Author Topic: false positive  (Read 845 times)

0 Members and 1 Guest are viewing this topic.

Offline e17area-fedup

  • Newbie
  • *
  • Posts: 2
false positive
« on: April 08, 2021, 07:06:26 AM »
Avast is wrongly blocking my site, my site has nothing wrong with it, please remove the block on my site, and while you are doing that, please also sort out the means by which you use to check sites, because it is hugely inapropriete and harmful to ligetimate sites like mine, am having to write this at 6:00am after spending agies looking for how to write this and where to write this when i should be sleeping, you seriously have a responsibilities which you must take very seriously, you claim to be protecting people, but you are failing very badly,  i've spent time and money trying to find something that does not exist apart from in your own minds, i've already removed your browser adon and all software of yours from my computer, will be removing them also from my laptops too, because i've had it with you,  if you are going to claim you protect people, at least do it right, google webmast finds nothing, online scanners finds nothing, THERE IS NOTHING WRONG WITH THE SITE, THE ONLY THING THAT IS WRONG IS WHAT YOU CLAIM TO DO, check cochranemarket and show what it is that you think is wrong and makes you put a block on my site, if i haven't gone to the site directly i would not have found out

Offline e17area-fedup

  • Newbie
  • *
  • Posts: 2
Re: false positive
« Reply #1 on: April 08, 2021, 07:08:02 AM »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 71825
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Win 8.1 [x64] - Avast PremSec 21.8.6586.IBC [UI.666] - EEK - Firefox ESR 78.14 [NS/uBO/PB] - TB 91.1
Avast-Tools: Secure Browser 93.0 - Cleanup 21.3 - SecureLine 5.13 - Driver Updater 21.3 - CCleaner 5.84
Avast Wissenswertes (Downloads, Anleitungen & Infos):

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33285
  • malware fighter
Re: false positive
« Reply #3 on: April 09, 2021, 05:12:01 PM »
Now even 7 engines to flag it, mainly as a PHISH (but not flagged at PHISHTank):

Seen as from the other point of view, but security:

- returned a 301

Web Server:
IP Address:
Hosting Provider:
Shared Hosting:
2 sites found
Cochrane Market

Issue: The first two user ID's were tested to determine if user enumeration is possible.

Username   Name
ID: 1   test   admin
ID: 2   e17sweetmegmail-com   paul
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. Take note that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

   cookie-law-info 2.0.1    Current   latest release (2.0.1)

Not vulnerable in this sense:!/scan/1c1b385626f3b915b7ef16c8a6ea5d8da43a85ce13e23918389fb41d52048eaa

See SRC review: HTML
36,305 bytes, 333 nodes

Javascript 14   (external 11, inline 3)
INLINE: window._wpemojiSettings = {"baseUrl":"-https:\/\/\/images\/core\/emoji
2,128 bytes​wp-emoji-release.min.js?ver=5.7​jquery.min.js?ver=3.5.1​jquery-migrate.min.js?ver=3.3.2
INLINE: /* <![CDATA[ */ var Cli_Data = {"nn_cookie_ids":[],"cookielist":[],"non_necessa
1,870 bytes​cookie-law-info-public.js?ver=2.0.1​e8af8301-45e2-41c6-9212-9421ce1b1dc7.js​popper.min.js?ver=5.7​bootstrap.min.js?ver=5.7​theme-script.min.js?ver=5.7​skip-link-focus-fix.min.js?ver=20151215​wp-embed.min.js?ver=5.7
INLINE: /* <![CDATA[ */ var adverts_frontend_lang = {"ajaxurl":"-https:\/\/www.cochranem
194 bytes​wpadverts-frontend.js?ver=1.3.5
CSS 15   (external 13, inline 2)
INLINE: img.wp-smiley, img.emoji { display: inline !important; border: none !importan
283 bytes INJECTED​style.min.css?ver=5.7

INLINE: #page-sub-header { background: #fff; }
52 bytes INJECTED​wpadverts-frontend.css?ver=1.5.3

Wait for a final verdict from avast team, as they are the only ones to come and unbloc,
but with 7 instances flagging at VT this not likely to be a False Positive,

polonus (volunteer 3rd party cold reconnaisaance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!