Only Google Safebrowsing to flag this PHISH?

Re: http://www.domxssscanner.com/scan?url=http%3A%2F%2Ftarimbulteni.net%2Fcgi-sys%2Fdefaultwebpage.cgi
vuln.: http://retire.insecurity.today/#!/scan/9f5a4756db9d9f1f90b6b0f9fbb3f14a4b00b9672eb0b89e461b2c41a35d9756
flagged with many instances: https://urlquery.net/report/61b339bc-fca1-4ec2-bda7-b43f310752f9
Note! It looks like domain/URL is currently flagged by Google under the Social Engineering (Phishing and Deceptive Sites) category.
Suspiscious - alerts for cloaking, status & blacklist checks: http://isithacked.com/check/tarimbulteni.net%2Fcgi-sys%2Fdefaultwebpage.cgi
Important also to consider the fails and warnings here: https://asafaweb.com/Scan?Url=www.isimtescil.net%2Fdestek.aspx

polonus

More insecurity???

We cannot say the website in question on htxp://www.isimtescil.net/destek.aspx?foo=%3Cscript%3E
is not vulnerable to a form of stack clash because of the stack trace fail.

Stack traces are used during the development process to provide verbose information when a server error occurs. This information can be leveraged to exploit the application as it discloses potentially sensitive information about the internal implementation of the website. Custom errors should be used to keep this information from view.

Result
It looks like a stack trace is being returned as detected by the presence of a “Stack Trace:” entry on the requested URL. Stack traces are particularly dangerous to expose publicly as they may contain code-level information about the page.

It’s easy to hide the stack trace, just configure the web.config to ensure the mode is either “On” or “RemoteOnly”. Also review the custom errors section of this report and ensure there is a valid “defaultRedirect” defined so that custom errors appears as follows:

A·potentially·dangerous·Request.QueryString·value·was·detected·from·the·client·(foo="<script>").
This page has been blocked by the Netcraft Extension for the following reason:

Suspected XSS Attack

Blocked URL: hxtp://www.isimtescil.net/destek.aspx?foo=%3Cscript%3E

[HttpRequestValidationException (0x80004005): A potentially dangerous Request.QueryString value was detected from the client (foo="").] System.Web.HttpRequest.ValidateString(String value, String collectionKey, RequestValidationSource requestCollection) +11984083 System.Web.HttpRequest.ValidateHttpValueCollection(HttpValueCollection collection, RequestValidationSource requestCollection) +221 System.Web.HttpRequest.get_QueryString() +72 System.Web.UI.Page.DeterminePostBackMode() +89 System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +9527 System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +355 System.Web.UI.Page.ProcessRequest() +75 System.Web.UI.Page.ProcessRequest(HttpContext context) +70 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +798 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +91
Consider
void function(char *str) { char buffer[16];

strcpy(buffer,str);
}

void main() {
char large_string[256];
int i;

for( i = 0; i < 255; i++)
large_string[i] = ‘A’;

function(large_string);
}

All which was not performed diectly naturally, only as a pure 3rd party public cold reconnaissance website scan result :wink:
via http://www.rexswain.com/cgi-bin/httpview.cgi?url=http://www.isimtescil.net/destek.aspx%3Ffoo%3D%253Cscript%253E&uag=Mozilla/5.0+(Windows+NT+6.3%3B+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/61.0.3163.100+Safari/537.36&ref=http://www.rexswain.com/httpview.html&aen=&req=GET&ver=1.1&fmt=AUTO

drweb.aspx seems a disallowed entry on this Cyprus website? same fails and warnings here: -https://asafaweb.com/Scan?Url=www.isimtescil.net%2Fadmin%2Fcustomer%2Flogin%2Fsunucu%2FDedicated-Genel-Bilgiler.aspx

This should be addressed however: https://github.com/jquery/jquery/issues/2432

and then there are errors here: wxw.isimtescil.net/scripts/jquery.poshytip.js

status: (referer=www.isimtescil.net/destek.aspx?) info: [decodingLevel=0] found JavaScript error: undefined variable jQuery error: undefined variable $.browser error: line:1: SyntaxError: missing ; before statement: error: line:1: var $.browser = 1; error: line:1: ....^
Never to use $ with an invalid argument, no matter what version is being used. Throws a reference error in strict mode - info credits should go to Mozilla developer web docs' : jameshkramer

polonus (volunteer website security analyst and website error-hunter)