Nothing flagged by Sucuri’s: http://sitecheck.sucuri.net/results/api-usa.com & here: http://urlquery.net/report.php?id=1415281049451
htxp://www.intelligentexploit.com/view-details.html?id=10268 for eploit in Running cPanel 11.44.1.19: api-usa.com:2082
I get a 301·Moved·Permanently. The location line in the header above has redirected the request to: http://api-usa.com/
42 sites on one and the same IP: http://dnstree.com/198/46/86/236/
& http://dnstree.com/198/46/86/236/
VirusTracker info: api-usa.com,198.46.86.236,ns.inmotionhosting.com,Parked/expired,
Registered and active: http://whois.domaintools.com/api-usa.com
Nameserver information
De SOA record is onderverdeeld in:
source host
ns.inmotionhosting.com.
contact email
machinemessages.forum.inmotionhosting.com.
serial number
2013060300
refresh time
86400
retry time
7200
expire time
3600000
minimum time
86400
De NS records zijn onderverdeeld in:
Name server
ns2.inmotionhosting.com.
ip nummer
70.39.150.2
arpa
ns2.inmotionhosting.com.
correctheid van de arpa
Ja
Name server
ns.inmotionhosting.com.
ip nummer
74.124.210.242
arpa
ns.inmotionhosting.com.
correctheid van de arpa
Ja
Er is geen MX record gevonden
Er is geen A record gevonden
Er is geen A record gevonden
api-usa.com
WARNING: Name servers software versions are exposed:
70.39.150.2: “9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1”
74.124.210.242: “9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6”
Exposing name server’s versions may be risky, when a new vulnerability is found your name servers may be automatically exploited by script kiddies until you patch the system. Learn how to hide version. → http://www.dnsinspect.com/api-usa.com/1415281704
Security headers
Result Category Name Actual Value Our Recommendation
Missing Framing X-Frame-Options Use ‘sameorigin’
Missing Transport Strict-Transport-Security Use ‘max-age=31536000; includeSubDomains’
Missing Content X-Content-Type-Options Use ‘nosniff’
Correct Content Content-Type text/html; charset=utf-8 Use ‘text/html;charset=utf-8’
Missing XSS X-XSS-Protection Use ‘1; mode=block’
Warning Caching Cache-Control max-age=2592000 Add ‘no-cache, no-store, must-revalidate’
Missing Caching Pragma Use ‘no-cache’
Warning Caching Expires Sat, 06 Dec 2014 13:50:15 GMT Use ‘-1’. Currently, expiration is current time plus 2591999 seconds.
Missing Access Control X-Permitted-Cross-Domain-Policies Use ‘master-only’
Missing Content Security Policy Content-Security-Policy Try Content-Security-Policy-Report-Only to start. Include default-src ‘self’, avoid ‘unsafe-inline’ and ‘unsafe-eval’
Cleansed code: https://www.ghostery.com/nl/gcache/?n=R29vZ2xlIEFuYWx5dGljcw%3D%3D&s=aHR0cHM6Ly9zc2wuZ29vZ2xlLWFuYWx5dGljcy5jb20vZ2EuanM%3D
polonus