Blacklist or False Positive?

Trying to access: https://portal.care360.com/care360/care360.login on Chrome and Firefox, both currently updated.

Avast continues to block it saying: https://portal.care360.com/care360/care360.login [L] URL:Mal
or https://portal.care360.com/care360/care360.login [L] URL:Mal2

VirusTotals.com shows it clean on all 67 scanners. I can’t seem to find any more useful information about this block from Avast.

Please help!

VirusTotals.com shows it clean on all 67 scanners.
Virustotal dont scan for infections, it is a blacklist check so saying clean is not actually correct

URL:Mal = Blacklisted URL or IP

Reported to avast lab as possible False poitive, so you may see a reply here later

https://forum.avast.com/index.php?topic=185110.msg1304746#msg1304746

There are two log-in URLs given for that page, this one with 2 sources and 2 sinks: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fportal.care360.com%2Fcare360%2Fcare360.login

And this second one, which code is actually found there, with 23 sources and 7 sinks: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fportal.care360.com%2Fcare360-tap%2Flogin.js
For me landing here: Results from scanning URL: -http://www.cross-sparks.Co.uk/media/system/js/mootools-core.js
Number of sources found: 65
Number of sinks found: 13
and
Results from scanning URL: -http://www.cross-sparks.Co.uk/media/system/js/mootools-more.js
Number of sources found: 5
Number of sinks found: 12
and
Results from scanning URL: -http://www.cross-sparks.Co.uk/media/plg_jblibrary/jquery/jquery.noconflict.js
Number of sources found: 38
Number of sinks found: 14

Server insecurities here: http://toolbar.netcraft.com/site_report?url=https%3A%2F%2Fportal.care360.com%2Fcare360%2Fcare360.login POODLE and BEAST vulnerable.

Cryto report comes up with: -portal.care360.com
Warnings
BEAST
The BEAST attack is not mitigated on this server.
SSLv3
This server uses the SSLv3 protocol which is not secure. Disable the SSLv3 protocol and enable a higher protocol version. Contact your web server vendor for assistance.
Browser compatibility is at risk.
Modern browsers may not trust certificates signed using a SHA-1 hash algorithm. Contact your Certificate Authority to replace SHA-1 certificates installed on the server with SHA-256 certificates.
RSA remove cross certificates
The certificate chain contains a cross root (primary intermediate) certificate that should be removed. Use Symantec CryptoReport to remove cross root certificates.
This server is vulnerable to:
Poodle (SSLv3)
This server is vulnerable to a Poodle (SSLv3) attack. If you have not disabled SSLv3 fallback support, disable it now and use TLS 1.2 or higher.
Certificate information
This server uses an Organizationally Validated (OV) certificate. Information about the site owner has been validated by VeriSign, Inc. to help secure personal and financial information.
Common name:
portal.care360.com
SAN:
portal.care360.com
Valid from:
2015-Aug-03 00:00:00 GMT
Valid to:
2016-Aug-04 23:59:59 GMT
Certificate status:
Valid
Revocation check method:
OCSP
Organization:
Quest Diagnostics Incorporated
Organizational unit:

City/locality:
Teterboro
State/province:
New Jersey
Country:
US
Certificate Transparency:
Not Enabled
Serial number:
488600a5a6c823b715eca4f6f874e4a9
Algorithm type:
SHA1withRSA
Key size:
2048
Certificate chainShow details
VeriSign Class 3 Public Primary Certification Authority - G5Intermediate certificate
VeriSign Class 3 International Server CA - G3Intermediate certificate
portal.care360.comTested certificate

Any warnings people may see in browsers are the result of how Care360 certifies with browsers, but does NOT reflect faulty security within the Care360 system. But wait for an Avast Team Member to either confirm this as the culprit of the detection/blacklisting or not.
Re: https://www.mywot.com/en/scorecard/portal.care360.com?utm_source=addon&utm_content=contextmenu

There is also an external link that downloads application/ocsp-response that could have been flagged: Host: -se.symcd.com
But I do not think so.

polonus (volunteer website security analyst and website error-hunter)

Hi,
The domain was blocked because this file:
https://www.virustotal.com/en/file/aed4a5779346d325824d56c138ba896990d4f0ce645a47d7070c06dafd8f7cc5/analysis/1459400806/
could be downloaded from this URL:
https://get.care360.com/CCP_Full/CCPClient.exe

I added the file to our cleanset, and unblocked the domain.