Site once hacked now parked by GoDaddy and being abused!

See the iFrame:
What webpage after a hack encountered this fate: http://killmalware.com/eatonhealthy.com/#
Let’s see how it now earns for mcc dot godaddy dot com “from the grave”, and also in an insecure way:

-http://eatonhealthy.com/
Detected libraries:
jquery - 1.3.1 : (active1) -http://ak2.imgaft.com/script/jquery-1.3.1.min.js
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
(active) - the library was also found to be active by running code
1 vulnerable library detected

Scanner output:
Scanning -http://eatonhealthy.com/
Status: success
Script loaded: -http://www.google.com/adsense/domains/caf.js (starts downloading right away)
Script loaded: -http://ak2.imgaft.com/script/jquery-1.3.1.min.js *
Detected library: jquery - 1.3.1
Load time: 2485ms

  • containing viruses and malcode, blocked by Bitdefender TrafficLight

Let us scan the park address: http://mcc.godaddy.com/park/pz5aLzS1pz55M3IfYaOvrt==
Detected libraries:
jquery - 1.3.1 : (active1) -http://ak2.imgaft.com/script/jquery-1.3.1.min.js *
Info: Severity: medium
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969
http://research.insecurelabs.org/jquery/test/
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
(active) - the library was also found to be active by running code
1 vulnerable library detected

Scanner output:
Scanning -http://mcc.godaddy.com/park/pz5aLzS1pz55M3IfYaOvrt==
Status: success
Script loaded: -http://www.google.com/adsense/domains/caf.js
Script loaded: -http://ak2.imgaft.com/script/jquery-1.3.1.min.js
Detected library: jquery - 1.3.1
Load time: 1718ms

Good uMatrix blocks this: uMatrix heeft voorkomen dat de volgende pagina werd geladen:
-http://mcc.godaddy.com/park/pz5aLzS1pz55M3IfYaOvrt==%20Detected%20libraries:%20jquery%20-%201.3.1%20:%20(active1)%20http://ak2.imgaft.com/script/jquery-1.3.1.min.js%20Info:%20Severity:%20medium%20http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969%20http://research.insecurelabs.org/jquery/test/%20Info:%20Severity:%20medium%20http://bugs.jquery.com/ticket/11290%20http://research.insecurelabs.org/jquery/test/%20(active)%20-%20the%20library%20was%20also%20found%20to%20be%20active%20by%20running%20code%201%20vulnerable%20library%20detected%20%20Scanner%20output:%20Scanning%20http://mcc.godaddy.com/park/pz5aLzS1pz55M3IfYaOvrt==%20...%20Status:%20success%20Script%20loaded:%20http://www.google.com/adsense/domains/caf.js%20Script%20loaded:%20http://ak2.imgaft.com/script/jquery-1.3.1.min.js%20Detected%20library:%20jquery%20-%201.3.1%20Load%20time:%201718ms

Shun GoDaddy parked websites, my friends, they’re may be full of crap, when the original owners did not reclaim them.

polonus