This technical blog post documents the author's experience losing access to a .online domain after it was placed under serverHold and blacklisted by Google's Safe Browsing, with no prior notification or functional appeal mechanism. The narrative implicitly advocates for stronger protections of digital property rights (Article 17) and transparency in content moderation (Article 19), while illustrating systemic failures in institutional order (Article 28) that prevent effective remedy. Overall, the content champions procedural fairness and accountability in digital infrastructure governance.
I still remember how Google banned my entire account without providing a reason for a small Android app (more than 12 years ago). To this day I have no idea why, it was absolutely green-area fit tracker or something. There was absolutely no way to know the reason or unblock my account. Turned me away from Android development forever.
> The domain ... has been suspended due to its blacklisting on Google Safe Browsing
Et voilà ... ! this is precisely the slippery slope I warned about a decade ago. The indirect censorship becomes direct censorship, defeating all the arguments about the morality of such a list. And:
> Not adding the domain to Google Search Console immediately. I don't need their analytics and wasn't really planning on having any content on the domain, so I thought, why bother? Big, big mistake.
The registrar relying on Google Safe Browsing as a “trigger” for suspension is the most horrifying thing I’ve seen in a while. This basically makes the entire TLD unviable for serious use.
Oh man. The infinite loops of impossible verification by large companies that should know better are massive pain peeve of mine.
This goes right to the top for me, along the ubiquitous "please verify your account" emails with NO OPTION to click "that's NOT me, somebody misused my email". Either people who do this for a living have no clue how to do their job, or, depressingly more likely, their goals are just completely misaligned to mine as a consumer and it's all about "removing friction" (for them).
> Not adding the domain to Google Search Console immediately. I don't need their analytics and wasn't really planning on having any content on the domain, so I thought, why bother? Big, big mistake.
I'm not particularly familiar with SEO or the massive black box that is Google Search - is this really as critical as the author makes it seem? I have both .lol and .party domains, both through porkbun (and the TLDs seem to be administrated by Uniregistry and Famous Four Media, respectively), and both are able to be found on Google Search. It seems like this preemtive blacklisting would be the result of some heuristics on Google's end; is .online just one of the "cursed" TLDs like .tk?
We need to rethink the web so that fewer third parties are involved in things that seem on the surface to be an A-B conversation. To say nothing of the trustworthiness of those parties, having them involved at all is needlessly brittle.
I wonder if Radix has unknowingly created a negative feedback loop here. From Google's perspective, the DNS records disappear shortly after being flagged by Safe Browsing, which their heuristics may interpret as scammy behavior.
But was this because it's .online? I got one and it was fine.
The only issue was the usual trap with all Namecheap domains: They tell you it's all set, and it works, until they randomly email you a week later asking for email verification. If you don't do that promptly, they suspend your domain until you trigger a resend. Which is easy to fix but also strange.
Side note: My empirical experience is that vanity domains are disliked by some enterprise security systems. I have a friend who owns a .homes domain which ended up being blocked by quad9 as well as the enterprise security system of a friend's work for ~half a year. The block cleared by itself.
I had the same experience while buying another TLD. For ~1 month, certain people whose ISP "helpfully" had "safe browsing" features, simply blocked us outright. For being new and different.
The learning for me was that new domains are no longer trusted, and seemingly some vanity domains get even more strict treatment.
I'm sorry that the author got bitten by this. But .com purism is funny to me. I only buy GTLDs for personal projects, and I've never had a problem before. But then, I've never bought .online.
It's not about the .online TLD being "weird". The problem is that it was free. That's going to attract a swarm of fraudsters, spammers, etc, and then turn into a strong "this is probably fraud" signal in all kinds of fraud scoring systems.
There are lots of domains out there other than .com that are just fine.
It sucks so much that there is no standard way of linking additional domains to your main one and inheriting the reputation.
Want to set up a new domain for whatever purposes (conference, new product, etc)? Be prepared to spend the first half a year fighting the various blacklists before people can actually reliably connect.
Would make so much sense if you could just have a .well-known/other-domains.txt (or something something DNS) with a list of domain names that should be considered just as trustworthy as your main domain.
It's not even about .online or other weird TLDs, it's just that the domain is new and therefore "not trustworthy". Even worse if you need to use your existing branding on the new domain - instantly flagged as a phishing site everywhere.
The first mistake anyone makes is thinking they are “buying” anything with a domain. You’re renting it. And the company you are renting from can arbitrarily push up the price above inflation. NameCheap is good for the basics. But a .site or .online domain is a no-go beyond an MVP/test.
Does anybody know any good alternative to Name Cheap? It seems like they keep raising prices on all the domains. Website is very sluggish, especially for finding domains quickly.
Morale of the story: never ever use a registry that bases its decisions on Google Safe Browsing. Radix in this case. A very modern looking website for a really caveman support.
Domains are signaling. If you have a .online domain you are signaling you can't afford the equivalent .com domain. All the TLD annoyance is a consequence of the lack of status pressure ameliorating the experience of those domain holders (in the same way you never see public health crises in rich neighborhoods)
If it's already in the Console when it gets blacklisted, you can appeal it without having to 'verify' ownership of the domain that, in this case, you no longer control the DNS of, because you completed that process when adding it to Console.
My understanding from the article is that because the registrar for this domain is using Google safe browsing for their domain suspension, something that a) shouldn't be the case and b) isn't the case for other, perhaps more mainstream TLDs
> I don't understand. What is Google Search Console, and should I add all my domains there right now?
Google's way of tying real identifies of people to domains, without making it explicit.
Basically, your domain will be weirdly treated by a bunch of entities, none the less Google themselves, if you don't add your domain there (or some other Google property).
Especially with less common TLDs, like .online, they really want to be able to tie it to some identity, so unless you add it there, eventually your domain ends up on some sort of blacklist, in the case of the author it seems they used the "Google Safe Browsing" blacklist to get the author to involve Google somehow.
> is this really as critical as the author makes it seem?
It is critical in the sense that if you want to appeal the decision in a case like this, it will go much better if you pre-verified that you own the domain.
(I don't think it has much effect on google search placement at all)
A relative’s business has had Google reviews frozen for years. Search results show the bad rating after some former customer and spouse left bad reviews several years ago. Appeal went into a black hole. Running a small business is at the pleasure of Silicon Valley.
That is the bit that jumped at me immediately too. Why would a registrar take it upon itself to suspend a domain that another entity entirely blacklisted as part of their own completely opaque process? Who is Google? God?
On the flip side of the coin I cannot get a site removed that is a blatant rip off of one of our websites being actively used for invoice redirection fraud.
The registrar suspense domain because it on Google blocked list. And Google refuse to review the ban because he can't prove he own that domain (because it suspended :D).
The problem isn't Google Safe Search backlisting the side (I mean that also is a problem, but a very different one).
The problem is the vanity domain registrar Radix using that as a reason to _put the whole domain on hold, including all subdomains, email entries etc._
This means:
- no way to fix accidental wrong "safe search" blacklisting
- if it was your main domain no mails with all the things it entails
- no way to redirect API servers, apps etc. to a different domain. In general it's not just the website which it's down it's all app, APIs, or anything you had on that domain
Google Safe search is meant to help keep chrome users safe from phishing etc. it is fundamentally not designed to be a Authority Institute which can unilaterally dictate which domains are no longer usable at all.
Like basically what Radix did was a full domain take down of the kind you normally need a judge order for... cause by a safe browsing helper service misfiring. That is is RALLY bad, and they refuse to fix their mistake, too.
You normally don't have _that_ level of fundamentally broken internal processes absurdity with the more reputable TLD operators (which doesn't mean you don't have that in edge cases, but this isn't an edge case this is there standard policy).
Google’s allowed to have an opinion. But that doesn’t mean that the registrar should be suspending the domain immediately in response. These two mechanisms should be decoupled.
This is 100% on Radix, not on Google. Google and Microsoft can (and probably should) have a registry of known-abusive websites. False positives are inevitable, so these should be taken with a grain of salt, but in most cases they're correct. Their lists are a lot more reliable than those from the "traditional" antivirus/anti-scam vendors that will list anything remotely strange to pump up their numbers.
The external people treating these lists as absolute truths and automatically taking domains down are the ones at fault here. Google didn't grab power, Radix gave it to them without asking.
Because the entire security mechanism of the www today is "look at the domain name to make sure it matches." And the TLD is at the end where people might miss it.
Despite blocking 66 TLDs and all IDN ccTLDs on my home dns I didn’t have these blocked. Guess I’ll consider it. Once you have the hagezi rpz files including threat information feed though you really have blocked most silliness.
.online is one of the many TLDs that charge a dollar for registration but bump the price to $30-$35 for renewal. So far, this seems like a good signal to tell apart serious TLDs and ones just preying on customers who sort by cheapest (or capitalizing on one-off phishing domains).
This is the real story. This is 100% a problem with Radix. Safe browsing targets the website not the domain. No reason a registrar should be suspending an entire account over something a company reports. Black-holing the A and CNAMEs on a subdomain? Maybe..... But even then I don't think it's the registrars place to do that. Freezing the entire account? Absolutely not.
Even (uncommon) country TLD's too. I own a .vg domain which is a perfect match with the initials of my last name. My mails end up in spam quite often too, despite having set up SPF, DKIM, DMARC and all that stuff correctly. It's just not common so some security systems block it.
Yeah I'm guessing the TLD was the main signal, based on other comments linking to a thread about "Pinggy", who was also using a .online. The fact that Namecheap is giving them out for free means they probably are more scammy on average.
I've also never added domains to Google Search Console and haven't had blacklisting issue other than with a free .ml (another "cursed" TLD) site that was by default assumed to be spam by Facebook Messenger.
It's unfortunate that this category exists, but I don't share the OP's .com purism; I've used a mix of TLDs and even the cheap ones like .fyi and .cc haven't come under extra scrutiny as far as I can tell.
The blog post details that the TLD registry, Radix, decided that getting put on Google's safe browsing list means they put a serverhold on your domain, which prevents you from getting off the safe browsing list.
So yes, this appears to be a TLD- (or at least registry-) specific issue.
Probably this is what's happened here. Either the OP's domain was previously used for shady activities, or the almost-free stigma puts the whole .TLD in the grey list of high-risk assets. Probably is also explains the nuclear behavior of the registrar (suspension).
.online, .top, .xyz. info and .shop are some of the top TLDs that scammers use, precisely because of their rock bottom registrar fees that make them attractive for sites that have a shelf life of a few hours or a few days before being blocked. As a result, many places have a blanket "suspicious" flag for fresh domains under these TLDs.
If you plan on building a legit site, do not use any of these cheap TLDs.
Post demonstrates and advocates for free expression by documenting censorship experience. Author details how content was blacklisted by Google Safe Browsing without explanation, impacting ability to share information online. Post itself is transparent technical critique published freely.
FW Ratio: 57%
Observable Facts
Post documents that author's domain was flagged as 'unsafe' by Google without notification or explanation.
Author's site became inaccessible via DNS due to serverHold, preventing communication of content.
Post is published freely on author's blog with no apparent editorial restrictions or paywall.
Author attempted multiple official channels to appeal the blacklist (Safe Browsing reports, Search Console, temporary release requests).
Inferences
The detailed documentation of censorship mechanisms constitutes advocacy for transparency in content moderation decisions.
The structural accessibility of the blog itself (no paywalls, free hosting on personal domain) demonstrates commitment to free expression as practice.
The post critiques centralized platforms' power to suppress expression without due process, implicitly advocating for Article 19 protections.
Post implicitly advocates for property rights protection in domain ownership context. Author documents loss of paid domain without due process notification, illustrating vulnerability of property rights in digital domain registration systems.
FW Ratio: 60%
Observable Facts
Author purchased a .online domain for $0.20 plus ICANN fees and subsequently lost access without prior notification.
Post documents that registry set serverHold status without sending emails to registrar, registry, host, or domain owner.
Author describes inability to recover property (domain access) due to circular verification requirements.
Inferences
The narrative frame emphasizes the vulnerability of digital property to arbitrary seizure by centralized authorities (Google, Radix) without due process.
The post's documentation of failed remedy attempts suggests critique of inadequate property protection mechanisms in domain registry systems.
Post documents breakdown of social order protecting property and personal rights. Author experienced unilateral domain seizure, arbitrary blacklisting, and inaccessible appeal mechanisms—all failures of institutions obligated under Article 28 to establish order where rights are recognized and protected.
FW Ratio: 57%
Observable Facts
Post documents registry (Radix) placing serverHold on domain without prior notification to owner.
Google applied Safe Browsing blacklist without explanation or notification mechanism.
No institution provided pathway for remedy: Google requires verification that cannot function with serverHold in place; Radix requires Google delisting to remove hold.
Author received no communications from 'registry, registrar, host, or Google' despite property being under seizure.
Inferences
The narrative frames institutional systems as failing to establish functional order where property rights are protected.
The documented catch-22 (Google won't delist without verification; verification requires DNS resolution; DNS resolution blocked by serverHold) critiques institutional breakdown.
The post implicitly argues that existing institutional frameworks fail to provide the order necessary to recognize and protect rights as required by Article 28.
Education rights not addressed in this technical post.
FW Ratio: 67%
Observable Facts
Blog uses semantic HTML structure with proper heading hierarchy.
Typography is readable with adequate contrast and line-height.
Inferences
The basic accessibility features support inclusive access to technical content, partially enabling educational benefit across users with different needs.
Site structure enables free publication: no paywalls, no editorial gatekeeping observed. However, the content documents structural barriers to expression (domain blacklisting, verification catch-22) imposed by third-party platforms.
Site demonstrates minimal accessibility accommodations (semantic HTML present, readable typography), with limited ARIA labels or alt text observed. The cached DCP modifier (+0.05) applies here.
Site is freely accessible without paywalls or subscription barriers (cached DCP modifier +0.05 for access_model). This enables broad participation in technical knowledge sharing.
Phrases like 'went up in flames,' 'dreaded, all red, full page,' 'royal pain to deal with' use emotionally charged language to frame institutional actions negatively.
appeal to fear
The narrative structure emphasizes helplessness and entrapment ('Stuck in No-Man's Land,' Catch-22 verification loop) to convey fear of arbitrary digital property seizure.
build 1ad9551+j7zs · deployed 2026-03-02 09:09 UTC · evaluated 2026-03-02 10:41:39 UTC
Support HN HRCB
Each evaluation uses real API credits. HN HRCB runs on donations — no ads, no paywalls.
If you find it useful, please consider helping keep it running.