I just got this email from Amazon AWS where I host some of my landers:
"Dear Abuse Responsible
On Saturday, July 8, 2017 we were informed about a deceptive site hosted at an IP address under your control. The following IP addresses and domains are involved in the forwarding chain:"
The link shows my landing page (which is about a "you are the winner" angle) plus the ?volumdata token
I have checked the URL and also the domain on Virustotal, all is green over there.
I have now deleted the content in the whole folder with the LP and moved it to another webhost.
Did you have this happen? I've had it happen before, but that was when my LP was actually classified as "deceptive" by Google Safebrowsing, so that's a valid reason I guess.
Now, I didn't wanted to argue with AWS Abuse team, that's why I just deleted the LP. But I wonder what I should do if this happens again on another LP hosted at AWS? Was anyone of you successful in asking about the reason for the site being deceptive when Virustotal shows it as being "green"?
Usually there's a smaller security company doing the reporting from my experience. When I got this, they showed me all the
Never had an issue with deleting/changing name as a fix. As long as the file doesn't exist anymore, Amazon seems to not do manual reviews. If the report was unfair, you can request a manual review and will also not be an issue. You just have to know that your page is legit and now the standard misleading angle - that one you have to delete and make a new one.
This was for S3 + CloudFront, I'm not sure if the policy is much different for EC2 instances.