How long does it take to get your false positive report reviewed?

Hello,

I submitted a false positive to this adress on 26th october: https://www.avast.com/false-positive-file-form.php

How long does it take to get your false positive report reviewed?

Thank you.

Test the file/site at VT (https://www.virustotal.com) and post the link to the result here.

The site is clean:

*** WARNING THERE IS ADULT CONTENT ****

hXXps://www.amateur8.com/

https://www.virustotal.com/gui/url/34e973acd000802bf246f3d92c7a559f7c97e1a1eece2bb8d7b88598fb2e05f3

Thank you.

https://sitecheck.sucuri.net/results/www.amateur8.com

Normally it is within a day or two, so you are still very close to that time frame.

Please ‘modify’ your post change the URL from https to hXXps and/or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.

Initially I was able to connect to the site, but subsequently it alerted on the favicon.ico, see attached images.
The favicon.ico can be added/modified/hacked and used to be commonly used (in the past) maliciously to launch another link/function. I suggest you investigate this.

But there are other issues, and this could well impact on Avast still blocking it.

Edit:
You also have issues with outdated software - https://awesometechstack.com/analysis/website/amateur8.com/?protocol=https%3A

  • My php version is PHP 7.2.24 which isn’t that old.

  • hXXps://www.amateur8.com/link/meetnfuck/ redirect to a Dating Exoclick Link. Exoclick is one of the biggest and most trusted advertising network.

  • I rechecked the favicon.ico which is clean.

Thank you.

Please ‘modify’ your post change the URL from https to hXXps and/or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.

Active links can also be trawled by search engines and that would be advertising.

Done.

Reply #5s link is still active.

Modified.

I still haven’t received any answer from my false positive report.

Thank you.

Well I was able to access the main domain and the sub-domain (from reply #5) and no Alert.

Now here is where it gets very strange and I have to say somewhat underhand. I opened these in different tabs in a private windows and when closing the tab (or should that be trying to close it) it generated a new tab and displayed other content. On trying to leave that I got a message are you sure you want to close this or words to that effect to leave the page (see attached image1). Finally I was able to close that private tab.

I don’t particularly like this nonsense if I close a tab that should be it, tab closed, by now I was somewhat angry so my chronological order went to pot.

As I said I had no alert when I initially opened the main domain, but when trying to close that there is a redirect (see attached image2) and it appears to be trying to run a preview.mp4 file and that to my mind is totally out of order.

So I suspect that these redirects and trying to run an mp4 file could well be contributing to these alerts.

Hello,

  1. Our advertising network is set to block advertisers with entry and exit javascript message. But it happens that some cheaters go through. That’s why we also use Geoedge API to block further those advertisers.

Here is a screenshot of our adnetwork settings: https://imgur.com/a/dDroNpD

Anyway, we sent a report to our adnetwork to remove “neighborhoodsluts.com” from our advertisers.

  1. After opening the tabunder, it should go the page you clicked on. Preview.mp4 files are just screenshots timeline, like you can see on youtube when you mouse over a thumb to see a preview of the video.

Thank you.

  1. I’m not bothered about what your advertisers do, when I click close that is exactly what I expect (on any site) for it to open another tab that needs closing would basically stop me visiting the site again if it isn’t honouring my requests/actions.

  2. The problem is I didn’t click on a page, when I clicked on the close tab (not a tabunder command) so that is what I expect. I understand that sites have a revenue stream requirement, but that has to be open and not in this way.

As an Avast User, there is little more I can do other than point out what I already have.

Hello,

The tabunder only triggers when clicking on a link, which is the case on the majority of the adult websites, even the biggest ones.

Bandwidth is really expensive and we need a revenue stream. But I don’t think it is the reason I got my site banned by Avast.

Still waiting for an answer from the false/positive report.

Thanks for your comprehension.

You’re welcome.

I have tried to draw some attention to this topic.

Hello, detection was resolved as false-positive. Will be fixed in next stream update.