You can surprise people when you tell them you own more than 100 domains. Currently I have 118 domains in my portfolio. Some have website or mail services, some are for later use and some just redirect to another domain. This is the case for the domain in question.
I received an email from 1&1 last thursday telling me the website at www.example.com is infected. Indeed, the website shows a warning page when accessed with Google Chrome, however, it redirects to www.example.org. This is the infected website. So I told 1&1 that this is a false positive because this is just a redirect and the domain the redirect points to is not under my control. I also asked them to check their systems so they don’t bother me with these false positives in the future.
The reaction was exactly what you expect from 1&1: They told me example.com (which was not infected) is under my control and I should fix this ASAP. Well, you can’t fix what’s not broken and so I send them a screenshot with the following:
matthias:/htdocs/example.com/httpdocs # ls -al total 8 drwxr-x--- 2 examplecom psaserv 22 2011-03-01 10:22 . drwxr-xr-x 13 root root 4096 2011-04-10 21:48 .. -rw-r--r-- 1 root root 66 2011-03-01 10:22 .htaccess matthias:/htdocs/example.com/httpdocs # cat .htaccess RewriteEngine On RewriteRule .* http://www.example.org/ [L,R=301] matthias:/htdocs/example.com/httpdocs #
So I have done exactly nothing but 1&1 congrats me for solving this issue. They don’t get the point. And because of that I will have to life with these false positives in the future.