Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
GoDaddy abuse - insecure website with SE redirect!
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: GoDaddy abuse - insecure website with SE redirect! (Read 1217 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34053
malware fighter
GoDaddy abuse - insecure website with SE redirect!
«
on:
October 04, 2016, 05:36:15 PM »
See:
http://killmalware.com/phodc.com/
SE visitors redirects via cashparking dot com.
Visitors from search engines are redirected
to: hxtp://top-24h-can-store.com/redirect.php?z=vi*gr*
346 sites infected with redirects to this URL (at mentioned site ongoing since 21 days!).
2 vulnerable libraries detected:
http://retire.insecurity.today/#!/scan/d08cef04a14455c49c18e004a2d615e3ab657c90964589d7354efdf111cc5572
DOM XSS insecurities:
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fphodc.com%2F
Here we see there is parking se redirecting:
https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fphod.com&ref_sel=GSP2&ua_sel=ff&fs=1
via iframe src=hxxp://mcc.godaddy.com/park/D1IPHF5DDyb=/fe/nzcdYaEvLaE5pv5jLab=" style="visibility: visible;height: 100%; position:absolute" allowtransparency="true" marginheight="0" marginwidth="0" frameborder="0" width="100%"
which ad- and tracking server is being blocked for us by uBlock₀ prevent the following page from loading:
hxtp://mcc.godaddy.com/park/D1IPHF5DDyb=/fe/nzcdYaEvLaE5pv5jLab
Because of the filter ||mcc.godaddy.com^
More insecurity:
https://observatory.mozilla.org/analyze.html?host=phodc.com
More insecurity DNS:
http://www.dnsinspect.com/phod.com/1475594471
Re:
http://toolbar.netcraft.com/site_report?url=http://phod.com
pol
P.S. Cash parking does not seem to be a very elegant revenue scheme under all circumstances, to say the least,
read:
http://verybig.org/beware-godaddy-cash-parking/
D
«
Last Edit: October 04, 2016, 06:24:31 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
GoDaddy abuse - insecure website with SE redirect!