Scan your site now

Security Report Summary
E
Site:
Scanned Site(s):
1
IP Address:
172.67.169.26
Report Time:
05 Dec 2020 14:05:42 UTC
Checks:
Iframe Sandboxing
Crossorigin
Integrity
Link Referrer
Link Opener
Unsafe Resource
Password Pattern
Unsafe Meta
Csrf Tokens
Enabled Debugging
Warning:
Please have a look at the security issues / warnings in the report.
Security Issues
Unsafe Resource
If a resource is loaded over src="http://...", it may not be transmitted over the TLS protocol. In case the webpage is loaded over HTTPS, this results in a mixed content situation where the page is securely loaded but has unencrypted resources embedded. This will often lead to a mixed-content browser warning, but at the time this is reported, it is most likely to late and the attack could have already succeeded.
  • <img alt="ERP Software & Apps Development Company Qatar" src="http://www.stimes.qa/wp-content/uploads/2019/03/stimeslogo.png"></img>[https://www.stimes.qa/]
  • <img alt="ERP Software & Apps Development Company Qatar" src="http://www.stimes.qa/wp-content/uploads/2019/03/stimeslogo.png"></img>[https://www.stimes.qa/]
Crossorigin
The crossorigin="anonymous" attribute should always be added to external ressources so no user credentials are transmitted. By loading external files with a GET request, http user credentials are exchanged by default. If the source host is corrupted, an attacker could these details for attacks.
  • <script async="" id="google_gtagjs-js" src="https://www.googletagmanager.com/gtag/js?id=UA-135896901-1" type="13d3a8751abc566cd30c0db6-text/javascript"></script>[https://www.stimes.qa/]
  • <script async="" src="https://www.googletagmanager.com/gtag/js?id=UA-135896901-1" type="13d3a8751abc566cd30c0db6-text/javascript"></script>[https://www.stimes.qa/]
  • <script async="" src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js" type="13d3a8751abc566cd30c0db6-text/javascript"></script>[https://www.stimes.qa/]
  • <script data-cf-settings="13d3a8751abc566cd30c0db6-|49" defer="" src="https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js"></script>[https://www.stimes.qa/]
  • <link href="https://gmpg.org/xfn/11" rel="profile"></link>[https://www.stimes.qa/]
  • <link href="//www.googletagmanager.com" rel="dns-prefetch"></link>[https://www.stimes.qa/]
  • <link href="//fonts.googleapis.com" rel="dns-prefetch"></link>[https://www.stimes.qa/]
  • <link href="//s.w.org" rel="dns-prefetch"></link>[https://www.stimes.qa/]
  • <link href="https://fonts.googleapis.com/css?family=Fira+Sans%3A200%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C700%2C800%2C900&ver=5.5.3" id="cynic-font0-css" media="all" rel="stylesheet" type="text/css"></link>[https://www.stimes.qa/]
  • <link href="https://fonts.googleapis.com/css?family=Hind+Vadodara%3A200%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C700%2C800%2C900&ver=5.5.3" id="cynic-font1-css" media="all" rel="stylesheet" type="text/css"></link>[https://www.stimes.qa/]
Integrity
The integrity="sha256-..." attribute should always be added to external file hosted on another domain, because an unexpected manipulation / corruption of the code can lead to session hijacking or similar script releated attacks.
  • <script async="" id="google_gtagjs-js" src="https://www.googletagmanager.com/gtag/js?id=UA-135896901-1" type="13d3a8751abc566cd30c0db6-text/javascript"></script>[https://www.stimes.qa/]
  • <script async="" src="https://www.googletagmanager.com/gtag/js?id=UA-135896901-1" type="13d3a8751abc566cd30c0db6-text/javascript"></script>[https://www.stimes.qa/]
  • <script async="" src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js" type="13d3a8751abc566cd30c0db6-text/javascript"></script>[https://www.stimes.qa/]
  • <script data-cf-settings="13d3a8751abc566cd30c0db6-|49" defer="" src="https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js"></script>[https://www.stimes.qa/]
  • <link href="https://gmpg.org/xfn/11" rel="profile"></link>[https://www.stimes.qa/]
  • <link href="//www.googletagmanager.com" rel="dns-prefetch"></link>[https://www.stimes.qa/]
  • <link href="//fonts.googleapis.com" rel="dns-prefetch"></link>[https://www.stimes.qa/]
  • <link href="//s.w.org" rel="dns-prefetch"></link>[https://www.stimes.qa/]
  • <link href="https://fonts.googleapis.com/css?family=Fira+Sans%3A200%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C700%2C800%2C900&ver=5.5.3" id="cynic-font0-css" media="all" rel="stylesheet" type="text/css"></link>[https://www.stimes.qa/]
  • <link href="https://fonts.googleapis.com/css?family=Hind+Vadodara%3A200%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C700%2C800%2C900&ver=5.5.3" id="cynic-font1-css" media="all" rel="stylesheet" type="text/css"></link>[https://www.stimes.qa/]
Link Referrer
The rel="noreferrer" attribute should always be added to external links to prevent reverse tabnabbing for older browser, which do not support the rel="noopener" attribute and to prevent phishing attacks.
  • <a class="video-play-btn video-popup" href="https://youtu.be/yk2bT_JezRE" rel="noopener" target="_blank"> <i class="fas fa-play"></i> </a>[https://www.stimes.qa/]
  • <a href="http://www.encon-engineering.com/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Encon-Engineering.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Encon Engineering"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Encon-Engineering.png" title="Encon Engineering"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://www.qatarprojects.info/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Qatar-Projects-Oil-Gas.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Qatar Projects Oil & Gas"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Qatar-Projects-Oil-Gas.png" title="Qatar Projects Oil & Gas"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="http://tanareefa.com/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Tanareefa.jpg" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Tanareefa"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Tanareefa.jpg" title="Tanareefa"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://www.challengegroup-qatar.com/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Challenge-Group.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Challenge Group"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Challenge-Group.png" title="Challenge Group"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="http://aldeewanqatar.com/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/AL-Deewan-Energy-Services.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="AL Deewan Energy & Services"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/AL-Deewan-Energy-Services.png" title="AL Deewan Energy & Services"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="http://www.avenuegroupwll.com" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Avenue-Group.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Avenue Group"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Avenue-Group.png" title="Avenue Group"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="http://hebcongroup.com/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Hebron-Engineering.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Hebron Engineering"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Hebron-Engineering.png" title="Hebron Engineering"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://www.group10qa.com/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Group-10.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Group 10"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Group-10.png" title="Group 10"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="http://www.najwa.com/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/AL-Najwa.jpg" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="AL Najwa"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/AL-Najwa.jpg" title="AL Najwa"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://www.confidententerprises.com/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Confident-Enterprises.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Confident-Enterprises"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Confident-Enterprises.png" title="Confident-Enterprises"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://outlookgroup.com.qa/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/OutLook-Contracting.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="OutLook Contracting"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/OutLook-Contracting.png" title="OutLook Contracting"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://www.gulfarentacar.com/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Gulf-Rent-A-Car.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Gulf Rent A Car"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Gulf-Rent-A-Car.png" title="Gulf Rent A Car"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://fss.qa/" rel="noopener" target="_blank"> <img alt="" class="wp-post-image lazyload" data-src="https://www.stimes.qa/wp-content/uploads/2019/12/Force-Security-Service.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Force Security Service"></img><noscript><img alt="" class="wp-post-image" src="https://www.stimes.qa/wp-content/uploads/2019/12/Force-Security-Service.png" title="Force Security Service"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://twitter.com/stimesqa"> <i class="fab fa-twitter"></i> </a>[https://www.stimes.qa/]
  • <a href="https://www.facebook.com/stimesqa"> <i class="fab fa-facebook"></i> </a>[https://www.stimes.qa/]
  • <a class=" sficn" data-effect="" href="https://www.facebook.com/stimesqa/" id="sfsiid_facebook" style="opacity:1" target="_blank"><img alt="Facebook" class="sfcm sfsi_wicon lazyload" data-effect="" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png" height="40" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="" title="Facebook" width="40"></img><noscript><img alt="Facebook" class="sfcm sfsi_wicon " data-effect="" data-pin-nopin="true" height="40" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png" style="" title="Facebook" width="40"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://www.facebook.com/stimesqa/" target="_blank"><img alt="Facebook" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/facebook.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Facebook"></img><noscript><img alt="Facebook" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/facebook.png" title="Facebook"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.stimes.qa%2F" style="display:inline-block;" target="_blank"> <img alt="fb-share-icon" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/fbshare_bck.png" height="auto" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Facebook Share" width="auto"></img><noscript><img alt="fb-share-icon" class="sfsi_wicon" data-pin-nopin="true" height="auto" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/fbshare_bck.png" title="Facebook Share" width="auto"></img></noscript></a>[https://www.stimes.qa/]
  • <a class=" sficn" data-effect="" href="https://twitter.com/stimesqa" id="sfsiid_twitter" style="opacity:1" target="_blank"><img alt="Twitter" class="sfcm sfsi_wicon lazyload" data-effect="" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png" height="40" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="" title="Twitter" width="40"></img><noscript><img alt="Twitter" class="sfcm sfsi_wicon " data-effect="" data-pin-nopin="true" height="40" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png" style="" title="Twitter" width="40"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://twitter.com/stimesqa" target="_blank"><img alt="Visit Us" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/twitter.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Visit Us"></img><noscript><img alt="Visit Us" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/twitter.png" title="Visit Us"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://twitter.com/intent/user?screen_name=stimesqa" target="_blank"> <img alt="Follow Me" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Follow.svg" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="opacity: 1;" title="Follow Me" width="auto"></img><noscript><img alt="Follow Me" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Follow.svg" style="opacity: 1;" title="Follow Me" width="auto"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://twitter.com/intent/tweet?text=Hey%2C+check+out+this+cool+site+I+found%3A+www.stimes.qa+%23Topic+via%40my_twitter_name+https://www.stimes.qa/" style="display:inline-block" target="_blank"> <img alt="Tweet" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Tweet.svg" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Tweet" width="auto"></img><noscript><img alt="Tweet" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Tweet.svg" title="Tweet" width="auto"></img></noscript> </a>[https://www.stimes.qa/]
  • <a class=" sficn" data-effect="" href="https://www.linkedin.com/company/stimes-technologies-wll" id="sfsiid_linkedin" style="opacity:1" target="_blank"><img alt="LinkedIn" class="sfcm sfsi_wicon lazyload" data-effect="" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png" height="40" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="" title="LinkedIn" width="40"></img><noscript><img alt="LinkedIn" class="sfcm sfsi_wicon " data-effect="" data-pin-nopin="true" height="40" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png" style="" title="LinkedIn" width="40"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://www.linkedin.com/company/stimes-technologies-wll" target="_blank"><img alt="LinkedIn" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/linkedIn.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="LinkedIn"></img><noscript><img alt="LinkedIn" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/linkedIn.png" title="LinkedIn"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.stimes.qa%2F" target="_blank"><img alt="Share" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/lnkdin_share_bck.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Share"></img><noscript><img alt="Share" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/lnkdin_share_bck.png" title="Share"></img></noscript></a>[https://www.stimes.qa/]
  • <a class=" sficn" data-effect="" href="https://www.instagram.com/stimesqa" id="sfsiid_instagram" style="opacity:1" target="_blank"><img alt="Instagram" class="sfcm sfsi_wicon lazyload" data-effect="" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png" height="40" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="" title="Instagram" width="40"></img><noscript><img alt="Instagram" class="sfcm sfsi_wicon " data-effect="" data-pin-nopin="true" height="40" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png" style="" title="Instagram" width="40"></img></noscript></a>[https://www.stimes.qa/]
Link Opener
The rel="noopener" attribute should always be added to external links, which open in a new tab, to reduce the risk of reverse tabnabbing. Otherwise javascript on the new page has full control over the previous visited page, including permission to change the DOM object and possibly steal session cookies.
  • <a class=" sficn" data-effect="" href="https://www.facebook.com/stimesqa/" id="sfsiid_facebook" style="opacity:1" target="_blank"><img alt="Facebook" class="sfcm sfsi_wicon lazyload" data-effect="" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png" height="40" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="" title="Facebook" width="40"></img><noscript><img alt="Facebook" class="sfcm sfsi_wicon " data-effect="" data-pin-nopin="true" height="40" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_facebook.png" style="" title="Facebook" width="40"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://www.facebook.com/stimesqa/" target="_blank"><img alt="Facebook" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/facebook.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Facebook"></img><noscript><img alt="Facebook" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/facebook.png" title="Facebook"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.stimes.qa%2F" style="display:inline-block;" target="_blank"> <img alt="fb-share-icon" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/fbshare_bck.png" height="auto" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Facebook Share" width="auto"></img><noscript><img alt="fb-share-icon" class="sfsi_wicon" data-pin-nopin="true" height="auto" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/fbshare_bck.png" title="Facebook Share" width="auto"></img></noscript></a>[https://www.stimes.qa/]
  • <a class=" sficn" data-effect="" href="https://twitter.com/stimesqa" id="sfsiid_twitter" style="opacity:1" target="_blank"><img alt="Twitter" class="sfcm sfsi_wicon lazyload" data-effect="" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png" height="40" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="" title="Twitter" width="40"></img><noscript><img alt="Twitter" class="sfcm sfsi_wicon " data-effect="" data-pin-nopin="true" height="40" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_twitter.png" style="" title="Twitter" width="40"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://twitter.com/stimesqa" target="_blank"><img alt="Visit Us" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/twitter.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Visit Us"></img><noscript><img alt="Visit Us" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/twitter.png" title="Visit Us"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://twitter.com/intent/user?screen_name=stimesqa" target="_blank"> <img alt="Follow Me" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Follow.svg" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="opacity: 1;" title="Follow Me" width="auto"></img><noscript><img alt="Follow Me" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Follow.svg" style="opacity: 1;" title="Follow Me" width="auto"></img></noscript> </a>[https://www.stimes.qa/]
  • <a href="https://twitter.com/intent/tweet?text=Hey%2C+check+out+this+cool+site+I+found%3A+www.stimes.qa+%23Topic+via%40my_twitter_name+https://www.stimes.qa/" style="display:inline-block" target="_blank"> <img alt="Tweet" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Tweet.svg" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Tweet" width="auto"></img><noscript><img alt="Tweet" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/en_US_Tweet.svg" title="Tweet" width="auto"></img></noscript> </a>[https://www.stimes.qa/]
  • <a class=" sficn" data-effect="" href="https://www.linkedin.com/company/stimes-technologies-wll" id="sfsiid_linkedin" style="opacity:1" target="_blank"><img alt="LinkedIn" class="sfcm sfsi_wicon lazyload" data-effect="" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png" height="40" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="" title="LinkedIn" width="40"></img><noscript><img alt="LinkedIn" class="sfcm sfsi_wicon " data-effect="" data-pin-nopin="true" height="40" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_linkedin.png" style="" title="LinkedIn" width="40"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://www.linkedin.com/company/stimes-technologies-wll" target="_blank"><img alt="LinkedIn" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/linkedIn.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="LinkedIn"></img><noscript><img alt="LinkedIn" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/linkedIn.png" title="LinkedIn"></img></noscript></a>[https://www.stimes.qa/]
  • <a href="https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.stimes.qa%2F" target="_blank"><img alt="Share" class="sfsi_wicon lazyload" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/lnkdin_share_bck.png" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" title="Share"></img><noscript><img alt="Share" class="sfsi_wicon" data-pin-nopin="true" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/visit_icons/lnkdin_share_bck.png" title="Share"></img></noscript></a>[https://www.stimes.qa/]
  • <a class=" sficn" data-effect="" href="https://www.instagram.com/stimesqa" id="sfsiid_instagram" style="opacity:1" target="_blank"><img alt="Instagram" class="sfcm sfsi_wicon lazyload" data-effect="" data-pin-nopin="true" data-src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png" height="40" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" style="" title="Instagram" width="40"></img><noscript><img alt="Instagram" class="sfcm sfsi_wicon " data-effect="" data-pin-nopin="true" height="40" src="https://www.stimes.qa/wp-content/plugins/ultimate-social-media-icons/images/icons_theme/default/default_instagram.png" style="" title="Instagram" width="40"></img></noscript></a>[https://www.stimes.qa/]
Warnings
Unsafe Meta
The <meta name="generator" content="WordPress x.x"></meta> and the <meta content="deny" http-equiv="X-Frame-Options"></meta> meta-tags should always be removed from the html body since the generator tag provides critical informations about the used CMS and the X-Frame-Options must be specified as HTTP Headers and not as a meta tag. Most browser will ignore the meta tag, which can lead to unintended misbehaviour.
  • <meta content="WordPress 5.5.3" name="generator"></meta>[https://www.stimes.qa/]
  • <meta content="Site Kit by Google 1.21.0" name="generator"></meta>[https://www.stimes.qa/]
  • <meta content="Powered by WPBakery Page Builder - drag and drop page builder for WordPress." name="generator"></meta>[https://www.stimes.qa/]
  • <meta content="Powered by Slider Revolution 5.4.7.3 - responsive, Mobile-Friendly Slider Plugin for WordPress with comfortable drag and drop interface." name="generator"></meta>[https://www.stimes.qa/]
Additional Information
Iframe Sandboxing
The sandbox="" attribute should always be added to iframes with untrusted or third-party sources. The attribute enables different types of iframe content restrictions like script or form execution.
Crossorigin
The crossorigin="anonymous" attribute should always be added to external ressources so no user credentials are transmitted. By loading external files with a GET request, http user credentials are exchanged by default. If the source host is corrupted, an attacker could these details for attacks.
Integrity
The integrity="sha256-..." attribute should always be added to external file hosted on another domain, because an unexpected manipulation / corruption of the code can lead to session hijacking or similar script releated attacks.
Link Opener
The rel="noopener" attribute should always be added to external links, which open in a new tab, to reduce the risk of reverse tabnabbing. Otherwise javascript on the new page has full control over the previous visited page, including permission to change the DOM object and possibly steal session cookies.
Link Referrer
The rel="noreferrer" attribute should always be added to external links to prevent reverse tabnabbing for older browser, which do not support the rel="noopener" attribute and to prevent phishing attacks.
Unsafe Resource
If a resource is loaded over src="http://...", it may not be transmitted over the TLS protocol. In case the webpage is loaded over HTTPS, this results in a mixed content situation where the page is securely loaded but has unencrypted resources embedded. This will often lead to a mixed-content browser warning, but at the time this is reported, it is most likely to late and the attack could have already succeeded.
Password Pattern
The pattern="..." attribute should always be added to password fields, since a client-side password strength can not be enforced by JavaScript, if the user has disabled scripts in his browser. Make sure to perform a second check at sever-side.
Unsafe Meta
The <meta name="generator" content="WordPress x.x"></meta> and the <meta content="deny" http-equiv="X-Frame-Options"></meta> meta-tags should always be removed from the html body since the generator tag provides critical informations about the used CMS and the X-Frame-Options must be specified as HTTP Headers and not as a meta tag. Most browser will ignore the meta tag, which can lead to unintended misbehaviour.
Csrf Tokens
Cross-site request forgery, also known as one-click attack or session riding, is a type of malicious exploit of a website where unauthorized commands are transmitted from a authenticated user on the web application. One way of performing such an attack is to observe the HTML code of a website for session tokens like in <input> tags, which should never be stored inside of the HTML-document.
Enabled Debugging
If the debugging is enabled on a production server, it may give an agressor valuable informations about the inner structure of a web application. These can be used to find vulnerabilities for injections or other type of attacks. Therefore, debugging should always be disabled.
Scanned URL(s)
Stimes Technologies - Best ERP Software Company Doha, Qatar | Android & IOS Apps | Web Development