Advice Request Can I remove my new domain from security vendors' phishing domain lists?

Please provide comments and solutions that are helpful to the author of this topic.

tech_eng

Level 1
Thread author
Oct 9, 2020
34
I recently learned how to use Cloudflare Tunnels to expose securely services hosted at my home lab (a NetworkChuck Video couple of weeks ago).
I registered a new domain, connected it with CloudFlare and linked a couple of my homelab services (jellyfin, tinytiny rss feed aggregator) to its Zero Trust Tunnels and it worked great.

A couple of days later I was surprised that Google flagged my domain and all subdomains as dangerous (Phishing and malware). Still at this point I can force Chrome to continue to the dangerous site and view my own content. But few hours later other security solutions started flagging my domain too, BitDefender, Avast, Fortinet. Checking on VirusTotal I found that around 6 other vendors were flagging my domain.

I registered my domain with Google Search Console/Webmaster tools, and it showed that the tinytiny-rss feed aggregator is the reason to flag my domain (which is strange, as it is an open-source app with no known security issues). I removed the suspected hostname/subdomain from the tunnel, and requested a Review from Google. A couple of days later they checked, and removed my domain from their SafeBrowsing lists. But at that point around 15 other vendors were still flagging my domain as Malicious/Phishing.

It has been now around 2 weeks that I am off Google's list, but still 11 vendors flag my domain as phishing. Fortinet is the worst because it is the Firewall at my work and I have no option to bypass it to access my services.

(As a quick solution, I registered another domain and configured CloudFlare's WAF to block bots. It is working with no issues for now.)

I tried requesting/filling false-positive forms on some of the vendors websites, but it doesn't seem to work.

Any tips if I can ever remove my domain from those lists?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top