See: http://isithacked.com/check/http%3A%2F%2Fwww.levante-emv.com%2F
Potential problems here: 1 -> -estaticos02.levante-emv.com/elementosWeb/js/portada20170228162559.js
2 -> -estaticos01.levante-emv.com/elementosWeb/js/servicios20170228162559.js
Suspicious URLs found in: -http://www.levante-emv.com/
1: hxxp://ib·adnxs·com/seg?
Nothing malicious being flagged here: https://www.virustotal.com/pl/url/106841a2dd96ab68be59eb0b230d5a101973f188a6fd2b4c7c8ea782eb220a16/analysis/1489947746/
Also consider: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fb.scorecardresearch.com%2Fc2%2F8731705%2Fcs.js
List of referenced blacklisted domains/hosts: 1
nuevaespana.ojdinteractiva dot com
Re: https://urlscan.io/result/bf9daced-da9a-43c7-a641-8b26bc7b3952/#summary
polonus (volunteer website security analyst and website error-hunter)
Hi Para-Noid,
Reports on that IP also: https://www.abuseipdb.com/check/213.0.95.35
and see the F-status on the webserver test: https://www.htbridge.com/websec/r/regio7-cat-spain/83453ffb80589cfcab75f7f1f0a3ce324b3df05bee21e04a86d1059166baac98
Like it when you are double-checking my alerts, and adding to the heads-up, Para-Noid.
Bravo, well done!
What they were up to then from that IP address? Well, read here:
Portscan & connect: 9 times on port(s): 41673 41674 41675 41678 41683 41687 41688 41689 41690 TCP
polonus
