Malware Scanner report for shop109268207.taobao.com

Malicious/Suspicious/Total urls checked: 11/0/15

11 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://shop109268207.taobao.com/	200 OK Content-Length: 85349 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 646 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://g.tbcdn.cn/??kissy/k/1.3.2/kissy-min.js,tb/global/2.8.9/global-min.js	200 OK Content-Length: 182509 Content-Type: application/x-javascript	clean
http://g.tbcdn.cn/shop/wangpu/1.0.4/init-async-min.js?t=20140523.js	200 OK Content-Length: 4224 Content-Type: application/x-javascript	clean
http://shop109268207.taobao.com/ugo.htm?signin=true	200 OK Content-Length: 241431 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://g.tbcdn.cn/shop/wangpu/1.0.4/init-min.js?t=20140523.js	200 OK Content-Length: 4377 Content-Type: application/x-javascript	clean
http://shop109268207.taobao.com/search.htm?search=y	200 OK Content-Length: 134396 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://uaction.aliyuncdn.com/js/ua.js	200 OK Content-Length: 57832 Content-Type: application/x-javascript	clean
http://shop109268207.taobao.com/search.htm?search=y&orderType=hotsell_desc	200 OK Content-Length: 135559 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop109268207.taobao.com/search.htm?search=y&orderType=newOn_desc	200 OK Content-Length: 135634 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop109268207.taobao.com/search.htm?search=y&orderType=price_asc	200 OK Content-Length: 135415 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop109268207.taobao.com/category-927226453.htm?search=y&catName=%CD%AF%D7%B0	200 OK Content-Length: 91971 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop109268207.taobao.com/category-919656409.htm?search=y&categoryp=50010850&scid=919656409	200 OK Content-Length: 128687 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop109268207.taobao.com/category-919656410.htm?search=y&categoryp=1624&scid=919656410	200 OK Content-Length: 111981 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop109268207.taobao.com/category-919656411.htm?search=y&categoryp=162401&scid=919656411	200 OK Content-Length: 98060 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop109268207.taobao.com/category-919656412.htm?search=y&categoryp=162404&scid=919656412	200 OK Content-Length: 109779 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"109268207", "siteId":"4", "userId":"2008978463", "user_nick": "%E6%9C%88%E4%BA%91%E9%A3%8E%E5%B0%9A", "shopCategoryId" ... 455 bytes are skipped ... shopId:'109268207', siteId:'4', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: shop109268207.taobao.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 21 Jun 2014 16:59:11 GMT
Via: 1.1 varnish
Age: 3204
Server: Tengine
Vary: Accept-Encoding
Content-Language: zh-CN
Content-Type: text/html;charset=GBK
At_isb: 0
At_shoptype: 4_109268207
Atp_isdpp: 4v109268207
P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
S: STATUS_NOT_EXISTED
X-Cache: HIT
X-CacheHits: 3
X-Varnish: 672233127 671742654
X-Varnish-Cache: 1

Second query (visit from search engine):
GET / HTTP/1.1
Host: shop109268207.taobao.com
Referer: http://www.google.com/search?q=shop109268207.taobao.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=shop109268207.taobao.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://shop109268207.taobao.com/

Result: shop109268207.taobao.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for shop109268207.taobao.com

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools