Scanned pages/files
| Request | Server response | Status |
http://freechildplaces.net/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2592000 Connection: close Date: Thu, 25 Sep 2014 18:40:30 GMT Location: http://www.freechildplaces.net/ Server: nginx/1.6.2 Vary: Accept-Encoding Content-Length: 308 Content-Type: text/html; charset=iso-8859-1 Expires: Sat, 25 Oct 2014 18:40:30 GMT | clean |
http://www.freechildplaces.net/ | 200 OK Content-Length: 7212 Content-Type: text/html | clean |
http://www.freechildplaces.net/jet2holidays | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=2592000 Connection: close Date: Thu, 25 Sep 2014 18:40:32 GMT Location: http://scripts.affiliatefuture.com/AFClick.asp?affiliateID=119390&merchantID=2401&programmeID=9645&mediaID=116928&tracking=301_Free_Child_Places&url=http%3a%2f%2fwww.jet2holidays.com Server: nginx/1.6.2 Vary: Accept-Encoding Content-Length: 483 Content-Type: text/html; charset=iso-8859-1 Expires: Sat, 25 Oct 2014 18:40:32 GMT | clean |
http://scripts.affiliatefuture.com/afclick.asp?affiliateid=119390&merchantid=2401&programmeid=9645&mediaid=116928&tracking=301_free_child_places&url=http%3a%2f%2fwww.jet2holidays.com | HTTP/1.1 200 OK Cache-Control: no-cache Date: Thu, 25 Sep 2014 18:40:34 GMT Pragma: no-cache Server: Microsoft-IIS/7.5 Content-Length: 1827 Content-Type: text/html; charset=utf-8 Expires: -1 P3p: CP="IVA SAM IND NON", policyref="/w3c/p3p.xml" Set-Cookie: ASP.NET_SessionId=nh5dy02copx0mr55e1oxjljm; path=/; HttpOnly Set-Cookie: MP2401=M=2401&P=9645&A=119390&B=116928&C=419081940&R=301_free_child_places&G=be520948-aef2-43d4-8f09-0b846615fbe5; expires=Fri, 24-Oct-2014 23:00:00 GMT; path=/ Set-Cookie: MP2401-119390-9645=D=2014Sep25194034; path=/ Set-Cookie: BIGipServer~UK6-AG1-LBR01-PDM16LBR01~SCRIPTS-AFFILIATEFUTURE-POOL=rd13o00000000000000000000ffff0a540a0bo80; path=/ X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://ad-emea.doubleclick.net/clk;206055128;28649627;m?http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate | HTTP/1.1 302 Found Connection: close Date: Thu, 25 Sep 2014 18:40:34 GMT Location: http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate Server: cafe Content-Length: 0 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.01 P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Set-Cookie: FLC=CP-SJxCb0dQNGNjNoGIgACjBj1owosORoQU; expires=Thu, 25-Sep-2014 18:40:44 GMT; path=/; domain=.doubleclick.net Set-Cookie: id=225b63ca97030078||t=1411670434|et=730|cs=002213fd48ae59ad6267f0d367; expires=Sat, 24-Sep-2016 18:40:34 GMT; path=/; domain=.doubleclick.net X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/ | 200 OK Content-Length: 178132 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/WebResource.axd?d=GEwUWHSfJcXfwsXd9pFtTg8-Lf51D5q5NwLn0oy1b0Jf_QYTKPAyr_UaaxHumK_r8pEkx-x4CBt9VmdvnCo9tWeko7Y1&t=634773866700000000 | 200 OK Content-Length: 178267 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl00_ctl00_ctl02_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken <span>...85 symbols skipped</span> | 200 OK Content-Length: 178416 Content-Type: text/html | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 145774 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof(stlib)=="undefined"){var stlib={}}if(!stlib.functions){stlib.functions=[];stlib.functionCount=0}stlib.global={};stlib.global.hash=document.location.href.split("#");stlib.global.hash.shift();stlib.global.hash=stlib.global.hash.join("#");stlib.dynamicOn=true;stlib.debugOn=false;stlib.debug={count:0,messages:[],debug:function(b,a){if(a&&(typeof console)!="undefined"){console.log(b)}stlib.debug.messages.push(b)},show:function(a){for(message in stlib.debug.messages){if((typeof conso Antivirus reports:
| ||
https://www.dwin1.com/3427.js | 200 OK Content-Length: 15543 Content-Type: application/x-javascript | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Assets/JS/base.js | 200 OK Content-Length: 178149 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Assets/JS/default.aspx | 200 OK Content-Length: 178159 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Assets/JS/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/sum | 200 OK Content-Length: 178214 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Assets/JS/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/default.aspx | 200 OK Content-Length: 178248 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Assets/JS/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/sum | 200 OK Content-Length: 178283 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Assets/JS/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/default.aspx | 200 OK Content-Length: 179619 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Assets/JS/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/sum | 200 OK Content-Length: 179635 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Assets/JS/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/default.aspx | 200 OK Content-Length: 178426 Content-Type: text/html | clean |
http://www.jet2holidays.com?utm_source=site_641407&utm_medium=affiliates&utm_campaign=jet2holidays.com&utm_content=sp28649627&cm_mmc=affiliates-_-jet2holidays.com-_-sp28649627-_-site_641407&referrer=affiliate/Assets/JS/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/deal-finder/beach/10-june-2014/flexibility-7/any/any/any/any/any/any/deal-finder/beach/10-june-2014/flexibility- <span>...98 symbols skipped</span> | 200 OK Content-Length: 178421 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: freechildplaces.net
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=2592000
Connection: close
Date: Thu, 25 Sep 2014 18:40:30 GMT
Location: http://www.freechildplaces.net/
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Length: 308
Content-Type: text/html; charset=iso-8859-1
Expires: Sat, 25 Oct 2014 18:40:30 GMT
...308 bytes of data.
GET / HTTP/1.1
Host: freechildplaces.net
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=2592000
Connection: close
Date: Thu, 25 Sep 2014 18:40:30 GMT
Location: http://www.freechildplaces.net/
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Length: 308
Content-Type: text/html; charset=iso-8859-1
Expires: Sat, 25 Oct 2014 18:40:30 GMT
...308 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: freechildplaces.net
Referer: http://www.google.com/search?q=freechildplaces.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: freechildplaces.net
Referer: http://www.google.com/search?q=freechildplaces.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=freechildplaces.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://freechildplaces.net/
Result: freechildplaces.net is not infected or malware details are not published yet.
Result: freechildplaces.net is not infected or malware details are not published yet.