New scan:

Malware Scanner report for xiaojikuaipao.com

Malicious/Suspicious/Total urls checked
0/0/19
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://www.lofter.com/mydomainr.do?domain=www.xiaojikuaipao.com&path=/
530 websites infected.
->http://hama120.lofter.com/?mydomainr=true


The website "xiaojikuaipao.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/2/4
2 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://www.xiaojikuaipao.com/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: www.xiaojikuaipao.com
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 29 Aug 2014 03:36:20 GMT
Location: http://www.lofter.com/mydomainr.do?domain=www.xiaojikuaipao.com&path=/
Server: nginx
Content-Length: 154
Content-Type: text/html
malicious
URL: http://www.lofter.com/mydomainr.do?domain=www.xiaojikuaipao.com&path=/
(imitation of visitor from search engine)

GET /mydomainr.do?domain=www.xiaojikuaipao.com&path=/ HTTP/1.1
Host: www.lofter.com
Referer: http://www.google.com/search?q=redirect+check2
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 29 Aug 2014 03:36:21 GMT
Location: http://hama120.lofter.com/?mydomainr=true
Server: nginx
Content-Length: 0
Content-Type: text/html;charset=UTF-8
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Set-Cookie: NTESLOFTSI=A7881E927247A4AD1AA69C6DDFEA9ED4.blog83-8010; Domain=.www.lofter.com; Path=/
Set-Cookie: firstentry=%2Fmydomainr.do%3FX-From-ISP%3D2%26domain%3Dwww.xiaojikuaipao.com%26path%3D%2F|http%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3Dwww.xiaojikuaipao.com%26source%3Dweb%26cd%3D1%26ved%3D0CDEQFjAG%26url%3Dhttp%3A%252F%252Fwww.xiaojikuaipao.com%252F%26ei%3DwC7yT5qCJbCCkQKtnwE%26usg%3DAFQjCNGEeYp3D7uuNLAJxMIVliLyQ9O_Pg; Domain=.lofter.com; Expires=Sat, 30-Aug-2014 03:36:21 GMT; Path=/
Set-Cookie: usertrack=ezq0d1P/9TWuZmPDDxHzAg==; expires=Sat, 29-Aug-15 03:36:21 GMT; domain=lofter.com; path=/
suspicious

Scanned pages/files

RequestServer responseStatus
http://www.xiaojikuaipao.com/
200 OK
Content-Length: 31242
Content-Type: text/html
suspicious
Hidden iFrame found.
style: hidden
src: http://l.bst.126.net/rsc/htm/music.html

<iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" >

http://l.bst.126.net/rsc/js/jquery-1.6.2.min.js
200 OK
Content-Length: 91572
Content-Type: application/x-javascript
clean
http://lofter.ph.126.net/FzQySaHtfyMIwqVPfL5vXQ==/5629538017120095361.js
200 OK
Content-Length: 8801
Content-Type: application/javascript
clean
http://lofter.ph.126.net/3x-GDoZHvjOG2OjUM7eCFw==/5629538017120095362.js
200 OK
Content-Length: 1207
Content-Type: application/javascript
clean
http://l.bst.126.net/rsc/js/themecommon.js?0005
200 OK
Content-Length: 2224
Content-Type: application/x-javascript
clean
http://analytics.163.com/ntes.js
200 OK
Content-Length: 19650
Content-Type: application/x-javascript
clean
http://www.xiaojikuaipao.com/app?from=theme
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 29 Aug 2014 03:36:32 GMT
Location: http://www.lofter.com/app/hama120?from=theme
Server: nginx
Content-Length: 0
Content-Type: text/html;charset=UTF-8
Set-Cookie: NTESLOFTSI=161D60A9C7F9C3F8CC6E604BEFAC4845.lofter1-8010; Domain=.www.lofter.com; Path=/
Set-Cookie: firstentry=%2Fgouappdownload.do%3Fmydomain%3Dwww.xiaojikuaipao.com%26from%3Dtheme|; Domain=.lofter.com; Expires=Sat, 30-Aug-2014 03:36:32 GMT; Path=/
clean
http://www.lofter.com/app/hama120?from=theme
200 OK
Content-Length: 98885
Content-Type: text/html
clean
http://l.bst.126.net/s/core.js?f42482aa1460235cb518ac0dab3e2977
200 OK
Content-Length: 85344
Content-Type: application/x-javascript
clean
http://l.bst.126.net/s/pt_page_uapp_uappDownload.js?6cf3c5424472bf76a1c77c9a453509ee
200 OK
Content-Length: 91823
Content-Type: application/x-javascript
clean
http://www.xiaojikuaipao.com/login
404 Not Found
Content-Length: 6924
Content-Type: text/html
suspicious
Hidden iFrame found.
style: hidden
src: http://l.bst.126.net/rsc/htm/music.html

<iframe style="display:none" src="http://l.bst.126.net/rsc/htm/music.html" >

http://l.bst.126.net/rsc/js/theme/r/pagephotoshow.min.js?0002
200 OK
Content-Length: 54020
Content-Type: application/x-javascript
clean
http://www.xiaojikuaipao.com/wubianwuji951
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 29 Aug 2014 03:36:43 GMT
Location: http://wubianwuji951.com
Server: nginx
Content-Length: 0
Content-Type: text/html;charset=UTF-8
Set-Cookie: NTESLOFTSI=1CA73FC94C80026BF5C81569D595C802.lofter1-8010; Domain=.www.lofter.com; Path=/
Set-Cookie: firstentry=%2Fcustompage.do%3Fmydomain%3Dwww.xiaojikuaipao.com%26%26url%3Dwubianwuji951|; Domain=.lofter.com; Expires=Sat, 30-Aug-2014 03:36:43 GMT; Path=/
clean
http://wubianwuji951.com/
500 Can't connect to wubianwuji951.com:80 (Bad hostname)
Content-Length: 166
Content-Type: text/plain
clean
http://wubianwuji951.com/test404page.js
500 Can't connect to wubianwuji951.com:80 (Bad hostname)
Content-Length: 166
Content-Type: text/plain
clean
http://www.xiaojikuaipao.com/weibo
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 29 Aug 2014 03:36:44 GMT
Location: http://weibo.com/hama120
Server: nginx
Content-Length: 0
Content-Type: text/html;charset=UTF-8
Set-Cookie: NTESLOFTSI=8BF0E81E4C8F81F9F6318B9532481242.lofter0-8010; Domain=.www.lofter.com; Path=/
Set-Cookie: firstentry=%2Fcustompage.do%3Fmydomain%3Dwww.xiaojikuaipao.com%26%26url%3Dweibo|; Domain=.lofter.com; Expires=Sat, 30-Aug-2014 03:36:44 GMT; Path=/
clean
http://weibo.com/hama120
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store
Connection: close
Date: Fri, 29 Aug 2014 03:36:44 GMT
Pragma: no-cache
Location: http://passport.weibo.com/visitor/visitor?a=enter&url=http%3A%2F%2Fweibo.com%2Fhama120&_rand=1409283404.9491
Server: WeiBo
Content-Type: text/html; charset=utf-8
Expires: Sat, 26 Jul 1997 05:00:00 GMT
DPOOL_HEADER: venus160
LB_HEADER: venus50
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: YF-Page-G0=d0adfff33b42523753dc3806dc660aa7;Path=/
clean
http://passport.weibo.com/visitor/visitor?a=enter&url=http%3a%2f%2fweibo.com%2fhama120&_rand=1409283404.9491
200 OK
Content-Length: 4588
Content-Type: text/html
clean
http://passport.weibo.com/js/visitor/mini.js
200 OK
Content-Length: 28163
Content-Type: application/javascript
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=xiaojikuaipao.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xiaojikuaipao.com/

Result: xiaojikuaipao.com is not infected or malware details are not published yet.