It is not only avast that blocks this website because of PHISHING, it is also MBAM that blocks it and other vendors.
And another three to flag, see in the VT scan results:
https://www.virustotal.com/gui/url/27f132e6926f7407de18fbf6bc5cfcfa8921acd2e704372a1a771ebe93bb451e/detectionRe: Unable to parse page. Check your target is accessible and try again.....
OK here:
http://isithacked.com/check/https%3A%2F%2Fsqueezecreative.eu%2FWord Press CMS has an outdated version:
https://sitecheck.sucuri.net/results/https/squeezecreative.euMore detection on this same IP:
https://www.virustotal.com/gui/ip-address/213.169.137.237/relationsNelly's linting improvement recommendations:
https://webhint.io/scanner/fabf7621-dfa0-4c97-9d30-7b49b50bd05b0 passed as linter is unable to scan & parse site.....
DOM-XSS issues sources and sinks -> Results from scanning URL: -https://squeezecreative.eu/
Number of sources found: 10
Number of sinks found: 109
Results from scanning URL: -https://squeezecreative.eu/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.4
Number of sources found: 0
Number of sinks found: 3
Results from scanning URL: -https://squeezecreative.eu/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.6.4
Number of sources found: 41
Number of sinks found: 17
Results from scanning URL: -https://squeezecreative.eu/wp-includes/js/wp-embed.min.js?ver=4.9.10
Number of sources found: 17
Number of sinks found: 2
Results from scanning URL: -https://squeezecreative.eu/wp-includes/js/wp-embed.min.js?ver=4.9.10
Number of sources found: 46
Number of sinks found: 9
With combinations of sources (input that can be controlled) like window.name 1.455 & sessionStorage 1/2
and sinks (methods to be abused) like eval 31/50 Function 1/5 059 & setTimeout 1/103 just to name a few.
This in the context of two vulnerable retirable jQuery libraries detected:
https://retire.insecurity.today/#!/scan/d0eca830111fdd9d1136a5d98c5b7897cfe2ace2c58a341bca47ddd21fc95ff5See:
https://snyk.io/vuln/npm:jquery:20150627 = SNYK DB for DOM-XSS exploitable flaws etc.
Convert special characters such as ?, &, /, <, > and spaces to their respective HTML or URL encoded equivalents.
Could be obfuscated code is flagged after ;eval(function(p,a,c,k,e,r), but that is only a fair guess on my part.
Wait for an Avast Team Member for a final verdict and an eventual green light.
They are the only ones to come and unblock, as we here are just volunteers with relative knowledge.
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Recent Posts