Howdy Derek125,
Nice to skim over the security status of one of the oldest websites of the Interwebz. Looks great to me. Resolves over https all right, but no response over http
(may be that is because of that particular hick-up).
Checked for inline: Javascript 36 (external 14, inline 22)
-browser.sentry-cdn.com/5.21.4/bundle.min.js (blocked for me by UMatrix because of ||browser dot sentry-cdn dot com^)
easy filter.
INJECTED
-static.parastorage.com/unpkg/core-js-bundle@3.2.1/minified.js
-static.parastorage.com/unpkg/focus-within-polyfill@5.0.9/dist/focus-within-polyfill.js
-polyfill.io/v3/polyfill.min.js?features=fetch
We see a lot of distinct discrepancies with CloudFlare handling:
-htXps://d3uvwl4wtkgzo1.cloudfront.net/e8af8301-45e2-41c6-9212-9421ce1b1dc7.js
Take that one up with CloudFlare's for I point at e.g. Amazon's PotPlayer set-ups being flagged & other executables.
Excessive server info proliferation:
https://ns.tools/saber.com = Pepyaka+1.15.10 (do not make it speak that loud);
Well a good A-status, website well-configured.
Re:
https://www.shodan.io/host/185.230.60.177 (no vulnerabilities given).
No DOM-XSS issues from DOM-XSS base finder.
Probably IP-related:
https://www.virustotal.com/gui/ip-address/185.230.60.177/relationsWait for a final verdict from Avast Team. It is their definitions and they are the ones to come and unblock in case of an FP.
That may be well over the week-end. Have a good week, Sir.
polonus (volunteer 3rd party cold recon website security-analyst and website error-hunter)
