Still suspicious website after all these years...

Inintially reported: : excessive header warning and clickjacking warning (2014)

Situation now: https://quttera.com/detailed_report/www.sunpowerinc.com
Re: sandbox requests

Retire.js

Retire.js
bootstrap 3.1.1 Found in
htxps://www.sunpowerinc.com/-/media/themes/ameteksxa/sunpower/ameteksunpower/sunpowertheme/scripts/optimized-min.js?thm=1?t=20211209T075245Z _____Vulnerability info:
Medium 28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331 1
Medium 20184 XSS in data-target property of scrollspy CVE-2018-14041 1
Medium 20184 XSS in collapse data-parent attribute CVE-2018-14040 1
Medium 20184 XSS in data-container property of tooltip CVE-2018-14042 1
jquery 2.1.3 Found in hxtps://www.sunpowerinc.com/-/media/themes/ameteksxa/sunpower/ameteksunpower/sunpowertheme/scripts/optimized-min.js?thm=1?t=20211209T075245Z _____Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251 1234
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers 123
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution 123
Medium CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS 1
Medium CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS 1
jquery 3.3.1.min Found in hxtps://www.sunpowerinc.com/Scripts/jquery-3.3.1.min.js _____Vulnerability info:
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution 123
Medium CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS 1
Medium CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS 1
jquery 3.3.1 Found in htxps://www.sunpowerinc.com/-/media/base-themes/core-libraries/scripts/optimized-min.js?thm=1?t=20201215T083931Z _____Vulnerability info:
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution 123
Medium CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS 1
Medium CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS 1
jquery-ui-autocomplete 1.12.1 Found in hxtps://www.sunpowerinc.com/-/media/themes/ameteksxa/sunpower/ameteksunpower/sunpowertheme/scripts/optimized-min.js?thm=1?t=20211209T075245Z
jquery-ui-dialog 1.12.1 Found in htxps://www.sunpowerinc.com/-/media/themes/ameteksxa/sunpower/ameteksunpower/sunpowertheme/scripts/optimized-min.js?thm=1?t=20211209T075245Z
jquery-ui-tooltip 1.12.1 Found in hxtps://www.sunpowerinc.com/-/media/themes/ameteksxa/sunpower/ameteksunpower/sunpowertheme/scripts/optimized-min.js?thm=1?t=20211209T075245Z
moment.js 2.20.1 Found in htxps://www.sunpowerinc.com/-/media/base-themes/core-libraries/scripts/optimized-min.js?thm=1?t=20201215T083931Z

Browser JS Guard flags - external domain requests

hxtps://sunpowerinc.com links to the following External Domains: ==>\Scripts\jquery-3.3.1.min.js ==>\Scripts\jquery-3.3.1.min.js

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

For IP also consider complaints reported here: https://www.ip-whois-lookup.com/lookup.php?ip=13.82.93.245 Jira server issues.

276 warnings here: https://www.websiteplanet.com/webtools/robots-txt/?url=www.sunpowerinc.com

pol