Duck DNS having website domain that spreads malware..

See: https://urlhaus.abuse.ch/url/171414/
Detections: https://www.virustotal.com/en/file/13b22387a0e3adfc7a988574af2c3a7e7adae24106dbdac509b648dfc00c7dd9/analysis/1554373549/
"data:image/png; malcode…
Dr. Web misses it.
Blacklisted by two parties: https://sitecheck.sucuri.net/results/charlesremcos.duckdns.org
Duck DNS
free dynamic DNS hosted on AWS abuse

polonus (volunteer website security analyst and website error-hunter)

Found in sentora, the open software these sites are made with various weaknesses:

Retire.js bootstrap 3.1.1 Found in -http://www.sentora.org/js/bootstrap.min.js Vulnerability info: High 28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331 - Medium 20184 XSS in data-target property of scrollspy CVE-2018-14041 - Medium 20184 XSS in collapse data-parent attribute CVE-2018-14040 - Medium 20184 XSS in data-container property of tooltip CVE-2018-14042
and
ReferenceError: jQuery is not defined /js/jquery.easing.1.3.min.js:37

Bootstrap’s JavaScript requires jQuery
/js/bootstrap.min.js:6

ReferenceError: jQuery is not defined
/js/bootstrap-hover-dropdown.min.js:13

ReferenceError: jQuery is not defined
/js/jquery.flexslider-min.js:5

ReferenceError: jQuery is not defined
/js/jquery.mixitup.min.js:43

ReferenceError: $ is not defined
/js/app.js:1

DOM-XSS issues: Results from scanning URL: -http://sentora.org/js/app.js
Number of sources found: 11 ; Number of sinks found: 1
Results from scanning URL: -http://sentora.org/js/app.js
Number of sources found: 34 ; Number of sinks found: 1 mainly bootstrap.js issues.

89 recommendations for improvement: https://webhint.io/scanner/00f8da5d-ff91-4337-ade7-76f45da5e787
of which 30 are security related: https://webhint.io/scanner/00f8da5d-ff91-4337-ade7-76f45da5e787#category-Security

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)