False Positive

user2641 · August 30, 2024, 8:22am

Note: Please do not post Personally Identifiable Information like email address, personal phone number, physical home address, product key etc.

Issue abstract: False Positive

Detailed description: We’ve reported several times a false positive for one our sites in our network. It’s been over 4 days and we still have it! We have over 12m daily users across our network and don’t have any malicious content. Please remove this flag and false positive you have put on our site

Thank you!

Product & version number:

OS details:

What is the error message you are seeing? False Positive

If you have any supporting screenshots, please add them:

bjm · August 30, 2024, 8:27am

care to share site domain name
Norton 360 v22.x or v24.x
Safe Web disputes have been slow

user2641 · August 30, 2024, 8:29am

It won’t allow me to share links: asianpornxl - com

user2641 · August 30, 2024, 8:30am

We’ve had them before across the network and usually sorted in a few hours. This site receives quite a lot of traffic in our network and it’s been 4 days, costing us money. We don’t have any malicious advertising or content. We’re a large network and it’s in our interests to only work with reputable advertisers, otherwise we would constantly have this issue and no users!

bjm · August 30, 2024, 8:31am

asianpornxl.com
URL Analysed: https://asianpornxl.com/
Norton Rating  Warning
CURRENT CATEGORY  Malicious Sources/Malnets
Dispute submitted!

https://safeweb.norton.com/report?url=https://asianpornxl.com

We’ll try to call attention

user2641 · August 30, 2024, 8:33am

Thank you so much, that’s very good of you.

bjm · August 30, 2024, 11:52pm

Hello @user2641
Please check your Community mail box => Messages

bjm · September 2, 2024, 6:31pm

Hello @user2641

user2641 · September 3, 2024, 7:32am

Thank you, it’s still showing flagged at my end with the Chrome extension. But if it’s saying it’s safe at your end, then I guess it’s safe.

Thank you so much for your help with everything!

bjm · September 3, 2024, 11:22am

Norton Safe Web v3.22.0.25
Chrome v128.0.6613.120

user2641 · September 3, 2024, 11:32am

Thank you

peterweb · September 3, 2024, 4:35pm

Try clearing the browser cache for that site. Clicking to the left of the URL should bring up a box where you can choose Site Settings. You can Delete data from there. Then refresh the website’s tab and see if you get the Safe Web OK.

user2833 · September 12, 2024, 6:35pm

I continue to receive no update from Norton Safe Web. We have submitted this dispute many times:

Website: https:// vault .secureclose-dev .net (added spaces to avoid link restriction)
Current category: Phishing
Suggested category: Office/Business Applications
Comments:
This is the development site for our Vaulting B2B solution. You must authenticate before accessing any parts of the solution besides the login screen.

We’ve been submitting these for many months and have not heard anything back and the status has not changed. Each dispute submission we continue to submit we get a message on screen that says the dispute is already in progress.

bjm · September 12, 2024, 6:51pm

https://vault.secureclose-dev.net resolves to

https://securecloseid.b2clogin.com/securecloseid.onmicrosoft.com/b2c_1_si_v2/oauth2/v2.0/authorize

securecloseid.b2clogin.com
URL Analysed: https://securecloseid.b2clogin.com/securecloseid.onmicrosoft.com/b2c_1...
Norton Rating  Safe
CURRENT CATEGORY  Technology/Internet

https://safeweb.norton.com/report?url=https://securecloseid.b2clogin.com/securecloseid.onmicrosoft.com/b2c_1_si_v2/oauth/v2.0/authorize

user2833 · September 12, 2024, 6:56pm

That is the authentication service. Once authenticated, you would be routed back. That’s when Safe Web blocks it.

bjm · September 12, 2024, 7:16pm

Oh okay

vault.secureclose-dev.net
URL Analysed: https://vault.secureclose-dev.net
Norton Rating  Warning
CURRENT CATEGORY  Phishing
Dispute is already in progress.

https://safeweb.norton.com/report?url=https://vault.secureclose-dev.net

Hello @user2833
We’ll try to call attention:

bjm · September 12, 2024, 8:29pm

Hello @user2833

https://safeweb.norton.com/report?url=https://vault.secureclose-dev.net

user2833 · September 12, 2024, 10:03pm

This is excellent! Thanks for your help. On another note, our production site is currently showing up as “Untested”. Will this end up falling victim to the false positive? Can we get it marked as “Safe” as well? Just remove the -dev part from the domain.

bjm · September 12, 2024, 10:16pm

vault.secureclose.net
URL Analysed: https://vault.secureclose.net
Norton Rating  Untested
CURRENT CATEGORY  Uncategorized
Dispute submitted!

https://safeweb.norton.com/report?url=https://vault.secureclose.net

Submit a file or URL to Norton
https://support.norton.com/sp/en/ie/home/current/solutions/kb20090602171902EN

We’ll try to call attention:

bjm · September 12, 2024, 10:23pm

Hello @user2833

vault.secureclose.net
URL Analysed: https://vault.secureclose.net
Norton Rating  Safe
CURRENT CATEGORY  Finance

https://safeweb.norton.com/report?url=https://vault.secureclose.net

False Positive

Announcements