Overview

URL ergotherapie-schleswig.de/
IP89.31.143.100
ASNAS15598 QSC AG
Location Germany
Report completed2018-12-10 01:47:29 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-12-10 2 ergotherapie-schleswig.de/ Malware
2018-12-10 2 ergotherapie-schleswig.de/media/jui/js/bootstrap.min.js?e20420c5296a37cec18 (...) Malware
2018-12-10 2 ergotherapie-schleswig.de/media/jui/js/jquery-migrate.min.js?e20420c5296a37 (...) Malware
2018-12-10 2 ergotherapie-schleswig.de/templates/ergotherapie/js/template.js?e20420c5296 (...) Malware
2018-12-10 2 ergotherapie-schleswig.de/media/system/js/caption.js?e20420c5296a37cec18ee2 (...) Malware
2018-12-10 2 ergotherapie-schleswig.de/media/jui/js/jquery.min.js?e20420c5296a37cec18ee2 (...) Malware
2018-12-10 2 ergotherapie-schleswig.de/modules/mod_reslider/assets/js/jquery.flexslider- (...) Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 89.31.143.100

Date UQ / IDS / BL URL IP
2019-02-18 06:32:30 +0100
0 - 0 - 3 soforteinkommen.net/jdd 89.31.143.100
2019-02-18 06:32:02 +0100
0 - 0 - 3 soforteinkommen.net/pjj 89.31.143.100
2019-02-18 06:29:23 +0100
0 - 0 - 3 soforteinkommen.net/dxx 89.31.143.100
2019-02-18 06:26:45 +0100
0 - 0 - 3 soforteinkommen.net/inter 89.31.143.100
2019-02-18 06:25:11 +0100
0 - 0 - 3 soforteinkommen.net/lff 89.31.143.100
2019-02-18 06:23:35 +0100
0 - 0 - 3 soforteinkommen.net/index.php 89.31.143.100
2019-02-18 06:19:54 +0100
0 - 0 - 3 soforteinkommen.net/bvj 89.31.143.100
2019-02-18 06:19:48 +0100
0 - 0 - 3 soforteinkommen.net/bvv 89.31.143.100
2019-02-16 06:22:27 +0100
0 - 0 - 1 rsp-bauservice.de/b3.exe 89.31.143.100
2019-02-16 06:22:14 +0100
0 - 0 - 1 rsp-bauservice.de/i9001.exe 89.31.143.100

Last 10 reports on ASN: AS15598 QSC AG

Date UQ / IDS / BL URL IP
2019-02-20 23:55:12 +0100
0 - 0 - 1 mogulcontest.com/home/bnc/national%20bank%20o (...) 89.31.143.1
2019-02-20 20:48:34 +0100
0 - 0 - 1 www.state-as.com 89.31.143.1
2019-02-20 14:19:54 +0100
0 - 0 - 1 cieghf.com/one/index.php 89.31.143.1
2019-02-19 22:45:16 +0100
0 - 0 - 0 https://fb-zenit-izle-gs-benfica-izle.es.tl/B (...) 193.238.27.26
2019-02-19 22:41:41 +0100
0 - 0 - 0 https://fb-zenit-izle-gs-benfica-izle.es.tl/ 193.238.27.26
2019-02-19 20:14:44 +0100
0 - 0 - 1 genialetechnik.com/ 89.31.143.1
2019-02-19 16:22:51 +0100
0 - 0 - 0 pfiffel.com 89.31.143.1
2019-02-18 06:32:30 +0100
0 - 0 - 3 soforteinkommen.net/jdd 89.31.143.100
2019-02-18 06:32:02 +0100
0 - 0 - 3 soforteinkommen.net/pjj 89.31.143.100
2019-02-18 06:29:23 +0100
0 - 0 - 3 soforteinkommen.net/dxx 89.31.143.100

Last 10 reports on domain: ergotherapie-schleswig.de

Date UQ / IDS / BL URL IP
2019-01-20 00:57:19 +0100
0 - 0 - 7 ergotherapie-schleswig.de/ 89.31.143.100
2019-01-14 20:02:45 +0100
0 - 0 - 7 ergotherapie-schleswig.de/ 89.31.143.100
2018-12-28 00:46:09 +0100
0 - 0 - 7 ergotherapie-schleswig.de/ 89.31.143.100
2018-12-07 23:49:46 +0100
0 - 0 - 7 ergotherapie-schleswig.de/ 89.31.143.100
2018-11-30 00:01:56 +0100
0 - 0 - 7 ergotherapie-schleswig.de/ 89.31.143.100
2018-02-28 10:47:56 +0100
0 - 0 - 1 www.ergotherapie-schleswig.de/invoice-receipt 89.31.143.1
2018-02-26 17:10:48 +0100
0 - 0 - 0 www.ergotherapie-schleswig.de/Invoice-receipt/ 89.31.143.100
2018-02-26 14:59:28 +0100
0 - 0 - 0 www.ergotherapie-schleswig.de/Invoice-receipt/ 89.31.143.100
2018-02-26 14:51:25 +0100
0 - 0 - 0 www.ergotherapie-schleswig.de/Invoice-receipt/ 89.31.143.100
2018-02-26 14:34:26 +0100
0 - 0 - 0 www.ergotherapie-schleswig.de/Invoice-receipt/ 89.31.143.100


JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (20)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Mon, 10 Dec 2018 00:46:57 GMT
Content-Length: 2553
Connection: keep-alive
Set-Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de; path=/; HttpOnly
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Mon, 10 Dec 2018 00:46:57 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2553
Md5:    f789b7c58fa3c4a0146f097d76c0f431
Sha1:   59c67d7391627b5571d36b2a09cfbfbd5c42a58a
Sha256: 1d9c788d452411e53d7955222f99b6fd82de3e88526f341a980817fc4de4074c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /templates/ergotherapie/css/template.css?e20420c5296a37cec18ee2e94c2bedc0 HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 10 Dec 2018 00:46:57 GMT
Content-Length: 25304
Connection: keep-alive
Last-Modified: Fri, 23 Mar 2018 16:54:43 GMT
Etag: "27fad-5681747ef1193-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   25304
Md5:    0bf6fd6f6b3a279ffec36aba4028bddd
Sha1:   afa54a3c6a95c64e7f728ecfd4402a61fca772c3
Sha256: 568c53a3af9c4b827312bcad95547c253335e60279d372a707e045c237c28d5e
                                        
                                            GET /modules/mod_reslider/assets/css/flexslider.css HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 1066
Connection: keep-alive
Last-Modified: Tue, 06 Mar 2018 06:36:11 GMT
Etag: "be5-566b8a887b7d9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1066
Md5:    5ce1b42855287655d2f9f40eedda03ee
Sha1:   a54d7100e6cd8ba07c45aba530c117940e0955cc
Sha256: fe020d5f3a26a42281a9a6c59f9e38cdbd08963258471c91a9bc0df375d1ed0d
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.206
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    15156f832e0a0c15aa6f5ca037ccc9bd
Sha1:   ada6ec3a48064672015e0f3782c794603c5deb82
Sha256: 2270edf51078e3670c95a8361054d04209ee727eb24ba2df2667063a814ede71
                                        
                                            GET /templates/ergotherapie/favicon.ico HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 2019
Connection: keep-alive
Last-Modified: Fri, 23 Mar 2018 16:54:43 GMT
Etag: "7e3-5681747ee7333"
Accept-Ranges: bytes
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   2019
Md5:    1194d7d32448e1f90741a97b42af91fa
Sha1:   650aa3c9b17e4d83aa4857d6e9fe8e3ece935724
Sha256: 7bd9b59d14b126e8c5abcb1c89b60c79e2b2e17c15745fe8d385204d87c40765
                                        
                                            GET /media/jui/js/bootstrap.min.js?e20420c5296a37cec18ee2e94c2bedc0 HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 7701
Connection: keep-alive
Last-Modified: Mon, 12 Mar 2018 16:25:22 GMT
Etag: "71e4-5673996a8e080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7701
Md5:    fc8b97507794f272cffac61360a304c0
Sha1:   9ea0634a66aec33fa44b92c71fc09c9fbb37b3d9
Sha256: 1004988d51baf8a1b7a14bd468fc219ecb180644a1baa36076dcb09c440bef19

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.207.206
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /media/jui/js/jquery-noconflict.js?e20420c5296a37cec18ee2e94c2bedc0 HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 21
Connection: keep-alive
Last-Modified: Mon, 12 Mar 2018 16:25:22 GMT
Etag: "15-5673996a8e080"
Accept-Ranges: bytes
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  ASCII text
Size:   21
Md5:    e2060c4e5e5955c824723b13a212d3ec
Sha1:   18420ce484978f8ba3d7371febf1638828bb7a67
Sha256: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
                                        
                                            GET /media/jui/js/jquery-migrate.min.js?e20420c5296a37cec18ee2e94c2bedc0 HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 4014
Connection: keep-alive
Last-Modified: Mon, 12 Mar 2018 16:25:22 GMT
Etag: "2748-5673996a8e080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4014
Md5:    a6c81e2f02bd04160d2de88c4e8f3559
Sha1:   e3f3c91427d785820ca97dabe738f01faf041f36
Sha256: b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /templates/ergotherapie/js/template.js?e20420c5296a37cec18ee2e94c2bedc0 HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 664
Connection: keep-alive
Last-Modified: Fri, 23 Mar 2018 16:54:44 GMT
Etag: "5d7-5681747f1d0f4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   664
Md5:    f096bbe7ed2093abea4ad4fb6458d1b8
Sha1:   d30191ffedacc6a81c3f0347f45c8b6effc19e97
Sha256: 792080dc9335381cdc5169e331f6fa95c982b0bf7bd92314bc9b746f4511f54b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /media/system/js/caption.js?e20420c5296a37cec18ee2e94c2bedc0 HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 336
Connection: keep-alive
Last-Modified: Mon, 12 Mar 2018 16:25:22 GMT
Etag: "1eb-5673996a8e080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   336
Md5:    6d37e4491c806fe1280ea6af868c307c
Sha1:   76bd49025156b7c2507189bb48cc83142e8177dd
Sha256: fcdc70db37bd7884b1b94358f4849eb7e6a88bcafe82c93df635913ae03039cb

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /media/jui/js/jquery.min.js?e20420c5296a37cec18ee2e94c2bedc0 HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 33760
Connection: keep-alive
Last-Modified: Mon, 12 Mar 2018 16:25:22 GMT
Etag: "17b8b-5673996a8e080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33760
Md5:    90af67e8fd4d5ab0d104b28b82a5f9e3
Sha1:   0172e38010ebd25ebcb3f0a4094be0e20f72ac48
Sha256: 971b268c15450ab1dded5c1e8e7875660b086b2ca6c45a31ddfa82486b1d06d3

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /modules/mod_reslider/assets/js/jquery.flexslider-min.js HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 5168
Connection: keep-alive
Last-Modified: Tue, 06 Mar 2018 06:36:11 GMT
Etag: "4116-566b8a887f659-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5168
Md5:    7a6d60706f4af1def246e8de1624976e
Sha1:   dc4d651c2b11b1c2bfb3856dc1d1d1dbaf9d9f61
Sha256: b412722c31332b7a9a12a42622f911ea584db7e1c6e38cd0488cab3ebb72734c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/voeller/voellerlogo.jpg HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 6003
Connection: keep-alive
Last-Modified: Tue, 06 Mar 2018 09:43:14 GMT
Etag: "1773-566bb4587514a"
Accept-Ranges: bytes
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   6003
Md5:    441d0bc11ebcc87f4321e227b7d41dcb
Sha1:   69b42d3d2f5a402bae7a1d261def8e2e8bbb525e
Sha256: 5b78498356e8921c0155107f923f4b71cb878281692f120505f7e58d80e0b8ea
                                        
                                            GET /images/voeller/portrait_harald_voeller.jpg HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 8493
Connection: keep-alive
Last-Modified: Tue, 05 Jun 2018 10:00:13 GMT
Etag: "212d-56de21dca5cac"
Accept-Ranges: bytes
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   8493
Md5:    51aeffd2b84b2c6b5de899da9380926b
Sha1:   3cd7e865799d6bf24d3a3cdeb757b822d2ad6adb
Sha256: fe4586540cdbe1ed5a5cae0344b64b3cf9920f9f2b49a5c2c6f3223ef8306177
                                        
                                            GET /images/voeller/portrait_katrin_viertel.jpg HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 10606
Connection: keep-alive
Last-Modified: Tue, 05 Jun 2018 10:00:55 GMT
Etag: "296e-56de2204ed518"
Accept-Ranges: bytes
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   10606
Md5:    e15c59993afe0e01e01f0289ee2ab070
Sha1:   bf82c4b5c1f5d515700633f3b4d72449f1f899f5
Sha256: 7445a712a9330137d50fd9135947fb34d71074bde7606cfb2272faa5d93f375e
                                        
                                            GET /css?family=Open+Sans HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/

                                         
                                         172.217.22.170
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 10 Dec 2018 00:46:58 GMT
Date: Mon, 10 Dec 2018 00:46:58 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   200
Md5:    c3ca402894d5667f6d33f4020c7c3c88
Sha1:   f6f889f7c28e0af6efa101bcbb4d8f564a35b476
Sha256: ec72e73268c4541c2a32746b02e29d2c3b1f22914623d929f6dc90bbdfbe2e65
                                        
                                            GET /images/voeller/entre.jpg HTTP/1.1 
Host: ergotherapie-schleswig.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://ergotherapie-schleswig.de/
Cookie: 838b9316fa6a90b85addf2f65985a3bc=425f868166f9bdd4b9640038890ce6de

                                         
                                         89.31.143.100
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Content-Length: 64906
Connection: keep-alive
Last-Modified: Wed, 07 Mar 2018 09:15:04 GMT
Etag: "fd8a-566cefe9898cc"
Accept-Ranges: bytes
Server: UD Webspace 3.0


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   64906
Md5:    3e834639fb7ca53c5cd1a66b0c760520
Sha1:   eee15e95f526e0e1c228b68200f96c271ccb53f5
Sha256: e8e2ea0177f68235b92cc6bba9709f64f90035c2386db35076139a0cc37d479f
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.206
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 10 Dec 2018 00:46:58 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    906519d4ab05099dc54e07829b2a3751
Sha1:   d2192b8549329ed362c5065726d6d1a0aad968ad
Sha256: a76c1165e11bab522c2b6986c5c23770734dae08d2375d69393949be5c75873c
                                        
                                            GET /s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0d.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: http://ergotherapie-schleswig.de

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 17704
Date: Wed, 05 Dec 2018 11:01:32 GMT
Expires: Thu, 05 Dec 2019 11:01:32 GMT
Last-Modified: Wed, 11 Oct 2017 21:49:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 395126
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   17704
Md5:    bf2d0783515b7d75c35bde69e01b3135
Sha1:   0e92462e402c15295366d912a7b8be303d0257d8
Sha256: 054349dda27b80bb105fbc59b5973ef9889ed976aca1fbe39f77688dcff8c552