Also consider these data:
https://www.shodan.io/host/104.27.190.202/rawAnd
Reputation Check
PASSED
Google Safe Browse:OK
Spamhaus Check:OK
Abuse CC:OK
Dshield Blocklist:OK
Cisco Talos Blacklist:OK
Web Server:
cloudflare
X-Powered-By:
None
IP Address:
104.27.190.202
Hosting Provider:
Cloudflare.
Shared Hosting:
500 sites found on 104.27.190.202
5 engines flag this however: 2019-09-29 5
/ 71 hxtps://www.navalent.com/modules/users/?AP___=paul@mediacenternow.com
2 flag as malicious the other 3 for PHISHING.
Whenever this has been cleansed, wait for a final verdict after you report it to avast, as Pondus says.
I see it still there in code line 65... Did you go over it with the The WordPress Strip Schema Microdata extension for WordPress?
polonus (volunteer 3rd party cold recon werbsite security analyst and website error-hunter)