Blocking of site: HTML:iframe-inf[Susp]

Hi,

I’m working in a company distributing news releases. Our clients sometimes use a iframe-based module for subscriptions, that they can include on a page so users can subscribe to their news releases.
However it seems that this module is causing Web Shield to throw a Iframe-inf[Susp] Warning and blocking sites using it.

An example is the site hXXps://investor.clemondo.com (iframe in the bottom part). The iframe refers to a quite long url (since url parameters affect the content):
hXXps://webtools.bequoted.com/subscription/?prenid=371&placement_id=26&edition_type_id=1&show_delete=0&delButton=Avanmäl&iText=E-postadress&addButton=Prenumerera&ecss=https://investor.clemondo.se/css/Clemondo.css?v3.01

We have done thorough scans and the iframe source should not contain anything malicious and no other tool we’ve seen is reporting/blacklisting this. It however contains a form posted via actions and i wonder if this might seem malicous, even though it is in this case completely legit?

We have reported it as a false positive using the form two weeks ago, but with no response. Can anyone of you help me out on what might be causing it and how to proceed?

Kind regards
Martin

Someone please answer this question. I’m getting the same thing on a 100% legit Iframe for form submissions.

There are sites that can also check a site link and or file upload.

If these come up clean it can be reported as a possible FP.
New location to report both a False Positive and or a False Negative (for File or URL) - Choose Your Sample Submission Type | Avast

There is no direct contact, but it should be analysed in 48 hours - if found to be an FP then it should be removed from the virus definitions database.