Website Security Test of labeneko.blog.fc2.com

Executive Summary for labeneko.blog.fc2.com

• Web Software Security Test
  4 third-party web software dependancies were identified, including 3 outdated dependancies. One known vulnerability was detected. One identified third-party web software dependancy has an unknown version. The identified CMS (OpenResty) appears to be up to date. The following CMS components, JS-libraries or frameworks were identified: ua-parser-js, react, next.js. Show details.
• GDPR Compliance Test
  Potential GDPR compliance issues were identified related to Privacy Policy, Website Security, Cookie Protection, Cookie Disclaimer. Show details.
• PCI DSS Compliance Test
  Potential PCI DSS compliance issues were identified related to Requirements 6.3 and 6.4. Show details.
• HTTP Headers Security Test
  All key security headers are missing. An optional HTTP header may not be properly configured: Content-Security-Policy-Report-Only. Show details.
• Content Security Policy (CSP) Test
  Content-Security-Policy is not enforced; only a report-only policy was detected. The report-only Content-Security-Policy contains issues: overly permissive directives, deprecated directives, directive errors. Show details.
• Cookies Privacy and Security Test
  2 cookies detected; bloguid, cookietest have security or privacy-related configuration issues. Show details.
• External Content Security Test
  44 external requests detected; 1 request failed. SRI is not used for 12 third-party JavaScript and CSS files. Show details.
• Protection from Data Scraping Test
  No significant anti-scraping protections were detected. Show details.
• DNSSEC Configuration Test
  DNS CNAME record detected; DNSSEC signatures are not present. Show details.