smarti
carpe diemEstablished Member
- Impact
- 76
couple of days ago I found one of my premium XYZ domain not resolving, after debugging it turned out, the @XYZregistry has put it into "serverHold" status and took out from their zone, I wasn't notified about this status suspension, neither by registry nor by my registrar.
TL;DR; => go to end
Very suspicious is the fact that suspension happened within same timeframe when a lead rejected my counter offer on DAN.COM
was declined a 18:05 UTC and the domain was updated at 17:50 UTC
what a coincidence!
The registry pointed me to their domain-reactivation-form where I can check for a status, a reason of suspension and submit a reactivation request - ( btw I wanted to learn about their "anti-abuse-pocies" linked on the page to http://nic.xyz/xyzLaunchPolicies_v1.03.pdf but that document even does not exist )
According to the status, the registry suspended the domain due to abuse-report...while was parked at DAN (no bodis)....hmm, digging further...
Ok, the registry explains they use blacklists to suspend listed domains, such as: Spamhaus, VirusTotal, Google Safebrowsing,SURBL,URIBL,Quttera - and they state to reactivate the domain once it has been delisted everywhere and the evidence of such has been provided to them.
My domain is only listed on VirusTotal, having one vendor pretending my domain being malicious - huh?
the vendor is "Bfore.AI", moving on to the platform
- a company profile seems to me like a backyard start-up company rather than a solid security firm - their product is "Malicious Domain Prediction", okay so they can flag any domain they want as "malicious", I see some sort of value in their product. Now I want to know facts about my domain...nothing, no lookup possibility, but at least there's a a support form, so giving it a try, with no response yet.
TL;DR;
The XYZ registry took down the domain without manual reviewal, based on no fact of domain abusing but based on a prediction of a more or less trustworthy vendor of a just a more or less trustworthy blacklist provider.
The registry might use those 6 blacklist providers, maybe even more. Anyone can submit your domain to those blacklists, VirusTotal currently has around 90+ vendors, where each of them can put a red flag on your domain and what will happen is, the registry will just switch off the light of your domain without even reviewing the case manually. Such a system can be highly abused for a domain blacklisting attack.
Do I want to run a digital business on .xyz domain after all, backed by a registry which can just pull out the plug based on no-facts but because anyone can submit a request to blacklist my domain? Surely not. I think the xyz registry will need to reconsider their current implementation of anti-spam enforcement.
Your thoughts?
TL;DR; => go to end
Very suspicious is the fact that suspension happened within same timeframe when a lead rejected my counter offer on DAN.COM
was declined a 18:05 UTC and the domain was updated at 17:50 UTC
what a coincidence!
The registry pointed me to their domain-reactivation-form where I can check for a status, a reason of suspension and submit a reactivation request - ( btw I wanted to learn about their "anti-abuse-pocies" linked on the page to http://nic.xyz/xyzLaunchPolicies_v1.03.pdf but that document even does not exist )
According to the status, the registry suspended the domain due to abuse-report...while was parked at DAN (no bodis)....hmm, digging further...
Ok, the registry explains they use blacklists to suspend listed domains, such as: Spamhaus, VirusTotal, Google Safebrowsing,SURBL,URIBL,Quttera - and they state to reactivate the domain once it has been delisted everywhere and the evidence of such has been provided to them.
My domain is only listed on VirusTotal, having one vendor pretending my domain being malicious - huh?
the vendor is "Bfore.AI", moving on to the platform
- a company profile seems to me like a backyard start-up company rather than a solid security firm - their product is "Malicious Domain Prediction", okay so they can flag any domain they want as "malicious", I see some sort of value in their product. Now I want to know facts about my domain...nothing, no lookup possibility, but at least there's a a support form, so giving it a try, with no response yet.
TL;DR;
The XYZ registry took down the domain without manual reviewal, based on no fact of domain abusing but based on a prediction of a more or less trustworthy vendor of a just a more or less trustworthy blacklist provider.
The registry might use those 6 blacklist providers, maybe even more. Anyone can submit your domain to those blacklists, VirusTotal currently has around 90+ vendors, where each of them can put a red flag on your domain and what will happen is, the registry will just switch off the light of your domain without even reviewing the case manually. Such a system can be highly abused for a domain blacklisting attack.
Do I want to run a digital business on .xyz domain after all, backed by a registry which can just pull out the plug based on no-facts but because anyone can submit a request to blacklist my domain? Surely not. I think the xyz registry will need to reconsider their current implementation of anti-spam enforcement.
Your thoughts?