CTS_Report_20211031_eaglehillsjordan_com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/~xfs by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/wp-content/~wp-config.php.backup 5.3 by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/wp-config.swp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/~www by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/.wwwacl by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/3fexeShell.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ASpy.asp by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Ani-Shell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/3fexe.asp by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/AK-74SecurityTeam.php by using a 5.3 GET request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 51/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/zebra.conf by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ASPYDrvsInfo.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ASPCmdShellOnIIS5.1.asp by using 5.3 a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/404webshell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/404infiltrateteam.asp by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/150.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/AntichatShellv1.3.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/AntichatShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/529.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/12309.php by using a GET request on 5.3 the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 52/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/AntichatSocks5Serverv1.0.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/xmlrpc.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Ajax_PHPCommandShell.php by us- 5.3 ing a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/2011.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ASPYDrvsInfo.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/CrystalShellv.1.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Backupscriptonserver.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/BackConnect.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/C99madShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/CarbylaminePHPEncoder.php by us- 5.3 ing a GET request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 53/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/Bnkqbakq.php by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/CWShellDumper.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Backdoorphpv0. 5.3 1CodedByCharlichaplin.php by using a GET request on the URL with- out prior knowledge. Retrieved https://eaglehillsjordan.com/CasuS1.5.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Antichat_Shell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/BLaSTER.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/AyyildizTim.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/AventisKlasVayv1.0.asp by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/AspRootkit1.0byBloodSword.asp by 5.3 using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/CommandShell.php by using a GET 5.3 request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 54/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/Crystal.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/CmdAsp.asp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/B374kBetaShElLV1.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/AventGrup-Sincap1.0.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/CyberShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/DToolPro.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/DDoSattack.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/FaTaLShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Dx.php by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Ekin0x.php by using a GET request 5.3 on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 55/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/EgY_SpIdErShElLV2.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/EditedByKingDefacer.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/DiveShell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ElmaliSeker.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/GRPWebShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/FaTaLisTiCz_Fx.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/DefaceKeeper0.2.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/EFSO.asp by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/GNY.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/GFSweb-shell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 56/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/Fileupload.asp by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ELMALISEKERBackd00r.asp by us- 5.3 ing a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/G5.php by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/DAws.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/CyberSpy5.Asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Micro_Webshell.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Locus7s.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/KA_uShell0.1.6.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/NTDaddyv1.9.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/KnullShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 57/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/NTDaddyv1.9.php by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/NCC-Shell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/MatamuMat.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/I-47v1.3.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/NetworkFileManagerPHP.php by us- 5.3 ing a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/LoaderzWEBShell.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Non-alphanumeric.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/MysqludfbyM4ster.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/MoroccanSpamersMa.php by using 5.3 a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/MySQLWebShell.php by using a GET 5.3 request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 58/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/Mysqlinterfacev1.0.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/GammaWebShell.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Loader’zWEBShellv0.1.0.2.php by 5.3 using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/NCCShellv1.0.0.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Lolipop.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/RHTOOLS1.5BETA(PVT) 5.3 EditedByKingDefacer.asp by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PHPRemoteView.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Php_Backdoor.txt.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PHPWebShellbyoTTo.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PHPSPY.php by using a GET request 5.3 on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 59/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/PHANTASMA.php by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PHVayv.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/RedHatHacker.asp by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Privatex0rgWebHostingBypass.php 5.3 by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PhpShell2.0.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/RemoteExplorer.asp by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/RHTOOLS1.5BETA(PVT).asp by us- 5.3 ing a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PhpSpyVer2006.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PhpBackdoorv.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Private-i3lue.php by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 60/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/RemExp.asp by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Predator.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PHPJackal.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PH_Vayv.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/PHPShell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SimAttacker.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ServerVariables.asp by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SilicGroupHackerArmy.php by using 5.3 a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SnIpEr_SA%20Shell.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SSTSheller.php by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 61/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/Safe0verShell.php by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Rootshell.v.1.0.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/StoredProcedureExecute.aspx by us- 5.3 ing a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Safemodebreaker.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SmallWebShellbyZaCo.php by using 5.3 a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ShellCommander.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SpiderPHPShell.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SmallShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SosyeteSafeModeBypassShell.php 5.3 by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/STNCWebShellv0.8.php by using a 5.3 GET request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 62/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/SilicGroupphpWebshellv3.php by us- ing a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SnIpEr_SAShell.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Sincap.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Safe_Mode_Bypass.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/SimShell1.0-SimorghSecurityMGZ. 5.3 php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ZehirIV.asp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/WebShell.asp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/WelcomeToAKTeam.asp by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/WebShell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/WinXShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 63/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/ZyklonShell.php by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/WSO2.7404ErrorWebShell.php by 5.3 using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/aZRaiLPhpv1.0.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ZoRBaCKConnect.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/WordPressShell.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/WorseLinuxShell.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/accept_language.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/Webr00tshell2.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/WinMOFShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/acid.php by using a GET request on 5.3 the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 64/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/angel.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/W3DShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/aZRaiLPhp_v1.0.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/aspSH.v1.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/antichat.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/aspxSH.asp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/azrail.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/b374k.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/aspydrv.asp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/b37.php by using a GET request on 5.3 the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 65/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/aspxshell.aspx by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/byEJDER.asp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/b374k-2.5.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bdshell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/browser.jsp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/b64.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/backupsql.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/blackbin.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bug.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bdotw44shell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 66/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/bypass-iisuser-p.asp by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bs2.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bns-php-shell by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/aspwgetdragdatabase.asp by using 5.3 a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/backdoorfr.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c66.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c100.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c99-shadows-mod.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c0derzshell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c171.php by using a GET request on 5.3 the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 67/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/c99_webshell.php by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c99_PSych0.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c99v2.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c37.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bypasssafemodel.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c99ud.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cbfphpsh.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c99unlimited.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c99-Ultimate.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c993.php by using a GET request on 5.3 the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 68/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/c99_locus7s.php by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c999shell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c99_madnet.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c99madshell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/c99_w4cking.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/devshell.asp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/dC3SecurityCrewShellPRiV.php by 5.3 using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cmd_win32.jsp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/devilzShell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cmdasp.asp by using a GET request 5.3 on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 69/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/egy.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ddos.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cmd.asp by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/connect-back.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/co.php by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cihshell_fix.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/dq.php by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ctt_sh.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cmd-asp-5.1.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cmd.jsp by using a GET request on 5.3 the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 70/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/cybershell.php by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/devilzShell.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cls_Base.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cmdexec.aspx by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cmd.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/h4ck_Door.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/filesystembrowser.aspx by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/from_the_wild1.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/h4ntushell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/g00nshell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 71/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/hkmjj.asp by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/filesman.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/hkrkoz.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/iMHaPFtp.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/g00nv13.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/erne.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/hiddensshellv1.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/inDEXERAndReaDer.asp by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/gfs_sh.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/forever5pi.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 72/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/fileupload.aspx by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/h4ntu_shell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/hacker.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ex0shell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/elmaliseker.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/jspShell.jsp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/itsecteam_shell.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/load_shell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/lamashell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/lostDCshell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 73/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/liz0zim.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/jspbd.jsp by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/list.asp by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/list.jsp by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ironshell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/maingtasks.log by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/kolang-bypass.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/log.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/locus.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/iskorpitx.php by using a GET request 5.3 on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 74/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/kral.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/lostDC.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/matamu.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/isko.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/maingphp_error.log by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/myshell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/php-reverse-shell.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/phpshell17.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/nShellv1.0.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/mssql.asp by using a GET request on 5.3 the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 75/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/phpsploit.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/php-backdoor.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/php-extension-backdoor by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/php-findsock-shell.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/mma.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ntdaddy.asp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/mysql_tool.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/phpwebbackup.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/php-include-w-shell.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/pHpINJ.php by using a GET request 5.3 on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 76/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/navicat_tunnel.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/nsTView.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/nshell.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/moon_1php.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/megabor.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/pws.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/r57_iFX.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/r57shell127.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/r57shellv.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/safe0ver.php by using a GET request 5.3 on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 77/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/reverse.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/s72Shell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/simple-backdoor.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/sdoor.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/reverseshell-poc.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/qsd-php-backdoor.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/shell.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/s72_Shell.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/r57_Mohajer22.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/r57_kartal.php by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 78/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/scanner.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/pwdshellru.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ru24_post_sh.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/simattacker.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/r57.bizDq99Shell.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/udp.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/stres.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/spexec.aspx by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/soldierofallah.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/t.php by using a GET request on the 5.3 URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 79/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/up.jsp by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/toolaspshell.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/sys.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/tryag.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/spygrup.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/tool.asp by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/simple_cmd.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/sosyete.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/sys32.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/up.asp by using a GET request on the 5.3 URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 80/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/sniper.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/sniffer.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/udf.dll.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/t57shell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/spyshell.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/15840555a5a9ed4c7488481ec83740e51465ceb2. 5.3 file.logs_static.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/upfile_write.asp by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/zaco.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/%25CnC%25 by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/wordpressbackdoor.php by using a 5.3 GET request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 81/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/zehir.asp by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/1782da8d6812f696750e41aaf9e78e68e4f07578. 5.3 file.ajax.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/xynu-NormalUniversity.asp by using 5.3 a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/zacosmall.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/upl0ader.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/00ebbfdc60999b54fdbf35a0699c3551b09a33b9. 5.3 file.index.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/webhandler by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/up_win32.jsp by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/xnonymoux_webshell.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/13bb870f32f183d8828dcfe9b199b3c68789155d. 5.3 file.index.tpl.php by using a GET request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 82/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/04885805d2c6e064c2b145362c99e4adcc11ce47. file.search.tpl.php by using a GET request on the URL without prior knowl- edge. Retrieved https://eaglehillsjordan.com/08ed091025f407cb757b6c832a4b61f6930556a2. 5.3 file.links.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/zehir4.asp by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/webr00t.php by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/00284d896df6965cf6b6e99718ddcd99315200ca. 5.3 file.rights.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/8da03a92d68e0e53c275bedd439256612c468d64. 5.3 file.index.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/5a3d0c7a3173b22fbe0fe97e78394f7b88754dd6. 5.3 file.empty.tpl.php by using a GET request on the URL without prior knowl- edge. Retrieved https://eaglehillsjordan.com/a3d00170f86f14e7a6d17ddf9be395481dfa9fb7. 5.3 file.screens.tpl.php by using a GET request on the URL without prior knowl- edge. Retrieved https://eaglehillsjordan.com/8d241ee32b630592b650f219f7110d5c18b92093. 5.3 file.info.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/506702049dcb935eb57de850c79009ce8bbd7524. 5.3 file.savelog_window.tpl.php by using a GET request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 83/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/Zeus by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/73690290fb4e57b22fe3aedbc0957af0b1e637ff. 5.3 file.jobs_add_window.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/442c47b1a97b6ef63cccb7efd72d2b8b659540b5. 5.3 file.access_denied.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/CGjUwP8yJUs7RjH7OinJ by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/BmYBcnhwJxwk by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/492406078b55dd12ca968ba855cc51086aa03a05. 5.3 file.injects.tpl.php by using a GET request on the URL without prior knowl- edge. Retrieved https://eaglehillsjordan.com/7c7ce9cbe3d97d5bd48a6117b863fd4c609486a7. 5.3 file.stat.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/5f922338e39dbdc2bb87123d6882ebd59dfbc668. 5.3 file.jobs.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/N0ise by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/_bot by using a GET request on the 5.3 URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 84/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/G-Bot by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/90093ad09988b466f409a1871733c5589014713e. 5.3 file.index.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/6f7b99714cffad82719aea3b015eb61251f360f2. 5.3 file.search_window.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/23039842597b4c0eac0e62d3f7912cee20759393. 5.3 file.os_window.tpl.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ZBOT by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bot_window.tpl by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bot_window.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/botonline2.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/botnet_scripts.lng.en.php by using a 5.3 GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/botnet_bots.lng.ru.php by using a 5.3 GET request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 85/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/botnet_scripts.lng.ru.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ab2db27ca7f6cd28abfa207faf55485711f95330. 5.3 file.create.tpl.php by using a GET request on the URL without prior knowl- edge. Retrieved https://eaglehillsjordan.com/antivir_window.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bot.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/antivir.php by using a GET request on 5.3 the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bot.tpl by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/botnet_scripts.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/botnet_bots.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bot_online.tpl by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/botnet_bots.lng.en.php by using a 5.3 GET request on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 86/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/borlndmm.dat by using a GET re- quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/boi854tr4w.php by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bots by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/bot_cab.tpl by using a GET request 5.3 on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/antivir_window.tpl by using a GET re- 5.3 quest on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/mod_bots-qview.php by using a GET 5.3 request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/zecmd by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/n0ise by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/~rbtk by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/windowsupdatev7 by using a GET re- 5.3 quest on the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 87/125 https://crashtest-security.com

STATE FINDING RESULT NOTICED FIXED 5.3 Retrieved https://eaglehillsjordan.com/iclok.php by using a GET request on the URL without prior knowledge. Retrieved https://eaglehillsjordan.com/cgl-bin by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/ij83d by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/oi2c by using a GET request on the 5.3 URL without prior knowledge. Retrieved https://eaglehillsjordan.com/odw3ux by using a GET request on 5.3 the URL without prior knowledge. Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 88/125 https://crashtest-security.com

Contents 1 Overview 2 1.1 Vulnerability Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Scanner Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2.1 Status for executed Scanners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.3 Findings Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.3.1 SSL/TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.3.2 HTTPHEADER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.3.3 FINGERPRINTING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.3.4 PORTSCAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.3.5 FUZZER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 2 Findings 90 2.1 SSL/TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 2.1.1 What is this? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 2.1.2 Missing SSL CAA record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 2.1.3 SSL Cipherlist AVERAGE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 2.2 HTTPHEADER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 2.2.1 What is this? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 2.2.2 Missing HSTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 2.2.3 Content-Security-Policy Header . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 2.2.4 Same-Site Cookie . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 2.2.5 Insecure Cookies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 2.2.6 Non Httponly Cookies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 2.2.7 X-Frame-Options Header . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 2.2.8 Referrer-Policy Header . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 2.3 FINGERPRINTING . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 2.3.1 What is this? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 2.3.2 Fingerprint Web Application Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 2.4 PORTSCAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 2.4.1 What is this? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 2.4.2 Portscanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 2.5 FUZZER . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 2.5.1 What is this? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 2.5.2 Sensitive Data Exposure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany 89/125 https://crashtest-security.com

2 Findings 2.1 SSL/TLS 2.1.1 What is this? Transport Layer Security (TLS), more widely known by its predecessor Secure Sockets Layer (SSL), is a hybrid encryp- tion protocol for secure data transmission over the Internet. It encrypts the communication between server and client. The most obvious part of it is HTTPS, with which providers can secure all communications between their servers and web browsers. This ensures that valuable information like usernames, passwords and credit card information can- not be stolen by someone analyzing the network traffic. The “S” in HTTPS stands for SSL. For secure connection with HTTPS a certificate is needed. Those certificates offer different levels of security and have a fixed start- and expiration-date. To ensure a secure connection, webservers must use well configured certificates. With some mis- configured certificates it is possible to bypass the encryption, others may be blocked by web browsers because they are outdated or unknown. 2.1.2 Missing SSL CAA record Severity Base Score: informational (0/10) All values are based on the Common Vulnerability Impact: informational (0/10) Scoring System v3. Exploitability: low (3.9/10) Description The domains DNS zone does not specify any Certification Authority Authorization (CAA) record. This means that all certificate authorities (CAs) are allowed to issue certificates for this domain. To decrease the risk of rogue certificates, append the CAA settings to the DNS records. Finding + DNS Certification Authority Authorization (CAA) Resource Record / RFC6844: Not offered How to fix The domains DNS zone does not specify any Certification Authority Authorization (CAA) record. This means that all certificate authorities (CAs) are allowed to issue certificates for this domain. To decrease the risk of rogue certificates, the CAA setting needs to be added to the DNS records. More details on how to set the CAA setting can be found in the knowledge database (see Recommendations) Recommendations https://wiki.crashtest-security.com/enable-missing-ssl-caa-record Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany 90/125 https://crashtest-security.com

2.1.3 SSL Cipherlist AVERAGE Severity Base Score: low (3.7/10) All values are based on the Common Vulnerability Impact: low (1.4/10) Scoring System v3. Exploitability: low (2.2/10) Description The server is configured to support average Ciphers like SEED + 128+256 Bit CBC ciphers (AES, CAMELLIA and ARIA). This means, that an attacker can make use of an insecure SSL/TLS connection. Finding + The server is configured to use average ciphers like SEED + 128+256 Bit CBC ciphers (AES, CAMELLIA and ARIA) which are deprecated How to fix The list of supported HTTPS ciphers includes insecure ciphers. This means, that an attacker can make use of in inse- cure SSL/TLS connection. In the SSL/TLS configuration, the allowed ciphers and their order should be set to match secure values. More details on how to set these values can be found in the knowledge database (see Recommenda- tions) Recommendations https://wiki.crashtest-security.com/secure-tls-configuration Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 91/125 https://crashtest-security.com

2.2 HTTPHEADER 2.2.1 What is this? When visiting a website the response from the server will include HTTP response headers. These headers tell the browser how to behave while the user is interacting with the website. Modern browsers support a variety of security headers, which are part of the HTTP response headers. This scanner will check if the recommended security headers are set and will also verify if the headers are configured in a secure way. 2.2.2 Missing HSTS Severity Base Score: medium (4.8/10) All values are based on the Common Vulnerability Impact: low (2.5/10) Scoring System v3. Exploitability: low (2.2/10) Description The webserver does not offer HTTP Strict Transport Security (HSTS). HSTS enforces HTTPS connections, which pre- vents downgrade attacks to an insecure HTTP connection. Finding + The Strict-Transport-Security (HSTS) header is not set for URL https://eaglehillsjordan.com. How to fix The webserver does not offer HTTP Strict Transport Security (HSTS). HSTS enforces HTTPS connections. This pre- vents downgrade attacks to an insecure HTTP connection. Depending on the used SSL certificate and the webserver certain configurations have to be changed. More details on how to enable HSTS can be found in the knowledge database (see Recommendations) Recommendations https://wiki.crashtest-security.com/enable-hsts Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 92/125 https://crashtest-security.com

2.2.3 Content-Security-Policy Header Severity Base Score: medium (6.5/10) All values are based on the Common Vulnerability Impact: low (2.5/10) Scoring System v3. Exploitability: low (3.9/10) Description The Content-Security-Policy header tells the browser which domains are whitelisted to download further resources such as scripts, images or stylesheets from. This can prevent various XSS and other Cross-Site-Scripting attacks. Finding + The Content-Security-Policy header is not set for URL https://eaglehillsjordan.com. How to fix Configure the Content-Security-Policy header in a way that it only allows loading resources from trusted resources such as ’self’. Do not include ’unsafe-eval’ or ’unsafe-inline’ in order to prevent direct injections into the website. Recommendations https://wiki.crashtest-security.com/enable-security-headers Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 93/125 https://crashtest-security.com

2.2.4 Same-Site Cookie Severity Base Score: medium (6.5/10) All values are based on the Common Vulnerability Impact: low (2.5/10) Scoring System v3. Exploitability: low (3.9/10) Description The Same-Site cookie flag tells the browser where a cookie is allowed to be sent. Finding + The cookie with the name ’username’ does not have the flag ’SameSite’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_ref’ does not have the flag ’SameSite’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_content’ does not have the flag ’SameSite’ set. This may leak sensitive informa- tion. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_medium’ does not have the flag ’SameSite’ set. This may leak sensitive informa- tion. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_campaign’ does not have the flag ’SameSite’ set. This may leak sensitive infor- mation. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’gclid’ does not have the flag ’SameSite’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’email’ does not have the flag ’SameSite’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_term’ does not have the flag ’SameSite’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_url’ does not have the flag ’SameSite’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_landing_page’ does not have the flag ’SameSite’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_source’ does not have the flag ’SameSite’ set. This may leak sensitive informa- tion. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_ip’ does not have the flag ’SameSite’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_original_ref’ does not have the flag ’SameSite’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. How to fix Configure the Same-Site cookie flag in a way that it is not sent for third party requests. This can be done by setting the Same-Site cookie flag to ’Lax’ or ’Strict’. Recommendations https://wiki.crashtest-security.com/enable-security-headers Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 94/125 https://crashtest-security.com

2.2.5 Insecure Cookies Severity Base Score: medium (4.8/10) All values are based on the Common Vulnerability Impact: low (2.5/10) Scoring System v3. Exploitability: low (2.2/10) Description Cookies that are not marked as secure can be transferred via an unencrypted connection. A man-in-the-middle attack can be used to get the contents of these cookies. Finding + The cookie with the name ’handl_original_ref’ does not have the flag ’secure’ set. This may leak sensitive infor- mation. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_medium’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_source’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_content’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’gclid’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_campaign’ does not have the flag ’secure’ set. This may leak sensitive informa- tion. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_term’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’username’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_url’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_ref’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_landing_page’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’email’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_ip’ does not have the flag ’secure’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. How to fix Cookies that are not marked as secure can be transferred via an unencrypted connection. A man-in-the-middle attack can be used to get the contents of these cookies. Cookies that are not marked as http-only can be read by local scripts. In case of an Cross-Site-Scripting (XSS) attack, an attacker is able to read these cookies. Depending on the cookie content, think of enabling both settings for all cookies. This is especially important for session cookies. More details on how to set these two settings can be found in the knowledge database (see Recommendations) Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 95/125 https://crashtest-security.com

Recommendations https://wiki.crashtest-security.com/enable-secure-cookies Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 96/125 https://crashtest-security.com

2.2.6 Non Httponly Cookies Severity Base Score: medium (4.8/10) All values are based on the Common Vulnerability Impact: low (2.5/10) Scoring System v3. Exploitability: low (2.2/10) Description Cookies that are not marked as http-only can be read by local scripts. In case of an Cross-Site-Scripting (XSS) attack, an attacker is able to read these cookies. Finding + The cookie with the name ’utm_campaign’ does not have the flag ’HttpOnly’ set. This may leak sensitive infor- mation. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_ref’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_term’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_content’ does not have the flag ’HttpOnly’ set. This may leak sensitive informa- tion. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_medium’ does not have the flag ’HttpOnly’ set. This may leak sensitive informa- tion. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_ip’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_url’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’utm_source’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_original_ref’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’handl_landing_page’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’gclid’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’username’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. + The cookie with the name ’email’ does not have the flag ’HttpOnly’ set. This may leak sensitive information. This was found on URL https://eaglehillsjordan.com. How to fix Cookies that are not marked as secure can be transferred via an unencrypted connection. A man-in-the-middle attack can be used to get the contents of these cookies. Cookies that are not marked as http-only can be read by local scripts. In case of an Cross-Site-Scripting (XSS) attack, an attacker is able to read these cookies. Depending on the cookie content, think of enabling both settings for all cookies. This is especially important for session cookies. More details on how to set these two settings can be found in the knowledge database (see Recommendations) Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 97/125 https://crashtest-security.com

Recommendations https://wiki.crashtest-security.com/enable-secure-cookies Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 98/125 https://crashtest-security.com

2.2.7 X-Frame-Options Header Severity Base Score: medium (6.5/10) All values are based on the Common Vulnerability Impact: low (3.6/10) Scoring System v3. Exploitability: low (2.8/10) Description The X-Frame-Options header declares whether this site may be embedded as a frame into other websites. If this header is not configured correctly, your application can be embedded into third party websites which makes it vulner- able for clickjacking attacks. Finding + The X-Frame-Options header is not set for URL https://eaglehillsjordan.com. How to fix Configure the X-Frame-Options header as ’deny’ to prevent it to be embedded at all. The values ’sameorigin’ or ’allow- from DOMAIN’ can be used to allow it to be embedded on certain websites while forbidding embedding on other websites Recommendations https://wiki.crashtest-security.com/enable-security-headers Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 99/125 https://crashtest-security.com

2.2.8 Referrer-Policy Header Severity Base Score: medium (4.3/10) All values are based on the Common Vulnerability Impact: low (1.4/10) Scoring System v3. Exploitability: low (2.8/10) Description The Referrer-Policy header defines how much information about the referrer is sent, when the user clicks on a link. A misconfiguration or missing header may leak sensitive information to third party websites that are visited by the click on a link. Finding + The Referrer-Policy header is not set for URL https://eaglehillsjordan.com. How to fix Set the Referrer-Policy header to a secure value such as ’strict-origin-when-cross-origin’ to overwrite the Referer header with your domain instead of the full path when clicking on external links and keep the Referer for internal links, but only when the connection is not downgraded from HTTPS to HTTP. Recommendations https://wiki.crashtest-security.com/enable-security-headers Crashtest Security GmbH eagle hills jordan | 31 Oct 21 | 22:21 CET Leopoldstr. 21, 80802 München, Germany Page 100/125 https://crashtest-security.com