See: https://urlquery.net/report.php?id=1444506738906
See: https://www.virustotal.com/nl/url/8ffe22707ce852c5075e8d2eeb00527baca87b07d8e053e426aae88ab8306f45/analysis/1444506890/
See: “The malware entry is cached and may not reflect the current status of the domain.”: https://sitecheck.sucuri.net/results/artaderson.com
Server redirect status: Code: 0,
Content cannot be read!
Iframe check:
Suspicious
-http://mcc.godaddy.com/park/oziaoaslmjmvlf5jlab=/fe/nzcdyaevlae5pv5jlab=’
Javascript check:
Suspicious
in:0;“><iframe src=”-http://mcc.godaddy.com/park/oziaoaslmjmvlf5jlab=/fe/nzcdyaevlae5pv5jlab=" style="visibility: visible;height:
uBlock₀ has prevented the following page from loading:
-http://mcc.godaddy.com/park/oziaoaslmjmvlf5jlab=/fe/nzcdyaevlae5pv5jlab=
Because of the following filter
-||mcc.godaddy.com^ → http://toolbar.netcraft.com/site_report/?url=http%3A%2F%2Fmcc.godaddy.com%2Fpark%2Foziaoaslmjmvlf5jlab%3D%2Ffe%2Fnzcdyaevlae5pv5jlab%3D
And issues found here at this scan: https://asafaweb.com/Scan?Url=mcc.godaddy.com
Requested URL: -https://sso.godaddy.com/?app=idp&path=/login.aspx?SPKey=GDP3MCCWEB01&mccUrl=%252fCPDashboard.aspx/&foo= | Response URL: -https://sso.godaddy.com/?app=idp&path=/login.aspx?SPKey=GDP3MCCWEB01&mccUrl=%252fCPDashboard.aspx/&foo= | Page title: LOG IN | HTTP status code: 200 (OK) | Response size: 44,750 bytes (gzip’d) | Duration: 119 ms
Overview
In a web forms site, request validation ensures all requests to the website do not contain a potentially malicious payload. This protects against the likelihood of cross site scripting (XSS) vulnerabilities being exploited on the site.
Result
It looks like request validation has been turned off. Making a request to the site with the malicious URL above is returning the same response body as a legitimate request so the app appears to be accepting the XSS payload in the query string. Request validation is easy to enable, just configure the web.config to ensure “validateRequest” is set to “true” (this is also the default if no setting exists):
Also make sure the individual Page declarations have ValidateRequest set to “true” (this is also the default if no setting exists):
<%@ Page ValidateRequest=“true” %>
Warning: There are legitimate use cases for turning request validation off in some places so be certain you’re not going to break anything before disabling it.
No best practices detected:
HTTP to HTTPS redirect: Warning
Requested URL: -http://mcc.godaddy.com/ | Response URL: -https://sso.godaddy.com/?app=idp&path=%2Flogin.aspx%3FSPKey%3DGDP3MCCWEB01%26mccUrl%3D%252fCPDashboard.aspx | Page title: LOG IN | HTTP status code: 200 (OK) | Response size: 45,798 bytes (gzip’d) | Duration: 1,130 ms
Overview
When a website redirects the user from an HTTP address to an HTTPS one, there is a risk that an attacker could launch a man in the middle attack by intercepting the original HTTP request and returning a malicious response.
Result
The address you entered makes a request using the HTTP scheme but is then redirected by the server to an HTTPS address. Consider user education to ensure the HTTPS address is entered directly into the browser when requesting the site.
polonus (volunteer website security analyst and website error-page)