Subdomain leasing can be tempting for website owners, as it offers an attractive passive income stream. But there are certain issues associated with it that one should be aware of. And even if it may seem like a safe bet on the surface, one should always be cautious about such business deals.

You should think twice before leasing a subdomain - Subdomain leasing

Subdomain leasing & ethical issues

Subdomain leasing isn’t a new concept. The idea is that website owners can lease their unused subdomains ( or subfolders ( to third-party partners, who otherwise have no direct association with the website or brand. In return, the partners can publish new content on already established domains and gain better exposure.

This practice of leasing subdomains, though may seem like a fair business transaction, has some ethical issues:

  1. The third-party partners get a questionable advantage in organic search results over their competitors and other similarly qualified businesses.
  2. It creates a false sense of brand association, which may influence users to interact with a piece of content that they otherwise wouldn’t have interacted with.

Reputable websites like CNN, Business Insider, etc., have reportedly leased out subdomains in the past, to third-party companies, who have leveraged the main domain’s reputation to gain an advantage in organic search results, which may or may not have been related to the main website’s niche.

Subdomain leasing example


As these practices potentially provide an unfair advantage in search engine results, Google’s general response to subdomain leasing isn’t quite positive. And last year, the company plausibly started penalizing such practices.

But, it looks like the intent behind subdomain leasing is not just limited to gaining an unfair advantage in organic search results; it’s also sometimes used as a tool for other promotional purposes.

The subdomain leasing scam

Note: This article has been updated on 5/23/2020 to reflect some of the new information that has come to our attention since publishing the original article. If you believe that this article still needs further modification, please contact us along with proper references.

This is a firsthand account of a subdomain leasing proposition that we’ve experienced over the last few months.

The story began sometime in the mid of 2019 when Eric Mitchell Porat of (Vayg Media) approached us via email showing interest to lease one of our subdomains ( for long-term use under a signed contract.

According to them (FAQ [Archive Link] #21), the intent was to partner with sites that have high traffic, engaging content, domain authority (DA), and would satisfy the requirements of their advertising partners, publish viral content on the leased subdomain and share them on their social media channels. They would monetize the content by running ads through their advertising partners, and provide a monthly fee to the site owner for utilizing the subdomain.

However, there were certain terms in the contract, including sharing of’s detailed site analytics and other sensitive information, which we were not comfortable with. So we denied the contract.

Since then, we had received multiple communications from him trying to negotiate the terms of the contract, none of which we were happy with.

Finally, in February of 2020, we received a communication from the same person, asking if we would agree to lease the subdomain to them without sharing our detailed site analytics as well as without any long-term contract. We would get paid on a monthly basis, but the payment amount would be lesser than what was initially offered back in 2019.

We agreed to the proposal, based on due confirmation of the following conditions, stated clearly via email:

  1. The published content on the leased subdomain shall be blocked from search engines using the “robots” meta tag.
  2. The content uploaded to the leased subdomain should be related to our vertical (i.e., technology), and adhere to Google Ads policies as well as the IAB standards.
  3. Vayg Media and its associates shall ensure our (7labs) brand safety and shall not mislead users by any means.
  4. Every content uploaded to the leased subdomain would be reviewed and approved by 7labs before go-live.

The above conditions were also in line with the conditions provided in Vayg Media’s official FAQ [Archive Link] page (#23, #5, #8, #15). And since these conditions do not encourage unethical use of subdomain leasing, and also protect the website owner’s brand, we felt confident about doing business with them.

Shortly after that, we received an email stating that we would soon be contacted by someone from the team about the onboarding process, and once our onboarding was completed, we would receive our first payment.

On February 26, 2020, we received an email from Nik Krylovskiy (introduced by Eric Mitchell Porat) of with the instructions for initiating the onboarding process from our end, which included the following steps:

  1. Filling out a form providing our payment info (PayPal) for receiving payments.
  2. Add requested CNAME records in our DNS. This would effectively point our leased subdomain to a website managed by Vayg Media.
  3. Append their requested records to the ads.txt on our server, allowing them to run their ads on our subdomain.

On February 27, 2020, we completed the onboarding tasks and sent an email confirming the process was completed from our end.

A week passed and there was no response. In that duration, we noticed that a new WordPress setup was installed in the subdomain, and later the subdomain ( was redirecting to our home page (

We sent a couple of follow-up emails, asking whether the onboarding process was completed, but we still didn’t receive any response. Meanwhile, the COVID-19 situation seemed to be escalating everywhere, so we decided to wait.

On March 27 early morning, we received a payment via PayPal from a company registered as Mutually LLC, with a payment note stating that it was for the subdomain leasing program. At that time, there was no communication about the completion of the onboarding process yet.

Only later that day did we receive the confirmation email about successfully completing the onboarding process and that our first payment was released. The email also stated that in the next few days, we would be provided the user credentials to log in, review, and approve the content to be published on the subdomain.

More than 1 week had passed since the first payment and we were still waiting for said WordPress credentials. And since was now redirecting to, there was seemingly no straightforward way to confirm if any content was actually published on the subdomain.

Still, we decided to dig around a bit. We entered our subdomain URL on the browser’s address bar and appended an ambiguous path to it (something like “”). As expected, it came back with the default “Error – 404” page.

Now, the WordPress 404 page usually contains a search bar; in our case, it was no different. A quick search revealed that there were already some published content on the subdomain, which we were never notified of.

They were click-baity posts about pandas, cats, sloths, and random animals which were in no way tech-related. But the posts did not contain any prohibited content, and since they were blocked from search engine indexing (as agreed), we didn’t have enough reason to be alarmed just yet.

Then, on April 12, we received an unexpected message from a user on our Facebook page.

unexpected message from a user

“Your blog about baby sloths keep coming up as a website that I never clicked on,” the user said. We chatted with her for a while and tried to figure out if it was a genuine issue. Finally, we took the user’s permission to have a remote session so we could investigate further.

Though the issue was not reproducible during the remote session, there were some unusual browser activities, including a large number of visits (50+) to the said baby sloth article on our subdomain the same day.

Additionally, the URLs recorded in the browser history also contained certain parameters, which when rendered, displayed some of the top posts from as a slideshow in the bottom-right corner of the screen, along with the actual published content on the subdomain.

At this point, we had multiple reasons to doubt the authenticity of Vayg Media. But still, we only had a single source of evidence and wanted to collect substantial proof before taking any action. So we began searching online for any other similar report posted elsewhere.

And indeed, we found a couple of posts in the Google Chrome Community Forum, where users had complained about random web pages from opening automatically on their Chrome browsers. The posts were getting decent engagement and one of them had received quite a few upvotes as well.

Meanwhile, we also started receiving emails from several users complaining about similar issues. And with all of these events occurring in quick succession, we knew that something fishy was going on.

We were still awaiting valid credentials from the team which would allow us to review & approve content to be published on the subdomain. In the meantime, there were already articles that were live on the subdomain without our approval or consent.

Moreover, the nature and implementation of their advertising campaign was suspicious and violated Google and IAB guidelines; users thought of it as malware. At the same time, they had violated our brand safety; users were reporting us in public forums under the false impression that we were running the suspicious campaign.

On April 13, we contacted Vayg Media about the issues, mentioning that they were in violation of the terms that they had agreed upon, and asked them to fix the reported issues.

They responded to the email on the same day stating that all the previously published content on the subdomain had been set to drafts. They also provided us with the credentials for the first time to review and approve the content.

Subdomain Leasing Scam

We replied that even though the content was outside the niche of, we were ready to offer them relaxation on this, as long as they followed Google and IAB guidelines, did not indicate any association with or hurt the 7labs brand, and ceased all campaigns showing suspicious behavior immediately.

We were open to discussion with the Vayg team, and to work with them closely to fix the issues. As the first payment had already been made, we intended to maintain our commitment until the end of the lease period.

In the meantime, we also discovered reports of a few other websites’ subdomains that were also suspiciously opening automatically on users’ web browsers.

While we were waiting for a response, on April 16, we got a payment dispute notification from PayPal, with the reason as “item or service not received”. The description claimed that we had “withheld access” to the leased subdomain and did not render the agreed services. We also apparently “took advantage of [the buyer’s] network and abused [their] system.”

Proof of Subdomain Leasing Period – Historical DNS Records

Since Vayg Media provided the login credentials to the leased subdomain ( on April 13, it’s evident that they had access to the subdomain as of that date.

Leasing Period - Subdomain Leasing Scam

Now, if you look at the DNS Historical data for, you would find that the subdomain was active during the entire leasing period, and was live until May 15, 2020. There was no change in DNS records during this period and the same set of IP addresses (all belonging to Leaseweb USA, Inc.) was being rotated.

None of these claims were true; we hadn’t withheld their access to the leased subdomain at that time, and we didn’t believe that we had taken advantage of their system. So, we again sent them an email; asking for the reason for such a false claim.

Our mail tracker indicated multiple email opens, even though there was no response since April 13.

On April 17, we checked the status of some of the other reported sites’ subdomains and interestingly noticed that one of them ( was no longer active. A CNAME lookup verified that the site owner had blocked the subdomain’s access from Vayg Media. Hence, we decided to reach out to the site owner of for further information.

Communication with

The site owner, Mark MacKay, confirmed that they had leased a subdomain to the same people (Eric Mitchell Porat, Mark wasn’t aware of any activity on the leased subdomain until a person from a school’s IT department complained about the subdomain’s pages automatically opening in the school’s computers. He too tried to email Eric and Nik but received no response. Finally, Mark decided to take down the subdomain right away.

On April 18, we submitted the various proofs of service delivery to PayPal, along with all the evidence we had collected so far. But when it comes to payment disputes on PayPal, these types of refund claims are usually ruled in favor of the buyer. This case was no different.

After the completion of our leasing period, we removed Vayg Media’s suggested CNAME records from our DNS, thus terminating our service.

Update: Soon after publishing this article, the website was taken down on 22 May, 2020.

In this whole episode, Eric Mitchell Porat,, evidently violated their own terms and hurt the publisher’s brand. They displayed suspicious behavior, running campaigns of malicious nature, publishing content without notifying the website owner, avoiding communication even after multiple follow-ups. In our case, they made a legitimate payment, utilized the services without informing us, and later disputed the payment based on false claims.

During the time of the incident, we didn’t have enough knowledge to figure out how the leased subdomain was being utilized, but on further investigation, it was revealed that the leasing may be directly connected with a more widespread digital ad fraud.

Our goal in publishing this article is to make webmasters and publishers aware of issues related to subdomain leasing. Even if such business transactions may seem to be harmless, they end up backfiring pretty bad. One may lose their valuable time, effort & money engaging with such businesses, and on top of that, end up hurting their brand, which is something invaluable!

If you are approached by any company for subdomain leasing, we advise you to tread carefully and evaluate the situation before committing any business transaction.