DNSSEC issue on nameserver and SRI Report issues!

Where: http://dnssec-debugger.verisignlabs.com/pdns1.ultradns.net
What nameserver, and where we stumbled upon it: http://toolbar.netcraft.com/site_report?url=https%3A%2F%2Fs3.amazonaws.com%2Fd3jlsadfjkuern%2F1.7.591%2FYW5hbHl0aWNzLmpz.map
OK here: https://mxtoolbox.com/SuperTool.aspx?action=https%3A%2F%2Fs3.amazonaws.com%2Fd3jlsadfjkuern%2F1.7.591%2FYW5hbHl0aWNzLmpz.map&run=toolpage

In what code we found this mapping URL to reside? → //# sourceMappingURL=htxps://s3.amazonaws.com/d3jlsadfjkuern/1.7.591/YW5hbHl0aWNzLmpz.map
code here: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fd2lv4zbk7v5f93.cloudfront.net%2Fesf.js
script loaded from a Dutch newspaper website: http://retire.insecurity.today/#!/scan/bfd69d50444e06bd0bdeb286a21336f48f18bf4aec60940a04b35f565edfcc02

Same origin issues because SRI hashes were not being generated: F-status → https://sritest.io/#report/24c98dfa-bdf7-4a45-8d5f-ceebc7f59ca0

So when we dig a little bit further into code on websites we will find issues that need attention and could be a little bit more securely being configured. Do not take your website code for granted. Wake up to such issues. Others may thank you for it later :wink:

polonus (volunteer website security analyst and website error-hunter)