Hello!
Avast sends my domain https://dte.twp.cl to the blacklist and I can’t find a reason.
I would like to know the reason for correcting and leaving the list, I have sent all the information to the form https://www.avast.com/report-false-positive#pc but I cannot get it removed from the list black.
What about hxtps://region1.google-analytics.com/g/collect?v=2? &tid=G-T915SD7BNP%3Em=45je47o0v9119105494za200&_p=1721857051493&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1402193343.1721857052&ul=en-us&sr=800x600&frm=0&pscdl=noapi&_s=1&sid=1721857051&sct=1&seg=0&dl=https%3A%2F%2Fdte.twp.cl%2F&dt=XML%20a%20PDF%20-%20Archivos%20DTE%20del%20SII%20Chile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1401 It could be a legit Google tracker
This script: htxps://dte.twp.cl/polyfills-LZBJRJJE.js Third-party script injection: Although the script is hosted on a trusted CDN, there’s still a risk of malicious actors injecting malicious code into the polyfill script. This could happen if an attacker compromises the CDN or uses a vulnerable version of the script.
Execution context: Since the script is intended to be executed in a web page context, there’s a risk of it being used to exploit vulnerabilities in the hosting page or other scripts.
Bypassing browser restrictions: Some polyfills may potentially bypass browser restrictions or security features, such as the Content Security Policy (CSP) or Same-Origin Policy. However, in this case, the script appears to be designed for browser compatibility and doesn’t seem to intentionally bypass security controls.
But again, as said many times before, wait for a final verdict by avast’s
I would like to know the reason for correcting and leaving the list, I have sent all the information to the form https://www.avast.com/report-false-positive#pc but I cannot get it removed from the list black.
Polyfill Script: Regarding the polyfill script from htxps://dte.twp.cl/polyfills-LZBJRJJE.js, it’s crucial to verify its source.
As with any script, there’s a risk if the CDN is compromised or if a vulnerable version is being used.
If you have control over the CDN or the script, make sure it’s up-to-date and verify its integrity.
Again, wait for a final verdict from the Avast team.
You are indeed right, my deployment process does not delete that file, that is why it kept appearing.
I updated the versions of zone.js and angular (due to the polyfills bug)
and the URL of the previous version of htxps://dte.twp.cl/polyfills-LZBJRJJE.js is no longer there.