See: http://killmalware.com/vextrum.com/#
Consider: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fvextrum.com
Missed detection by: http://quttera.com/detailed_report/vextrum.com
Sucuri’s flag: https://sitecheck.sucuri.net/results/vextrum.com
And they blacklist this domain. External link here: http://toolbar.netcraft.com/site_report?url=http://cdn.sq-api.com
square button code.

pol

Well we are protected against third party malcode script on site by Avast as it blocks this -https://cdn.sq-api.com/market/embed.js on that domain as infested with a trojan: JS:Decode-BTB[Trj],

polonus