Creator of AI-powered VS Code extensions (DotCommand, DotSense) & pro-level DevOps/Security tools (dotenvy, DOTCTL). My work includes a custom LLM for secret detection. Hacking on Next.js.
Thank you for commenting publicly — this is actually the most transparent way to handle this, and I appreciate it. Let me respond to each point with the same technical precision I used in the article.
On Domain Security:
Your claim that the domain "passes mainstream security protocols" is interesting, especially given the recent changes made to your infrastructure after my article was published.
On April 11 (when the article was written and you were actively soliciting creators), here is the exact verifiable response from your servers:
Fixing your infrastructure after the community raises red flags doesn't invalidate the original findings — it confirms that your domain was not properly operational when you were actively sending outreach emails to creators.
Additionally, independent third-party platforms — which I have zero affiliation with — scored your domain:
Note: This score has actually dropped further from 28.8 since the article was published.
I didn't create these scores. I reported them. The appropriate response is to address them with those platforms directly — not to request article removal.
On Email Origin:
You're arguing that emails from NetEase servers prove legitimacy. My article actually made the opposite point — the fact that the emails came from legitimate NetEase infrastructure is more alarming, because it suggests either:
A compromised corporate account
Unauthorized use of NetEase infrastructure
Inadequate internal security controls
Furthermore, your original outreach used corp.netease.com while this response comes from rd.netease.com — two entirely different NetEase subdomains. A legitimate unified brand operation would use consistent email infrastructure.
On Being a "Legitimate ToB Marketing Service":
I have no interest in damaging legitimate businesses. My entire analysis was based on:
✅ Verifiable email headers (reproducible by anyone)
✅ Independent security vendor scores (third-party, unaffiliated)
✅ Direct infrastructure responses at the time of outreach
✅ Standard OSINT methodology
If Youdao Ads is legitimate, proving it is straightforward. I formally requested the following via direct email:
Official business registration documents
NetEase Youdao's official PR statement authorizing this outreach campaign
Hi @YoudaoAds,
Thank you for commenting publicly — this is actually the most transparent way to handle this, and I appreciate it. Let me respond to each point with the same technical precision I used in the article.
On Domain Security:
Your claim that the domain "passes mainstream security protocols" is interesting, especially given the recent changes made to your infrastructure after my article was published.
On April 11 (when the article was written and you were actively soliciting creators), here is the exact verifiable response from your servers:
This was an active block from an Envoy proxy — not a local network issue.
As of today (April 28), after my article gained traction and your team contacted me requesting removal, the site now returns:
Fixing your infrastructure after the community raises red flags doesn't invalidate the original findings — it confirms that your domain was not properly operational when you were actively sending outreach emails to creators.
Additionally, independent third-party platforms — which I have zero affiliation with — scored your domain:
🔴 Scam Detector: 15/100 — "Risky. Dubious. Perilous."
Note: This score has actually dropped further from 28.8 since the article was published.
I didn't create these scores. I reported them. The appropriate response is to address them with those platforms directly — not to request article removal.
On Email Origin:
You're arguing that emails from NetEase servers prove legitimacy. My article actually made the opposite point — the fact that the emails came from legitimate NetEase infrastructure is more alarming, because it suggests either:
Furthermore, your original outreach used
corp.netease.comwhile this response comes fromrd.netease.com— two entirely different NetEase subdomains. A legitimate unified brand operation would use consistent email infrastructure.On Being a "Legitimate ToB Marketing Service":
I have no interest in damaging legitimate businesses. My entire analysis was based on:
✅ Verifiable email headers (reproducible by anyone)
✅ Independent security vendor scores (third-party, unaffiliated)
✅ Direct infrastructure responses at the time of outreach
✅ Standard OSINT methodology
If Youdao Ads is legitimate, proving it is straightforward. I formally requested the following via direct email:
No documentation has been provided yet. I will publish a full and prominent update section the moment it is.
The developer community deserves transparency — in both directions.
If the evidence supports an update, it will be updated. Publicly and prominently.
— FreeRave