1
What is the issue you’re encountering
For a month now, my domain was marked as phishing. I have both, reached out to Cloudflare Trust & Safety as well as the reporter multiple times, stating that this is in ERROR. The site is NOT phishing. I have explained to them precisely why it is not. But no reply since a month. The abuse report is simply pending in review since weeks. Since my domain is registered on Cloudflare I am not even able to change the DNS. Reaching out to Trust & Safety has no effect. I have also reached out to them via their help page, but the ticket was instantly auto responded to contact Trust & Safety. Now what.
What I sent to Cloudflare:
To the Cloudflare Trust & Safety Team,
I am writing to appeal the “wrong category” determination regarding my report of vanced.to. While this site distributes counterfeit software, it also functions as a phishing and brand impersonation site designed to deceive users of the legitimate revanced.app ecosystem.
The classification of phishing is correct based on the following evidence:
- Brand Impersonation & Deceptive Intent: The site vanced.to intentionally clone the UI/UX and branding of revanced.app. It leverages SEO to rank above the official domain and intercept users, making them believe they are on the official site, a textbook definition of a phishing-style deceptive practice.
- Historical Context (WIPO Case): The operator of vanced.to is the same entity that previously owned revanced.net. We successfully won revanced.net in a (public) WIPO dispute, in which it was established that the operator acted in bad faith by impersonating our brand. They have migrated their malicious activity to vanced.to to circumvent the WIPO ruling.
- Inconsistency in Flagging: Currently, Cloudflare flags revanced.net as phishing. However, we (the owners of the legitimate revanced.app) own that domain and use it exclusively to host a counterfeit warning notice. It is inconsistent for Cloudflare to flag a legitimate warning page as phishing while refusing to flag the source of the actual impersonation and malicious downloads at vanced.to. We have already filed a separate complaint regarding the false report on revanced.net, separate from this case.
If Cloudflare’s policy dictates that “Clone Phishing” applies to deceptive impersonation, vanced.to is a primary example. It mimics our service to trick users into downloading modified binaries that pose a significant security risk.
cscharff 2
Have you considered filing a lawsuit against Cloudflare? Seems pretty clear cut they are harming your business and putting end users at risk. At the very least a letter from your solicitor seems appropriate.
The time and funds would result in effective loss on my side.
system Closed 4
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.
This is now almost 2 months ago, and Cloudflare still ignores it: Abuse report review pending for a month now
In addition, another report came down to our main domain, once again evidently wrong:
Cloudflare Trust and Safety does not reply.
