Add `mafelo.net`

[mizalewski]

Public Suffix List (PSL) Pull Request (PR) Template

Each PSL PR needs to have a description, rationale, indication of DNS validation and syntax checking, as well as a number of acknowledgements from the submitter. This template must be included with each PR, and the submitting party MUST provide responses to all of the elements in order to be considered.

Checklist of required steps

• [x] Description of Organization

• [x] Robust Reason for PSL Inclusion

• [x] DNS verification via dig

• [x] Run Syntax Checker (make test)

• [x] Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _PSL txt record in place in the respective zone(s) in the affected section

Submitter affirms the following:

• [x] This request was not submitted with the objective of working around other third-party limits

• [x] The submitter acknowledges that it is their responsibility to maintain the domains within their section. This includes removing names which are no longer used, retaining the _psl DNS entry, responding to e-mails to the supplied address. Failure to maintain entries may result in removal of individual entries or the entire section.

• [x] The Guidelines were carefully read and understood, and this request conforms
• [x] The submission follows the guidelines on formatting and sorting

---

For Private section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.

To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.

PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.

(Link: about propagation/expectations)

• [x] Yes, I understand. I could break my organization's website cookies etc. and the rollback timing, etc is acceptable. Proceed.

Description of Organization

We are a platform for photographers in the SaaS model founded in 2018. Photographers can, among other things, sell photos, build and share a booking page. The booking pages of individual photographers are launched as subdomains in the mafelo.net domain, e.g. https://kasialove.mafelo.net/pl (page of one of our photographers). Each user in our application can add their booking page while simultaneously configuring various elements of it.

Submitter: Michał Zalewski - co-founder and business owner.

Organization Website: https://www.mafelo.com

Reason for PSL Inclusion

Each photographer can launch their own site in the mafelo.net subdomain. They can place their own content on the site. We want to increase the security of our users, so that each user's site is independent and cannot interfere with other users' sites, e.g. by setting or reading cookies.

Domain is registered since 2019 and expires on 2030. Of course we plan to renew it indefinitely.

Number of users this request is being made to serve: 3362 photographers has subdomains in .mafelo.net domain and it's growing (by 900 in the last year, this year should be about the same or higher).

DNS Verification via dig

dig +short TXT _psl.mafelo.net
"https://github.com/publicsuffix/list/pull/2082"

Results of Syntax Checker (make test)

All tests passed.

[groundcat]

Expiration (Note: Must remain >2 years at all times):

The domain mafelo.net expires on August 17, 2030, according to WHOIS records, so it is currently in good standing. Please ensure it is renewed in the coming years to maintain a validity period of more than 2 years at all times in the future.

DNS _psl entries (Note: Must remain in place):

The DNS entries look correct based on checks with multiple public DNS servers.

Please ensure it remain in place at all times in the future.

Responses from multiple DNS servers for the _psl TXT record of the domain:

Response from 8.8.8.8: "https://github.com/publicsuffix/list/pull/2082"

Response from 1.1.1.1: "https://github.com/publicsuffix/list/pull/2082"

Response from 208.67.222.222: "https://github.com/publicsuffix/list/pull/2082"

Sorting:

The sorting appears to be correct.

Comment:

Please use a non-personal email address, such as a team address.

Reasoning/Organization Description:

The submitter mentioned that 3,362 photographers have subdomains under the .mafelo.net domain. This seems to be a reasonable request for PSL inclusion to enable cookie separation between subdomains that belong to different photographers or entities, consistent with the submitter's description.

To assess website usage, I queried multiple search engines and discovered a considerable number of subdomains, which aligns with the reported number of users:

• Google
• Bing
• DuckDuckGo
• Yahoo
• Brave

Checked the Certificate Transparency Logs. Wildcard SSL is used:

• crt.sh

No known potential abuse or malicious activity was discovered when querying trusted security vendors:

• VirusTotal

[simon-friedberger]

• [x] Expiration (Note: Must STAY >2y at all times)
  • [x] mafelo.net expires 2030-08-17
• [x] DNS _psl entries (Note: Must STAY in place)
• [x] Tests pass
• [x] Sorting
• [x] Reasoning/Organization description
• [x] Non-personal email address

TY @groundcat !