Scanned pages/files
Request | Server response | Status |
http://cibc.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:51 GMT Location: https://www.cibc.com/ Content-Length: 0 Content-Type: text/html | clean |
https://www.cibc.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:52 GMT Location: /ca/personal.html Content-Length: 0 Content-Type: text/html | clean |
https://www.cibc.com/ca/personal.html | 200 OK Content-Length: 43653 Content-Type: text/html | suspicious |
Suspicious code found <aside><div id="cibcchathomepage"></div></aside>
<aside> <div id="olb-message" tabindex="0"> <div class="signOffHero"> <p><span class="icon"></span> Thank you for using CIBC Online Banking. You have successfully signed off.</p> </div> <p class="close"><a href="#" onclick="utilityFunctions.closeOlbMessage();return false" title="Close Window">x</a></p> <span class="icon last"><a href="http://ca.linkedin.com/company/cibc" target="_blank" onclick="s.tl(true,'o','HP: Social: LinkedIn');"><img src="/ca/img/icons/social/linkedin-icon.png" width="19" height="19" /></a></span> </div> <span style="clear: both;"></span> <!-- Social media icons --> | ||
https://www.cibc.com/ca/js/device-detect-min.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://cibc.com/ca/js/jquery.js?update=201305 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:54 GMT Location: https://www.cibc.com/ca/js/jquery.js?update=201305 Content-Length: 0 Content-Type: text/html | clean |
https://www.cibc.com/ca/js/jquery.js?update=201305 | 200 OK Content-Length: 70843 Content-Type: application/x-javascript | clean |
http://cibc.com/ca/js/personal-banking/personal-banking.js?update=201305 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:54 GMT Location: https://www.cibc.com/ca/js/personal-banking/personal-banking.js?update=201305 Content-Length: 0 Content-Type: text/html | clean |
https://www.cibc.com/ca/js/personal-banking/personal-banking.js?update=201305 | 200 OK Content-Length: 21574 Content-Type: application/x-javascript | clean |
http://cibc.com/ca/js/survey-marketing.js?update=201305 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:55 GMT Location: https://www.cibc.com/ca/js/survey-marketing.js?update=201305 Content-Length: 0 Content-Type: text/html | clean |
https://www.cibc.com/ca/js/survey-marketing.js?update=201305 | 200 OK Content-Length: 6507 Content-Type: application/x-javascript | clean |
http://cibc.com/ca/js/megamenu_functions.js?update=201305 | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:55 GMT Location: https://www.cibc.com/ca/js/megamenu_functions.js?update=201305 Content-Length: 0 Content-Type: text/html | clean |
https://www.cibc.com/ca/js/megamenu_functions.js?update=201305 | 200 OK Content-Length: 9872 Content-Type: application/x-javascript | clean |
http://cibc.com//static.atgsvcs.com/js/atgsvcs.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:56 GMT Location: https://www.cibc.com/static.atgsvcs.com/js/atgsvcs.js/ Content-Length: 0 Content-Type: text/html | clean |
https://www.cibc.com/static.atgsvcs.com/js/atgsvcs.js/ | 404 Not Found Content-Length: 10623 Content-Type: text/html | clean |
https://www.cibc.com/ca/js/s_code.js | 200 OK Content-Length: 46297 Content-Type: application/x-javascript | clean |
http://cibc.com/ca/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:58 GMT Location: https://www.cibc.com/ca/ Content-Length: 0 Content-Type: text/html | clean |
https://www.cibc.com/ca/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:58 GMT Location: /ca/personal.html Content-Length: 0 Content-Type: text/html | clean |
http://www.cibc.com/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Apr 2014 17:20:58 GMT Location: https://www.cibc.com/test404page.js Content-Length: 0 Content-Type: text/html | clean |
https://www.cibc.com/test404page.js | 404 Not Found Content-Length: 10623 Content-Type: text/html | clean |
https://www.cibc.com/ca/site-map.html | 200 OK Content-Length: 31113 Content-Type: text/html | clean |
https://www.cibc.com/ca/sites.html?src=ca | 200 OK Content-Length: 17183 Content-Type: text/html | clean |
https://www.cibc.com/ca/imperial-service/index.html | 200 OK Content-Length: 55227 Content-Type: text/html | clean |
https://www.cibc.com/imperialinvestorservice-newlook/ | 200 OK Content-Length: 315 Content-Type: text/html | clean |
https://www.cibc.com/ca/imperial-service/prsnlzd-apprch.html | 200 OK Content-Length: 37549 Content-Type: text/html | clean |
https://www.cibc.com/ca/imperial-service/objective-advice.html | 200 OK Content-Length: 37672 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cibc.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 16 Apr 2014 17:20:51 GMT
Location: https://www.cibc.com/
Content-Length: 0
Content-Type: text/html
...0 bytes of data.
GET / HTTP/1.1
Host: cibc.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 16 Apr 2014 17:20:51 GMT
Location: https://www.cibc.com/
Content-Length: 0
Content-Type: text/html
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cibc.com
Referer: http://www.google.com/search?q=cibc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cibc.com
Referer: http://www.google.com/search?q=cibc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cibc.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cibc.com/
Result: cibc.com is not infected or malware details are not published yet.
Result: cibc.com is not infected or malware details are not published yet.