Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jipiao.59706.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://jipiao.59706.com/ | 200 OK Content-Length: 34037 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 59706.com ...[756 bytes skipped]... ript src="/Scripts/DatePicker/WdatePicker.js" type="text/javascript"></script> <script src="/Scripts/DownDiv/Flight.City.js" type="text/javascript"></script> <script src="/Scripts/DownDiv/Flight.Common.js" type="text/javascript"></script> <script src="/Scripts/DownDiv/Flight.Suggest.js" type="text/javascript"></script> <meta name="description" content="æ游ç½(59706.com)å½å æºç¥¨é¢é为æ¨æä¾å½å ä½ä»·å¯é çç¹ä»·æºç¥¨æ¥è¯¢ãé¢è®¢ï¼å æ¬æ¥ç§èªç©ºãåèªãå½èªãä¸èªãæµ·èªãå·èªãä¸æµ·èªç©ºãå¦é¨èªç©ºãå±±ä¸èªç©ºç1-5æç¹ä»·æºç¥¨ã" /><meta name="keywords" content="æºç¥¨æ¥è¯¢,ç¹ä»·æºç¥¨,æææºç¥¨,èªçæ¥è¯¢,æºç¥¨é¢è®¢" /></head> <body> <form name="form1" method="post" action="/" id="form1"> <div> <input type="hidden" name="__VIEWS ...[3036 bytes skipped]... | ||
http://jipiao.59706.com/Scripts/jquery-1.4.4.min.js | 200 OK Content-Length: 79511 Content-Type: application/x-javascript | clean |
http://jipiao.59706.com/Scripts/Public.js | 200 OK Content-Length: 552 Content-Type: application/x-javascript | clean |
http://jipiao.59706.com/Scripts/Check.js | 200 OK Content-Length: 5736 Content-Type: application/x-javascript | clean |
http://jipiao.59706.com/Scripts/DatePicker/WdatePicker.js | 200 OK Content-Length: 8315 Content-Type: application/x-javascript | clean |
http://jipiao.59706.com/Scripts/DownDiv/Flight.City.js | 200 OK Content-Length: 74082 Content-Type: application/x-javascript | clean |
http://jipiao.59706.com/Scripts/DownDiv/Flight.Common.js | 200 OK Content-Length: 5410 Content-Type: application/x-javascript | clean |
http://jipiao.59706.com/Scripts/DownDiv/Flight.Suggest.js | 200 OK Content-Length: 27799 Content-Type: application/x-javascript | clean |
http://cpro.baidustatic.com/cpro/ui/f.js | 200 OK Content-Length: 82948 Content-Type: application/x-javascript | clean |
http://jipiao.59706.com/airline.html | 200 OK Content-Length: 66189 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 59706.com ...[265 bytes skipped]... ¬å¸1-5æç¹ä»·æºç¥¨æ¥è¯¢é¢è®¢--ææ¸¸ç½ </title><link href="/Styles/jp.css" rel="stylesheet" type="text/css" /><link href="/Styles/airlogo.css" rel="stylesheet" type="text/css" /> <script src="/Scripts/jquery-1.4.4.min.js" type="text/javascript"></script> <script src="/Scripts/Public.js" type="text/javascript"></script> <meta name="description" content="æ游ç½(59706.com)æä¾å ¨å½ææèªç©ºå ¬å¸ç¹ä»·æºç¥¨èªçæ¥è¯¢ãå¨çº¿é¢è®¢ãé¢è®¢ææèªç©ºå ¬å¸ç¹ä»·æºç¥¨ã1-5æãã" /><meta name="keywords" content="èªç©ºå ¬å¸æºç¥¨,èªç©ºå ¬å¸å®æ¹ç¹ä»·æºç¥¨,èªç©ºå ¬å¸æºç¥¨é¢è®¢,èªç©ºå ¬å¸å®æ¹ç½ç«" /></head> <body> <form name="form1" method="post" action="/airline.html" id="form1"> <div> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJNDQwM ...[3447 bytes skipped]... | ||
http://jipiao.59706.com/Scripts/DownDiv/FlightKJ1.Common.js | 200 OK Content-Length: 4704 Content-Type: application/x-javascript | clean |
http://jipiao.59706.com/airport.html | 200 OK Content-Length: 103800 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 59706.com ...[267 bytes skipped]... å½æºåºå¤§å ¨,æºåºèªçæ¥è¯¢--ææ¸¸ç½ </title><link href="/Styles/jp.css" rel="stylesheet" type="text/css" /><link href="/Styles/airlogo.css" rel="stylesheet" type="text/css" /> <script src="/Scripts/jquery-1.4.4.min.js" type="text/javascript"></script> <script src="/Scripts/Public.js" type="text/javascript"></script> <meta name="description" content="æ游ç½(59706.com)为æ¨æä¾å ¨çæºåºæ¥è¯¢,æºåºå¤§å ¨,并详ç»ä»ç»å ¨çæºåºç®ä»ãåºå¾çãæåã交éãèªçãå°å¾ãèç³»æ¹å¼çä¿¡æ¯ã" /><meta name="keywords" content="æºåºå¤§å ¨,ä¸çæºåºå¤§å ¨,å ¨å½æºåºå¤§å ¨,æºåºèªçæ¥è¯¢" /></head> <body> <form name="form1" method="post" action="/airport.html" id="form1"> <div> <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTQ4Nj ...[3426 bytes skipped]... | ||
http://jipiao.59706.com/test404page.js | 404 Not Found Content-Length: 1163 Content-Type: text/html | clean |
http://jipiao.59706.com/0b/ | 200 OK Content-Length: 21006 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 59706.com ...[295 bytes skipped]... 票,èè²èªç©º1-5ææºç¥¨é¢è®¢--ææ¸¸ç½ </title><link href="/Styles/jp.css" rel="stylesheet" type="text/css" /><link href="/Styles/airlogo.css" rel="stylesheet" type="text/css" /> <script src="/Scripts/jquery-1.4.4.min.js" type="text/javascript"></script> <script src="/Scripts/Public.js" type="text/javascript"></script> <meta name="description" content="æ游ç½(59706.com)æä¾ç½é©¬å©äºèè²èªç©ºå ¬å¸å®ç½ç¹ä»·æºç¥¨,ç½é©¬å©äºèè²èªç©ºå ¬å¸ææ°å¨æèµè®¯ãä»ç»ãèç³»æ¹å¼,ç½é©¬å©äºèè²èªç©ºå ¬å¸ã1-5æãæºç¥¨é¢è®¢" /><meta name="keywords" content="ç½é©¬å©äºèè²èªç©ºå ¬å¸,èè²èªç©ºæºç¥¨,èè²èªç©ºå®ç½æºç¥¨,èè²èªç©ºå®ç½ç¹ä»·æºç¥¨,èè²èªç©º" /></head> <body> <form name="form1" method="post" action="/0b/" id="form1"> <div> <input t ...[3573 bytes skipped]... | ||
http://jipiao.59706.com/ca/ | 200 OK Content-Length: 26662 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 59706.com ...[289 bytes skipped]... ä»·æºç¥¨,å½èª1-5ææºç¥¨é¢è®¢--ææ¸¸ç½ </title><link href="/Styles/jp.css" rel="stylesheet" type="text/css" /><link href="/Styles/airlogo.css" rel="stylesheet" type="text/css" /> <script src="/Scripts/jquery-1.4.4.min.js" type="text/javascript"></script> <script src="/Scripts/Public.js" type="text/javascript"></script> <meta name="description" content="æ游ç½(59706.com)æä¾ä¸å½å½é èªç©ºè¡ä»½æéå ¬å¸å®ç½ç¹ä»·æºç¥¨,ä¸å½å½é èªç©ºè¡ä»½æéå ¬å¸ææ°å¨æèµè®¯ãä»ç»ãèç³»æ¹å¼,ä¸å½å½é èªç©ºè¡ä»½æéå ¬å¸ã1-5æãæºç¥¨é¢è®¢" /><meta name="keywords" content="ä¸å½å½é èªç©ºè¡ä»½æéå ¬å¸,å½èªæºç¥¨,å½èªå®ç½æºç¥¨,å½èªå®ç½ç¹ä»·æºç¥¨,å½èª" /></head> <body> <form name="form1" method="post" action="/ca/" id="form1"> <div> <input t ...[3533 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jipiao.59706.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 25 Jan 2015 21:16:33 GMT
Server: Microsoft-IIS/7.5
Content-Length: 34037
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=wftmynvkcvz5jfczte0o1cbx; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...34037 bytes of data.
GET / HTTP/1.1
Host: jipiao.59706.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 25 Jan 2015 21:16:33 GMT
Server: Microsoft-IIS/7.5
Content-Length: 34037
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=wftmynvkcvz5jfczte0o1cbx; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...34037 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jipiao.59706.com
Referer: http://www.google.com/search?q=jipiao.59706.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jipiao.59706.com
Referer: http://www.google.com/search?q=jipiao.59706.com
Result:
The result is similar to the first query. There are no suspicious redirects found.