Author Topic: Website blocked: URL:Blacklist / this site contains misleading content (Read 1374 times)

Jc Toncommerce.com · « **on:** November 05, 2023, 07:16:11 PM »

Hi,

my website htxps://paiement.toncommerce.net for exemple : htxps://paiement.toncommerce.net/BC22033/carte is blocked by avast :

Reason: this site contains misleading content

Screenshot:
http://www.eurowebbiz.com/toncommerce.png

I can't access to the website wich redirect to my bank website for paiement on my Ecommerces websites

Screenshot:
http://eurowebbiz.com/toncommerce.png

This was checked so far -> no problems detected

GoogleSearchConsole -> no problems

https://transparencyreport.google.com/safe-browsing/search?url=https:%2F%2Fpaiement.toncommerce.net
-> no problems, no malware detected

https://www.virustotal.com/gui/url/2300c22ae4cfb373c58e71136ad3cdb12b87c6ef55f42f99aaab7c0b4df5dd65
-> 1 engines detected this URL for phising(but unfortunately no further information available)
I have posted also a false positive on Avira website

https://sitecheck.sucuri.net/results/https/paiement.toncommerce.net/BC22035/carte
-> no malware found / site is not blacklisted

https://urlscan.io/result/2ba74e18-c745-4a4f-b145-30604324ba24/
-> no problems

https://observatory.mozilla.org/analyze/paiement.toncommerce.net
-> not quite shure about the results

https://unmask.sucuri.net/security-report/?page=paiement.toncommerce.net
-> no problems

https://www.avast.com/false-positive-file-form.php was used (today).

Could anyone inspect this website, please? Thank you very much for any hints.
How can I get more details about "this site contains misleading content". Where does it comes from inside my website?

Thank you for your help

Jc M. from toncommerce.com

Pondus · « **Reply #1 on:** November 05, 2023, 07:28:42 PM »

Quote

Screenshot:
http://www.eurowebbiz.com/toncommerce.png

Screenshot does not show a avast block (if avast block the message will have a avast logo)

Jc Toncommerce.com · « **Reply #2 on:** November 05, 2023, 07:42:20 PM »

Quote from: Pondus on November 05, 2023, 07:28:42 PM

Quote
Screenshot:
http://www.eurowebbiz.com/toncommerce.png
Screenshot does not show a avast block (if avast block the message will have a avast logo)

Thx for your aswner. It s because i used avast browser
Here is a screen with chrome :
http://www.eurowebbiz.com/toncommerce2.png

Pondus · « **Reply #3 on:** November 05, 2023, 07:48:30 PM »

Quote

https://www.avast.com/false-positive-file-form.php was used (today).

Then you wait for avast lab to reply

DavidR · « **Reply #4 on:** November 05, 2023, 09:52:34 PM »

It is preferred that you attach images to the post and not on unknown a 3rd party site. That way you images are available within the forum.

Attaching Images to your post - When you Click the Reply button it opens a text window for you to post your comment (reply or post).
Click the Preview button, that shows what you have input and expands it to include 'Attachments and other options'. Click that it further expands, here you can attach images, etc. at the bottom of your post.
See my attached image, click to expand.

Jc Toncommerce.com · « **Reply #5 on:** November 05, 2023, 10:14:44 PM »

ok sorry

here it is

DavidR · « **Reply #6 on:** November 05, 2023, 11:44:05 PM »

Going over the checks you made - the sucuri.net/results although giving a Low Risk, there are some security hardening improvements that should be addressed.

This also give some security pointers - https://en.internet.nl/site/paiement.toncommerce.net/2440273/

These may or may not have contributed to the detection by Avast but should be addressed.
Outside of that having reported it to Avast you would normally get a response in a day or two.

This one comes up OK - https://quttera.com/detailed_report/paiement.toncommerce.net
But there is an sub.domain .css file link that Avast could be looking at - hxxps://statique.toncommerce.net/paiement.css?1353847495 but I don't know if the above is why Avast is alerting. Also Sandbox Request check as 1 report.

polonus · « **Reply #7 on:** November 13, 2023, 08:38:50 PM »

Additionally to what DavidR rightfully states in his response:

Scanned using Hint with Ctrl+Shift+I - The 'Expires' header should not be used, 'Cache-Control' should be preferred.
hxtps://statique.toncommerce.net/paiement.css?1353847495
expires: tue, 12 nov 2024 19:31:35 gmt

A listener indicated an asynchronous response by returning true, but the message channel closed before a response was received.

Errors 3 - Response should include 'x-content-type-options' header.
hxtps://statique.toncommerce.net/paiement.css?1353847495
hxtps://statique.toncommerce.net/favicon.ico

https://extension.safetoopen.com/check_group_sha_v3.php?q=a52be7bac6f4506c538352e6c3953bc9cac263bb127248bba248cb02638a7f20,e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&uid=&type=url_check&fqdn=f3ef97a80d412b5c79bb8ad363b2bb0f05e9b1fd8507cf4c35ee8f184c378789&sto_api_utime=28331732 (because of a blocking in my browser).

Is it phish gives it a 99,8% safe. Wait for a final verdict by avast, as they have to consider as these are their definitions.

polonus

Author Topic: Website blocked: URL:Blacklist / this site contains misleading content (Read 1374 times)

Jc Toncommerce.com

Website blocked: URL:Blacklist / this site contains misleading content

Pondus

Re: Website blocked: URL:Blacklist / this site contains misleading content

Jc Toncommerce.com

Re: Website blocked: URL:Blacklist / this site contains misleading content

Pondus

Re: Website blocked: URL:Blacklist / this site contains misleading content

DavidR

Re: Website blocked: URL:Blacklist / this site contains misleading content

Jc Toncommerce.com

Re: Website blocked: URL:Blacklist / this site contains misleading content

DavidR

Re: Website blocked: URL:Blacklist / this site contains misleading content

polonus

Re: Website blocked: URL:Blacklist / this site contains misleading content