Website False Positive?

Viruses and worms
1

I visited this web site (http://blogs.channel4.com/factcheck/factcheck-europes-migration-crisis/21469) and had mulitple warnings come up and a file called “28510” which was located in “C:\Users[user name]\AppData\Local\Mozilla\Firefox\Profiles[String of numbers and letters].default\cache2\doomed” moved to the virus vault with virus “HTML:Iframe-inf”, yet scanning the site on Virus Total says it is clean: https://www.virustotal.com/en/url/2ab62faa3a2987bf489e30964f98870058c642325524086a9b4d8bf62cf55790/analysis/1441392162/

Is this a false positive?

EDIT: According to the pop-up the issues was http://blogs.channel4.com/factcheck/factcheck-europes-migration-crisis/21469|{gzip} but Virus Total also says there is no issue: https://www.virustotal.com/en/url/de7d659ea440fdc9190e46b4540122ca47306b790e0fda234af3a72626103aee/analysis/1441393670/

2

Virustotal URL scan does not scan for infections, it is a blacklist check

html only detected by avast
https://www.virustotal.com/nb/file/779800c18328bd4ab618e2b9de36096e4264e761ff0ea067c4fcd683dda2f3c3/analysis/1441396800/

3

Zulu scaler says benign

4

I see here avast blocks the following iframe
links to redirects this site is blocked as URL:Mal

< p> <  if​rame  src=hxxp://static.data.c4news.com/9cf25/index.html" frameborder="0" allowtransparency="true" allowfullscreen="allowfullscreen" webkitallowfullscreen="webkitallowfullscreen" mozallowfullscreen="mozallowfullscreen" oallowfullscreen="oallowfullscreen"
 msallowfullscreen="msallowfullscreen" width="100%" height="400" data-preserve-height="true"> < / if​rame > < /p>

Humm is suspect,Error 404 File not found,try to clean.

5

This is what F-secure lab say

==================================================
The file is not malicious. The links used in the iframe are clean.

6

Ok, thank you for the replies.

7

Jefferson Sant stumbled upon something that Avast (AOS) flags: https://www.virustotal.com/nl/ip-address/212.227.30.237/information/ (see last detected urls), so it is -static.data.c4news.com/9cf25/index.htm
that is being blocked in chrome.exe as URL:Mal. Even the Google cache of for instance: htxp://static.data.c4news.com/HuWKG/index.html. is being flagged and blocked.
Received data:

  1. HTTP/1.1 403 Forbidden\r\n
    Date: Fri, 04 Sep 2015 21:20:25 GMT\r\n
    Server: Apache\r\n
    Content-Length: 9\r\n
    Content-Type: text/html; charset=iso-8859-1\r\n
    \r\n
    Forbidden → http://toolbar.netcraft.com/site_report?url=+http%3A%2F%2Fwww.static.data.c4news.com

polonus

8

Avast indeed complains about iframes leading to c4news.com, which we have been blocking since February. I am now unblocking c4news.com, so there should be no more warnings ;-)!