[Website marked as phishing, no indication that it is being re-analyzed.]

@Berny
I'm not sure if this is a valid analysis but I analyzed the file in the threat intelligence portal.

[Website marked as phishing, no indication that it is being re-analyzed.]

@Berny
Yeah it's the text-typing effect I have on the main webpage.

https : //www.typeitjs.com/
 

Quote

1. Get the code through one of the following means:

https : //unpkg.com/typeit@8.8.3/dist/index.umd.js

• Include the source on your page.

<script src="https://unpkg.com/typeit@@{TYPEIT_VERSION}/dist/index.umd.js"></script>

The unpkg url I used is 

https : //unpkg.com/typeit@8.8.0/dist/index.umd.js

Instead of linking it from its source I formatted it and put it into a JavaScript file so I could tweak the cursor's blinking speed to be more like a Linux terminal. 

[Website marked as phishing, no indication that it is being re-analyzed.]

Hello!
I submitted my website to be re-analyzed and while the website screenshots were updated, it was still deemed dangerous. I have fixed the CSP for my HTTPS and HTML header to use hashes. There is no input form available on my website. There should be no way for malicious code to be implemented into the website by others, to the best of my knowledge. I've included the immuniweb scan of my last security test. Since then I've changed the filler nonce-values to hashes. For some reason Wapiti says I don't have X-XSS protection but I do, through cloudflare.