Where it is being flagged: https://urlquery.net/report/2b1bbb8c-0585-4764-84f8-42e59cf03b2e
But also here: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3LmZ8dHRbI1tefH10fC5bdA%3D%3D~enc
1 vulnerable jQuery library detected: https://retire.insecurity.today/#!/scan/11b1d490d0bf5079f1a67793e3d3a29379685e48965ee99893f7a265683f6d6d
has an error

-ajax.googleapis.com/ajax/libs/jquery/1.6.3/jquery.min.js
status: (referer=-http:/XXX/web?q=puppies)saved 91626 bytes 0cf62d1dd0c483b423f5dfd655f62d03ed2668f6
info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP
info: [decodingLevel=0] found JavaScript
error: undefined function a.getElementsByTagName
error: undefined variable a
info: [element] URL=-ajax.googleapis.com/ajax/libs/jquery/1.6.3/undefined
info: [1] no JavaScript
file: 0cf62d1dd0c483b423f5dfd655f62d03ed2668f6: 91626 bytes
file: d5dba94a76a67a54f2b98b16227da20414542fd9: 72 bytes

Re:

jQuery versions with known weaknesses
Bug 9521 - $(“#”)
Bug 11290 - $(“element[attribute=‘’”)
jQuery issue 2432 - 3rd party $.get() auto executes if content type is text/javascript
jQuery issue 11974 - parseHTML executes inline scripts like event handlers
Run

The preferred way to mitigate this issue is using a prefilter on Cross Domains code (pol).
152 security best practices errors: https://webhint.io/scanner/9a7c965f-0a21-485a-8988-15542bd79598

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)