See how Google Chrome makes user tracking through installed extensions possible.
This can be achieved via web-accessible-resources.
Secret tokens of extensions cannot hide from a specific timing method to their existence being revealed,
the more extensions installed the more precise and unique your user borwser fingerprint will be.
Test here: https://coveryourtracks.eff.org/kcarter?aat=1 (for other browser-tracking methods)
Most characteristics are derived via JavaScript, a decent script blocker of sorts is a must nowadays,
as most monoculture browsers come as user tracking tools par excellence.
Resolves to -www.tdcautomotive.com
Expiration date Jun 17, 2023
Vendor signed No
Hostname Doesn’t Match
Key length 2048
Server type NA
Common name -tdcautomotive.com
SAN -tdcautomotive.com, -www.tdcautomotive.com
Organization Starfield Technologies, Inc.
Common name Starfield Secure Certificate Authority - G2 Starfield Secure Certificate Authority - G2
Serial number a4:36:46:d1:88:8f:65:d7
Signature algorithm sha256WithRSAEncryption
Fingerprint (SHA-1) C4DD2404FFA414580125E5A6DD936D4854750A13
Fingerprint (MD5) C7DECE69DB4AEE913298BBDA0C40BC48
Retire.js results:
jquery 1.12.4 Found in
-https://www.tdcautomotive.com/pub/static/frontend/Smartwave/porto/en_GB/jquery.js _____Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution
Medium CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
Medium CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
knockout 3.4.2 Found in
htxps://www.tdcautomotive.com/pub/static/frontend/Smartwave/porto/en_GB/knockoutjs/knockout.js _____Vulnerability info:
Medium XSS injection point in attr name binding for browser IE7 and older
[Quote]We will test your domain name against 17 of the most popular public DNS resolvers available.
AdGuard
CleanBrowing
CloudFlare 1.1.1.1
CloudFlare 1.1.1.3 (Family Filter)
Norton ConnectSafe
Google 8.8.8.8
OpenDNS Family
Quad9
Yandex DNS
Comodo Secure DNS
[/quote]
Check page for DNS via IP: https://matrix.spfbl.net/en/134.209.188.55
All attack samples given here: https://www.thegeekstuff.com/2012/02/xss-attack-examples/
were detected by Malware Script Detector v. 02b run in Tampermonkey extension.
Given in as a Yahoo query this script ‘barked’ and blocked access.
Example of such a query blocked:
Console messages: Mixed Content: The page at ‘httxs://www.threeworldwars.com/world-war-3/ww3.htm’ was loaded over a secure connection, but contains a form that targets an insecure endpoint ‘htxp://www.google.com/custom’. This endpoint should be made available over a secure connection.
-ww3.htm:1 Mixed Content: The page at ‘htxps://www.threeworldwars.com/world-war-3/ww3.htm’ was loaded over HTTPS, but requested an insecure script ‘hxtp://www.google-analytics.com/urchin.js’. This request has been blocked; the content must be served over HTTPS.
-ww3.htm:647 Uncaught ReferenceError: urchinTracker is not defined
at -ww3.htm:647
-ww3.htm:650 A parser-blocking, cross site (i.e. different eTLD+1) script, -htxps://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See
-htxps://www.ch40mestatus.qjz9zk/feature/5718547946799104 for more details.
(anonymous) @ -ww3.htm:650
-ww3.htm:650 A parser-blocking, cross site (i.e. different eTLD+1) script, -https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See htxps://www.ch40mestatus.qjz9zk/feature/5718547946799104 for more details.
(anonymous) @ ww3.htm:650
-ga.js:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-adsbygoogle.js:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-connect.facebook.net/en_US/all.js#xfbml=1:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-e8af8301-45e2-41c6-9212-9421ce1b1dc7.js:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-sp.js:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-onLoadModule.js:72 …Selector Finder is running…
VM51:1 Uncaught ReferenceError: popWin is not defined
at :1:1
3rd party cookie issues: Mixed content: load all resources via HTTPS to improve the security of your site
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-adsbygoogle.js:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-connect.facebook.net/en_US/all.js#xfbml=1:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-e8af8301-45e2-41c6-9212-9421ce1b1dc7.js:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-sp.js:1 Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
-onLoadModule.js:72 …Selector Finder is running…
VM51:1 Uncaught ReferenceError: popWin is not defined
at :1:1
Enjoy,
polonus (- and x added in quote by me for obvious reason)
Next through avast protect your privacy against mass surveillance and total control measures:
→ privacytools.io
When not strictly obligatory do not enter personal identifiable data, when you can avoid it,
use an alias in stead. Do not share data online, that you would not already share with all of the globe,
because that is where all data goes on Interwebz.
Always keep this reasoning at the back of your heads, folks.
Once bitten, twice shy, and do’nt take coal to Newcastle (…they already have plenty of that there) .
The following plugins were detected by reading the HTML source of the WordPress sites front page.
Plugin Update Status About
popup-builder 4.1.9 Warning latest release (4.1.13) https://popup-builder.com
ultimate-social-media-icons 2.7.5 Warning latest release (2.7.7) http://ultimatelysocial.com
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.
There are likely more plugins installed than those listed here as the detection method used here is passive. While these results give an indication of the status of plugin updates, a more comprehensive assessment should be undertaken by brute forcing the plugin paths using a dedicated tool.
Linked sites given the all green as well as JS links.
File not found for me because blocked: File not found: hxtps://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8450070672787649
Retirable code found up with retire.js
jquery-ui 1.13.1 Found in hxtps://ufoholic.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 _____Vulnerability info:
Medium CVE-2022-31160 XSS when refreshing a checkboxradio with an HTML-like initial text label
Different findings from retire.js and otto.js extensions inside a chromium browser.
Both extensions are developers hlping tools:
Retire.js alerts retirable js libraries (outdated & vulnerable).
Otto.js extension checks on the visiting webpage for security issues like Tracking scripts, Data Stealing, Malware and Weak site security, it will also alert for vulnerable javascript as retire.js does.
Otto.js for this avast forum website alerts for a tracking script by kslogs.ru.
.