False Positive

Hello. Avast says that my website hxtp://www.cool-hdsport.com has been infected with URL:Scam. I scanned the site with virustotal, and everything is fine. https://www.virustotal.com/gui/url/a11daeca34a3a8af78843f5e12af0f46dd840068dcbf53bd1a14a98d1e4804bc/detection

I sent a request for review at https://www.avast.com/false-positive-file-form.php but no response so far. Can you give me some advice, who to contact for this issue? Thank you

You should get a reply within 48 hours.

I understand. I hope to receive an answer today, because the request for re-examination was sent on Saturday night.

Hallo AlexDM,

My report is in English, as this is the English speaking section of these forums.

Yours is a http-website which is insecure (http=connection and not a https-connection)

There are also iframes listed:

These could all be absolutely above board. ;)

The real hick-up is here - too many redirects.
Then we found too many redirects, why the page is not openening: Google recommends to not have more than 5 hops in a redirect chain. We found 8 hops. This could mean slower or delayed crawling as well as potential SEO problems caused by this.

10 red alerts out of ten for this website here: https://sitereport.netcraft.com/?url=http://www.cool-hdsport.com
Take this up with Abelo host (B.V. in Nederland).

Wait for an official verdict from avast team as they are the only ones to come and unblock,
as we here are just volunteers but with relevant knowledge in the field of website security and error-hunting.

met vriendelijke groeten,

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

Hello polonus,

Thank you for these clarifications. Following your message, I deleted all the iframe pages on the home page and the other sub-pages, and only one iframe remained, out of the 5-8 I had before.
Tonight, 48 hours have already passed since I sent a request for false-positives, but I did not receive any answer. I hope you re-evaluate the situation of the site, see that everything is clean, and have my URL: Scam removed from the site, so that the antivirus does not detect anything. Thank you and I am waiting for an answer.

Regards,

Don’t forget that you posted it and there has been a weekend since then, where there is likely to be reduced staffing in the virus labs.

Nevertheless users that have opened up that website earlier now inside their browsers,
could have trouble opening it again without clearing all cookies.
At least my situation with Google Chrome.
It opens now up all right inside Avast Secure Browser

Then also users with https only do not see it or have to go past an alarm, or they see it from site information in their browser it is less secure.

It now opens up in browsers that have never visited that site before, but there is certainly room for some improvement with
559 recommendations from webhint’s, see: https://webhint.io/scanner/b330bebd-7ed6-4529-bd07-88656fda42d8

Wait for avast’s final verdict, at least Dr Web is not flagging it:

Checking: -https://www.googletagmanager.com/gtag/js?id=UA-204296455-1 File size: 100.29 KB File MD5: 82da685d9d304c7e259eeed8c59c5a30

-https://www.googletagmanager.com/gtag/js?id=UA-204296455-1 - Ok

Checking: -https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
File size: 137.62 KB
File MD5: 828000fec1ea76fba807d1e1a5f765bf

-https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js - Ok

Checking: -http://www.cool-hdsport.com
Engine version: 7.0.49.9080
Total virus-finding records: 10299694
File size: 10.01 KB
File MD5: 9f470c3988d166610fc7e1cee49226b8

-http://www.cool-hdsport.com - archive JS-HTML

-http://www.cool-hdsport.com/JSTAG_1[1d76][cf] - Ok
-http://www.cool-hdsport.com/JSTAG_2[2324][4b] - Ok
-http://www.cool-hdsport.com/JSTAG_3[24c3][9d] - Ok
-http://www.cool-hdsport.com/JSTAG_4[258b][278] - Ok
-http://www.cool-hdsport.com/JSTag_5[2590][273] - Ok
-http://www.cool-hdsport.com - Ok

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Thank you for the recommendations you mentioned above.

After an optimization on the website, from 559 recommendations I reached 409. I will optimize the site in the next period, and I hope that after you saw that I took into account your recommendations, I hope that my site will be raised from the blacklist, and not to be blocked by avast, due to url: scam. https://webhint.io/scanner/0acb5829-f2ce-42b2-8207-76fec8167c35
I hope to receive an official response from avast as soon as possible, because my site has already been blocked for 3 days.

Hi AlexDM,

Thanks for following this up and let us hope the outcome will make everyone a tad more secure.
Thank you for reporting here and the mutual assistance to tackle this issue.

We here are just volunteers with knowledge in the field of website security analysis and error-hunting.
Just wait for a final verdict from avast team, as they are the only ones to really address such matters.

Have a nice day,

polonus

Hello polonus,

Tonight, I received an official response from Avast, and the issue was resolved. Thank you all for your help.

Hi AlexDM,

You are welcome, all’s well that ends well,

polonus