Website Review

Enter domain


← Click to update
drownattack.com

Website review drownattack.com

 Generated on May 07 2021 09:03 AM

Old statistics? UPDATE !


The score is 42/100

SEO Content
Title

DROWN Attack



Length : 12

Perfect, your title contains between 10 and 70 characters.
Description



Length : 0

Very bad. We haven't found meta description on your page. Use this free online meta tags generator to create description.
Keywords



Very bad. We haven't found meta keywords on your page. Use this free online meta tags generator to create keywords.
Og Meta Properties This page does not take advantage of Og Properties. This tags allows social crawler's better structurize your page. Use this free og properties generator to create them.
Headings
H1 H2 H3 H4 H5 H6
1 2 4 22 0 0
  • [H1] The DROWN Attack
  • [H2] Full technical paper
  • [H2] Q&A
  • [H3] What can the attackers gain?
  • [H3] Who is vulnerable?
  • [H3] Is my site vulnerable?
  • [H3] How do I protect my server?
  • [H4] What does DROWN stand for?
  • [H4] What are the technical details?
  • [H4] How can I contact the DROWN research team?
  • [H4] Is there a CVE for DROWN?
  • [H4] How easy is it to carry out the attack? Is it practical?
  • [H4] What popular sites are affected?
  • [H4] Is the vulnerability currently being exploited by attackers?
  • [H4] SSLv2 has been known to be insecure for 20 years. What’s the big deal?
  • [H4] Does DROWN allow an attacker to steal the server’s private key?
  • [H4] Can DROWN be also used to perform MitM attacks?
  • [H4] Does Perfect Forward Secrecy (PFS) prevent DROWN?
  • [H4] Do I need to get a new certificate for my server?
  • [H4] Do I need to update my browser?
  • [H4] I have a firewall that allows filtering of SSLv2 traffic. Should I filter that traffic?
  • [H4] Can I detect if someone has exploited this against me?
  • [H4] My HTTPS server is certified PCI compliant, so I already know I have SSLv2 disabled. Do I still need to take action?
  • [H4] I have an old embedded device that doesn’t allow me to disable SSLv2, and I have to keep it running. What do I do?
  • [H4] SSLLabs says I have SSLv2 disabled. That means I’m safe, right?
  • [H4] Why does your tool say I support SSLv2, but nmap says I don't?
  • [H4] Are you planning to release the code for your implementation of the attack?
  • [H4] What factors contributed to DROWN?
  • [H4] Where else can I learn about DROWN?
Images We found 2 images on this web page.

2 alt attributes are empty or missing. Add alternative text so that search engines can better understand the content of your images.
Text/HTML Ratio Ratio : 77%

This page's ratio of text to HTML code is more than 70 percent, this means that your the page might run the risk of being considered spam.
Flash Perfect, no Flash content has been detected on this page.
Iframe Great, there are no Iframes detected on this page.

URL Rewrite Good. Your links looks friendly!
Underscores in the URLs We have detected underscores in your URLs. You should rather use hyphens to optimize your SEO.
In-page links We found a total of 62 links including 6 link(s) to files



Anchor Type Juice
Paper Internal Passing Juice
Q&A Internal Passing Juice
many popular sites Internal Passing Juice
this OpenSSL blog post External Passing Juice
KB245030 External Passing Juice
Apache Internal Passing Juice
Postfix Internal Passing Juice
Nginx External Passing Juice
Debian External Passing Juice
Red Hat External Passing Juice
Conference paper Internal Passing Juice
Bibtex Internal Passing Juice
Original tech report Internal Passing Juice
What does DROWN stand for? Internal Passing Juice
What are the technical details? Internal Passing Juice
How can I contact the DROWN research team? Internal Passing Juice
Is there a CVE for DROWN? Internal Passing Juice
How easy is it to carry out the attack? Is it practical? Internal Passing Juice
What popular sites are affected? Internal Passing Juice
Is the vulnerability currently being exploited by attackers? Internal Passing Juice
SSLv2 has been known to be insecure for 20 years. What’s the big deal? Internal Passing Juice
Does DROWN allow an attacker to steal the server’s private key? Internal Passing Juice
Can DROWN be also used to perform MitM attacks? Internal Passing Juice
Does Perfect Forward Secrecy (PFS) prevent DROWN? Internal Passing Juice
Do I need to get a new certificate for my server? Internal Passing Juice
Do I need to update my browser? Internal Passing Juice
I have a firewall that allows filtering of SSLv2 traffic. Should I filter that traffic? Internal Passing Juice
Can I detect if someone has exploited this against me? Internal Passing Juice
My HTTPS server is certified PCI compliant, so I already know I have SSLv2 disabled. Do I still need to take action? Internal Passing Juice
I have an old embedded device that doesn’t allow me to disable SSLv2, and I have to keep it running. What do I do? Internal Passing Juice
SSLLabs says I have SSLv2 disabled. That means I’m safe, right? Internal Passing Juice
Why does your tool say I support SSLv2, but nmap says I don't? Internal Passing Juice
Are you planning to release the code for your implementation of the attack? Internal Passing Juice
What factors contributed to DROWN? Internal Passing Juice
Where else can I learn about DROWN? Internal Passing Juice
Sebastian Schinzel External Passing Juice
Juraj Somorovsky External Passing Juice
Nadia Heninger External Passing Juice
Jens Steube External Passing Juice
Luke Valenta External Passing Juice
David Adrian External Passing Juice
J. Alex Halderman External Passing Juice
Emilia Käsper External Passing Juice
Shaanan Cohney External Passing Juice
Christof Paar External Passing Juice
Yuval Shavitt External Passing Juice
CVE-2016-0800 External Passing Juice
CVE-2015-3197 External Passing Juice
explained above Internal Passing Juice
SSLLabs External Passing Juice
the way cryptography External Passing Juice
was weakened External Passing Juice
FREAK External Passing Juice
Logjam External Passing Juice
restrictions on the design of cryptography External Passing Juice
Matt Green: Attack of the week: DROWN External Passing Juice
Ivan Ristic: DROWN Abuses SSL v2 to Attack TLS External Passing Juice
Ars Technica: More than 11 million HTTPS websites imperiled by new decryption attack External Passing Juice
svg Internal Passing Juice
CC0 Internal Passing Juice
Sarah Madden External Passing Juice
Imprint Internal Passing Juice

SEO Keywords
Keywords Cloud key connections sslv2 servers attacker openssl server attack vulnerable drown
Keywords Consistency
Keyword Content Title Keywords Description Headings
sslv2 53
server 47
drown 46
servers 36
attack 29

Usability
Url Domain : drownattack.com
Length : 15
Favicon Great, your website has a favicon.
Printability We could not find a Print-Friendly CSS.
Language Good. Your declared language is en.
Dublin Core This page does not take advantage of Dublin Core.

Document
Doctype HTML 5
Encoding Perfect. Your declared charset is UTF-8.
W3C Validity Errors : 8
Warnings : 27
Email Privacy Warning! At least one email address has been found in the plain text. Use free antispam protector to hide email from spammers.
Deprecated HTML Great! We haven't found deprecated HTML tags in your HTML.
Speed Tips
Excellent, your website doesn't use nested tables.
Too bad, your website is using inline styles.
Great, your website has few CSS files.
Perfect, your website has few JavaScript files.
Too bad, your website does not take advantage of gzip.

Mobile
Mobile Optimization
Apple Icon
Meta Viewport Tag
Flash content

Optimization
XML Sitemap Missing

Your website does not have an XML sitemap - this can be problematic.

A sitemap lists URLs that are available for crawling and can include additional information like your site's latest updates, frequency of changes and importance of the URLs. This allows search engines to crawl the site more intelligently.
Robots.txt http://drownattack.com/robots.txt

Great, your website has a robots.txt file.
Analytics Missing

We didn't detect an analytics tool installed on this website.

Web analytics let you measure visitor activity on your website. You should have at least one analytics tool installed, but It can also be good to install a second in order to cross-check the data.

PageSpeed Insights

Device
Categories

Developed by PHP5 Developer  |  Website Screenshots by PagePeeker |  Terms and Conditions  |  Privacy Policy

Visi mobilieji | Darbo birža | Receptai | Vyriski ir moteriski batai | ETS 2 mods | Kur apsistoti Šiauliuose? | IT naujienos |