Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: flash120.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=600
Connection: close
Date: Wed, 23 Jul 2014 21:20:15 GMT
Location: http://www.flash120.com
Server: DNSPod URL V2.0
Content-Length: 0
Expires: Wed, 23 Jul 2014 21:30:15 GMT
...0 bytes of data.
GET / HTTP/1.1
Host: flash120.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=600
Connection: close
Date: Wed, 23 Jul 2014 21:20:15 GMT
Location: http://www.flash120.com
Server: DNSPod URL V2.0
Content-Length: 0
Expires: Wed, 23 Jul 2014 21:30:15 GMT
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: flash120.com
Referer: http://www.google.com/search?q=flash120.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: flash120.com
Referer: http://www.google.com/search?q=flash120.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://flash120.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=600 Connection: close Date: Wed, 23 Jul 2014 21:20:15 GMT Location: http://www.flash120.com Server: DNSPod URL V2.0 Content-Length: 0 Expires: Wed, 23 Jul 2014 21:30:15 GMT | clean |
http://www.flash120.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 23 Jul 2014 21:20:05 GMT Location: portal.php Server: Microsoft-IIS/6.0 Content-Type: text/html X-Powered-By: ASP.NET X-Powered-By: PHP/5.2.17 | clean |
http://www.flash120.com/portal.php | 200 OK Content-Length: 129187 Content-Type: text/html | clean |
http://www.flash120.com/data/cache/common.js?s9B | 200 OK Content-Length: 55624 Content-Type: application/x-javascript | clean |
http://flash120.com/data/cache/portal.js?s9B | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=600 Connection: close Date: Wed, 23 Jul 2014 21:20:26 GMT Location: http://www.flash120.com/data/cache/portal.js?s9B Server: DNSPod URL V2.0 Content-Length: 0 Expires: Wed, 23 Jul 2014 21:30:26 GMT | clean |
http://www.flash120.com/data/cache/portal.js?s9b | 200 OK Content-Length: 9945 Content-Type: application/x-javascript | clean |
http://cpro.baidustatic.com/cpro/ui/c.js | 200 OK Content-Length: 65606 Content-Type: application/x-javascript | clean |
http://cpro.baidustatic.com/cpro/ui/f.js | 200 OK Content-Length: 65606 Content-Type: application/x-javascript | clean |
http://tcss.qq.com/ping.js?v=1VERHASH | 200 OK Content-Length: 8909 Content-Type: application/x-javascript | clean |
http://www.jiasule.com/static/js/stat/picture2_stat.js | 200 OK Content-Length: 387 Content-Type: application/x-javascript | clean |
http://flash120.com/home.php?mod=misc&ac=sendmail&rand=1406150405 | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=600 Connection: close Date: Wed, 23 Jul 2014 21:20:37 GMT Location: http://www.flash120.com/home.php?mod=misc&ac=sendmail&rand=1406150405 Server: DNSPod URL V2.0 Content-Length: 0 Expires: Wed, 23 Jul 2014 21:30:37 GMT | clean |
http://www.flash120.com/home.php?mod=misc&ac=sendmail&rand=1406150405 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://discuz.gtimg.cn/cloud/scripts/discuz_tips.js?v=1 | 200 OK Content-Length: 6173 Content-Type: application/x-javascript | clean |
http://flash120.com/template/veikei_dz_bbs_20121015_pic_color/images/dutu/jquery-1.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=600 Connection: close Date: Wed, 23 Jul 2014 21:20:41 GMT Location: http://www.flash120.com/template/veikei_dz_bbs_20121015_pic_color/images/dutu/jquery-1.js Server: DNSPod URL V2.0 Content-Length: 0 Expires: Wed, 23 Jul 2014 21:30:41 GMT | clean |
http://www.flash120.com/template/veikei_dz_bbs_20121015_pic_color/images/dutu/jquery-1.js | 200 OK Content-Length: 91573 Content-Type: application/x-javascript | clean |
http://flash120.com/template/veikei_dz_bbs_20121015_pic_color/images/dutu/readpic.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=600 Connection: close Date: Wed, 23 Jul 2014 21:20:44 GMT Location: http://www.flash120.com/template/veikei_dz_bbs_20121015_pic_color/images/dutu/readpic.js Server: DNSPod URL V2.0 Content-Length: 0 Expires: Wed, 23 Jul 2014 21:30:44 GMT | clean |
http://www.flash120.com/template/veikei_dz_bbs_20121015_pic_color/images/dutu/readpic.js | 200 OK Content-Length: 28111 Content-Type: application/x-javascript | clean |
http://flash120.com/member.php?mod=logging&action=login&referer= | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=600 Connection: close Date: Wed, 23 Jul 2014 21:20:47 GMT Location: http://www.flash120.com/member.php?mod=logging&action=login&referer= Server: DNSPod URL V2.0 Content-Length: 0 Expires: Wed, 23 Jul 2014 21:30:47 GMT | clean |
http://www.flash120.com/member.php?mod=logging&action=login&referer= | 200 OK Content-Length: 23752 Content-Type: text/html | clean |
http://www.flash120.com/data/cache/md5.js?s9B | 200 OK Content-Length: 5095 Content-Type: application/x-javascript | clean |
http://flash120.com/home.php?mod=misc&ac=sendmail&rand=1406150435 | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=600 Connection: close Date: Wed, 23 Jul 2014 21:20:51 GMT Location: http://www.flash120.com/home.php?mod=misc&ac=sendmail&rand=1406150435 Server: DNSPod URL V2.0 Content-Length: 0 Expires: Wed, 23 Jul 2014 21:30:51 GMT | clean |
http://www.flash120.com/home.php?mod=misc&ac=sendmail&rand=1406150435 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://flash120.com/member.php?mod=register | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=600 Connection: close Date: Wed, 23 Jul 2014 21:20:53 GMT Location: http://www.flash120.com/member.php?mod=register Server: DNSPod URL V2.0 Content-Length: 0 Expires: Wed, 23 Jul 2014 21:30:53 GMT | clean |
http://www.flash120.com/member.php?mod=register | 200 OK Content-Length: 27647 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=flash120.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://flash120.com/
Result: flash120.com is not infected or malware details are not published yet.
Result: flash120.com is not infected or malware details are not published yet.