False Positive — dohaupvc.com incorrectly flagged as Warning

anasriaz71991 · April 29, 2026, 7:49am

Our website dohaupvc[.]com is incorrectly flagged as Warning by Norton SafeWeb. This is a legitimate ecommerce business selling UPVC products in Doha, Qatar.

We have already submitted a dispute but no change.

Verified clean by
Google Safe Browsing : Safe
Sucuri: No Malware Found
Google search Console: Safe
Forcepoint: Business & Economy

Kindly review and remove the warning as soon as possible.

anasriaz71991 · April 29, 2026, 9:20am

This is critically affecting our business operations. Multiple users are unable to access our legitimate ecommerce website due to this false positive. We have already submitted false positive reports. Kindly escalate this matter for urgent review.

bjm · April 29, 2026, 11:12am

Submit a file or URL to Norton for review

Note: after submitting dispute and waiting 48 business hours with no change.
Please contact official Norton Support and advise support that you’ve submitted dispute and waited 48 business hours. My understanding is…once you state that you have already submitted False Positive over the submission portal and waited 48 business hours…support agent shall take the URL and detection screenshot and advance the case.

=============================================

Submission Portal: Norton Submission Portal. This system is used for tracking false positive reports.
Site Ownership: Ensure you have officially “claimed” your website within the Safe Web portal. Verified owners generally have access to a dashboard where they can see the status of their site and any pending disputes without relying solely on email notifications.
48 hours: Community suggests waiting 48 business hours. If the status of your site has not changed on the Safe Web public lookup after this time, it likely means the dispute is still in the queue or was not processed.
Norton Support: If you haven’t received an email or a status change after 48 hours, contact official Norton Support directly. Explicitly tell the agent: “I have already submitted a site dispute via the Safe Web portal more than 48 hours ago and have received no email notification or status update.” This often prompts support to escalate the ticket manually.

bjm · April 29, 2026, 11:16am

https://dohaupvc.com/

6fe33fb2554d

be26db7e3264/2026-04-29T11:35:23.861Z

bjm · April 29, 2026, 11:46am

https://www.virustotal.com/

.
https://sitecheck.sucuri.net/

anasriaz71991 · April 29, 2026, 11:54am

Thank you for checking our website. We have already submitted the dispute via Norton Submission Portal and our site ownership is also verified on SafeWeb.

The flagged threat name is: URL: Block [Fake T]

These are legitimate PHP backend files for our internal ITSM notification and reminder system. They are not malware or fake content.

Kindly advise what are the next steps to resolve this issue.

anasriaz71991 · April 29, 2026, 11:57am

Yes, we have already submitted the dispute via Norton Submission Portal. We posted here because we received no response or status change after submitting.

bjm · April 29, 2026, 12:30pm

Hello @anasriaz71991

Note: after submitting dispute and waiting 48 business hours with no change.
Please contact official Norton Support and advise support that you’ve submitted dispute and waited 48 business hours. My understanding is…once you state that you have already submitted False Positive over the submission portal and waited 48 business hours…support agent shall take the URL and detection screenshot and advance the case.

bjm · April 30, 2026, 4:06am

https://dohaupvc.com/
fwiw ~ ChatGPT (Norton app)

Why your type of site gets caught

Legitimate business sites—especially:

Smaller or newer ones
Niche product sellers (like UPVC materials)
Sites without strong brand signals

often look identical (structurally) to scam shops

What Norton is basically missing

The automated system can’t easily verify things like:

Your real-world business legitimacy
Fulfillment capability
Customer history

So it defaults to pattern recognition instead of verification

Bottom line

Yes—your site is being treated as:

“a product-selling business website that might be fake”

—not as malware.

That’s why you got:
URL:Block [FakeT]

How Norton Safe Web actually works

1) Automated detection (primary path)

Most flags—especially things like FakeT—come from:

Automated crawlers
Heuristic / AI models
Reputation scoring systems

These systems evaluate:

Site structure (templates, scripts)
Domain reputation/history
Similarity to known scam/malicious patterns

If the score crosses a threshold, the system can:

Warn or
Block immediately

No human review required at this stage.

2) “Better safe than sorry” bias

Norton intentionally leans toward:

False positives over missed threats

So yes—detections can be published based purely on algorithmic confidence, even if:

No malware is confirmed
No analyst has reviewed the site

That’s exactly how labels like FakeT are typically generated.

3) Human review comes later (reactive)

Manual review usually only happens when:

A site owner submits a dispute
A user escalates through support
There’s enough feedback/traffic to trigger re-evaluation

Until then:
The automated verdict stands as-is

What this means in practice

A site can be:
- Fully clean
- Yet still blocked globally by Norton
Especially if it:
- Looks like known scam patterns
- Has low reputation
- Uses common templates/scripts

In your specific case

Given:

“URL:Block [FakeT]”
Low multi-engine agreement (e.g., VirusTotal mostly clean)

This fits the classic pattern:

Automated heuristic flag → published block → awaiting manual correction

The important takeaway

Norton’s system is proactive, not confirmatory
“Detection” ≠ “proven malicious”
It often means:

“High probability based on patterns—not verified threat.”

=============================================

AI sourced content may make mistakes

bjm · April 30, 2026, 4:30pm

https://dohaupvc.com/

346d53abebe3/2026-04-30T16:29:17.739Z

77d8c0000da1

bjm · April 30, 2026, 5:18pm

Hello @anasriaz71991
fwiw ~ I’m trying to escalate via Norton Social Support

Case #: 1nnnnnnn6
Status: Escalated to senior team
Evidence: submitted (email + screenshots)

bjm · May 1, 2026, 10:12am

anasriaz71991 · May 2, 2026, 8:44am

Thank you so much BJM for your help and support throughout this process. The site is now showing as Safe on Norton SafeWeb. Really appreciate your assistance!

anasriaz71991 · May 4, 2026, 7:57am

Hi BJM, hope you are doing well.

Unfortunately dohaupvc[.]com has been flagged again by Norton SafeWeb with Warning status after being marked Safe yesterday.

We have already resubmitted the false positive dispute via the submission portal. The site is still clean — verified by Google Safe Browsing, Sucuri and all other security vendors.

Kindly assist again. Your help is much appreciated.

Thank you

anasriaz71991 · May 4, 2026, 8:16am

Our subdomain loyalty[.]dohaupvc[.]com is also flagged as URL:FakeShop. Kindly review this as well.

bjm · May 4, 2026, 11:42am

Hello @anasriaz71991
Please clear browser cache – post screenshot “Warning” / “URL:FakeShop”
~ my side – Safe Web portal/extension report Safe
https://dohaupvc.com/

https://loyalty.dohaupvc.com/

anasriaz71991 · May 4, 2026, 2:49pm

Hi, BJM Thanks for replying..
The website is showing safe online but when we login the site its giving an error. On our network its working on some PC and on some PC its not working. what would be the issue.Kindly help to resolve this issue.

bjm · May 4, 2026, 3:22pm

Hello @anasriaz71991
Please run Norton LiveUpdate + Restart (not Shut down) machine/s
https://loyalty.dohaupvc.com/login
Norton Private Browser

Firefox

Edge

Chrome

Caveat: I don’t have login credentials…to test

bjm · May 13, 2026, 1:40pm

Hello @anasriaz71991
Care to share your progress