I’m a system administrator at, let’s say, example.com. A user reports that a colleague now sees a SafeWeb report when visiting his homepage http://share.example.com/~user The SafeWeb report lists 2 “threats” on http://lists.example.com/foo/2008.txt.gz : “Container depth violation - scan incomplete” These pages are simple gzipped plain text, with no malware. So I’d like to report this as a false positive, but it seems I have to create an account and verify ownership. If I try to sign up to administer http://share.example.com, I get a cookie to place on http://example.com. There is no such official webserver; there is a redirect to http://www.example.com which uses a CMS system I’m not familiar with. Is this the way it’s supposed to work - one super-administrator for the entire domain ? If so, it seems a bit bizarre. One person cannot reasonably look after hundreds of disparate websites.