Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=m.159.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://m.159.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://m.159.com/ | 200 OK Content-Length: 19525 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: pic.159.com ...[7022 bytes skipped]... <table class="B8AC" border="0" align="left" cellpadding="0"cellspacing="0" > <tr> <td width="10%" align="left" > <div class="Pic"><a href="http://m.159.com/game/down.aspx?id=64430"><img src="/mb/tiny.aspx?width=83&height=58&model=CUT&imgurl=http://pic.159.com/game/user/2013/5/30/13530090930234.jpg" alt="æ¼åææºç©ºä¸çªå´" onerror="javascript:this.src='http://m.159.com/game/image/noimg.gif'" /></a></div> </td> <td width="81%" align="left" valign="middle" style="line-height:18px;text-align:left; color:#303030;"> ...[14854 bytes skipped]... | ||
http://m.159.com/js/jquery-1.4.4.min.js | 200 OK Content-Length: 6954 Content-Type: application/x-javascript | clean |
http://m.159.com/default.aspx | 200 OK Content-Length: 19525 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: pic.159.com ...[7022 bytes skipped]... <table class="B8AC" border="0" align="left" cellpadding="0"cellspacing="0" > <tr> <td width="10%" align="left" > <div class="Pic"><a href="http://m.159.com/game/down.aspx?id=64430"><img src="/mb/tiny.aspx?width=83&height=58&model=CUT&imgurl=http://pic.159.com/game/user/2013/5/30/13530090930234.jpg" alt="æ¼åææºç©ºä¸çªå´" onerror="javascript:this.src='http://m.159.com/game/image/noimg.gif'" /></a></div> </td> <td width="81%" align="left" valign="middle" style="line-height:18px;text-align:left; color:#303030;"> ...[14854 bytes skipped]... | ||
http://m.159.com/gerenzhongxin/index.aspx | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Mon, 07 Apr 2014 16:17:20 GMT Location: /Login.aspx?url=http%3a%2f%2fm.159.com%2fgerenzhongxin%2findex.aspx Server: Microsoft-IIS/6.0 Content-Length: 200 Content-Type: text/html; charset=utf-8 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://m.159.com/login.aspx?url=http%3a%2f%2fm.159.com%2fgerenzhongxin%2findex.aspx | 200 OK Content-Length: 5814 Content-Type: text/html | clean |
http://m.159.com/Login.aspx | 200 OK Content-Length: 5763 Content-Type: text/html | clean |
http://m.159.com/Register.aspx | 200 OK Content-Length: 6264 Content-Type: text/html | clean |
http://m.159.com/t/index.aspx?puid= | 200 OK Content-Length: 16991 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: android.159.com ...[4021 bytes skipped]... <div class="mlist" id="d2012sina1093407"><div class="wbr wtx" id="21"><div class="wbtil"><div><a href="home.aspx?uid=d2012" class="nk">21</a></div><a href="comment.aspx?srcid=1093407"><span class="vip">2æ28æ¥ 17:41</span></a></div><p>çé¨<a href='hotword.aspx?keyword=Android%e5%ba%94%e7%94%a8'> #Androidåºç¨#</a>æ¨èï¼<a href="http://android.159.com/app/11891.html" target="_blank">æçç³å¢</a>ï¼ç®ä»ï¼é©ç±»è§£è°æ¸¸æï¼å¸®å©ç¥é¾å¤§ä¾ æ¾åå®å¿ç±çç³æã ä»ä¹æ¯ç¥é¾å¤§ä¾ çæç±? å夫?竹å?èå¦?ââéå¦â¦ 请è¿å ¥<a href="http://www.159.com" target="_blank"> æºå®¢ç½</a>æç´¢ä¸è½½ç¼å·ï¼711891 å è´¹ä¸è½½å®è£ çµèæææºåå¯ç´æ¥æ索访é®</p><img class="wbimg" lazy-src="http://img.159.net/thumbnail/android/user/2014/2/28/1422805395 ...[15506 bytes skipped]... | ||
http://m.159.com/t/js/jquery-1.5.1.min.js | 200 OK Content-Length: 38810 Content-Type: application/x-javascript | clean |
http://m.159.com/t/js/wap_20110629.js | 200 OK Content-Length: 48945 Content-Type: application/x-javascript | clean |
http://m.159.com/t/search.aspx | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Mon, 07 Apr 2014 16:17:45 GMT Location: http://m.159.com/Login.aspx?u=a&url=http%3a%2f%2fm.159.com%2ft%2fsearch.aspx Server: Microsoft-IIS/6.0 Content-Length: 197 Content-Type: text/html; charset=utf-8 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://m.159.com/login.aspx?u=a&url=http%3a%2f%2fm.159.com%2ft%2fsearch.aspx | 200 OK Content-Length: 5816 Content-Type: text/html | clean |
http://m.159.com/gerenzhongxin/JiKerRmb.aspx | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Mon, 07 Apr 2014 16:17:47 GMT Location: /Login.aspx?url=http%3a%2f%2fm.159.com%2fgerenzhongxin%2fJiKerRmb.aspx Server: Microsoft-IIS/6.0 Content-Length: 203 Content-Type: text/html; charset=utf-8 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://m.159.com/login.aspx?url=http%3a%2f%2fm.159.com%2fgerenzhongxin%2fjikerrmb.aspx | 200 OK Content-Length: 5817 Content-Type: text/html | clean |
http://m.159.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://m.159.com/t/home.aspx | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Mon, 07 Apr 2014 16:17:53 GMT Location: http://m.159.com/Login.aspx?u=a&url=http%3a%2f%2fm.159.com%2ft%2fhome.aspx Server: Microsoft-IIS/6.0 Content-Length: 195 Content-Type: text/html; charset=utf-8 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://m.159.com/login.aspx?u=a&url=http%3a%2f%2fm.159.com%2ft%2fhome.aspx | 200 OK Content-Length: 5813 Content-Type: text/html | clean |
http://m.159.com/t/msg.aspx | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Mon, 07 Apr 2014 16:17:55 GMT Location: http://m.159.com/Login.aspx?u=a&url=http%3a%2f%2fm.159.com%2ft%2fmsg.aspx Server: Microsoft-IIS/6.0 Content-Length: 194 Content-Type: text/html; charset=utf-8 X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://m.159.com/login.aspx?u=a&url=http%3a%2f%2fm.159.com%2ft%2fmsg.aspx | 200 OK Content-Length: 5814 Content-Type: text/html | clean |
http://m.159.com/t/index.aspx | 200 OK Content-Length: 16981 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: android.159.com ...[4021 bytes skipped]... <div class="mlist" id="d2012sina1093407"><div class="wbr wtx" id="21"><div class="wbtil"><div><a href="home.aspx?uid=d2012" class="nk">21</a></div><a href="comment.aspx?srcid=1093407"><span class="vip">2æ28æ¥ 17:41</span></a></div><p>çé¨<a href='hotword.aspx?keyword=Android%e5%ba%94%e7%94%a8'> #Androidåºç¨#</a>æ¨èï¼<a href="http://android.159.com/app/11891.html" target="_blank">æçç³å¢</a>ï¼ç®ä»ï¼é©ç±»è§£è°æ¸¸æï¼å¸®å©ç¥é¾å¤§ä¾ æ¾åå®å¿ç±çç³æã ä»ä¹æ¯ç¥é¾å¤§ä¾ çæç±? å夫?竹å?èå¦?ââéå¦â¦ 请è¿å ¥<a href="http://www.159.com" target="_blank"> æºå®¢ç½</a>æç´¢ä¸è½½ç¼å·ï¼711891 å è´¹ä¸è½½å®è£ çµèæææºåå¯ç´æ¥æ索访é®</p><img class="wbimg" lazy-src="http://img.159.net/thumbnail/android/user/2014/2/28/1422805395 ...[15496 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: m.159.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Mon, 07 Apr 2014 16:17:08 GMT
Server: Microsoft-IIS/6.0
Content-Length: 19525
Content-Type: text/html; charset=utf-8
Set-Cookie: Hm_lpvt_37fabf0aeb4882dc5b37985fc36b93f7=1396887428; path=/
Set-Cookie: Hm_lvt_37fabf0aeb4882dc5b37985fc36b93f7=1396887428; expires=Tue, 07-Apr-2015 16:17:08 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...19525 bytes of data.
GET / HTTP/1.1
Host: m.159.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Mon, 07 Apr 2014 16:17:08 GMT
Server: Microsoft-IIS/6.0
Content-Length: 19525
Content-Type: text/html; charset=utf-8
Set-Cookie: Hm_lpvt_37fabf0aeb4882dc5b37985fc36b93f7=1396887428; path=/
Set-Cookie: Hm_lvt_37fabf0aeb4882dc5b37985fc36b93f7=1396887428; expires=Tue, 07-Apr-2015 16:17:08 GMT; path=/
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...19525 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: m.159.com
Referer: http://www.google.com/search?q=m.159.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: m.159.com
Referer: http://www.google.com/search?q=m.159.com
Result:
The result is similar to the first query. There are no suspicious redirects found.