url:phishing warning on my website

[john1693]

my website is being flagged by avast as url:phishing

https://redoceanblue.com/

I scanned it with Virus Total and it is clean https://www.virustotal.com/gui/url/05ae9d3096bb8d87cb6c51a6d910bb1f471073f5f7b0f527dc71ae38acea01c6/detection

I also scanned it with Securi as well https://sitecheck.sucuri.net/results/https/redoceanblue.com

How do I get the site cleared by Avast.

Thanks,
John

[bob3160]

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

[polonus]

Hi john1693,

Do not see it flagged any longer.
Still some issues to point out to: retirable libraries detected

Retire.js
bootstrap   3.3.7   Found in -https://redoceanblue.com/templates/shaper_educon/js/bootstrap.min.js
Vulnerability info:
High   28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331   
Medium   20184 XSS in data-target property of scrollspy CVE-2018-14041   
Medium   20184 XSS in collapse data-parent attribute CVE-2018-14040   
Medium   20184 XSS in data-container property of tooltip CVE-2018-14042   
jquery   1.12.4   Found in -https://redoceanblue.com/media/jui/js/jquery.min.js?ea1fe0f7e000d8a5e06e34094308a961
Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution

Vulners found:

content.js:15 [VULNERS] Match Bootstrap /js/bootstrap.min.js undefined
(anonymous) @ content.js:15
content.js:15 [VULNERS] Match Font Awesome <link href="/components/com_sppagebuilder/assets/css/font-awesome.min.css undefined
(anonymous) @ content.js:15
content.js:15 [VULNERS] Match animate.css <link href="/components/com_sppagebuilder/assets/css/animate.min.css undefined
(anonymous) @ content.js:15
content.js:15 [VULNERS] Match cpe:/a:jquery:jquery jquery.min.js undefined
(anonymous) @ content.js:15
content.js:15 [VULNERS] Match jQuery Migrate jquery-migrate.min.js undefined

25% of Google tracking may be blocked by script blockers.

4 validation errors found using Avast Safe Browser console:

VM74:1 line 25:  The “type” attribute for the “style” element is not needed and should be omitted.
eval @ VM74:1
VM74:1 line 26: CSS: “padding-top”: only “0” can be a “unit”. You must put a unit after your number.
eval @ VM74:1
VM74:1 line 26: CSS: “padding-right”: only “0” can be a “unit”. You must put a unit after your number.
eval @ VM74:1
VM74:1 line 26: CSS: “padding-bottom”: only “0” can be a “unit”. You must put a unit after your number.
eval @ VM74:1
VM74:1 line 26: CSS: “padding-left”: only “0” can be a “unit”. You must put a unit after your number.

Consider compliancy test results here: https://www.immuniweb.com/websec/?id=4l8wWZOu

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

[jefferson sant]

Detection was removed in 11.02.2020

Our virus specialists have been working on this problem and it has now been resolved. The provided website isn't detected by Avast anymore.