Seen in the light of recent Magecart attacks, the following Magenta site is not overtly secure:
https://www.magereport.com/scan/?s=https://store.ipced.com/
See what recommendations could be given: 615 of which 102 directly security related:
https://webhint.io/scanner/5a445322-2724-4d9d-9fb7-1f9eef1d2ccc#category-Security
Also consider: https://toolbar.netcraft.com/site_report?url=https://store.ipced.com/
Sad situation really with all this JavaScript insecurity, not applying best policy header settings
and a B-grade SSL security status.
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
The website now produces a redirect: URLs that redirect found in: -https://store.ipced.com/
1: -http://www.careandcompliance.com/media/images/online-training-login.png → -https://www.careandcompliance.com/media/images/online-training-login.png
with even more recommendations: 911 in all: https://webhint.io/scanner/96bf9b6a-3745-48ca-99cd-e24bd7c1cc96#category-Security
of which 279 security related issues.
All sorts of issues reported here: https://www.magereport.com/scan/?s=https://www.careandcompliance.com/
Was this a website developing project launched by shadow IT developers or just incompetent amateurs?
It is a shame to produce such vulnerable services towards your end-users/visitors.
Re: https://sitecheck.sucuri.net/results/https/www.careandcompliance.com
Outdated server software with excessive info proliferation risks: https://www.shodan.io/host/40.70.65.178
A whole listing of vulnerablities on this MS Azure IP address.
Domain siblings: https://www.virustotal.com/nl/domain/partner.careandcompliance.com/information/
Results from scanning URL: -https://www.careandcompliance.com
Number of sources found: 4 ; number of sinks found: 436
Results from scanning URL: -https://www.careandcompliance.com/js/at/at.js
Number of sources found: 36 ; number of sinks found: 11
Results from scanning URL: -https://service.force.com/embeddedservice/5.0/esw.min.js
Number of sources found: 24 ; number of sinks found: 9
Consider: https://retire.insecurity.today/#!/scan/d3034b9761a7ba80b6b7b20e71b94537ff94d118af3ff6c5eca89a48f062b9b5
Blocked for me on there through uMatrix comes -https://cdn.krxd.net/controltag/rzjyb3v08.js (linked to -etorox.com/wp-includes)
which is being flagged at VT by 2 parties: https://www.virustotal.com/nl/url/9217a91c45ba85f0a929b29c6decaa85525dfae05937f7f10791f8639853bc89/analysis/
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
PHP scripts can be a can of worms on magento, like for instance abuse of powermusic.js
Checked at mage report we find a high risk website here:
https://www.magereport.com/scan/?s=http://workoutmusic.com/
2 vulnerable libraries: https://retire.insecurity.today/#!/scan/f9bfecba252d752f209bc54512baace4507630c734c91414e52df9f0f060322b
6 instances of being susceptable to MiM attacks
4 instances of domain being at risk of being hijacked
DNS is susceptible to man-in-the-middle attack, because not enabled.
Malicious code found, you are vulnerable. Indicators:
-magento-analytics.com/
We recommend eComscan to find malicious code in your store.
Malware found and site issue: https://sitecheck.sucuri.net/results/workoutmusic.com
Resource from a blacklisted domain -https://magento-analytics.com/powermusic.js
7 dectect this now: https://www.virustotal.com/en/url/ddd8263181eed169c07e46e41d7ecba226ac4efcb85acb2bc039568c22efe2b6/analysis/1557438154/
CloudFlare abuse, see https://www.shodan.io/host/104.31.74.51
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Via a search on 0181227 20190113 for -magento-analytics.com:80/emersonstreetclothing.js
(info credits should go to researchers XU YANG & BA0JY)
Another High Risk site on Magento: https://www.magereport.com/scan/?s=https://emersonstreetclothing.com/
See: https://urlscan.io/result/82e7ae79-d548-4eee-a73e-5cf7e40c92a1
Re: latest detected 2: https://www.virustotal.com/en/domain/emersonstreetclothing.com/information/
Site blacklisted host not found: https://sitecheck.sucuri.net/results/https/emmersonstreetclothing.com/information/
Retire.js
bootstrap 3.2.0 Found in -https://emersonstreetclothing.com/skin/frontend/mgstheme/default/js/bootstrap.min.js
Vulnerability info:
High 28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331
Medium 20184 XSS in data-target property of scrollspy CVE-2018-14041
Medium 20184 XSS in collapse data-parent attribute CVE-2018-14040
Medium 20184 XSS in data-container property of tooltip CVE-2018-14042
jquery-ui-dialog 1.11.1 Found in -https://emersonstreetclothing.com/skin/frontend/mgstheme/default/js/jquery-ui.js
Vulnerability info:
High CVE-2016-7103 281 XSS Vulnerability on closeText option
jquery 1.11.0 Found in -https://emersonstreetclothing.com/skin/frontend/mgstheme/default/js/jquery.min.js
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
error notifier: gtag is not defined...
Tracking: 100% of the trackers on this site could be protecting you from NSA snooping. Tell -emersonstreetclothing.com to fix it.
Identifiers | All Trackers
Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.
-kmxg4ilXXXXXXzps -emersonstreetclothing.com frontend_cid
Known
content.js:19 Loaded script with known vulnerabilities:
-https://emersonstreetclothing.com/skin/frontend/mgstheme/default/js/jquery-ui.js
polonus (volunteer website security analyst and website error-hunter)