Author Topic: Why this is being blocked and flagged as malicious by Quttera's?  (Read 604 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33596
  • malware fighter
Why this is being blocked and flagged as malicious by Quttera's?
« on: December 02, 2021, 10:52:09 PM »
Genuine detections or FP?

Re: https://www.virustotal.com/gui/url/48a40a2eff87e54d02594e29251951a0a734668a4a018dd0bae419eab7782ef8?nocache=1
72 malicious files detected, see: https://quttera.com/detailed_report/rumble.com

For instance
Quote
flie ->/vq2yi2-ben-affleck-its-important-to-have-2-parents-for-the-upbringing-of-a-child.html
Severity:   Malicious
Threat:   Heur.PHP.Injection.gen.4c4b4a
Reason:   Detected malicious PHP include statement
Details:   Detected malicious PHP content
Line:   1222
Offset:   3
Threat dump:   View code *
Threat dump MD5:   ADFAC9A019D6CB7ADBEDAE9C91E2CEDF
File size[byte]:   71361
File type:   HTML
Page/File MD5:   477D671B45D1BC76235CDC9E86286862
Scan duration[sec]:   2.274
en
Quote
* [[include('//wXw.googletagmanager.com/gtag/js?id=UA-44331619-1%26ext=.js');]]
This detected as malicious PHP content.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!