X1.c.lencr.org flagged as compromised

We have a firewall that has started flagging x1.c.lencr.org as a compromised website.

I see Let's Encrypt owns the domain, but not sure what is going on with our firewall?

I assume the traffic to this domain is legit?? Anyone else having any similar issues?

Host: x1.c.lencr.org
Path: /
Categories: Compromised Websites

3 Likes

What firewall and where does your firewall gets its block lists from? Any specific block list triggering the LE domain?

4 Likes

It is a Watchguard firewall. I am not sure where they get their block lists.

2 Likes

We are aware that this domain has been flagged in some systems as compromised and are working to remediate that error.

Let's Encrypt owns the domain and hosts the Root X1 CRL on that domain.

You can read about lencr.org here
You can read a little about why we have a CRL here

9 Likes

Possible false possitive:
VirusTotal

4 Likes

We experienced the same thing and I opened a case with WatchGuard to find out if it's a false positive or no. They said it is indeed, so the domain should now be available again.

They work with Forcepoint.

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.