Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: palstakeaway.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 03 Mar 2015 01:06:19 GMT
Pragma: no-cache
Age: 2
Server: ATS/5.0.1
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: BX=20ka3s5afa28b&b=3&s=hc; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.palstakeaway.com
Set-Cookie: PHPSESSID=47a6139745b99783e1df9a22911b89a1; path=/
X-Pingback: http://palstakeaway.com/xmlrpc.php
GET / HTTP/1.1
Host: palstakeaway.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 03 Mar 2015 01:06:19 GMT
Pragma: no-cache
Age: 2
Server: ATS/5.0.1
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: BX=20ka3s5afa28b&b=3&s=hc; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.palstakeaway.com
Set-Cookie: PHPSESSID=47a6139745b99783e1df9a22911b89a1; path=/
X-Pingback: http://palstakeaway.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: palstakeaway.com
Referer: http://www.google.com/search?q=palstakeaway.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: palstakeaway.com
Referer: http://www.google.com/search?q=palstakeaway.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://www.palstakeaway.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 03 Mar 2015 01:06:16 GMT Pragma: no-cache Age: 4 Location: http://palstakeaway.com/ Server: ATS/5.0.1 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Set-Cookie: BX=6fgu7nlafa288&b=3&s=la; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.palstakeaway.com Set-Cookie: PHPSESSID=14ae682b8f43adf382d9680e759bf021; path=/ X-Pingback: http://palstakeaway.com/xmlrpc.php | clean |
http://palstakeaway.com/ | 200 OK Content-Length: 26242 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://masonry.desandro.com/jquery.masonry.min.js | 404 Not Found Content-Length: 3986 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js | 200 OK Content-Length: 93019 Content-Type: text/javascript | clean |
http://masonry.desandro.com/js/masonry-docs.min.js | 200 OK Content-Length: 36513 Content-Type: application/javascript | clean |
http://masonry.desandro.com/. | 404 Not Found Content-Length: 3986 Content-Type: text/html | clean |
http://masonry.desandro.com/options.html | 200 OK Content-Length: 32446 Content-Type: text/html | clean |
http://masonry.desandro.com/methods.html | 200 OK Content-Length: 30700 Content-Type: text/html | clean |
http://masonry.desandro.com/events.html | 200 OK Content-Length: 10088 Content-Type: text/html | clean |
http://masonry.desandro.com/appendix.html | 200 OK Content-Length: 19242 Content-Type: text/html | clean |
http://masonry.desandro.com/faq.html | 200 OK Content-Length: 17383 Content-Type: text/html | clean |
http://masonry.desandro.com/ | 200 OK Content-Length: 12169 Content-Type: text/html | clean |
http://masonry.desandro.com//cdnjs.cloudflare.com/ajax/libs/masonry/3.2.2/masonry.pkgd.min.js/ | 404 Not Found Content-Length: 3986 Content-Type: text/html | clean |
http://masonry.desandro.com//cdnjs.cloudflare.com/ajax/libs/masonry/3.2.2/masonry.pkgd.min.js/js/masonry-docs.min.js/ | 404 Not Found Content-Length: 3986 Content-Type: text/html | clean |
http://masonry.desandro.com//cdnjs.cloudflare.com/ajax/libs/masonry/3.2.2/masonry.pkgd.min.js/js/masonry-docs.min.js/js/masonry-docs.min.js/ | 404 Not Found Content-Length: 3986 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=palstakeaway.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://palstakeaway.com/
Result: palstakeaway.com is not infected or malware details are not published yet.
Result: palstakeaway.com is not infected or malware details are not published yet.