Author Topic: Errors and website insecurity... (Read 938 times)

polonus · « **on:** February 15, 2017, 04:04:39 PM »

See F-Status here: https://sritest.io/
F-F-X-status here: https://observatory.mozilla.org/analyze.html?host=www.daniels.dj
No alerts here: http://urlquery.net/report.php?id=1487165815532
1 vulnerable library here: http://retire.insecurity.today/#!/scan/976a501143c6816e34e7f2116ca7d75b8d537958624c2e1e866053f30d5149e5
Insecure: This website is insecure.
71% of the trackers on this site could be protecting you from NSA snooping. Tell daniels.dj to fix it.
All trackers
At least 7 third parties know you are on this webpage.

-dynappdwsr8he.cloudfront.net -Amazon.com
-c4t.cc
-Google
- Google
-shaaaaaaaaaaaaa.com
-www.daniels.dj
-websitemaker.hostnet.nl

software web server Apache, Font Awesome, Google Analytics, P.H.P.5.5.3. Prototype 1.7
10 red out of 10 network risk: http://toolbar.netcraft.com/site_report?url=http://www.daniels.dj

http://www.dnsinspect.com/daniels.dj/10024304 Stealth nameserver and software version exposed:
"Served by POWERDNS 2.9.22.6 $Id: packethandler.cc 2063 2011-03-14 14:26:38Z ahu $"

Clickjacking warning. DOM XSS warning: Results from scanning URL: -http://www.daniels.dj
Number of sources found: 6
Number of sinks found: 38
and http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.daniels.dj%2FContact%2Findex.php%2F
also with URL fetch errors.

polonus (volunteer website security analyst and website error-hunter)