not-a-virus:HEUR:AdWare.Script.Pusher.gen how to fix?

[animeglar]

Trying to read a manga site I have used for years, I use adblockplus and kaspersky web protection. When I clicked the main page I get these two events about HEUR:AdWare.Script.Pusher.gen

 

 

Event: Download denied
User: DESKTOP-6JBFB3M\Tom
User type: Active user
Application name: firefox.exe
Application path: C:\Program Files\Mozilla Firefox
Component: Web Anti-Virus
Result description: Blocked
Type: Contains adware, auto-dialers, legitimate software that can be used by criminals to damage your computer or personal data
Name: not-a-virus:HEUR:AdWare.Script.Pusher.gen
Precision: Partially
Threat level: Medium
Object type: File
Object name: subscribe.js?v=1.1.0
Object path: https://cdn.siteswithcontent.com/js/push
MD5: 189F6DDD0A08DD184BFE6CD4082874BF
Reason: Expert analysis
Databases release date: Yesterday, 15/03/2021 04:35:00

 

and

 

Event: Detected legitimate software that can be used by intruders to damage your computer or personal data
User: DESKTOP-6JBFB3M\Tom
User type: Active user
Application name: firefox.exe
Application path: C:\Program Files\Mozilla Firefox
Component: Web Anti-Virus
Result description: Detected
Type: Contains adware, auto-dialers, legitimate software that can be used by criminals to damage your computer or personal data
Name: not-a-virus:HEUR:AdWare.Script.Pusher.gen
Precision: Partially
Threat level: Medium
Object type: File
Object name: subscribe.js?v=1.1.0
Object path: https://cdn.siteswithcontent.com/js/push
MD5: 189F6DDD0A08DD184BFE6CD4082874BF
Reason: Expert analysis
Databases release date: Yesterday, 15/03/2021 04:35:00

 

 

Is this just a bad ad that was blocked by adblockplus and reported by kaspersky?
Scanned everything multiple times afterwards and found nothing.

[Berny]

@animeglar Welcome.

Please submit the suspicious link here https://opentip.kaspersky.com
and ask for “Reanalyze”

[animeglar]

When I try I get a error messege.

“ An error occurred while sending the object for re-validation. Please try again later. “

[Berny]

@animeglar Please submit a request to Kaspersky Technical Support.

[animeglar]

What should I say?

[Berny]

@animeglar

Please copy/paste your original Post in your request :
https://my.kaspersky.com/techsupport#/requests/new

[animeglar]

Alright, done, thanks for the help.

[Wesly.Zhang]

Hello,

It is a push adv from google services: firebase

https://cdn.siteswithcontent.com/js/push/subscribe.js?v=1.1.0

You will open a js file. Its function is create a img object and inject a script in the webpage.

If you understand the function of this script and try to access the following url:

https://www.siteswithcontent.com/firebase-messaging-sw.js

Let’s follow the import scripts url to

https://cdn.siteswithcontent.com/js/push/news-siteswithcontent-sw.js?v=3

Some interesting strings list in your eyes. OK, this case is closed.

Regards.

[animeglar]

Glad there is nothing to worry about, thanks.