hello
Could solve the false positive results with the following web hxxps://secure.tarjetanaranja.com.ar
It is the product of my credit card. not infected, I report from the same antivirus and does not change the situation. Thank you.
hello
Could solve the false positive results with the following web hxxps://secure.tarjetanaranja.com.ar
It is the product of my credit card. not infected, I report from the same antivirus and does not change the situation. Thank you.
you dont tell us what avast say ?
if it is URL:mal this means the url or ip is on a blacklist for whatever reason…it does not have to be infected
Your IP (200.45.16.220) is on one blacklist here http://whatismyipaddress.com/blacklist-check
see here http://www.apews.org/?
CASE: C-335 AS7303 AR, ISP permits abuse and/or ignores criminal activity
Looking at quttera and virustotal this is probably a false positive triggered by hxxps://secure.tarjetanaranja.com.ar/js/jquery.js
ClamAV and Quttera label it as Possibly Unwanted Application.
The apenews blacklist is in l2 which is so strict it can block clean IP’s due to being in the same netrange as known spammers
Level 2 lists IP addresses and netblocks of known spammers, anyone who is spam-friendly, or more worse supporting spammers. Listing starts at single IP's and can escalate up till the entire netrange of a spammer or spam supporter is listed. The Level 2 list will have some inadvertent blocking (non-spammer IP addresses included in listed blocks), but can still be used by small ISPs or individuals who want a stricter level of blocking/filtering.
The apenews blacklist is in l2 which is so strict it can block clean IP's due to being in the same netrange as known spammersthat may be the reason....
see http://urlquery.net/queued.php?id=58514940 and scroll down to Last 6 reports on ASN: AS7303 Telecom Argentina S.A.
where you find this http://urlquery.net/report.php?id=8275 with suricata and snort filter alerts ET CURRENT_EVENTS Blackhole 2 Landing Page
That’s a whole other domain in the same (broad) IP range… Not really applicable to this specific case. Case in point being it’s probably a false positive.
If the report function from within Avast does not work you could try contacting via http://www.avast.com/contact-form.php
Following SSL issues on that site:
x-content-type-options
Header Not Returned
Insecure
x-xss-protection
Header Not Returned
Insecure
x-frame-options
Header Not Returned
Insecure
x-content-security-policy
Header Not Returned
Insecure
Cookie Security Options: ASPSESSIONIDSQT DDSCC
secure.tarjetanaranja dot com.ar
Insecure secue attribute insecure http attribute Secure host only attribute
Server site insecurities: htxps://asafaweb.com/Scan?Url=https%3A%2F%2Fsecure.tarjetanaranja.com.ar%2Fsite.asp%3Fbw%3Dh
Fail: htxps://asafaweb.com/Scan?Url=https%3A%2F%2Fsecure.tarjetanaranja.com.ar%2Fsite.asp%3Fbw%3Dh
info: [decodingLevel=0] found JavaScript
error: undefined function document.getElementsByClassName
error: undefined variable commentsElements
suspicious: see: http://jsunpack.jeek.org/?report=7ea6cb44d6a3332a8554f12ff628cb3f5c742f95
https not scanned at nonnumeric port
polonus