Professional Documents
Culture Documents
Website - Security - Test - Maua - ImmuniWeb Website Security Test Report - NnpOdlZq
Website - Security - Test - Maua - ImmuniWeb Website Security Test Report - NnpOdlZq
B+
Server IP: 177.73.176.47
B
Reverse DNS: 177-73-176-47.sothis.com.br
Location: São Paulo C
Headers
Security Test
7 5 0
Fingerprinted CMS & Vulnerabilities
jQuery 3.6.0
The component is outdated. No known security vulnerabilities found. Update to the most recent version 3.7.1.
Bootstrap 4.5.2
The component is outdated. No known security vulnerabilities found. Update to the most recent version 4.6.2.
Core-js 3.0.0—3.11.0
The component is outdated. We fingerprinted several possible versions of the component due to slow speed
of the web server or modifications in the component code. Current most recent version is 3.32.1.
Popper-core 1.16.1
The component is outdated. No known security vulnerabilities found. Update to the most recent version
2.11.8.
Bluebird 3.3.4
The component is outdated. No known security vulnerabilities found. Update to the most recent version 3.7.2.
Pdfh5 1.4.5
Owlcarousel2 2.3.4
If the website processes or stores personal data of the EU residents, the following requirements of EU GDPR may
apply:
PRIVACY POLICY
WEBSITE SECURITY
No publicly known vulnerabilities were found in the website CMS or its components. Good configuration
TLS ENCRYPTION
COOKIE PROTECTION
COOKIE DISCLAIMER
If the website falls into a CDE (Cardholder Data Environment) scope, the following Requirements of PCI DSS may
apply:
REQUIREMENT 6.2
Website CMS or its components seem to be outdated. Check for available Misconfiguration or
updates. weakness
REQUIREMENT 6.5
REQUIREMENT 6.6
The website seems to be protected by a WAF. Review its logs and configuration on
Good configuration
a periodic basis.
Some HTTP headers related to security and privacy are missing or Misconfiguration or
misconfigured. weakness
X-Frame-Options X-Content-Type-Options
Access-Control-Allow-Origin Permissions-Policy
SERVER
The web server discloses its version, potentially facilitating further attacks Misconfiguration or
against it. weakness
Server
CONTENT-SECURITY-POLICY