Creating this PR to remove awsmppl.com (rollback #900) for the following reasons:
WHOIS
Expired domain: WHOIS shows it was likely registered by someone else after it expired, assuming it wasn't re-registered by the original requester's organization (pending for @AgentTNT in #900 to confirm).
Per whois Creation Date: 2022-12-28T19:04:02Z is later than the date of inclusion: sleevi merged commit 4e84d8b into publicsuffix:master on Dec 5, 2019
ClientHold for an extended period: The registrar has placed the domain on ClientHold for a long time, definitely over three months based on my checker's history.
Please read the original WHOIS records below:
Domain Name: AWSMPPL.COM
Registry Domain ID: 2747658378_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.web.com
Registrar URL: http://www.networksolutions.com
Updated Date: 2023-12-26T14:32:45Z
Creation Date: 2022-12-28T19:04:02Z
Registry Expiry Date: 2024-12-28T19:04:02Z
Registrar: Slamdunk Domains LLC
Registrar IANA ID: 2881
Registrar Abuse Contact Email: abuse@web.com
Registrar Abuse Contact Phone: +1.8003337680
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientHold https://icann.org/epp#clientHold
Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Server: NS1.PARKLOGIC.COM
Name Server: NS2.PARKLOGIC.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2024-07-25T02:41:54Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
Sources: whois utility generated at 2024-07-24 22:42:17
VirusTotal Check
To check for possible security issues, we used VirusTotal and here are the obtained observations:
Possibly Malicious: VirusTotal indicates that after being registered by the new registrant, the domain may have been used for malicious practices and is flagged as malicious by multiple security vendors. Out of caution, perhaps it should be removed.
For potential website usage of subdomains that are not discovered by the search engines,
we checked the Certificate Transparency Logs and here are the obtained observations:
Creating this PR to remove
awsmppl.com
(rollback #900) for the following reasons:WHOIS
Per whois
Creation Date: 2022-12-28T19:04:02Z
is later than the date of inclusion:sleevi merged commit 4e84d8b into publicsuffix:master on Dec 5, 2019
ClientHold
for an extended period: The registrar has placed the domain on ClientHold for a long time, definitely over three months based on my checker's history.Please read the original WHOIS records below:
Sources: whois utility generated at 2024-07-24 22:42:17
VirusTotal Check
To check for possible security issues, we used VirusTotal and here are the obtained observations:
Sources:
Organization Website and Nature Check
awsmppl.com
(pending for @AgentTNT in #900 to confirm)Sources:
_psl TXT Record
Responses from multiple DNS servers for the
_psl
TXT record of the domain:Response from
8.8.8.8
: emptyResponse from
1.1.1.1
: emptyResponse from
208.67.222.222
: emptySources: dig command using DNS servers: Google (8.8.8.8), Cloudflare (1.1.1.1), OpenDNS (208.67.222.222)
Root-level Domain Usage Scan
As a potential indicator of domain usage, we scan the following records:
NS records (awsmppl.com)
returns empty NXDOMAINAdditionally, we scan the following records for possible website usage at the root level:
A record (awsmppl.com)
returns emptyA record (www.awsmppl.com)
returns emptyMX records (awsmppl.com)
returns emptySources:
dig
command for A, NS, and MX recordsSearch Engine Checks
For possible website usage, we queried multiple different search engines:
Found few, but none accessible:
Sources:
Subdomain Discovery
For potential usage of subdomains that are not discovered by the search engines, we used the following tools and here are the obtained observations:
Found 72, but none with IP
Found none:
Conclusion: possibly none subdomain is in use.
Sources:
crt.sh Certificate Transparency Logs
For potential website usage of subdomains that are not discovered by the search engines, we checked the Certificate Transparency Logs and here are the obtained observations:
There are SSL certs valid for
1 year
not expired.Sources: