response.
The Complete Pattern — Why This Matters
Synthesizing all evidence, the operational pattern is now unmistakable:
- 1.Market criminal infrastructure as a feature— DMCA-ignored, anonymous, crypto-paid hosting, explicitly telling customers they can “violate the laws, rules, or cultural norms of one or more countries”
- 2.Accept the resulting criminal customers — phishing operators, wallet drainers, counterfeit goods sellers, defamation site owners
- 3.Gatekeep abuse reportsbehind “Gmail doesn't count,” “no trademark = no action,” and unanswered tickets
- 4.Maintain technical compliance just enough to escape consequences — responding to ICANN, prioritizing law enforcement over citizens
- 5.Inflate public reputation through paid review incentives, dual Trustpilot profiles, and flagging legitimate negative reviews as fake
- 6.Extract maximum revenue from regular customers through deceptive refund policies, excluded annual plans, and crypto-balance traps
- 7.Threaten refund-seekers with lawsuits while simultaneously stonewalling actual lawsuits filed against the company
This is textbook bulletproof hosting by CISA's own definition — dressed up with a Delaware address and a polished website.
April 2026 Fresh Warnings: Backdoors, Hacked Servers & Criminal Endorsements
The latest user reports, forum posts, and phishing data from April 2026 confirm every pattern documented above — and introduce alarming new details about active backdoors planted by support staff.
Real User Reports — April 2026
Reddit r/webhosting & r/Hosting — April 2026
“My Ultahost VPS keep getting infiltrated… backdoor admin accounts… forced restarts… 2-factor apps I did not search for… When support ‘fixed’ it, THEY disabled Norton and the backdoors came back.”
— Reddit user, r/webhosting, April 2026
3+ VPS Servers Hacked Repeatedly
Multiple users report having all of their virtual servers compromised — not once, but repeatedly — with the same backdoors returning after support “fixed” the issue.
Added to Personal Blacklists
Users are publicly adding UltaHost to their personal blacklists and warning others in community threads titled “Stay Away from Ultahost.”
Criminal Community & Illegal Content
BlackHatWorld users continue to recommend UltaHost for:
“Ultahost are more lenient with abuse complaints of a certain nature.”
— BlackHatWorld user comparing UltaHost vs Hostinger
Ongoing Phishing & Abuse Failures
Live examples include walletdrainer.site — a domain that literally advertises the crime in its name — alongside multiple Coinbase and Ledger impersonators, all remaining live on UltaHost infrastructure despite formal abuse reports.
May 2026: Fresh Victim Reviews and a New Bait-and-Switch
Three weeks after our Round 5 investigation, the pattern continues. Below: five newly dated victim quotes verbatim from Trustpilot (January through May 2026), a previously undocumented macOS-ports bait-and-switch, and a direct customer accusation that UltaHost knowingly hosts stolen-IP infringement.
Five new dated victim quotes (Trustpilot, verbatim)
May 12, 2026
“I am so disappointed with their services they provide hosting to scam and cheat people i have checked their hosting is so slow and cheap.”
— Trustpilot ultahost.com
May 11, 2026
“Totally Scammer.”
— Trustpilot ultahost.com
April 11, 2026 — Trading-system case
UltaHost staff forcibly rebooted a Windows VPS without prior notification, interrupting a live quantitative-trading system and causing measurable financial losses. When the customer requested meaningful compensation, UltaHost offered only 7 free days of hosting.
— Trustpilot ultahost.com — see full case study
March 2026 — IP-ban payment trap
“scam service that accounting to get once your money.”
The customer's VPS IP was banned; UltaHost demanded new payment to switch to another country's VPS while the old payment remained effectively trapped — a variant of the documented crypto-credit-trap pattern.
— Trustpilot ultahost.com
January 2026
“Do not trust this company! They allow known scammers to create websites that target innocent people.”
— Trustpilot ultahost.com
Newly documented patterns
macOS servers ship with all ports blocked by default
Customers report that UltaHost's macOS server product blocks all ports by default — discoverable only after purchase. This combines with the existing $117 PTR-records bait-and-switch and Port-25-locked-behind-upcharge patterns documented in Round 4: UltaHost advertises a “full-featured” product, then collects payment before disclosing what isn't included.
Direct customer accusation of knowing stolen-IP enablement
“UltaHost does nothing when they know their servers are being used for stolen IP.”
This is the first verbatim customer quote naming knowing IP-infringement enablement specifically — distinct from the ICANN-cited DNS-abuse failures. Pairs with the documented selective DMCA pattern (UltaHost terminates customers who criticize DMCA filers, but ignores customers running infringement operations).
The Money Trail: How UltaHost Pays For Its Reputation
70% affiliate commissions in crypto. Backdoored Envato scripts hosted by the same family that sells them. A refund policy that pre-brands chargebacks as “criminal fraud.” New customer harm reports. Five new threat-intel sources for independent verification.
ICANN Breach Within Months, Zero .com Registrations, Third Brother & Military Tech
Global #3 Worst Registrar, UK Shell Company & Criminal Domain Database
Performance & Reliability Crisis
Independent testing and customer reports reveal a hosting provider that consistently fails to deliver on its performance promises.
WebsitePlanet Independent Test (2026)
In a controlled one-month test, WebsitePlanet recorded only 43.78% uptime — the site was down for 17 consecutive days with no explanation from support. The industry standard is 99.9% uptime.
“No word from support as to when it would be back or why it went down... The day I closed the account, I still couldn't access my site via cPanel.”
— WebsitePlanet review
Performance scores fluctuating between C and D grades, sometimes failing to load entirely
Approximately 900ms recorded in testing — far above the recommended 200ms threshold
Concerning loading time peaks over 2.5 seconds despite averaging 1.1s in best conditions
“Massively Slow Servers”
Multiple HostScore reviewers report “massively slow servers” with “many errors in WordPress,” with support requests going unanswered for over 24 hours. One customer described the WordPress hosting as “by far the worst I've ever seen.”
Forced Restarts Causing Financial Loss
A VPS customer running a trading system reported forced server reboots without notification that caused “real, measurable financial losses.” The server experienced multi-hour downtime on just the second day of service.
SSL Certificate Failures for 7 Months
A US-based customer (HostDean, December 2025) reported unresolved SSL certificate problems lasting 7 months, with browsers blocking their site despite repeated support requests. The issue was never fixed.
10 negative recommendations out of 73 total — unusually high negative ratio for a hosting provider
AI Bot Support & Deceptive Practices
Customers report being trapped in endless loops with automated responses that never resolve their issues, combined with a refund policy designed to deny claims.
UltaAI — The AI Wall
UltaHost deploys an AI assistant called “UltaAI” for customer interactions. While UltaHost claims “all our agents are human,” customers tell a different story:
- ●“Just a few automatic messages from bots, clearly, no human here to help you”
- ●“Chat support is mainly with AI even when it appeared they were talking with people”
- ●Copy-paste responses where “nobody actually read their requests”
- ●“Robotic answers and contradictions” creating endless loops
Deceptive Refund Policy
Despite prominently advertising a “30-day money-back guarantee,” the actual policy is structured to deny the vast majority of claims:
- ●Annual and biennial plans excluded — despite being pre-selected as defaults
- ●Purchases made with promo codes are ineligible — never disclosed at checkout
- ●Cryptocurrency payments only credited to UltaHost balance, not refunded to wallet
- ●Dedicated servers, VDS above $96.50, and custom software fees all excluded
Legal Threats Against Refund Seekers
A customer on WebHostingTalk reported that after requesting a refund just 4 days into service (that never worked), UltaHost responded with threats of legal action — “Lawyer, lawsuit, that kind of thing.” The customer had to contact their credit card company to force a chargeback.
Customer Suing in Multiple Jurisdictions
A Trustpilot reviewer stated they are “currently suing UltaHost in Singapore, UK and USA under false advertising and potential criminal activity,” describing the company as “a bunch of... scam companies [with] pretend names in the UK and US stealing money.”
Double-Billing & Unauthorized Charges
Customers report being charged twice for services, having payments deducted for cancelled services, and being offered only account credits instead of actual refunds — effectively trapping money inside the UltaHost ecosystem.
Unauthorized Server Modifications
A customer on HostDean (December 2025) reported that support staff “changed data on two of my servers without my permission” and “reinstalled all the XML files,” causing their configurations to break. Support then ignored follow-up questions.
Who Uses Bulletproof Hosting?
According to CISA, Intel 471, Huntress, and Spamhaus, the types of criminals attracted to DMCA-ignored and bulletproof hosting infrastructure include:
Phishing & Spam Operators
Hosting fake login pages impersonating banks, payment processors, and government agencies to steal credentials and financial data.
Ransomware Gangs
Running command-and-control servers and leak sites for ransomware operations, extorting businesses and individuals.
Malware Distribution
Hosting trojans, spyware, banking malware, and information stealers — using the infrastructure as a delivery platform.
Defamation & Cyberstalking
Publishing false accusations, doxing victims' personal information, and running coordinated harassment campaigns with impunity.
Botnet Operations
Running command-and-control infrastructure for botnets used in DDoS attacks, spam campaigns, and credential stuffing.
Counterfeit & Financial Fraud
Hosting sites selling counterfeit currency, stolen credit card data, fake documents, and running financial scam operations.
From CISA's official guidance: “Cybercriminals use BPH infrastructure for obfuscation, command and control, malware delivery, phishing, and hosting illicit content in support of a variety of malicious cyber activities, such as ransomware, data extortion, and denial of service attacks.” — In October 2025, CISA, along with allied agencies, specifically published guidance to help combat bulletproof hosting cybercrime.
Real Victim Stories
Behind every ignored abuse report is a real person or family whose life has been impacted. These accounts are drawn from public sources and firsthand reports.
A single troll site hosted on UltaHost published 15+ articles filled with false accusations of sex trafficking, prostitution rackets, and fraud against a businessman, his wife, and their legitimate businesses.
Despite multiple detailed abuse reports submitted over an extended period, UltaHost provided no response or removal — allowing the defamation to remain live for months, causing ongoing reputational and personal harm to the entire family.
A content creator publicly posted a “scam alert” accusing UltaHost of refusing to pay $800 owed for a completed paid review. After the review was published as agreed, UltaHost ghosted all communication.
A reviewer reported a UltaHost-hosted website selling counterfeit Euro banknotes. They submitted a detailed abuse report with evidence. UltaHost “rejected my report completely” — citing that the reporter used a Gmail address as the reason for dismissal.
A VPS customer in Mumbai discovered their server was completely deleted after two weeks of downtime — losing approximately 100GB of data including several high-traffic business websites. UltaHost charged the customer's card right before the outage, then denied a refund citing their policy. They offered only a new server and 3 months free — but the data was gone permanently.
“They allow known scammers to create websites that target innocent people. There is a reason they are in breach of compliance with ICANN.”
What Customers Say
Trustpilot has removed numerous fake reviews and currently displays a “Breach of guidelines” warning on UltaHost's profile. Despite a headline 4.6/5 rating, the persistent negative themes tell a very different story.
Abuse Reports Systematically Ignored
Multiple customers and third parties report that abuse complaints — including phishing, defamation, and counterfeit goods — go unanswered or are actively rejected with excuses.
Servers Hacked, Customers Blamed
Repeated reports of VPS servers compromised with backdoors. One customer lost all 3 virtual servers. Support blames customers rather than investigating infrastructure vulnerabilities.
AI Bots & Endless Support Loops
Customers describe 'robotic answers and contradictions,' copy-paste responses, and AI chatbot interactions disguised as human support — creating circular loops that never resolve issues.
Sudden Terminations & Data Loss
Accounts terminated without warning. One customer lost 100GB including business websites. Charges applied right before outages, refunds denied citing policy exclusions.
Deceptive Money-Back Guarantee
The advertised '30-day guarantee' excludes annual plans, promo codes, crypto payments, dedicated servers, and more — conditions not disclosed at checkout. Reviewers call it 'structured so 99% don't qualify.'
Legal Threats Against Customers
Customers requesting legitimate refunds report receiving threats of lawsuits from UltaHost. One customer had to force a chargeback through their credit card company.
Fake Reviews Flagged by Trustpilot
Trustpilot has formally flagged UltaHost for guideline breaches and removed suspicious reviews, indicating systematic artificial inflation of ratings.
Complete Incompetence & Lack of Ethics
Reviewers describe 'complete incompetence and complete lack of ethics' — from unauthorized server modifications to domain sales followed by forced upselling of 'protection' services.
Inaccessible from Entire Countries
A customer reported their VPS was completely inaccessible from Iran, with support only offering a VPN as a 'solution' — making the service impractical for real work.
Legal & Ethical Issues
The combination of aggressive DMCA-ignored marketing, anonymous infrastructure, documented ICANN violations, and systematic failure to handle abuse creates a uniquely dangerous hosting environment.
The DMCA-Ignored + Anonymous Hosting Problem
By marketing “DMCA Ignored” hosting alongside anonymous VPS services requiring no identity or payment information, UltaHost creates a uniquely dangerous combination. Abuse complaints are ignored by documented practice — as confirmed by ICANN's own investigation. The anonymous infrastructure makes identifying perpetrators nearly impossible for victims and law enforcement.
The ICANN Breach Makes It Official
The February 2025 ICANN breach notice is a formal finding by the global domain authority that UltaHost violated its registrar agreement. Combined with 422 phishing domains reported by PhishDestroy, a Scamalytics fraud risk score of 40/100, a BBB D rating, documented hosting of counterfeit currency sites, and a Trustpilot “breach of guidelines” warning — this forms a comprehensive pattern of enabling criminal activity.
Real-World Consequences
- ■Defamation & Harassment: Victims endure months of live defamatory content with no recourse when abuse reports are systematically ignored.
- ■Phishing & Financial Fraud: 422+ phishing domains actively stealing credentials and financial data from consumers.
- ■Counterfeit Operations: Documented hosting of sites selling counterfeit currency, with abuse reports rejected.
- ■Customer Harm: Data loss, hacked servers, deceptive refund practices, legal threats, double-billing, and AI support walls that prevent issue resolution.
Caution for Legitimate Users
If you are considering UltaHost, be aware that their ICANN breach status, documented failure to handle abuse, BBB D rating, fake review warnings, blacklisted IPs, 43.78% recorded uptime, deceptive refund practices, and legal threats against customers make it a high-risk choice. Consider reputable alternatives with transparent policies.
What You Can Do
If you've been affected by UltaHost's practices, or simply want to help hold them accountable, here are concrete steps you can take.
Report Your Experience
Your story helps build the public record. All submissions are reviewed and may be published anonymously.