Just went through a bunch of older domains and relisted almost 50 of them.
Or do the bad guys wait and “lay low” with their domain until “the coast is clear” and once google safebrowsing delists them, they once again use the domain to serve up malware (Whack-a-Mole)?
Do they have google APIs and check daily to see if their domain is delisted?
Is there a name for this? It’s like fast-flux except the time frame is months instead of minutes.