False positive https://secure.tarjetanaranja.com.ar

hello

Could solve the false positive results with the following web hxxps://secure.tarjetanaranja.com.ar

It is the product of my credit card. not infected, I report from the same antivirus and does not change the situation. Thank you.

you dont tell us what avast say ?

if it is URL:mal this means the url or ip is on a blacklist for whatever reason…it does not have to be infected

Your IP (200.45.16.220) is on one blacklist here http://whatismyipaddress.com/blacklist-check

see here http://www.apews.org/?

CASE: C-335 AS7303 AR, ISP permits abuse and/or ignores criminal activity

Looking at quttera and virustotal this is probably a false positive triggered by hxxps://secure.tarjetanaranja.com.ar/js/jquery.js
ClamAV and Quttera label it as Possibly Unwanted Application.

The apenews blacklist is in l2 which is so strict it can block clean IP’s due to being in the same netrange as known spammers

Level 2 lists IP addresses and netblocks of known spammers, anyone who is spam-friendly, or more worse supporting spammers. Listing starts at single IP's and can escalate up till the entire netrange of a spammer or spam supporter is listed. The Level 2 list will have some inadvertent blocking (non-spammer IP addresses included in listed blocks), but can still be used by small ISPs or individuals who want a stricter level of blocking/filtering.
The apenews blacklist is in l2 which is so strict it can block clean IP's due to being in the same netrange as known spammers
that may be the reason....

see http://urlquery.net/queued.php?id=58514940 and scroll down to Last 6 reports on ASN: AS7303 Telecom Argentina S.A.
where you find this http://urlquery.net/report.php?id=8275 with suricata and snort filter alerts ET CURRENT_EVENTS Blackhole 2 Landing Page

That’s a whole other domain in the same (broad) IP range… Not really applicable to this specific case. Case in point being it’s probably a false positive.
If the report function from within Avast does not work you could try contacting via http://www.avast.com/contact-form.php

Following SSL issues on that site:
x-content-type-options

Header Not Returned

Insecure
x-xss-protection

Header Not Returned

Insecure
x-frame-options

Header Not Returned

Insecure
x-content-security-policy

Header Not Returned

Insecure

Cookie Security Options: ASPSESSIONIDSQT DDSCC

secure.tarjetanaranja dot com.ar

Insecure secue attribute insecure http attribute Secure host only attribute

Server site insecurities: htxps://asafaweb.com/Scan?Url=https%3A%2F%2Fsecure.tarjetanaranja.com.ar%2Fsite.asp%3Fbw%3Dh

Fail: htxps://asafaweb.com/Scan?Url=https%3A%2F%2Fsecure.tarjetanaranja.com.ar%2Fsite.asp%3Fbw%3Dh
info: [decodingLevel=0] found JavaScript
error: undefined function document.getElementsByClassName
error: undefined variable commentsElements
suspicious: see: http://jsunpack.jeek.org/?report=7ea6cb44d6a3332a8554f12ff628cb3f5c742f95
https not scanned at nonnumeric port

polonus