I spoke with someone at Mimecast and we concluded the the customer of mimecast has setup that rule (likely the whole of *.tools), since they could not find anything on there end that didnt like bgp.tools On Wed, Jan 17, 2024 at 10:54 PM Christopher Hawker <chris@thesysadmin.au> wrote:
It'd be interesting to know how Mimecast made the determination that bgp.tools is compromised.
Regards, Christopher Hawker
On Thu, 18 Jan 2024 at 09:47, Rubens Kuhl <rubensk@gmail.com> wrote:
It might be due to usage of a new gTLD like .tools. A number of new gTLDs use heavy discounting and this is a magnet for abusive registrations, unfortunately.
Rubens
On Wed, Jan 17, 2024 at 2:15 PM Tim Burke <tim@mid.net> wrote:
+1 for bgp.tools, it is a superior tool. Sadly, the corporate IT-forced DNS filtering at work for “cybersecurity” (Mimecast) thinks it is a compromised website for some reason, so bgp.he.net ends up being used while I am at the office.
On Jan 16, 2024, at 8:44 AM, Ian Chilton <ian@ichilton.co.uk> wrote:
Hi,
Not a direct answer to your question, but if you're not aware of it, https://bgp.tools/ is a great tool and shows the same info.
Ian