See: -http://hidetoday.com/
with GoDaddy abuse at myhostadmin.net: http://toolbar.netcraft.com/site_report?url=http://www.myhostadmin.net
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
See: https://asafaweb.com/Scan?Url=hidetoday.com
On site in Chinese
Sorry, the site is temporarily unavailable
Sorry, the site now can not be accessed.
Site may be due to one of the following reasons preventing access to:
Domain name is not binding, the site expired and other reasons (excessive space, excessive traffic, domain name is not the record, the domain name for the record to be written off, etc.) are off the system.
Please contact the site administrator, login to your control panel to view detailed reasons.
Go to Control Panel
Result
The address you entered is unnecessarily exposing the following response headers which divulge its choice of web platform:
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Result
It looks like a cookie is being set without the “HttpOnly” flag being set (name : value):
ASPSESSIONIDCADQTQBC : CMHOLAABNHLKIHAEBCLCAEKC
Unless the cookie legitimately needs to be read by JavaScript on the client, the “HttpOnly” flag should always be set to ensure it cannot be read by the client and used in an XSS attack.
What about
<script type="text/javascript"> document.write('<scr'+'ipt lang'+'uage="javas'+'cript" src="/config/note_load.asp?hostname=&t=23552.03"></scr'+'ipt>'); </script>
In this way one assumes the script gains non blocking javascript loading,
actually this splitting a script tag in a JS string into a pair of concatenated strings is pointless bloat. Info credits go to Stackoverflow’s Quentin.
polonus (volunteer website security analyst and website error-hunter)