See: https://www.magereport.com/scan/?s=https://www.omegawatches.com/
See: https://toolbar.netcraft.com/site_report?url=www.omegawatches.com
C+ status and recommendations: https://observatory.mozilla.org/analyze/www.omegawatches.com
But there is certainly some room for improvement here with 3 retirable jQuery libraries detected.
Re: https://retire.insecurity.today/#!/scan/dcbc8d353a6caf738b93fc5708f8e58c74caa7921ea46d2aafcd2cc90719f3d5 **
Also watch out here with all sources and sinks flagged: http://www.domxssscanner.com/scan?url=https%3A%2F%2Fwww.omegawatches.com
Cert.: This server uses an Organizationally Validated (OV) certificate.
Information about the site owner has been validated by DigiCert Inc to help secure personal and financial information. GeoTRUST RSA CA 2018 Intermediate Certificate and a Tested Certificate in that chain.
Re: https://urlscan.io/result/9bb48b5e-5339-45f0-a219-789a393243d2 & https://webcookies.org/scan/16558326
But here we detect a front-end script issue: https://aw-snap.info/file-viewer/?protocol=secure&tgt=www.omegawatches.com%2F&ref_sel=GSP2&ua_sel=ff&fs=1
at -1 → /static/version1524733074/frontend/Omega/default/en_US/js/bundle/bundle2.min.js
See: https://aw-snap.info/file-viewer/?tgt=www.omegawatches.com/static/version1524733074/frontend/Omega/default/en_US/js/bundle/bundle2.min.js&ref_sel=GSP2&ua_sel=ff&fs=0&protocol=secure
errors on analysis:
wXw.omegawatches.com/static/version1524733074/frontend/Omega/default/US/js/bundle/bundle2.min.jsCause: undefined object being passed via Require.js (info credits go to Stack Overflow)
status: saved 741262 bytes c27d288f72d756fb437279ad180440ecc7277f99
info: [img] wXw.omegawatches.com/static/version1524733074/frontend/Omega/default/US/js/bundle/
info: [decodingLevel=0] found JavaScript
error: undefined variable require
error: undefined function require.config
file: c27d288f72d756fb437279ad180440ecc7277f99: 741262 bytes
error in the module’s code? - pol.
strict-transport-security - max-age=300 - no best policy followed.
Page meta security headers not set secure - secure attributes not set with cookie security options, see scan above **.
HTML forms not being set secure…
Host details: https://www.shodan.io/host/23.193.182.31 Akamai, Cambridge, USA.
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)