Hi,
I hope you can help us. We have found that the MalwareBytes Add-In for Firefox is giving a false positive report to users who are downloading our software from hxxps://www.tracker-software.com/product/downloads
I have searched for other reports in this forum and found none. I've read and followed these:
hxxps://forums.malwarebytes.com/topic/20806-important-please-read-before-reporting-a-false-positive/
hxxps://forums.malwarebytes.com/topic/21076-info-malicious-website-blocking/
The URL and IP address belong to CacheFly (hxxps://www.cachefly.com/) who provide a CDN for our product delivery. They say they have had no other similar reports to date.
The URL is currently resolving to 205.234.175.175
~$ dig downloads.pdf-xchange.com
; <<>> DiG 9.10.3-P4-Ubuntu <<>> downloads.pdf-xchange.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61608
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;downloads.pdf-xchange.com. IN A
;; ANSWER SECTION:
downloads.pdf-xchange.com. 299 IN CNAME pdfxchange.cachefly.net.
pdfxchange.cachefly.net. 3599 IN CNAME vip1.g5.cachefly.net.
vip1.g5.cachefly.net. 3599 IN A 205.234.175.175
;; Query time: 74 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun May 03 16:39:05 PDT 2020
;; MSG SIZE rcvd: 129
MalwareBytes installed application does mot seem to suffer the issue, I have to date only been able to reproduce this with the Firefox Add-In.
Can you help?
Paul