« previous next »
Pages: [1]   Go Down

Author Topic: Not flagged as a spam site?  (Read 827 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33900
  • malware fighter
Not flagged as a spam site?
« on: November 11, 2019, 02:13:27 PM »
A minus 10 header security score here: https://webcookies.org/cookies/leanfrey.net/28625202?309409

I reported this site to Suspicious Site Reporter.
See: https://urlscan.io/result/044a4bf5-4abc-4665-98d6-438fa4cd31d5/#summary
where Google Safe browsing classifies it as Clean (current verdict).

But reported as with spam here: https://www.virustotal.com/gui/url/c41569052444f4177a04db84a1125779b31f0f6b52be17025c8ff69c187de08a/detection
(scanned a moment ago!).

Netcraft risk status 1 red out of 10: https://toolbar.netcraft.com/site_report?url=http://leanfrey.net/unsub.php

SSL tracker gives the website as insecure
Quote
This website is insecure.
66% of the trackers on this site could be protecting you from NSA snooping. Tell -leanfrey.net to fix it.
 All trackers
At least 3 third parties know you are on this webpage.

 -Google
 -Google
-leanfrey.net -leanfrey.net

Dedicated hosting not being flagged here: https://www.virustotal.com/gui/ip-address/216.75.37.238/relations

Webserver with excessive info proliferation: Apache/2.4.6 CentOS PHP/5.4.16
with various eploitable flaws: https://www.shodan.io/host/216.75.37.238
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

Retire J.S. detects retirable code:
Quote
Retire.js
bootstrap   3.1.1   Found in -http://leanfrey.net/Mail_Minion_files/bootstrap.js
Vulnerability info:
High   28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331   
Medium   20184 XSS in data-target property of scrollspy CVE-2018-14041   
Medium   20184 XSS in collapse data-parent attribute CVE-2018-14040   
Medium   20184 XSS in data-container property of tooltip CVE-2018-14042   
jquery   1.8.3   Found in -http://leanfrey.net/Mail_Minion_files/jquery.js
Vulnerability info:
Medium   CVE-2012-6708 11290 Selector interpreted as HTML   123
Medium   2432 3rd party CORS request may execute CVE-2015-9251   1234
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   123
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution

PHP/5.4.16 - https://www.cvedetails.com/vulnerability-list.php?vendor_id=74&product_id=128&version_id=149817&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=0&cweid=0&order=1&trc=50&sha=0d26af6f3ba8ea20af18d089df40c252ea09b711

66 hints found through linting: https://webhint.io/scanner/9212552a-7258-4425-968a-3ef543dd0c9e
Vulnerable to? see: -> https://vulners.com/osvdb/OSVDB:38799  (info credits Kravchuk letters),
a variable remote file inclusion exploit.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: November 11, 2019, 02:27:21 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »