Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: onsight.hr
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Connection: close
Date: Wed, 10 Sep 2014 08:29:28 GMT
Location: http://www.onsight.hr/
Server: Apache
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: PH_HPXY_CHECK=s1; path=/
...230 bytes of data.
GET / HTTP/1.1
Host: onsight.hr
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Connection: close
Date: Wed, 10 Sep 2014 08:29:28 GMT
Location: http://www.onsight.hr/
Server: Apache
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: PH_HPXY_CHECK=s1; path=/
...230 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: onsight.hr
Referer: http://www.google.com/search?q=onsight.hr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: onsight.hr
Referer: http://www.google.com/search?q=onsight.hr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://onsight.hr/ | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 10 Sep 2014 08:29:28 GMT Location: http://www.onsight.hr/ Server: Apache Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: PH_HPXY_CHECK=s1; path=/ | clean |
http://www.onsight.hr/ | 200 OK Content-Length: 38653 Content-Type: text/html | clean |
http://www.onsight.hr/cache/template/js.php?id=d986a56a2db00204b5fa0be70ff6429d | 200 OK Content-Length: 90518 Content-Type: application/x-javascript | clean |
http://onsight.hr/plugins/system/jcemediabox/js/jcemediabox.js?v=1017 | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 10 Sep 2014 08:29:31 GMT Location: http://www.onsight.hr/plugins/system/jcemediabox/js/jcemediabox.js?v=1017 Server: Apache Content-Length: 281 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: PH_HPXY_CHECK=s1; path=/ X-Pad: avoid browser bug | clean |
http://www.onsight.hr/plugins/system/jcemediabox/js/jcemediabox.js?v=1017 | 200 OK Content-Length: 43393 Content-Type: application/javascript | clean |
http://onsight.hr/plugins/system/jcemediabox/js/mediaobject.js?v=1017 | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 10 Sep 2014 08:29:32 GMT Location: http://www.onsight.hr/plugins/system/jcemediabox/js/mediaobject.js?v=1017 Server: Apache Content-Length: 281 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: PH_HPXY_CHECK=s1; path=/ X-Pad: avoid browser bug | clean |
http://www.onsight.hr/plugins/system/jcemediabox/js/mediaobject.js?v=1017 | 200 OK Content-Length: 3119 Content-Type: application/javascript | clean |
http://onsight.hr/plugins/system/jcemediabox/addons/default.js?v=1017 | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 10 Sep 2014 08:29:32 GMT Location: http://www.onsight.hr/plugins/system/jcemediabox/addons/default.js?v=1017 Server: Apache Content-Length: 281 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: PH_HPXY_CHECK=s1; path=/ X-Pad: avoid browser bug | clean |
http://www.onsight.hr/plugins/system/jcemediabox/addons/default.js?v=1017 | 200 OK Content-Length: 1814 Content-Type: application/javascript | clean |
http://onsight.hr/cache/template/js.php?id=280d9f2e645bd4375ab68b1e40a9666c | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 10 Sep 2014 08:29:33 GMT Location: http://www.onsight.hr/cache/template/js.php?id=280d9f2e645bd4375ab68b1e40a9666c Server: Apache Content-Length: 287 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: PH_HPXY_CHECK=s1; path=/ | clean |
http://www.onsight.hr/cache/template/js.php?id=280d9f2e645bd4375ab68b1e40a9666c | 200 OK Content-Length: 119141 Content-Type: application/x-javascript | clean |
http://onsight.hr/cache/template/js.php?id=3cb13e9b7ad88a8dbc2d2f72fbeb9f8c | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 10 Sep 2014 08:29:34 GMT Location: http://www.onsight.hr/cache/template/js.php?id=3cb13e9b7ad88a8dbc2d2f72fbeb9f8c Server: Apache Content-Length: 287 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: PH_HPXY_CHECK=s1; path=/ | clean |
http://www.onsight.hr/cache/template/js.php?id=3cb13e9b7ad88a8dbc2d2f72fbeb9f8c | 200 OK Content-Length: 1072 Content-Type: application/x-javascript | clean |
http://www.onsight.hr/plugins/content/mavikthumbnails/slimbox/js/slimbox.js | 200 OK Content-Length: 7073 Content-Type: application/javascript | clean |
http://onsight.hr/cache/template/js.php?id=80c5a23555611ed4a10e8c2b6d8f8759 | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 10 Sep 2014 08:29:34 GMT Location: http://www.onsight.hr/cache/template/js.php?id=80c5a23555611ed4a10e8c2b6d8f8759 Server: Apache Content-Length: 287 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: PH_HPXY_CHECK=s1; path=/ | clean |
http://www.onsight.hr/cache/template/js.php?id=80c5a23555611ed4a10e8c2b6d8f8759 | 200 OK Content-Length: 17650 Content-Type: application/x-javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 163528 Content-Type: application/x-javascript | clean |
http://apis.google.com/js/plusone.js | 200 OK Content-Length: 12387 Content-Type: application/javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 100803 Content-Type: application/javascript | clean |
http://onsight.hr/hr/o-nama-tko-smo-i-sto-smo/kontakt-posaljite-nam-svoj-upit | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 10 Sep 2014 08:29:36 GMT Location: http://www.onsight.hr/hr/o-nama-tko-smo-i-sto-smo/kontakt-posaljite-nam-svoj-upit Server: Apache Content-Length: 289 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: PH_HPXY_CHECK=s1; path=/ | clean |
http://www.onsight.hr/hr/o-nama-tko-smo-i-sto-smo/kontakt-posaljite-nam-svoj-upit | 200 OK Content-Length: 30465 Content-Type: text/html | clean |
http://www.onsight.hr/cache/template/js.php?id=752ab0f2bc8ec10053bfe6a06adc7c15 | 200 OK Content-Length: 2340 Content-Type: application/x-javascript | clean |
http://onsight.hr/index.php | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 10 Sep 2014 08:29:37 GMT Location: http://www.onsight.hr/index.php Server: Apache Content-Length: 239 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: PH_HPXY_CHECK=s1; path=/ | clean |
http://www.onsight.hr/index.php | 200 OK Content-Length: 38674 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=onsight.hr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://onsight.hr/
Result: onsight.hr is not infected or malware details are not published yet.
Result: onsight.hr is not infected or malware details are not published yet.