False positives?

Hi,
I keep getting reports that my e-commerce site Amethyst Coffee, running at https://amethyst-coffee.online, is being flagged up as a malicious site by Avast. Any ideas?

Word Press website scan showed no issues.

Here suspicious content flagged: https://quttera.com/detailed_report/amethyst-coffee.online

Not detected here: https://www.virustotal.com/gui/url/48168438fccd5813574d6e780eabfca6f935123a1f98d301f4b1f488db373c91/detection

[quote] 404 That’s an error.

That URL doesn’t exist. [/url] consider → https://www.shodan.io/search?query=paypalobjects.com
Injected: env: missing script “f14895c8-24ac-4fbe-82b2-760ec8b25d4c”!

polonus

Now that is a weird one… how do I clear that…

It is an unconditional redirection to wXw.paypalobjects.com

So you have to take that up with them, paypalobjects or the developer of the site.

Suspicious as with S.HttpRedir.gen. That does not say, malicious as such and could be an FP.

Wait for a final verdict from avast’s and whether this is not a security buster,

polonus

I made the site but use the paypal plugin for woocommerce for payments.

But it is not only avast that flags: https://www.virustotal.com/gui/domain/amethyst-coffee.online
Similar here: https://www.virustotal.com/gui/url/68817649ad815d2b75fdcdfdb1e670d75d74198e19fb3e78d133178f91f794b5?nocache=1

See also: https://urlscan.io/result/76880b67-9b54-4959-871a-1828713b4bb2/

See: https://urlscan.io/result/76880b67-9b54-4959-871a-1828713b4bb2/#indicators

Wait for a final verdict from avast team, as we here are only volunteers with relevant knowledge.
But it is avast team’s definitions.

pol