Dear Neldoreth relay’s operator,
This day, we were informed of a Tor node seizure at FirstHeberg during the 13-14/05, related to Wanacry infection of the french company Renault. https://www.nextinpact.com/news/104398-wannacrypt-nud-tor-saisi-chez-firsthe... FirstHeberg say the seized node was "traffic analyzed" during some times before being shuting down for content cloning and drive given to cops.
They are at least 5 others relays seized under the same case at OVH and Online providers. https://www.nextinpact.com/news/104302-wannacrypt-nuds-tor-saisis-par-autori... https://gist.github.com/nusenu/3d7bbeb7c97af591d65003b4bfe70021/
After consensus investigation, it seems your Neldoreth node is the only hosted at FirstHeberg with a downtime during this timeframe (from 14/05 18:00 to 17/05 14:00). This node is currently running, but lost its guard flag since restart.
Could you confirm if your node was seized or not ? If seizure confirmed or suspected, your private key is probably no more safe, so please report your fingerprint to bad-relays@lists.torproject.org for blacklisting to avoid reusage, and renew your private key.
Regards