Hello polonus and Asyn,
thank you for your prompt answers and your help!
I just want to clarify few more things:
- That domain is not serving a website, it is a IPTV streaming server that is part of a larger CDN, it is not supposed to serve anything on it's bare (sub)domain (hence 404). There are other endpoints on that domain that will serve the video content (and use HTTPS) for user and apps should never request bare domain name. 404 on bare domain is "by design".
- I am not comfortable discussing security on an public forum but if you need further clarification as to why some things are done the way they are you are free to DM or (better yet) email me, i'll try to give you as much information as possible.
We've already reported some subdomains on url that you provided, but since we have
hundreds of possible subdomains we can't manually whitelist each and every of them and we don't want to send you a lot of false reports from our side through some automated reporter. Is it possible to report *.domain.name there?
Our CDN nodes all have these domain names in common *.ug.cdn.united.cloud, *.ug-be.cdn.united.cloud and *.ug-af31.cdn.united.cloud, maybe that would be the way to "whitelist" them all?
Whitelisting a node at a time is hardly maintainable as we are adding new nodes all the time and we don't want to send you a whitelist request before the domain is blacklisted and by that time our users are already affected and we are getting user complaints. And requesting that users create rules to whitelist these domains on their own machines is not exactly good customer experience
We are willing to work with you in order to resolve these issues in a maintainable way.
Some more context - we are IPTV provider with content delivery network consisting of hundreds of nodes and hundreds of thousands of users on multitude of devices.
Thank you again for your support!
Best regards,
Sibin