I asked the Avast Team Member just to check the unblocking again.
All is well that ends well.
No Cloaking issues found, Status Codes OK, No Spammy Links, No iFrames, No Blacklist to consider.
Various adware scriptlinks may come ad- or scriptblocked by users with ad- and script blockers,
like: -http://apicit.net/target/nowait.js & -http://vu.adschoom.com/trafic/retar.php?type=HOME&boutique=50493 and other such links.
Some SRI Issues detected:
https://sritest.io/#report/a86e6c2c-db5f-4ad3-ab6e-2f87128128bbcookiebanner-inner/ was not found on the server, dead link. For EU law you could consider free Cookie Consent:
->
https://silktide.com/tools/cookie-consent/ could be the old version does not work, update!
Resource issues with possible Frontend SPOF from:
fonts.googleapis.com - Whitelist
(81%) - <link rel="stylesheet" href="-//fonts.googleapis.com/css?family=Raleway:300,400,500,700,600" />
cl.avis-verifies.com - Whitelist
(81%) - <script src="-//cl.avis-verifies.com/fr/widget4/widget02.js">
mqment.com - Whitelist
(81%) - <script type="text/javascript" src="-https://mqment.com/layers/custom/mqment.min.js">
ID Tracking issue: 54% of the trackers on this site could be protecting you from NSA snooping. Tell bysmaquillage.fr to fix it.
Unique IDs about your web browsing habits have been insecurely sent to third parties.
d5fb79cb40414a30xxxxxxxxxxxxxxa1445965753
-local.adguard.com __cfduid for my local Adblocker extension.
At least 11 third parties know you are on this webpage.
-Google
-mqment.com
-www.bysmaquillage.fr
-Google
-Facebook
-Google
-local.adguard.com
-cl.avis-verifies.com
-cdn.doofinder.com
-Google
-www.mustbebuilt.co.uk -www.mustbebuilt.co.uk
5 trackers do not support secure transmission.
On cloudflare:
http://toolbar.netcraft.com/site_report?url=http://www.bysmaquillage.frhostname: ip132.ip-37-59-163.eu re:
http://sitevet.com/db/asn/AS16276 (Blacklisted URLs: 11864)
HTTP Server Apache HTTPServer 2.4.6. mod_wsgi Version 3.4 (version info proliferation detected)
Not DROWn vulnerable.
OS = unix
Python Version 2.7.5
Open SSL Version 1.0.1.e
OpenSSH 6.0p1 Debian 4+deb7u3 (protocol 2.0)
ssl-cert: Subject: commonName=bys2.sutunam.net
http-generator: WordPress 4.3 for Blog BYS Maquillage
|_/wp-admin/
|_http-server-header: nginx
|_http-title: Blog BYS Maquillage
WordPress Issues: WordPress Version
4.3
Version does not appear to be latest 4.4.2 - update now.
WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.
wp-pagenavi 2.88 latest release (2.89.1) Update required
http://lesterchan.net/portfolio/programming/php/cookie-notice 1.2.32 latest release (1.2.34) Update required
http://www.dfactory.eu/plugins/cookie-notice/Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.
-http://blog.bysmaquillage.fr
Detected libraries:
jquery - 1.11.3 : -http://blog.bysmaquillage.fr/wp-includes/js/jquery/jquery.js?ver=1.11.3
jquery-migrate - 1.2.1 : -http://blog.bysmaquillage.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Info: Severity: medium
http://bugs.jquery.com/ticket/11290http://research.insecurelabs.org/jquery/test/1 vulnerable library detected
So the blog may not be administered professionally, that is why I see vulnerable outdated WordPress plug-in code and
retirable jQuery library code - mitigate, zip file for later reference,
reported for you via "cold reconnaissance" third party security scanning by,
polonus (volunteer website security analyst and website error hunter)
