Adding Heyflow GmbHs service provider domains heyflow.page & heyflow.site

[moekify]

Adding Heyflow GmbHs service provider domains to public_suffix_list.dat

Public Suffix List (PSL) Submission

Checklist of required steps

• Description of Organization

• Robust Reason for PSL Inclusion

• DNS verification via dig

• Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _psl TXT record in place in the respective zone(s).

Submitter affirms the following:

• We are listing any third-party limits that we seek to work around in our rationale such as those between IOS 14.5+ and Facebook (see Issue #1245 as a well-documented example)

There is none!

• This request was not submitted with the objective of working around other third-party limits.

• The submitter acknowledges that it is their responsibility to maintain the domains within their section. This includes removing names which are no longer used, retaining the _psl DNS entry, and responding to e-mails to the supplied address. Failure to maintain entries may result in removal of individual entries or the entire section.

• The Guidelines were carefully read and understood, and this request conforms to them.
• The submission follows the guidelines on formatting and sorting.

Abuse Contact:

• Abuse contact information (email or web form) is available and easily accessible.

  URL where abuse contact or abuse reporting form can be found:
  [email protected] and via https://get.heyflow.com/report-abuse
  This form is linked on our companys website https://heyflow.com and can also be found on the default page returned on https://heyflow.page and https://heyflow.site

---

For PRIVATE section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.

To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.

PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.

(Link: about propagation/expectations)

• Yes, I understand. I could break my organization's website cookies and cause other issues, and the rollback timing is acceptable. Proceed anyways.

---

Description of Organization

Heyflow GmbH is a German SaaS company that provides a no-code building tool to craft interactive lead generation landing pages. Each customer receives a subdomain from us on our service domains heyflow.page and heyflow.site.

I'm a Technical Product Manager working at the company and together with my team we are working on our infrastructure serving our customers creations.

Landing pages created by our customers are hosted on these subdomains, with each specific landing page accessible via a designated path, such as subdomain.heyflow.page/pageSlug or subdomain.heyflow.site/pageSlug.

Organization Website:

https://heyflow.com

Reason for PSL Inclusion

We aim to implement dedicated subdomains for each customer, showcasing ownership and operation by individual customer, while also enhancing cookie security.

Both domains are currently on a three year renewal schedule and have running leases until 2027.

Number of users this request is being made to serve:
We currently have over 2500+ customers and serve the created interactive forms to over 12 million visitors on a monthly basis.

DNS Verification

dig +short TXT _psl.heyflow.site
"https://github.com/publicsuffix/list/pull/2261"

dig +short TXT _psl.heyflow.page
"https://github.com/publicsuffix/list/pull/2261"

Tests

[moekify]

DNS Records added and opened for review

[groundcat]

• Could you double-check with your registrar on the registration for the heyflow.site domain? According to WHOIS, it expires in 2025, which is less than 2 years from today and does not meet the requirement. There could be a WHOIS delay.
• You mentioned under "Submitter affirms the following" that this PR was created to bypass Cloudflare Let's Encrypt restrictions. Is this your intended purpose? If not (and you forgot to remove it from the PR template), please ensure it is removed.

[moekify]

@groundcat Thanks for the thorough and swift review. I misunderstood the template section about the bypass things. We don't want to bypass anything here and therefore I now removed the entries. I assume the checkbox is supposed to stay as I'm affirming that we're listing any = none. Let me know if that is incorrect and the whole section should go.

I checked the .site expiration and it seems there was a miscommunication internally. However, quickly alleviated, the domain now runs on a long renewal schedule.

https://who.is/whois/heyflow.site

Let me know if there is anything else and thank you in advance

[groundcat]

• Expiration (Note: Must STAY >2y at all times)
  • heyflow.page expires 2027-10-23
  • heyflow.site expires 2027-04-26
• DNS _psl entries (Note: Must STAY in place)
  • Both resolved to "https://github.com/publicsuffix/list/pull/2261"
• Tests pass
• Sorting
• Reasoning/Organization description
  • Website was reviewed and aligns with the reasoning provided in the PR. The reported user count, if correct, meets the PSL criteria.
• Non-personal email address
• Abuse contact
  • Abuse contact page exists.