search

publicsuffix / list

The Public Suffix List
https://publicsuffix.org/
Mozilla Public License 2.0
2k stars 1.2k forks source link

remove `bitbridge.net` #2064

Closed wdhdev closed 1 month ago

wdhdev commented 1 month ago

Reasons for removal:

Original PR was #1000 opened by @bitsii.

groundcat commented 1 month ago

WHOIS

2019-09-22T17:47:53Z is before 2020 which indicates that this domain is possibly still under control of original requester if it hadn't been transferred.

Please read the original WHOIS records below:

   Domain Name: BITBRIDGE.NET
   Registry Domain ID: 2435970598_DOMAIN_NET-VRSN
   Registrar WHOIS Server: whois.namecheap.com
   Registrar URL: http://www.namecheap.com
   Updated Date: 2023-08-23T05:55:51Z
   Creation Date: 2019-09-22T17:47:53Z
   Registry Expiry Date: 2024-09-22T17:47:53Z
   Registrar: NameCheap, Inc.
   Registrar IANA ID: 1068
   Registrar Abuse Contact Email: abuse@namecheap.com
   Registrar Abuse Contact Phone: +1.6613102107
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: DNS1.REGISTRAR-SERVERS.COM
   Name Server: DNS2.REGISTRAR-SERVERS.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2024-07-25T03:09:33Z <<<

Sources: whois utility generated at 2024-07-24 23:10:05

Organization Website and Nature Check

https://www.softlatch.net not accessible.

Sources:

_psl TXT Record

Responses from multiple DNS servers for the _psl TXT record of the domain:

Response from 8.8.8.8: empty

Response from 1.1.1.1: empty

Response from 208.67.222.222: empty

Sources: dig command using DNS servers: Google (8.8.8.8), Cloudflare (1.1.1.1), OpenDNS (208.67.222.222)

Root-level Domain Usage Scan

As a potential indicator of domain usage, we scan the following records:

NS records (bitbridge.net) returns dns1.registrar-servers.com. dns2.registrar-servers.com.

Additionally, we scan the following records for possible website usage at the root level:

A record (bitbridge.net) returns 162.255.119.254

A record (www.bitbridge.net) returns parkingpage.namecheap.com. 91.195.240.19

MX records (bitbridge.net) returns 20 eforward5.registrar-servers.com. 15 eforward4.registrar-servers.com. 10 eforward1.registrar-servers.com. 10 eforward2.registrar-servers.com. 10 eforward3.registrar-servers.com.

Sources: dig command for A, NS, and MX records

Search Engine Checks

For possible website usage, we queried multiple different search engines:

1 result, parking page

image image image image image

Sources:

Subdomain Discovery

For potential usage of subdomains that are not discovered by the search engines, we used the following tools and here are the obtained observations:

image

Sources:

crt.sh Certificate Transparency Logs

For potential website usage of subdomains that are not discovered by the search engines, we checked the Certificate Transparency Logs and here are the obtained observations:

None active except for the parking page

image

Sources:

VirusTotal Check

To check for possible security issues, we used VirusTotal and here are the obtained observations:

OK

image

Sources:

dnsguru commented 1 month ago

@groundcat - absolutely appreciate all the data resources you are making available per removal - makes for much higher quality review process to allow reviewers to not inadvertantly nerf something and be deliberate.

dnsguru commented 1 month ago

on this removal, the certs are all expired and the root domain appears to be reregistered and parked, so the impact seems minimal and removal seems appropriate.

dnsguru commented 1 month ago

@groundcat re-running test just to make sure it does not need a rebase