Add: MyOnlinePortal.net subdomains#2759
Add: MyOnlinePortal.net subdomains#2759geraldhansen wants to merge 1 commit intopublicsuffix:mainfrom
Conversation
|
Similar to #2750 (comment) (also a free DynDNS provider) All submitted domains have multiple security vendors listing it as malicious/phishing/suspicious on virustotal. Can be a blocker. (see #2750 (comment)) |
|
Exactly - but all these malicious domains are probably reasoned by subdomains from fraud users where we like to protect all other users. |
|
I checked all mentioned subdomain which are mentioned by virustotal they all doesn't exists anymore - because we take fraud quite serious - the checks looks quite old for me and incredible intransparent. It's quite not clear why pages like alphamountain.ai BitDefender or CyRadar are doing and how they check or what kind of databases they maintain. |
|
For DynDNS-style platforms, aggregated security signals (e.g. VirusTotal) are commonly used as a high-level indicator of recurring abuse patterns. |
|
@geraldhansen Based on previous PRs with similar situations (multiple of them), it is likely that you'll need to conduct these security vendors (which is not behind a paywall) to reduce your virustotal counts to zero for all domains before this can go any further. (#2515 (comment))
It was analayzed 6 hrs ago. |
|
Hi @geraldhansen!
|
*role based email address (e.g. psl-contact@example.com) |
Signed-off-by: Gerald Hansen <gerald.hansen@posteo.de>
4 participants
Public Suffix List (PSL) Submission
Checklist of required steps
Description of Organization
Robust Reason for PSL Inclusion
DNS verification via dig
Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the
_pslTXT record in place in the respective zone(s).Submitter affirms the following:
Abuse Contact: service@myonlineportal.net
Abuse contact information (email or web form) is available and easily accessible.
URL where abuse contact or abuse reporting form can be found:
https://myonlineportal.net/impressum
For PRIVATE section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.
To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.
PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.
(Link: about propagation/expectations)
Description of Organization
We are a free DynDNS provider and have been active since 2010. We offer various subdomains and additional services in this area.
I am the owner of these domain and technical responsible.
Organization Website:
https://myonlineportal.net
Reason for PSL Inclusion
Our customers have brought to our attention that not being included in the Public Suffix List (PSL) may pose a potential security risk. As every customer is using their registered subdomains for own private purposes we need to give them the most available security (including cross-subdomain cookie injection, unintended credential autofill, and potential abuse of email authentication mechanisms).
For the moment we haven't reported limitations from third parties but to avoid this for the future (like Let's Encrypt issuances) it will be good to be present in the PSL.
We confirm that we hold the registration for mentioned domains already over 10 years and will maintain them also for the future.
Previous PRs:
None - this is our first PSL submission.
Number of users this request is being made to serve:
10000
DNS Verification