Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Even very popular website can have some security issues...
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Even very popular website can have some security issues... (Read 1115 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33927
malware fighter
Even very popular website can have some security issues...
«
on:
June 13, 2017, 11:29:30 PM »
L.S.
Here we see issues with RC4 for scripts running from an external link -https://s1.adformdsp.net/ (neatly blocked by uBlock Origin for me.
The main site we checked for cookies:
https://webcookies.org/cookies/www.cleverbot.com/4847168
Vulnerable jQuery library used:
http://retire.insecurity.today/#!/scan/7f2910f3d6d8fff70a5ef5d65ab7f900a8bc57de18e4eb752c92edb4114a921f
For the first link with Grade-C SSL config:
http://toolbar.netcraft.com/site_report?url=https%3A%2F%2Fs1.adformdsp.net%2F
Has been frowned upon:
http://www.exterminate-it.com/malpedia/remove-adform-net
For that main website F-status and recommendations:
https://observatory.mozilla.org/analyze.html?host=www.cleverbot.com
Site is a chatbot site to experience AI technology, be cautious letting minors use this.
57 adblocks means the site is ad-tracking in real Google fashion
be careful with the facebook connections (privacy and censorship concerns).
Consider:
https://urlscan.io/api/v1/result/378f509c-c82d-4488-88d3-2966b2be9be7/
Certificate issue: Root installed on the server. (wXw.existor.com) hosted by -UK2.NET.
For best practices, remove the self-signed root from the server.
polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Even very popular website can have some security issues...