flagged as phishing on custom domain but not pages.dev- looking for debug help
i'm not convinced that pages is the source of the issue but i think it's possible you could help be troubleshoot. our site is up on the pages.dev subdomain, but is flagged on our custom domain. have you seen this behavior on pages before and do you have any insight on to what may have caused the flag? thanks in advance.
17 Replies
oh and the site is a completely static astro site with minimal js for plausible analytics (not compromised as far as i can tell)
Where is it flagged? Via Cloudflare? Via browser checks? A third-party extension?
apologies. it's flagged as unsafe via browser checks.
the content on the site hasn't changed in at least a month
Try reporting it here: https://safebrowsing.google.com/safebrowsing/report_error/?hl=en
yeah, we've had a bunch of folks do that
i'm trying to get to a root cause because getting this undone is very difficult and is likely to take some days. i would like to work on protections to prevent it in the future.
IIRC it may just be someone reporting it here: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
oh wow really
Google might do their own AI Analysis, but there isn't really much you can do there
just one person can say it is phising and they take it down?
dang
It probably takes more than that
But yeah, one report could probably cause an investigation/scan
If you aren't serving deceptive content, then I wouldn't know what would trigger it
it's definitely like.. the most vanilla static site startup sales copy
and some illustrations of axolotls
Maybe it is too good that it looks like someone else's page?
so it's up on pages.dev
axodotdev: last-mile software delivery and analytics
axodotdev is a platform that provides developers with utilities, infrastructure, and analytics, to ship awesome installation experiences to users, no matter what operating system, platform, or package manager they use.
you can see it here