Malware Scanner report for shop72272123.taobao.com

Malicious/Suspicious/Total urls checked: 11/0/15

11 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://shop72272123.taobao.com/	200 OK Content-Length: 130606 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 628 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://g.tbcdn.cn/??kissy/k/1.3.2/kissy-min.js,tb/global/2.6.13/global-min.js	200 OK Content-Length: 182057 Content-Type: application/x-javascript	clean
http://a.tbcdn.cn/apps/taesite/platinum/scripts/wangpu/init-async-min.js?t=20140404.js	200 OK Content-Length: 4959 Content-Type: application/x-javascript	clean
http://shop72272123.taobao.com/cuxiao.htm?signin=true	200 OK Content-Length: 246167 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://a.tbcdn.cn/apps/taesite/platinum/scripts/wangpu/init-min.js?t=20140404.js	200 OK Content-Length: 4773 Content-Type: application/x-javascript	clean
http://shop72272123.taobao.com/search.htm?search=y	200 OK Content-Length: 171564 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://uaction.aliyuncdn.com/js/ua.js	200 OK Content-Length: 57138 Content-Type: application/x-javascript	clean
http://shop72272123.taobao.com/search.htm?search=y&orderType=hotsell_desc	200 OK Content-Length: 172896 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop72272123.taobao.com/search.htm?search=y&orderType=newOn_desc	200 OK Content-Length: 173078 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop72272123.taobao.com/search.htm?search=y&orderType=price_asc	200 OK Content-Length: 172582 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop72272123.taobao.com/category-892384645.htm?search=y&catName=%B7%FE%D7%B0	200 OK Content-Length: 149836 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop72272123.taobao.com/category-892384646.htm?search=y&parentCatId=892384645&parentCatName=%B7%FE%D7%B0&catName=%C5%AE%CA%BF%C9%CF%D7%B0	200 OK Content-Length: 167422 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop72272123.taobao.com/category-892384647.htm?search=y&parentCatId=892384645&parentCatName=%B7%FE%D7%B0&catName=%C5%AE%CA%BF%CF%C2%D7%B0	200 OK Content-Length: 168479 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop72272123.taobao.com/category-892384648.htm?search=y&parentCatId=892384645&parentCatName=%B7%FE%D7%B0&catName=%C4%D0%CA%BF%C9%CF%D7%B0	200 OK Content-Length: 175989 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)
http://shop72272123.taobao.com/category-892384649.htm?search=y&parentCatId=892384645&parentCatName=%B7%FE%D7%B0&catName=%C4%D0%CA%BF%CF%C2%D7%B0	200 OK Content-Length: 115428 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) window.g_hb_monitor_st = +new Date(); window.g_config = {appId:2, assetsHost:"http://a.tbcdn.cn",toolbar:false, pageType:"wangpu"}; window.shop_config = { "hasImpress":true, "shopId":"72272123", "siteId":"1", "userId":"716918082", "user_nick": "%E6%B7%98%E6%97%BA%E5%AE%9D44", "shopCategoryId":"11", ... 437 bytes are skipped ... shopId:'72272123', siteId:'1', siteCategoryId:'2', itemId:'', shopStats:'', validatorUrl:'http://store.taobao.com/tadget/shop_stats.htm', templateId:'206531', templateName:'' }; window._poc = window._poc \|\| []; window._poc.push(["_trackCustom", "tpl", "new_shop"]); Antivirus reports: Emsisoft Gen:Variant.Adware.NaviPromo.16 (B)

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: shop72272123.taobao.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 06 Apr 2014 12:15:12 GMT
Via: 1.1 varnish
Age: 1638
Server: Tengine
Vary: Accept-Encoding
Content-Language: zh-CN
Content-Type: text/html;charset=GBK
At_isb: 0
At_shoptype: 1_72272123
Atp_isdpp: 1v72272123
P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
X-Cache: HIT
X-CacheHits: 2
X-Varnish: 1551229117 1550781712
X-Varnish-Cache: 1

Second query (visit from search engine):
GET / HTTP/1.1
Host: shop72272123.taobao.com
Referer: http://www.google.com/search?q=shop72272123.taobao.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=shop72272123.taobao.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://shop72272123.taobao.com/

Result: shop72272123.taobao.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for shop72272123.taobao.com

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools