Avast WEBforum
Consumer Products => Avast Online Security (browser extension) => Topic started by: Karen on February 01, 2023, 06:48:55 AM
-
Avast misreported my website, I contacted the security team and scanned the entire site, and found no dangerous behavior on the website
*.vtmarkets.com please remove the blacklist
Block example: www.vtmarkets.com
About Security Vendor's Mark https://www.virustotal.com/gui/url/9019ac02862484aee35c0558bcdd72872ba726e3bbda2fc25b01bdbc1f220f74
I did not find my website in the blacklist query provided by Chong Lua Dao official website
-
Scan results
-http://www.vtmarkets.com/ redirects to https://www.vtmarkets.com/
Checking: -https://www.vtmarkets.com/vttemplates/vt/js/myscript.js?v=1676034120
File size: 16.39 KB
File MD5: 9421f73ab2e9b53e4cb7e7ed29de09b7
-https://www.vtmarkets.com/vttemplates/vt/js/myscript.js?v=1676034120 - Ok
Checking: -https://www.vtmarkets.com/vtplugins/add-to-any/addtoany.min.js
File size: 129 bytes
File MD5: 5ef26b5e47e6951f43ecf2b1fc645222
-https://www.vtmarkets.com/vtplugins/add-to-any/addtoany.min.js - archive JS-HTML
>-https://www.vtmarkets.com/vtplugins/add-to-any/addtoany.min.js/JSFile_1[0][81] - Ok
-https://www.vtmarkets.com/vtplugins/add-to-any/addtoany.min.js - Ok
Checking: -https://www.googletagmanager.com/ns.html?id=GTM-TSVHKFH
File size: 266 bytes
File MD5: 503957084b1a48219ecf52a5b81ca4cd
-https://www.googletagmanager.com/ns.html?id=GTM-TSVHKFH - Ok
Checking: -https://www.vtmarkets.com/wp-content/themes/vt/js/count.js%3Fv=1676034120
File size: 3794 bytes
File MD5: 4eab5909f9376e55048a29e48d71d9b1
-https://www.vtmarkets.com/wp-content/themes/vt/js/count.js%3Fv=1676034120 - Ok
Checking: -https://www.googletagmanager.com/gtag/js?id=UA-165046318-1
File size: 110.27 KB
File MD5: bf859ae4ff09f0fbfdf20ff82621149e
-https://www.googletagmanager.com/gtag/js?id=UA-165046318-1 - Ok
Checking: -https://www.googletagmanager.com/ns.html?id=GTM-WS6M278
File size: 592 bytes
File MD5: 401248661a5bba41e1268e2afd9634e3
-https://www.googletagmanager.com/ns.html?id=GTM-WS6M278 - Ok
Checking: -https://www.vtmarkets.com/wp-content/themes/vt/js/form_public.js%3Fv=1676034120
File size: 14.36 KB
File MD5: f5f817b8a88d0fded52d04259641008b
-https://www.vtmarkets.com/wp-content/themes/vt/js/form_public.js%3Fv=1676034120 - archive JS-HTML
>-https://www.vtmarkets.com/wp-content/themes/vt/js/form_public.js%3Fv=1676034120/JSFile_1[0][396c] - Ok
-https://www.vtmarkets.com/wp-content/themes/vt/js/form_public.js%3Fv=1676034120 - Ok
Checking: -https://www.vtmarkets.com/wp-content/themes/vt/js/superfish.js%3Fv=1676034120
File size: 6985 bytes
File MD5: f2d8d0aeb67bf6d5258efd5d6018c9fe
-https://www.vtmarkets.com/wp-content/themes/vt/js/superfish.js%3Fv=1676034120 - Ok
Checking: -https://www.vtmarkets.com/wp-content/themes/vt/js/hoverIntent.js
File size: 4938 bytes
File MD5: afd5cfd89a0d06a3a3483886f073069a
-https://www.vtmarkets.com/wp-content/themes/vt/js/hoverIntent.js - Ok
Checking: -https://www.vtmarkets.com/vtincludes/js/jquery/jquery-migrate.min.js
File size: 10.96 KB
File MD5: 79b4956b7ec478ec10244b5e2d33ac7d
-https://www.vtmarkets.com/vtincludes/js/jquery/jquery-migrate.min.js - OK
Checking: -https://www.vtmarkets.com/vtincludes/js/jquery/jquery.min.js
File size: 87.42 KB
File MD5: 02dd5d04add4759122013c5ab4dc5cc2
-https://www.vtmarkets.com/vtincludes/js/jquery/jquery.min.js - archive JS-HTML
>-https://www.vtmarkets.com/vtincludes/js/jquery/jquery.min.js/JSTag_1[b86c][a545] - Ok
-https://www.vtmarkets.com/vtincludes/js/jquery/jquery.min.js - Ok
Checking: -https://www.vtmarkets.com/wp-content/themes/vt/js/home.js%3Fv=1676034120
File size: 4469 bytes
File MD5: ce675b2ac3b1a2bca431930782b10c3d
-https://www.vtmarkets.com/wp-content/themes/vt/js/home.js%3Fv=1676034120 - archive JS-HTML
>-https://www.vtmarkets.com/wp-content/themes/vt/js/home.js%3Fv=1676034120/JSFile_1[0][1175] - Ok
-https://www.vtmarkets.com/wp-content/themes/vt/js/home.js%3Fv=1676034120 - Ok
Checking: -https://www.vtmarkets.com/wp-content/themes/vt/js/cookies.js%3Fv=1676034120
File size: 6403 bytes
File MD5: da96efc6a626f0b764285db510e7600a
-https://www.vtmarkets.com/wp-content/themes/vt/js/cookies.js%3Fv=1676034120 - archive JS-HTML
>-https://www.vtmarkets.com/wp-content/themes/vt/js/cookies.js%3Fv=1676034120/JSFile_1[0][1903] - Ok
-https://www.vtmarkets.com/wp-content/themes/vt/js/cookies.js%3Fv=1676034120 - Ok
Checking: -https://www.vtmarkets.com/wp-content/themes/vt/js/swiper.min.js
File size: 137.63 KB
File MD5: 10ad6473484630a85272174de546fa21
-https://www.vtmarkets.com/wp-content/themes/vt/js/swiper.min.js - Ok
Checking: -https://www.vtmarkets.com/vtplugins/seraphinite-post-docx-source/View.js?pk=Ext
File size: 18.04 KB
File MD5: c24ad7bab668c832bb82a8205b9c7bf1
-https://www.vtmarkets.com/vtplugins/seraphinite-post-docx-source/View.js?pk=Ext - archive JS-HTML
>-https://www.vtmarkets.com/vtplugins/seraphinite-post-docx-source/View.js?pk=Ext/JSFile_1[0][4827] - Ok
-https://www.vtmarkets.com/vtplugins/seraphinite-post-docx-source/View.js?pk=Ext - Ok
Checking: -https://www.vtmarkets.com/wp-content/themes/vt/js/math.min.js
File size: 552.28 KB
File MD5: e0cd2e3e103df3693a9e67ab5055e4b2
-https://www.vtmarkets.com/wp-content/themes/vt/js/math.min.js - Ok
Checking: -https://static.zdassets.com/ekr/snippet.js?key=cc87f973-cf2c-4796-9682-21ec29cee2d4
File size: 22.87 KB
File MD5: 5cae6ce528dce0c327b2bcbaad459fdb
-https://static.zdassets.com/ekr/snippet.js?key=cc87f973-cf2c-4796-9682-21ec29cee2d4 - Ok
Checking: -https://www.vtmarkets.com/vtincludes/js/wp-embed.min.js
File size: 1426 bytes
File MD5: 905225d5711b559d3092387d5ffbedbd
-https://www.vtmarkets.com/vtincludes/js/wp-embed.min.js - archive JS-HTML
>-https://www.vtmarkets.com/vtincludes/js/wp-embed.min.js/JSFile_1[0][592] - Ok
-https://www.vtmarkets.com/vtincludes/js/wp-embed.min.js - Ok
Checking: -https://www.vtmarkets.com/
Engine version: 7.0.59.12300
Total virus-finding records: 11416931
File size: 131.68 KB
File MD5: 4a6094b587daf3d620d6cbef179a4f01
-https://www.vtmarkets.com/ - archive JS-HTML
>-https://www.vtmarkets.com//JSTAG_1[95e][5fd] - Ok
>-https://www.vtmarkets.com//JSTAG_2[f8f][83e] - Ok
>-https://www.vtmarkets.com//JSTAG_3[2719][128] - Ok
>-https://www.vtmarkets.com//JSTAG_4[2859][15d] - Ok
>-https://www.vtmarkets.com//JSTAG_5[29cc][3c] - Ok
>-https://www.vtmarkets.com//JSTAG_6[36bb][148d] - Ok
>-https://www.vtmarkets.com//JSTAG_7[4b6a][10c] - Ok
>-https://www.vtmarkets.com//JSTAG_8[4ca1][179] - Ok
>-https://www.vtmarkets.com//JSTAG_9[4f6b][aa] - Ok
>-https://www.vtmarkets.com//JSTAG_10[504f][1c2] - Ok
>-https://www.vtmarkets.com//JSTAG_11[52e5][2b7] - Ok
>-https://www.vtmarkets.com//JSTAG_12[55c3][21c] - Ok
>-https://www.vtmarkets.com//JSTAG_13[5898][318] - Ok
>-https://www.vtmarkets.com//JSTAG_14[5bce][264] - Ok
>-https://www.vtmarkets.com//JSTAG_15[10945][324] - Ok
>-https://www.vtmarkets.com//JSTAG_16[11409][d0c] - Ok
>-https://www.vtmarkets.com//JSTAG_17[145a5][2ab] - Ok
>-https://www.vtmarkets.com//JSTAG_18[1c32a][1f2] - Ok
>-https://www.vtmarkets.com//JSTAG_19[1dff5][241] - Ok
>-https://www.vtmarkets.com//JSTAG_20[209f0][27] - Ok
>-https://www.vtmarkets.com//JSTAG_21[20a34][2c4] - Ok
>-https://www.vtmarkets.com//JSTAG_22[20d15][10f] - Ok
>-https://www.vtmarkets.com//IFrame_23[4a] - Ok
>-https://www.vtmarkets.com//IFrame_24[4a] - Ok
-https://www.vtmarkets.com/ - Ok
Issue should be taken up with Cloudflare also, WP engine seems to be OK.
IP is also used by
-asia.vtmarkets.com
-eu.vtmarkets.com
-myaccount.vtmarkets.com
-pamm7.vtmarkets.com
-vtmarkets.com
-webtrader.vtmarkets.com
-zh.vtmarkets.com
Vulnerable in server of moment,js: moment.js 2.25.3 Found in -https://pamm7.vtmarkets.com/app/main-es2015.8a66bda9ea5a2e19ed64.js _____Vulnerability info:
High This vulnerability impacts npm (server) users of moment.js, especially if user provided locale string, eg fr is directly used to switch moment locale. CVE-2022-24785 1
High Regular Expression Denial of Service (ReDoS),
Affecting moment package, versions >=2.18.0 <2.29.4 CVE-2022-31129
Also moderate vuln. found in jquery at hxtps://www.vtmarkets.com/my-bm/%E6%B2%99%E6%BC%8F/
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
-
Also consider: https://urlscan.io/result/bab74d98-9a0a-4d27-806d-af49cbe884fb/#indicators
7 red out of 10 Netcraft risk rating for -tinypic.com, -server-99-84-160-58.ord52.r.cloudfront.net, see: https://sitereport.netcraft.com/?url=http://server-99-84-160-58.ord52.r.cloudfront.net
Additional info:
Found the site to have cloaking -> https://isithacked.com/check/www.vtmarkets.com
Blocked for security reasons? Avast Web Security blocks AdRoll at website.
Adara etc. and offers opt-outs.
DNS query produces error 1905 on any other than A records.
Wait for a final verdict from avast. We here are just volunteers knowledgable in the field of website security and website error-hunting.
polonus
-
Hi Karen,
Solved:
Website is no longer flagged and Avast Online Security & Privacy after reloading says, that everything now is OK.
Look at your Privacy advice there (7 issues mentioned)
polonus (volunteer 3rd party cold recon website security-analyst and website error-hunter)
-
But here we see PHISHING alerts:
https://www.virustotal.com/gui/domain/operations.vtmarkets.com
and avast flags it.
polonus