RejZor is right however about the 100% insecure tracking there.
100% of the trackers on this site could be protecting you from NSA snooping. Tell mywot.com to fix it.
Identifiers | All Trackers
Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.
6142544 api.mywot.com
And for my.WOT your also dependant on CloudFlare security (a service that I cannot and won't trust fully with e2e):
Unique IDs about your web browsing habits have been securely sent to third parties.
wXw.mywot.com authid
d00b1cddd5a06799XXXXXXXXXXf85dd281476740859 cdnjs.cloudflare.com __cfduid (anonymized by me - pol)
And the canvas fingerprinting: CanvasFingerprintBlock
Blocked 1 potential HTML canvas fingerprinting attempt on this page
Prevented a script on -https://www.mywot.com from capturing the following 32px × 32px canvas (via toDataURL):
And just as I thought, here they are shown to be security dilletants, a meagre F-Status
Re:
https://sritest.io/#report/a25ada39-6bff-4513-8b6c-eca48f5096e6Scripts 2 issues
Tag Result
<script type="text/javascript" src="-https://cdn-cf.mywot.net/files/js/a62c3c71189e6e035766d20b917784f1.js"></script> Missing SRI hash
<script src="-https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.5/jquery.bxslider.min.js"></script> Missing SRI hash
Stylesheets 2 issues
Tag Result
<link rel="stylesheet" href="-https://cdn-cf.mywot.net/files/css/7ed1941a63bcf84b0aa89e6644c3fc26.css" type="text/css" media="all"> Missing SRI hash
<link href="-https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,latin-ext" rel="stylesheet" type="text/css"> Missing SRI hash
And almost ashamed to present these mediocre results F-I-C-I-X with a few A's in between:
https://observatory.mozilla.org/analyze.html?host=www.mywot.comRejZoR, the facts are in your favor, man. It's a drama, I have to admit....
polonus (volunteer website security analyst and website error-hunter)
