Bitdefender flags this site as with threats reported in the past...

“This page may be safe, but some security threats have been reported in the past”.
Re: https://urlscan.io/result/a17a661f-28d1-44a4-8b3c-404c422f8294/
and 187 inprovement hints listed here: https://webhint.io/scanner/8d978bd6-5d35-4fac-aa44-9884f7372603

Given an all green on VT: https://www.virustotal.com/gui/url/0dac35ce5cb43f72a7978e16ee07ad93f8dad1290240943b8ab0cf7386db150f/detection
Eventual PHP issues…
See: https://maikuolan.github.io/Vulnerability-Charts/php.html for PHP with PHP/7.3.29

[i]But a Netcraft Risk rating of 9 red out of 10: https://sitereport.netcraft.com/?url=https://www.usertest.mlxdev.xyz[/i]

Where Google is concerned, they just wanna score a high metric score on websites, you cannot have too much scarcity.
Global CDN is what you should have.
It can be putting large parts of the Interwebz at risk of outings when there is a fail.

Inline scripts: HTML -www.usertest.mlxdev.xyz/ 14,549 bytes, 123 nodes

Javascript 15 (external 12, inline 3)
INLINE: /* * This entire block is wrapped in an IIFE to prevent polluting the scope of
489,431 bytes

-designreset.com/cork/ltr/demo7/assets/js/libs/​jquery-3.1.1.min.js
-designreset.com/cork/ltr/demo7/bootstrap/js/​popper.min.js
-designreset.com/cork/ltr/demo7/bootstrap/js/​bootstrap.min.js - user enumeration und und id:1 id:2 revealed
-designreset.com/cork/ltr/demo7/plugins/perfect-scrollbar/​perfect-scrollbar.min.js
-designreset.com/cork/ltr/demo7/assets/js/​app.js
-cdn.jsdelivr.net/gh/jquery-form/form@4.3.0/dist/​jquery.form.min.js
-www.usertest.mlxdev.xyz/plugins/sweetalerts/​sweetalert2.min.js
-designreset.com/cork/ltr/demo7/plugins/sweetalerts/​custom-sweetalert.js
-ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/​jquery.validate.min.js
INLINE: $(document).ready(function () { /* Creating Product Via Ajax with
1,906 bytes

-designreset.com/cork/ltr/demo7/plugins/highlight/​highlight.pack.js
-designreset.com/cork/ltr/demo7/assets/js/​custom.js
-designreset.com/cork/ltr/demo7/assets/js/​scrollspyNav.js
INLINE: $(‘#yt-video-link’).click(function () { var src = 'https://www.yout
908 bytes

CSS 15 (external 9, inline 6)
-fonts.googleapis.com/​css?family=Quicksand:400,500,600,700&display=swap
INJECTED

-designreset.com/cork/ltr/demo7/bootstrap/css/​bootstrap.min.css
INJECTED

-designreset.com/cork/ltr/demo7/assets/css/​plugins.css
INJECTED

-designreset.com/cork/ltr/demo7/plugins/animate/​animate.css
INJECTED

-designreset.com/cork/ltr/demo7/assets/css/​scrollspyNav.css
INJECTED

-designreset.com/cork/ltr/demo13/assets/css/pages/​contact_us.css
INJECTED

-designreset.com/cork/ltr/demo7/assets/css/components/​custom-modal.css
INJECTED

-designreset.com/cork/ltr/demo7/plugins/sweetalerts/​sweetalert2.min.css
INJECTED

-designreset.com/cork/ltr/demo7/plugins/sweetalerts/​sweetalert.css
INJECTED

INLINE: -@-webkit-keyframes swal2-show{0%{-webkit-transform:scale(.7);transform:scale(.7)
26,721 bytes INJECTED

INLINE: -a.gootranslink:link {color: #0000FF !important; text-decoration: underline !impo
2,944 bytes INJECTED

INLINE: :root #content > #center > .dose > .dosesingle, :root #content > #right > .dose
120 bytes INJECTED

INLINE: .BDTLL_icon_ok { background-image: url(data:image/png;base64,iVBORw0KGgoAAAA
31,825 bytes INJECTED

INLINE: .BDTLL_status { cursor: pointer; display: inline; margin-right: 3px;
595 bytes INJECTED

INLINE: -a.gootranslink:link {color: #0000FF !important; text-decoration: underline !impo
2,944 bytes INJECTED

polonus (volunteer cold recon website security analyst and website error-hunter)