Is this website with SE redirects in the process of cleansing?

See:

Header returned by request for: http://caravanandcampinguk.com → 195.59.175.167

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=us-ascii
Date: Mon, 23 May 2016 16:35:54 GMT
Connection: close
Set-Cookie: X-Mapping-nmohjcgn=FCBBA59E281F08E01BC149AA9666B892; path=/
Content-Length: 391

Content that was returned by your request for the URL: http://caravanandcampinguk.com

1: < !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"> 2: < HTML> < HEAD> < TITLE> Not Found< /TITLE> 3: < META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"> < /HEAD> 4: < BODY> < h2> Not Found< /h2> 5: < hr> < p> HTTP Error 404. The requested resource is not found.< /p> 6: < /BODY> < !-- pdc-jn-02 : bk node: 154 : --> < !-- [23/May/2016:17:35:54 +0100] --> < /html>
See: http://toolbar.netcraft.com/site_report?url=http://caravanandcampinguk.com See: http://www.dnsinspect.com/caravanandcampinguk.com/1464021683 See: https://whois.domaintools.com/caravanandcampinguk.com

HTML: 222 errors and 52 warnings in 83 lines

The SE redirects found here: http://retire.insecurity.today/#!/scan/e0882fef457e6da0e3041ad02082d6eb02a91a0aa2e36a285863dee33a2514f1

Some links there have 77% insecure IDS tracking.
Ad- and tracking server blocked: -http://d3c3cq33003psk.cloudfront.net/opentag-140768-2175114.js

Re: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fd3c3cq33003psk.cloudfront.net%2Fopentag-140768-2175114.js

pol

On the "cloudfront"code:


script
     info: [decodingLevel=0] found JavaScript
     info: Decoding option navigator.systemLanguage=en and navigator.systemLanguage=zh-cn and browser=IE7/XP and browser=IE8/Vista and browser=Opera and browser=Firefox,      0 bytes
     info: Decoding option navigator.systemLanguage=en and navigator.systemLanguage=zh-cn and browser=IE7/XP and browser=IE8/Vista and browser=Opera and browser=Firefox,      330 bytes
     info: [decodingLevel=1] found JavaScript 

downloading:

//eval this /*** called setInterval with function () {UVListener._initUV();UVListener._resetEventsPush();UVListener._checkForChanges(); }, 500 */  /*** called setTimeout with function () {return fToBind.apply(this instanceof FNOP ? this : oThis, aArgs.concat(Array.prototype.slice.call(arguments))); }, 0 */  

This is javascript’s evil setInterval! should come nativeSet. It is delaying execution code.

To identify what interval or timeout you’re cancelling, you pass into the API a token that is whatever value the call to setInterval or setTimeout returned. And that’s a first reason why setInterval is (mildly) evil: if you lose that token, there is no way you can ever stop that code from running every five seconds until you navigate away from the page. But that is a minor inconvenience, it just means you need to carefully manage your own stuff, right? Well, actually if code that you don’t know or don’t control created that interval, you’re probably in trouble even if you kept your own house real nice and tidy…
Quote from and info credits go to “Tales from the Evil Empire”. Can we trust what runs on that ad & tracking server, I think we cannot.

polonus (volunteer website security analyst and website error-hunter)