Optimalization only 31% and insecure login detected...

[polonus]

Big Dutch/Belgian grocery retailer in USA.
Warning here for insecure log-in:

SAM Signon - Prod padlock icon
-ws1.aholdusa.com
Alerts (1)
Insecure login (1)
Password will be transmited in clear to -http://ws1.aholdusa.com/pkmslogin.form
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted  -> https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=ws1.aholdusa.com&ref_sel=GSP2&ua_sel=ff&fs=1

Not a scam and legit website: https://www.scamadviser.com/is-wfc.aholdusa.com-a-fake-site.html
error in code

info: [script] -ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
     info: [script] -ws1.aholdusa.com/custom/js/login.js
     info: [script] -ws1.aholdusa.com/custom/js/encode.js
     info: [img] -ws1.aholdusa.com/custom/img/ahold.jpg?v=1.1
     info: [decodingLevel=0] found JavaScript
     error: undefined function console.log
     error: line:3: SyntaxError: missing = in XML attribute:
          error: line:3: <!DOCTYPE HTML>
          error: line:3: ............

counter-example as assignment expression does not produce a value so úndefined'...

DNS tree: https://www.dnstree.com/161/247/133/137/

Meagre F-Grade status score here: https://sritest.io/#report/fa56d297-37ce-4661-96b1-d1c6b91e9472

ServiceRegistryDashboard issue in WebSEAL/9.0.1.0

Retirable jQuery linrary:
-http://ws1.aholdusa.com
Detected libraries:
jquery - 1.11.1 : (active1) https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
1 vulnerable library detected

Issues: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fws1.aholdusa.com

polonus (volunteer website security analyst and website error-hunter)