Websites that frustrate the use of alternative browsers:
https://www.theregister.co.uk/2002/10/25/alternative_browser_villains_named/
Banks and Linux Browsers - a (in)compatibility oversight:
http://www.starnix.com/banks-n-browsers.html
Mozilla Browser Doh policy was attacked by regulators because it helps in circumventing UK provider filters,
Mozilla now is seen as a kind of a "villain"browser by UK providers.
The only reason is because providers now have to look for alternative ways to make their content filters function.
polonus
Privacy issues and security issues are often related.
How to scan for them?
-
Rendering as a normal browser would - extensive report:
https://webcookies.org/cookies/dmstreeremoval.com.au/27913092?662402
-
2 vulnerable and retirable jQuery libraries detected:
https://retire.insecurity.today/#!/scan/875a8bdadc0d2f7b324b9f54c858fd715e6306b13b290027a63c362f60401a12
-
Data Layer check: 2{data} Show (2)
{
“0”: “config”,
“1”: “UA-109165814-1”
}
&
{
“0”: “js”,
“1”: “2019-07-11T14:12:41.413Z”
}
-
Trackers: Track From To Action
-dmstreeremoval.com.au -dmstreeremoval.com.au
-dmstreeremoval.com.au -dmstreeremoval.com.au
-dmstreeremoval.com.au -dmstreeremoval.com.au
-fonts.googleapis.com -fonts.googleapis.com
-
Always considerate these scan results: https://www.virustotal.com/gui/url/9fafcfbfa5bdd5456d5c525427d8808cb17b9d8c09697cafd03c5a1bbcb80903
-
Overall warnings: https://privacyscore.org/site/141978/
cache control, x-frame-options, content-security-policy headers not set or not following best policies.
No form autocomplete settings set. source RECX Security Analyser extension results.
-
1 out of 10 risk on https://toolbar.netcraft.com/site_report?url=https%3A%2F%2Fdmstreeremoval.com.au%2F
-
detections on IP relations: https://www.virustotal.com/gui/ip-address/162.243.29.224/relations
-
Mainly check for cloaking and weird redirects, not here: http://isithacked.com/check/https%3A%2F%2Fdmstreeremoval.com.au%2F
-
DOM-XSS results:
Results from scanning URL: -https://dmstreeremoval.com.au
Number of sources found: 4
Number of sinks found: 249
Results from scanning URL: -https://dmstreeremoval.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Number of sources found: 32
Number of sinks found: 13
Results from scanning URL: -https://dmstreeremoval.com.au/wp-content/plugins/photoswipe-masonry/photoswipe-masonry.js?ver=4.9.8
Number of sources found: 14
Number of sinks found: 4
Results from scanning URL: -https://dmstreeremoval.com.au/wp-content/plugins/photoswipe-masonry/photoswipe-dist/photoswipe-ui-default.min.js?ver=4.9.8
Number of sources found: 12
Number of sinks found: 2
Results from scanning URL: -https://dmstreeremoval.com.au/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Number of sources found: 44
Number of sinks found: 33
Results from scanning URL: -https://dmstreeremoval.com.au/wp-content/plugins/kiwi-logo-carousel/third-party/jquery.bxslider/jquery.bxslider.js?ver=4.9.8
Number of sources found: 12
Number of sinks found: 12
-
Also a scan for PHP driven Word Press CMS at https://hackertarget.com/wordpress-security-scan/
Reputation Check
PASSED
Google Safe Browse: OK
Spamhaus Check: OK
Abuse CC: OK
Dshield Blocklist: OK
Cisco Talos Blacklist: OK
Web Server:
Apache/2.4.6
X-Powered-By:
PHP/7.1.8
IP Address:
-162.243.29.224
Hosting Provider:
DigitalOcean
Shared Hosting:
276 sites found on -162.243.29.224
-
Outdated software on webserver and for Word Press and missing security headers qualified a a High Risk site at:
https://sitecheck.sucuri.net/results/https/dmstreeremoval.com.au
-
Total of 13 direct threats detected here: https://app.upguard.com/webscan#/https://dmstreeremoval.com.au
Security Checks for -https://dmstreeremoval.com.au
(2) Vulnerabilities can be uncovered more easily
(4) Susceptible to man-in-the-middle attacks
Vulnerabilities
(2) Emails can be fraudulently sent
(3) Unnecessary open ports
DNS is susceptible to man-in-the-middle attacks
- https://urlscan.io/result/9cf81b77-d79f-4aa5-9d65-ce5be4f715c8
Verdict non-malicious non-suspicious site, outdated software and server software, so High Risk website,
various security issues and missing best policies being implemented. Looks good, less secury.
As security is often a last resort thing in website developing and also maintaining websites.
Enjoy checking your websites, folks,
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Rather specific and fully random source: https://libraryofbabel.info/
A treat for full encryption lovers. See for instance: https://libraryofbabel.info/anglishize.cgi?
Info credits go to Sabroni at https://forums.theregister.co.uk/forum/all/2019/07/23/us_encryption_backdoor/
When nobody has full encryption only cybercriminals will have. Think of it, folks.
Do you want to hand over your general key(s), please 
polonus
Address still launching malware:
2019-08-08 17:27:05 -http://patogh-7f.rozblog.c ... 79.127.127.68 IR JS/CoinMiner.AHpotentiallyunwantedapplication
Re: https://otx.alienvault.com/indicator/ip/79.127.127.68 & https://www.threatminer.org/host.php?q=79.127.127.68
polonus
polonus
689
website checks and crypt check:
https://urlscan.io/result/49f31b2f-0b76-4977-973c-131aa0124576/
https://urlscan.io/domain/www.esri.com
https://securityheaders.com/?q=www.esri.com&followRedirects=on
https://observatory.mozilla.org/analyze/www.esri.com#third-party & https://observatory.mozilla.org/analyze/www.esri.com
https://tls.imirhil.fr/https/www.esri.com
https://webhint.io/scanner/d4503ab6-e6ba-4664-8cd8-c00794392d9f#category-Security
Retire.js
jquery 1.12.4 Found in -https://www.esri.com/etc/clientlibs/esri-sites/components.a85066077ee6f134710aeddea8215009.js
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution
A parser-blocking, cross site (i.e. different eTLD+1) script, , is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See for more details. On Avast Secure Browser with Shift + Ctrl + I.
Why? Read here: https://developers.google.com/web/updates/2016/08/removing-document-write
polonus
polonus
690
polonus
691
polonus
692
Logging in with your facebook account, what privacy implications do you have to fear not blocking facebook?
The impact of a non-blocked visit:
https://privacyscore.org/site/143919/
& https://urlscan.io/result/5ea7f793-0c20-4fd9-8f1a-bb810babfab3
Or the consequenties for your digital privacy seen here:
https://urlscan.io/result/5ea7f793-0c20-4fd9-8f1a-bb810babfab3#links
Just interesting to skim through - JavaScript behaviour on that site:
https://urlscan.io/result/5ea7f793-0c20-4fd9-8f1a-bb810babfab3#behaviour
Did not know they used babel helper (generated per session).
Better than to speculate is to let the facts speak out for themselves. info credits: luntrus
polonus (volunteer 3rd part cold recon website security analyst and website error-helper)
bob3160
693
The best way to avoid the privacy implications that are part of Facebook,
is to never open a Facebook account. Once opened, expect to kiss your privacy bye bye.
DavidR
694
Guess why I have given social networking and the like a wide berth since they first appeared 
polonus
695
Super Logout online: http://kapat.org/
Intel search engine, made by Peter Kleissner, the sinkhole expert.
Polonus was trained in automatic sinkholing expertise online by Peter Kleissner, n
ow head of Intelligence X
Re: https://intelx.io/?did=d4a06454-081c-45be-9ed2-9329499c5e89
and see how we reached that super logout tool…
polonus
polonus
696
Coming to USA Firefox now:
DoH: https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/
Advantages and disadvantages.
See Client Support: https://en.wikipedia.org/wiki/DNS_over_HTTPS
This all to battle against abuse of unencrypted DNS request connections.
Why this is not such a good idea for end-users:
-
Concentrating all DoH requests with a small group of external players (like CloudFlare, Google) will mean an enhanced privacy risk for a large number of Internet-users, because mentioned players will exactly know for a great numer of Internet-users when and what websites they visit. Censorship and downgrading of certain websites is not unthinkable. From a privacy viewpoint it would be a goiod thing one could have many more DoH providers to choose from, but then blacklisting will be more of a problem, because;
-
Local DNS-logging does no longer take place at firm-level. Of-course such logging means an enhanced risk, but it will enable you to detect compromitted devices within your network;
-
DoH will raise demand for TLS-interception considerably and the risks therof outbalance overall profit.
(info credits: Erik van Straaten).
Using Pi-hole in such a setting makes you dependant on just one single DOH-provider. What about virtual hosts on one IP address.
But “DNS queries for the A and AAAA records for the domain “use-application-dns.net” must respond with NXDOMAIN rather than the IP address retrieved from the authoritative nameserver”.
Mozilla just thinks to comply with the following contract: In the US, Firefox by default directs DoH queries to DNS servers that are operated by CloudFlare, meaning that CloudFlare has the ability to see users’ queries. Mozilla has a strong Trusted Recursive Resolver (TRR) policy in place that forbids CloudFlare or any other DoH partner from collecting personal identifying information.
To mitigate this risk, our partners are contractually bound to adhere to this policy. (does not just only apply to Cloudflare’s)
Source: https://support.mozilla.org/en-US/kb/firefox-dns-over-https
Whenever you are used to non-existing Interwebz-privacy this is not a big thing, remember only that it only furthers the monopoly status of the big players, like we have Google, CloudFlare,
So again less to choose from, or use: Intra — an Android application by Jigsaw to route your DNS queries to a DNS-over-HTTPS server of your choice, re: https://play.google.com/store/apps/details?id=app.intra
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
polonus
697
Several Public DOH servers tested against Mozilla Observatory Scan.
- https://observatory.mozilla.org/analyze/dns.adguard.com F-grade status
- https://observatory.mozilla.org/analyze/dns.google B- grade status
- https://observatory.mozilla.org/analyze/cloudflare-dns.com C- grade status
- https://observatory.mozilla.org/analyze/dns9.quad9.net no 200 OK returned, F-grade status
- https://observatory.mozilla.org/analyze/doh.cleanbrowsing.org B-grade status
- https://observatory.mozilla.org/analyze/doh.crypto.sx D- grade status
- https://doh-ch.blahdns.com/dns-query no 200 OK returned, F-grade status
- https://observatory.mozilla.org/analyze/dns.rubyfish.cn D+ grade status
- https://observatory.mozilla.org/analyze/doh.dnswarden.com no 200 OK returned D+ grade status
10… EU server: https://observatory.mozilla.org/analyze/dns.aaflalo.me D+ grade status
- https://observatory.mozilla.org/analyze/doh.captnemo.in D- grade status
- https://observatory.mozilla.org/analyze/rdns.faelix.net no 200 OK returned, D- status
- https://observatory.mozilla.org/analyze/doh.armadillodns.net F-grade status
- https://observatory.mozilla.org/analyze/doh.netweaver.uk no 200 OK returned C- grade status
15: https://observatory.mozilla.org/analyze/jp.tiar.app has an A+ status
Found at: https://github.com/curl/curl/wiki/DNS-over-HTTPS
From thiese results it seems that DNSSec Japan, is best, A+ status grade,
No Censorship, No Logging, No ECS, support DNSSEC in Japan,
Nihon iti! (source credits go to: luntrus)
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
polonus
698
polonus
699
AMP
Why AMP is bad? Read: https://medium.com/@danbuben/why-amp-is-bad-for-your-site-and-for-the-web-e4d060a4ff31
Convert to AMP: https://www.ezoic.com/google-amp-converter/?{lpurl}?utm_source=google&utm_medium=g&utm_term=accelerated%20mobile%20pages&utm_content=228474895894&utm_campaign=755009171&utm_source=google&utm_medium=g&utm_term=accelerated%20mobile%20pages&utm_content=228474895894&utm_campaign=755009171&gclid=EAIaIQobChMI0Zfv49j15AIVTPlRCh2hQAdaEAAYASAAEgL32fD_BwE
Test AMP: https://search.google.com/test/amp
And see in the light of Google’s (non-)existing privacy policies: https://www.theregister.co.uk/2019/09/25/google_privacy_wc3/
What is shown often is not known, end-user transparency does not exist or barely,
end-users aren’t fully aware of the tracking and data-slurping that is going on all of the time all the time,
and it almost seems end-users rather not know.
A rather small percentage of “wokers” to these facts of digital life around. It is all about less user-control
on content (fake news), analytics & design, and more advanced Google control.
-
(Most important) Use a VPN or Proxy server.
-
Use an ad blocker.
-
Disable 3rd party cookies.
-
Disable JavaScript or use just what you need to make the webpage function for you (uMatrix)
-
Use a good browser and not the Google Chrome (clone) spyware)).
When using Google Chrome use it in incognito mode (and it does not track you that way). (info credits; Maelstorm)
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
polonus
700
