Since I am sure no bank would redirect your URL like that please do the following : https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware Please keep a copy of your logs as you may need them to help in the malware forum of your choice. NOTE: post in only 1 malware site only.

Please let us know if this solved your issue or if need further assistance.

Actually SunTrust Bank uses it to validate their clients have Trusteer installed on their computer. It's not malware.

Their script..

try{ rCallback({"timestamp":"2017-07-20 10:40:24","v4":{"download_link":null,"rapport_id":null,"rapport_running":0,"compatible":1},"ki":"","v4a":{"rapport_version":"NOT_AVAILABLE"}}, , ); } catch(e){}

OK sorry, That information was not available in your information that was sent. I have seen it in others. I have nothing on your plugins/extensions or flash not your operating system nor what version of Firefox you are running. Could you please supply that information.

Just for info : https://www.trusteer.com/support/supported-platforms https://www.trusteer.com/en/how-to-download-install-rapport-using-firefox https://www.trusteer.com/support/how-can-i-tell-rapport-working NOTE : https://www.trusteer.com/en/support/pharming-alert-info-5 NOTE Repair Page Win10 : http://windowsreport.com/trusteer-rapport-windows-10/ Ok I need some more information please. Do not the last 2 and might as well go over the other URL's

Please let us know if this solved your issue or if need further assistance.

I apologize, I was in a hurry when I posted this..

This was tested in Firefox 54.0.1 and and 43.0.1.

The only addons on both machines (windows 7) is Open H264 Video Codec, Widevine Content, httpFox, and shockwave Flash. Your Flash Version 25.0.0

I believe thereis something wrong with SunTrust's certificate as it is happening to all Firefox users.

my opinion is:

rapport is the problem you are having. most banks dont use it.

i use to. but found it not needed.

while it is touted to be a security feature for banking, there is no evidence that rapport itself is not doing sneaky stuff or is unhackable.

so this is why security certificates and redirects are problematic for you. when it comes to banking and you are being re-directed, this is a red flag that wont be ignored by browsers.

Can you not contact their support about this in case they do have a bad certificate at Splash ? They would know about that script you sent.

You Flash is out of date : https://get.adobe.com/flashplayer/ Direct link scans current system and browser Note: Other software is offered in the download. <Windows Only>

Am sure that they could not be using Flash to validate but might as well update as it is a security issue.

OK are you sure you are seeing a Firefox Alert or the Trusteer Alert here ? https://www.trusteer.com/en/support/pharming-alert-info-5 Or is it like this ? https://www.trusteer.com/support/websense

Please let us know if this solved your issue or if need further assistance.

leeg00 said

I believe thereis something wrong with SunTrust's certificate as it is happening to all Firefox users.

The page loads for me right now, and a test site shows it should work in Firefox: https://www.ssllabs.com/ssltest/analyze.html?d=www.splash-screen.net

Is it fixed for you? If not, you can share information about the certificate your Firefox is rejecting by clicking that SEC_ERROR_UNKNOWN_ISSUER code to reveal a panel with an encoded version of the certificate.

If you copy/paste that into a reply, a volunteer can decode it and check the "issuer" to see whether it is something unexpected. I use this site for decoding if you want to try it yourself:

https://certlogik.com/decoder/

jscher2000 said

leeg00 said

I believe thereis something wrong with SunTrust's certificate as it is happening to all Firefox users.

The page loads for me right now, and a test site shows it should work in Firefox: https://www.ssllabs.com/ssltest/analyze.html?d=www.splash-screen.net

Is it fixed for you? If not, you can share information about the certificate your Firefox is rejecting by clicking that SEC_ERROR_UNKNOWN_ISSUER code to reveal a panel with an encoded version of the certificate.

If you copy/paste that into a reply, a volunteer can decode it and check the "issuer" to see whether it is something unexpected. I use this site for decoding if you want to try it yourself:

https://certlogik.com/decoder/

https://www.splash-screen.net/94114/rapi.js?f=rCallback

Peer’s Certificate issuer is not recognized.

HTTP Strict Transport Security: false HTTP Public Key Pinning: false

Certificate chain:

MIIDbTCCAtagAwIBAgIkD76MDt7fGre+4NPKOPH2YZ9Vt97wTozvLdBZCijnwBFi 55N8MA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1TdW5U cnVzdCBCYW5rMREwDwYDVQQLEwhTdW5UcnVzdDEdMBsGA1UEAxMUU3VuVHJ1c3Qg V1NBLUE1OEQgQ0EwHhcNMTYxMjEyMDAwMDAwWhcNMTgwMjEwMjM1OTU5WjCBhzEL MAkGA1UEBhMCVVMxETAPBgNVBAgMCE5ldyBZb3JrMQ8wDQYDVQQHDAZBcm1vbmsx NDAyBgNVBAoMK0ludGVybmF0aW9uYWwgQnVzaW5lc3MgTWFjaGluZXMgQ29ycG9y YXRpb24xHjAcBgNVBAMMFXd3dy5zcGxhc2gtc2NyZWVuLm5ldDCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAKXLYnf/WCxeF6vbJsfMBZFz0XkUwEp46mwN m662P5PdnHYnmiKtBdTpbUdlhmVUg0MslZ/c348QFd9n31PPAA8QAcMKLWTdmCgN IOZfPoMTpFNG5aq/DApobx27cx2fGLYxA/Slvew0d5XVYKj27g/0phXY23Wd3leb Dvyq20i5iAbw3tOucLbdHruzNAYDh2Vl93suF6CN3yop4UsB5NLgP+eNBnXec/w5 9Mo3wVQUkQm76QuI3BERraHH8nOG1Z7JcCg5Ge+Ab69G9OYmHOrJFRPuJbfpEbBC gRHTfO0BzjbM1zHoWYRm+uOoWqwoI44LXKdwa3vqkIdyo1gCMVUCAwEAAaNxMG8w MwYDVR0RBCwwKoIVd3d3LnNwbGFzaC1zY3JlZW4ubmV0ghFzcGxhc2gtc2NyZWVu Lm5ldDAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF BQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAtgIpnrxyipb14vwTGuIY znhG20KByiT0LE5jK7/6qlutnPgOxSZRR1sDESDcYri2hrJ815o4B8X2g3KifHSU 8tSXeyeariINwgKYtjW0zF3IKj2qY86h6EwiJlOasIte3f8V+Nk2CXttDi1x19ou lwgAIWTsrzms7WsYVsqU8pE=

MIIC6DCCAlGgAwIBAgIJAJux0i3o3F5eMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNV BAYTAlVTMRYwFAYDVQQKEw1TdW5UcnVzdCBCYW5rMREwDwYDVQQLEwhTdW5UcnVz dDEdMBsGA1UEAxMUU3VuVHJ1c3QgV1NBLUE1OEQgQ0EwHhcNMTEwNjEzMTk0ODU5 WhcNMjAwNjEzMTk0ODU5WjBXMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNU3VuVHJ1 c3QgQmFuazERMA8GA1UECxMIU3VuVHJ1c3QxHTAbBgNVBAMTFFN1blRydXN0IFdT QS1BNThEIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZgiUUWjXdBHXX wIKBrIE+1LEdwpl+/0Z1j/ZsEVsWXZK6k+/OEVhHfFBwRaENlMXaShBM3BMfNzX/ 4eWteGeE5p8okrhnujjxexZEgkzr7hN8Z0PKDRTHd2UB5xInejGYJuYWFTIIqXOj /2y52eEebRNcV+dB+gOQWMAplgVstQIDAQABo4G7MIG4MB0GA1UdDgQWBBRhXvMO MlEP6CyQKkmC4PAlhs2JUzCBiAYDVR0jBIGAMH6AFGFe8w4yUQ/oLJAqSYLg8CWG zYlToVukWTBXMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNU3VuVHJ1c3QgQmFuazER MA8GA1UECxMIU3VuVHJ1c3QxHTAbBgNVBAMTFFN1blRydXN0IFdTQS1BNThEIENB ggkAm7HSLejcXl4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQC5m+4X HGIhE9kG79IhOuZoAZhGJhR51lvf7CC0PWtmEru4enQ/FZtJi64kuL6hbTT2TjMT Y8L7W2kvIX0DUa+mHFcLRyssiY5BQ8YUaY4yBzu9PLSQp35/+ViwbwhvIFYXmgDo uGjEPblwsuqQzptsNwW/AHJBJNr7ueVloIZtqg==

Hmm, on mine, the certificate was issued by:

CN = GeoTrust SHA256 SSL CA O = GeoTrust Inc. C = US

On yours, the certificate was issued by:

CN = SunTrust WSA-A58D CA OU = SunTrust O = SunTrust Bank C = US

How is Suntrust getting into the action there on IBM's server?!

Is it possible that something on your computer is redirecting the request from IBM's server (which uses the IP addresses detected by SSLLabs) to a different server operated by your bank, for example, a proxy server or hosts file entry?

"I need to determine how to address Firefox blocking a certificate on a secured banking website"

actually, you dont have to determine anything.

what you need to do is to contact the banks technical support. they will tell you / give you exactly what you need if everything is "kosher"

bottom line: firefox is not the problem.

I figured out the issue. It was our internal network causing it to flag the certificate. Outside the network it worked on 4 devices