Website Security Test of mascoshop.online

Executive Summary for mascoshop.online

• Web Software Security Test
  15 third-party web software dependancies were identified. None appear to be outdated, and no known vulnerabilities were detected. 14 identified third-party web software dependancies have unknown versions. The CMS (WordPress) was identified, however, its version could not be determined. The following CMS components, JS-libraries or frameworks were identified: Google Listings & Ads, Site Kit by Google, WP-Live Chat by 3CX, and others. Software fingerprinting may be restricted by the system, so the results could be incomplete. Show details.
• GDPR Compliance Test
  No obvious GDPR-related compliance issues were detected across Privacy Policy, Website Security, TLS Encryption, Cookie Protection, Cookie Disclaimer. Website Security check may be incomplete due to a scanning timeout. Show details.
• PCI DSS Compliance Test
  No obvious PCI DSS compliance issues were detected for Requirements 6.3 and 6.4. Show details.
• HTTP Headers Security Test
  Issues were identified with key security headers: missing Strict-Transport-Security, X-Content-Type-Options, X-Frame-Options; misconfigured Content-Security-Policy. An optional HTTP header may not be properly configured: X-Powered-By. Show details.
• Content Security Policy (CSP) Test
  Content-Security-Policy is enforced but configuration issues were identified: directive errors. A report-only Content-Security-Policy is not present. Show details.
• Cookies Privacy and Security Test
  No cookies were detected. Show details.
• External Content Security Test
  36 external requests detected; 7 requests failed. SRI is not used for 11 third-party JavaScript and CSS files. Show details.
• Protection from Data Scraping Test
  No significant anti-scraping protections were detected. Show details.
• DNSSEC Configuration Test
  DNS A record detected; DNSSEC signatures are not present. Show details.