Our infrastructure with top-tier industry partners. We use Namecehap as domain registrar, AWS services for hosting and functionality, and we use several Cloudflare services for DDOS-prevention, anti-bot and form input captchas. (Cloudflare, as one of the world’s largest internet security providers, would obviously not serve up infected files or malicious sites using their services.)
We have confirmed the tests are automated as the vendors flagging us seems to change sometimes when we run the tests. For example - this morning Sophos flagged us as a risk but this afternoon we are marked as safe. You can view this for yourself here - https://www.virustotal.com/gui/url/27655389c44fe13099798d38b738ffb67dec3ade00e5a31dcb894b54b8fee823?....
We believe these false flags occurred because of a combination of moving and upgrading infrastructure, lots of load-testing, lots of emails sent, and lots of activity on all three domains and sub-domains due to the announcement last week.
The team went to extreme measures and re-uploaded all of the website static content to the CDNs - and we have reviewed all available logs and monitoring, reports, etc. There is nothing out of place.
We have appealed the flagging with all of the 9 vendors involved - and opened support tickets with Cloudflare just to be sure if it is nothing on their end. We just have to wait until their teams review the tickets / appeals.
We have verified all three domains can be verified as safe by anyone who wishes it using publicly available independent third party tools
Google (safety) -https://transparencyreport.google.com/safe-browsing/search?url=joincommonwealth.xyz&hl=en
Norton (safety) - https://safeweb.norton.com/report?url=joincommonwealth.xyz
Whois (hosting) - https://www.whois.com/whois/joincommonwealth.xyz
To add to this, we have already had the erroneous flagging with 4 more vendors cleared, other tickets have been responded too and are in the process of review.
Look forward to seeing your response.
.png "Moderator"){kind=icon}
