Msedge.b.tlu.dl.delivery.mp.microsoft.com blocked -> Phishing

Detailed description:
msedge.b.tlu.dl.delivery.mp.microsoft.com is blocked. Reason: Phishing

Product & version number:
Norton 360, current version

OS details:
Windows 11 Pro 24H2

What is the error message you are seeing?
see screenshot

From what I could research, this should be a false alarm.
Any help is appreciated. Thank you.

No security vendors flagged this URL as malicious
http://msedge.b.tlu.dl.delivery.mp.microsoft.com/
Status 403
Content type text/html
Last Analysis Date a moment ago
https://www.virustotal.com/gui/url/6fa7c4…80617e

No security vendors flagged this URL as malicious
https://msedge.b.tlu.dl.delivery.mp.microsoft.com/
Status 403
Content type text/html
Last Analysis Date a moment ago
https://www.virustotal.com/gui/url/deedfe…a6da43

All: Norton version 22.24.8.36. Even with editing the URL with https: the below is returned when opening in a private tab within Opera GX. This isn’t a false flag, the URL cannot prove its identity meaning there is a signature / certificate obfuscation. The certificate fallback is the same on BOTH Edge and Opera GX. My observations my side.

On Edge latest version:

SA

Private incognito tab on both Edge and Opera I get the same results as shown before. There are no Norton attack alerts present. The screenshot also shows “security certificate is from fallback.tls.fastly.net”. These are self signed certificates, and I don’t ever remember MS using outside certificates on their domains.

SA

https://www.sslshopper.com/ssl-checker.html
https://msedge.b.tlu.dl.delivery.mp.microsoft.com/

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/

Here are the reasons self signed certificates shouldn’t be trusted. Norton flagged this appropriately as it should all browser based activities.

Self-signed certificates can be a security risk because they are not validated by a trusted authority. This leaves them vulnerable to exploitation by malicious actors. [1, 2]

Risks of self-signed certificates [1]

Lack of validation

Self-signed certificates are not verified by a certificate authority (CA), so there is no independent confirmation of the certificate’s authenticity. [1]

No updates or revocation

Self-signed certificates don’t expire, so they are never updated to fix vulnerabilities. This makes them vulnerable to hackers and cyberattacks. [2]

Man-in-the-middle (MITM) attacks

Attackers can intercept encrypted traffic between a victim and a website protected by a self-signed certificate. They can then steal sensitive information like login credentials and financial data. [3]

Phishing attacks

Fraudsters can create fake websites and apps using self-signed certificates. Victims may not receive warnings and may be tricked into providing sensitive data. [3]

Loss of customer trust

Customers may see security warnings when visiting a website protected by a self-signed certificate, which may lead them to abandon the site. [3]

Self-signed certificates may be suitable for personal use or for internal applications within an organization. However, they can introduce significant security risks. [1, 4]

Generative AI is experimental.

[1] The Risks of Self-Signed Certificates & When to Avoid Them

[2] https://www.sectigo.com/resource-library/what-is-a-self-signed-certificate

[3] Self-Signed Certificate Vulnerabilities - SSL.com

[4] https://www.youtube.com/watch?v=Qg5ghpiEHm0