Hi JRW & bob3160,
Don't shoot the messenger.
This is not my opinion or saying avast is flagging, it is just passing the scan results of this linting tool.
I did never point out the site is malicious or suspicious just that it stays open to improvement
Let's do some other scans just to see how this sticks or not.
The next scanner is reliable:
https://app.upguard.com/#/https://ghostbrowser.com/Here also site does not reach beyond F-grade results:
https://observatory.mozilla.org/analyze/ghostbrowser.comI grade here:
https://observatory.mozilla.org/analyze/ghostbrowser.com#tlsF-grade results here:
https://securityheaders.com/?followRedirects=on&hide=on&q=ghostbrowser.comSite doesn't issue an HSTS header.
Moreover I have seen tons of websites after doing this for over fourteen years now,
and I am not specially impressed by Word Press CMS security,
where plug-ins and configuration settings are involved, not to mention this site in particular, settings are OK.
The CMS is PHP based, and we all know what kettle of worms PHP coding could be for the PHP-HTML-coder
wrought without dependency injection.
Moreover 2 vulnerable retirable JQuery libraries detected here:
https://retire.insecurity.today/#!/scan/4fe75f7d18a53fbf154854c40c86bd08fa17b3ec23b522a45f79f5b502e48fddSome will thank me for exploring the weaknesses in their site's code, some go into denial mode and won't accept advise,
others use it to their advantage, what you will do, that's up to you,
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)