See: -https://www.nfinit.com/
Unable to scan your site. Missing intermediate certificate
Server certificate is issued for different domain(s) and does NOT cover nfinit.com!
Secure Renegotiation is NOT supported.
Forward Secrecy is NOT supported.
Server certificate does NOT cover both domains with and without www.
See
http://ssl-checker.online-domain-tools.com/ (perma-link will expire)
Subject-name = *.threatstop.com Issuer: Go Daddy Secure Certificate Authority - G2
Trusted by Apple, Java, Microsoft, Mozilla)
Sent by server
In trust store
Go Daddy Class 2 Certification Authority (self-signed)
2796bae63f1801e277261ba0d77770028f20eee4
RSA 2048 bits / SHA1withRSA
Retirable jQuery library:
Retire.js
jquery 1.12.4 Found in https://www.nfinit.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp<br>Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution 123
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
Website developed using PHP and Word-Press CMS, which CMS version is outdated - WordPress Version
5.4 Version does not appear to be latest (5.4.1) Should be updated now:
https://en-au.wordpress.org/download/releases/Avast says this site maybe untrustworthy.
Outdated Word Press plug-in found: wordpress-seo 13.5 Warning latest release (14.2)
https://yoa.st/1ujAlso consider:
https://www.shodan.io/host/204.68.99.217 &
https://sitereport.netcraft.com/?url=https://www.nfinit.comNetcraft Website Risk = 1 red out of 10: Excessive server info proliferation: Apache/2.4.29 Ubuntu
Ubuntu with more and more vulnerabilities lately equalling some proriety code distro's
example:
https://www.zdnet.com/article/linux-mint-dumps-ubuntu-snap/See: -http://216.105.35.227/ insecure site.
https://www.shodan.io/host/216.105.35.227 see all the vulners there.
Has Bombora Advertising Tracking - Tracking B2B Intent beyond COVID-19. With COVID-19 driving huge macro-economic shifts and a 'new normal', the use of online content to educate and inform
Lucky Orange Tracking - Privacy Impact Score Grade: E Security -3
https://webcookies.org/cookies/www.nfinit.com/30591702?182870Improvement Recommendations found through linting 460:
https://webhint.io/scanner/03161ea2-a05f-4064-aa3b-4459381d9b9cpolonus (volunteer 3rd party cold recon website security analyst and website error-hunter)