Author Topic: Why is all you scan on Quttera's sent to "htxps://s.adroll.com" : "htxp://a.adro  (Read 2281 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33871
  • malware fighter
See: http://fetch.scritch.org/%2Bfetch/?url=quttera.com&useragent=Fetch+useragent&accept_encoding=
Also this is for -//static.hotjar.com/c/hotjar-10563.js?sv=2
Spy Watch extension in Google Chrome confirms all scans on the Quttera scanning website are shared with above parties.
Why a website security scanner would have external links to partys that may later serve you ads or re-target ads?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33871
  • malware fighter
Read here what Hotjar is collecting: http://inside.hotjar.com/support/articles/1000125999-how-hotjar-collects-and-stores-visitor-session-data
Qute from that page:
Quote
To help you understand how visitors are interacting with your website, Hotjar enables you to record visitors sessions. When you are actively recording visitor sessions, the Hotjar code automatically sends the following information back to the Hotjar servers:
mouse movements
mouse clicks
scroll movements
keys pressed

Each event tracked is automatically saved into our cloud database using a time stamp which is later used to replay back the events in your Hotjar admin. The Hotjar code will also track the user on different pages (using first-party cookies), enabling you to later play back the entire session in one go - even if the visitor visited multiple pages.

Hotjar can record both static and dynamic pages (including shopping carts and logged in areas). By default, Hotjar will not record passwords and numbers which resemble credit card numbers
I give this information as I found this.

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33871
  • malware fighter
When I check Quttera dot com with Tracker SSL extension I get a 66% insecure:
Unique IDs about your web browsing habits have been insecurely sent to third parties.

dqaaapgaaaaqzpufrq512382ant9ovai-7bjjvvji6yi - can be used as Surveillance Beacon for NSA
Quttera should fix this insecurity.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33871
  • malware fighter
Update -

Again I get a script warning on this in the Quttera scan website code: -//static.hotjar.com/c/hotjar-10563.js?sv=2
Malware Script Detector v. 0.2.b alerts BeEF attack, even with VEGAN extension installed.
Misleading claiims unetical online tracking from htxps://s.adroll.com -> https://www.mywot.com/en/scorecard/adroll.com?utm_source=addon&utm_content=popup

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!