New scan:

Malware Scanner report for tobaccoxpress.com

Malicious/Suspicious/Total urls checked
0/0/6
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Isal Dot ID was here , Hacked by Isal Dot ID, Owned by Isal Dot ID, Pwned by Isal Dot ID, Sanjungan   (4 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://tobaccoxpress.com/
200 OK
Content-Length: 5857
Content-Type: text/html
suspicious
Deface/Content modification. The following signature was found: Isal Dot ID was here , Hacked by Isal Dot ID, Owned by Isal Dot ID, Pwned by Isal Dot ID, Sanjungan

<html>
<head>
<link rel="SHORTCUT ICON" href="http://3.bp.blogspot.com/-FFxSBwmZeJ0/T3WvTLAy56I/AAAAAAAAARs/ePKYyVFgOh0/s1600/Cur2.gif" type="image">
<script src="http://masterendi.googlecode.com/files/salju.js"></script>
</head>
<title>Stamp3d by Sanjungan Jiwa</title>
<meta content='Isal Dot ID was here , Hacked by Isal Dot ID, Owned by Isal Dot ID, Pwned by Isal Dot ID, Sanjungan Jiwa , Stamp3d by Sanjungan Jiwa' name='description'/>
<meta content='Isal Dot ID was here , Hacked by Isal Dot ID, Owned by Isal Dot ID, Pwned by Isal Dot ID, Sanjungan Jiwa , Stamp3d by Sanjungan Jiwa' name='keywords'/>
<meta content='Isal Dot ID was here , Hacked by Isal Dot ID, Owned by Isal Dot ID, Pwned by Isal Dot ID, Sanjungan Jiwa , Stamp3d by Sanjungan Jiwa
...[6178 bytes skipped]...


http://masterendi.googlecode.com/files/salju.js
404 Not Found
Content-Length: 1575
Content-Type: text/html
clean
http://masterendi.googlecode.com//www.google.com/
404 Not Found
Content-Length: 1561
Content-Type: text/html
clean
http://masterendi.googlecode.com/test404page.js
404 Not Found
Content-Length: 1575
Content-Type: text/html
clean
http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js
200 OK
Content-Length: 55272
Content-Type: text/javascript
clean
http://tobaccoxpress.com//www.google.com/
404 Not Found
Content-Length: 399
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: tobaccoxpress.com

Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sat, 05 Dec 2015 18:47:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 891cf5de31300834a34e1512d66c02b4=facvvkr4o9nqajn4uklia7mkr1; path=/
Set-Cookie: ja_norite_tpl=ja_norite; expires=Thu, 24-Nov-2016 18:47:30 GMT; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: tobaccoxpress.com
Referer: http://www.google.com/search?q=tobaccoxpress.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=tobaccoxpress.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tobaccoxpress.com/

Result: tobaccoxpress.com is not infected or malware details are not published yet.