False positives on vivaldi.exe
-
I am familiar with the concept False Positives by an AV or Malware scanner, but never before experienced those with a browser. (30 plus years using browsers here, I am an IT and security/support specialist)
It has happened with a plugin or extension, but not with the browser itself.
Online Threat Prevention We blocked this dangerous page for your protection: https://cdn.adt532.com/ Accessed by: vivaldi.exe Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent.
I am ok with blocking CDN, don't use CDN and don't like them, but I do know that it is a great help for web services.
What triggers AV software to block Vivaldi's CDN?
-
@SecCon said in False positives on vivaldi.exe:
What triggers AV software to block Vivaldi's CDN?
Hi, this is not Vivaldi's CDN. Looks to be Amazon CF:
$ curl -I https://cdn.adt532.com/ HTTP/2 302 location: http://adtraction.com/ cache-control: no-cache access-control-allow-origin: * x-traceid: ec72a8cb-71fa-4c0f-b9b0-f1dc7fe26769 date: Mon, 23 Jan 2023 09:44:31 GMT x-cache: Miss from cloudfront via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
The domain
adtraction.com
is also blocked by uBlock here (Peter Lowe’s Ad and tracking server list).You will have to ask the AV Software vendor why they are blocking the domain as "dangerous". Seems like a generic ad/tracking company to me, and not necessarily "dangerous", bad for privacy probably.
-
I am waiting for it to pop again and do some more about it.
The AV is not freeware, is well known and has good reputation, well, some will always say this or that is sheit, can't help them.
There are no custom filtering on it either so, well, just waiting and browsing to see if I can nail what triggered it.
-
-
and found it, not related to Vivaldi.net.