Website Builder Site and weaknesses...

[polonus]

Re: https://www.virustotal.com/en/url/4dcb5189d60897626739372f1dbc0b0a49ba779c15f61effd0b6a63bbfbb73bd/analysis/#additional-info
Re: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3LjEyMy19e2ctbnt3LSNdbXxbbi5eXS51a2A%3D~enc
XSS-DOM issues: Results from scanning URL: -http://www.123-reg-new-domain.co.uk/javascript/iframe-app.js
Number of sources found: 43 ; number of sinks found: 20

Critical Security Risk: https://sitecheck.sucuri.net/results/www.123-reg-new-domain.co.uk
F-scan rate status and recommendations: https://observatory.mozilla.org/analyze/www.123-reg-new-domain.co.uk

Retire.js detected: Retire.js
jquery   1.8.3   Found in -http://www.123-reg-new-domain.co.uk/javascript/jquery.js
Vulnerability info:
Medium   CVE-2012-6708 11290 Selector interpreted as HTML   
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers

51 tips to come to a better website design and better website security:
https://webhint.io/scanner/2e7880f7-3516-4d21-8b6d-cf7b5416b044

polonus (volunteer website security analyst and website error-hunter)

[polonus]

Additionally -> https://urlscan.io/result/6129508e-ba93-42b6-a5f2-faaf9aa49487/#links
and https://urlscan.io/result/a1cbc79d-5a36-4b68-8153-53b2f5c066de/

bundle.js and chunk.js https://snyk.io/advisor/npm-package/bundle-js  (2 open issues)
(see: https://github.com/lsst/pex_config )
Configuration interface and history-tracking for LSST Data Management.
Akamai & GoDaddy & Google safe-browsing.

We see how total rely on technology and Akamai CDN forwarding can put us at risk,
because we just experienced that with Akamai DNS related downtime to-day.

polonus