Avast blocking a "virus" on a app.

Viruses and worms
1

Hello
I downloaded this app that doesn’t have any type of malware or virus on 99%, had it for like a 3 months, and now for 1 and before it never warned me that it contains a virus.
The app is called Content Manager, it’s for one game. Here is the link: https://assettocorsa.club/content-manager.html
Many people around the world use it and don’t have any problem with it. How do i tell Avast that it’s not a virus ? Because I found the search bar for the apps but i couldn’t find the app there.
Here is what it says when it blocks it (It’s in Slovak so have to translate it) : We blocked connection with 5.9.57.235 , because we found function called URL:Mal.
Thank you for any help.

2

URL:Mal = Blacklisted URL or IP

We blocked connection with 5.9.57.235
IP history https://www.virustotal.com/#/ip-address/5.9.57.235 Click on listed items for details
How do i tell Avast that it's not a virus ?
[b]Report a false positive (select file or website)[/b] https://www.avast.com/false-positive-file-form.php
3

I get another IP and threats c.q. PHISHING alerted → https://cymon.io/87.236.16.68
and https://checkphish.ai/domain/latile.ru
On the malware on that AS → https://support.clean-mx.com/clean-mx/viruses.php?as=AS25519&sort=lastseen%20desc&response=alive
Part of a PHISHING attempt - DOM-XSS link to -http://supperofthelamb.com/media/js/netsoltrademark.php?d=diggo.wikitechguru.com%2F2018%2F12%2F20%2Fpci-concursos-2%2F&quot
Number of sources found: 9
Number of sinks found: 60
Vulnerable jQuery library: https://retire.insecurity.today/#!/scan/c597e1b1eeb065b52ddff693cf7058a4931d09534cffa22ef9e7aca80a8a1ba4
F-grade security and recommendations: https://observatory.mozilla.org/analyze/assettocorsa.club
Also see recommendations: https://webhint.io/scanner/4a24a94f-454c-45a4-b459-e2c784c3a319
of which 67 are security related: https://webhint.io/scanner/4a24a94f-454c-45a4-b459-e2c784c3a319#Security
consider also: https://urlquery.net/queue/f2e2438a-8dda-4f90-ae4c-8f04143cfd62
Outdated PHP → https://sitecheck.sucuri.net/results/https/assettocorsa.club/content-manager.html

Also the links between -http://www.gamestul.ru/home_revolution.htm &
-http://meyerslabelandcardgroup.com/media/js/netsoltrademark.php?d=www.cheapnbajerseys-wholesale.us.com%2Fglobalisation-and-primary%2F (TradeMarkFreeZone exclusion).

polonus (volunteer website security analyst and website error-hunter)

4

Hey and do you think it is actually a virus or not ? because i’m confused a lot. Is the ip adress something unsafe ? I don’t really understand things like this.

5
Is the ip adress something unsafe ?
According to avast, yes .... why i do not know, only avast lab can say
6

Alright i will report a Malicious sample as well and see what they will say.
I just don’t think it would have a virus because probably like thousands or even like milions of people use or used this app. I discovered that my friend had this problem too and he uninstalled avast because of it, which i don’t wanna do.
I even scanned the rar. file, scanned the Content Manager app and even scanned my pc to like 40%, nothing and all was found (I will try to scan it to 100% later and see.)

7
I just don't think it would have a virus because probably like thousands or even like milions of people use or used this app.
There are many reasons for blacklisting a URL / IP, it does not have to be infected