Overview

URL handyortenlassen.net/
IP104.251.217.38
ASN
Location United States
Report completed2017-10-13 01:55:59 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-10-13 2 www.handyortenlassen.net/ Malware
2017-10-13 2 www.handyortenlassen.net/wp-includes/js/wp-emoji-release.min.js?ver=4.8.2 Malware
2017-10-13 2 www.handyortenlassen.net/wp-content/themes/responsive/core/css/style.css?ver=3.0 Malware
2017-10-13 2 www.handyortenlassen.net/wp-content/themes/responsive/core/js/jquery.placeh (...) Malware
2017-10-13 2 www.handyortenlassen.net/wp-content/themes/responsive/core/js/responsive-sc (...) Malware
2017-10-13 2 www.handyortenlassen.net/wp-includes/js/wp-embed.min.js?ver=4.8.2 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.251.217.38

Date UQ / IDS / BL URL IP
2017-12-09 18:28:24 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-12-08 18:01:57 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-12-05 23:32:05 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-12-05 09:32:40 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-12-04 21:07:13 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-26 07:10:41 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-24 11:25:37 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-23 08:06:08 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-23 01:19:37 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-22 01:52:25 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2017-12-12 02:01:35 +0100
0 - 1 - 0 dl.dropbox.com/u/24617376/videowmv004.exe 162.125.65.6
2017-12-12 02:00:40 +0100
0 - 0 - 1 stipendsculture.com/ 156.67.220.156
2017-12-12 01:59:20 +0100
0 - 0 - 0 windows10portal.com 159.203.230.214
2017-12-12 01:58:57 +0100
0 - 3 - 0 dl.dropbox.com/u/61092690/h.exe 162.125.65.6
2017-12-12 01:58:35 +0100
0 - 0 - 0 ptr.ruvds.com 193.124.0.4
2017-12-12 01:55:38 +0100
0 - 1 - 0 windows10portal.com/data/download-flash-playe (...) 159.203.230.214
2017-12-12 01:55:01 +0100
0 - 0 - 0 mercedes-benzsg.com 52.221.44.143
2017-12-12 01:50:57 +0100
0 - 0 - 0 https://dl.dropboxusercontent.com/content_lin (...) 162.125.65.6
2017-12-12 01:49:16 +0100
0 - 0 - 1 mod.jakeseurotrip.com 185.150.96.33
2017-12-12 01:44:13 +0100
0 - 0 - 1 www.jakeseurotrip.com/trc-jakUJGqm73E8EL2G2dy (...) 185.150.96.33

Last 10 reports on domain: handyortenlassen.net

Date UQ / IDS / BL URL IP
2017-12-09 18:28:24 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-12-08 18:01:57 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-12-05 23:32:05 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-12-05 09:32:40 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-12-04 21:07:13 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-26 07:10:41 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-24 11:25:37 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-23 08:06:08 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-23 01:19:37 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38
2017-11-22 01:52:25 +0100
0 - 0 - 6 handyortenlassen.net/ 104.251.217.38


JavaScript

Executed Scripts (19)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (25)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.251.217.38
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:24 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/5.6.31, PleskLin
Set-Cookie: wfvt_3044769150=59e000ecaf577; expires=Fri, 13-Oct-2017 00:25:24 GMT; Max-Age=1800; path=/; httponly
Location: http://www.handyortenlassen.net/


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:25 GMT
Content-Length: 4758
Connection: keep-alive
X-Powered-By: PHP/5.6.31, PleskLin
Link: <http://www.handyortenlassen.net/wp-json/>; rel="https://api.w.org/"
Set-Cookie: wfvt_3044769150=59e000ed4b3fb; expires=Fri, 13-Oct-2017 00:25:25 GMT; Max-Age=1800; path=/; httponly
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4758
Md5:    6ebf3ff8df5ad0ba5e78aa142318d40a
Sha1:   71d4bbb103b6f0e3a9768575e3b638886f434cff
Sha256: 6ac52209f66d3bf30bd05ac1378fb6d56884914ccdcc9d184d73c71f64cafdf7

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 12 Oct 2017 23:51:48 GMT
Expires: Fri, 13 Oct 2017 01:51:48 GMT
Last-Modified: Thu, 28 Sep 2017 22:31:34 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 14089
Age: 217
Cache-Control: public, max-age=7200


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14089
Md5:    7b1f226d2f5f01597e62889513d4bc8c
Sha1:   ff78ed289a65fa3c91b0ff470fb0c6536bcab745
Sha256: 80eeeea7639a7b6a6205b8862b9060a7c60da47855e8dd9c74e64b0a0fce8b9a
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=4.8.2 HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:25 GMT
Content-Length: 11915
Last-Modified: Tue, 19 Sep 2017 22:30:59 GMT
Connection: keep-alive
Etag: "59c19aa3-2e8b"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text, with very long lines
Size:   11915
Md5:    af2f44df3198cfda9fd515873696ad00
Sha1:   cc583f436ea6bdb172ce36105a676e2081065638
Sha256: dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/responsive/core/css/responsive.css?ver=3.0 HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:26 GMT
Content-Length: 6036
Last-Modified: Wed, 09 Aug 2017 20:34:15 GMT
Connection: keep-alive
Etag: "598b71c7-1794"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text
Size:   6036
Md5:    d670936167dce41e2d0396e433dd9c57
Sha1:   7b11d8c922fb598ca83102c03c7ca099c4d5a606
Sha256: 2210bade90b689dc1ba3faec0a0cb67a78585ca6c4a6ab2a0630c28528feef7f
                                        
                                            GET /wp-content/themes/responsive/core/css/style.css?ver=3.0 HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:26 GMT
Content-Length: 62054
Last-Modified: Wed, 09 Aug 2017 20:34:15 GMT
Connection: keep-alive
Etag: "598b71c7-f266"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   62054
Md5:    c1358f33b9369fb06a63d7de66327a73
Sha1:   880534f86bd3461f51a5d0e6f22da70318e86593
Sha256: 5df550791c34a285e2f70e9e102c8eede2aa3f301c0758c4a02c33c71d4cf841

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 12 Oct 2017 23:55:26 GMT
Expires: Mon, 16 Oct 2017 23:55:26 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    442e230201d5fb9579831804608d0c26
Sha1:   054436b2a24a54e955b8beca6d116ca9c8d68a0a
Sha256: 8d8f86ffb2f324d7641d23589c2dd875dfa64495f3d636f7b52359c89d1d51a7
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=348045, public, no-transform, must-revalidate
Last-Modified: Tue, 10 Oct 2017 00:34:08 GMT
Expires: Tue, 17 Oct 2017 00:34:08 GMT
Date: Thu, 12 Oct 2017 23:55:26 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    fccd40351d25d6f5eecda73fdef9b3d8
Sha1:   0d2d2f37814bb53b7dca796acc9ee278ef6297ba
Sha256: 23e276d6aa20791de9110019cb7992bae490040d4cc3a06678449d1b3f2063e4
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb; _ga=GA1.2.1613517698.1507852526; _gid=GA1.2.1774924973.1507852526; _gat=1

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:26 GMT
Content-Length: 10056
Last-Modified: Mon, 06 Feb 2017 11:31:37 GMT
Connection: keep-alive
Etag: "58985e99-2748"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   10056
Md5:    7121994eec5320fbe6586463bf9651c2
Sha1:   90532aff6d4121954254cdf04994d834f7ec169b
Sha256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
                                        
                                            GET /wp-content/themes/responsive/core/js/jquery.placeholder.min.js?ver=2.0.7 HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb; _ga=GA1.2.1613517698.1507852526; _gid=GA1.2.1774924973.1507852526; _gat=1

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:26 GMT
Content-Length: 3304
Last-Modified: Wed, 09 Aug 2017 20:34:15 GMT
Connection: keep-alive
Etag: "598b71c7-ce8"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   3304
Md5:    5fcbd9b8d6b86837ab15220c6aa28bef
Sha1:   affa9b98b8d2d1f8f3502b9bb73358eb3d0f5941
Sha256: 0c2578cb42a5c28cc79d5802aae0c16f2f43d81e28c537f2634bdb7c0ef7d68f

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:26 GMT
Content-Length: 97184
Last-Modified: Mon, 06 Feb 2017 11:31:37 GMT
Connection: keep-alive
Etag: "58985e99-17ba0"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   97184
Md5:    8610f03fe77640dee8c4cc924e060f12
Sha1:   076524186dbbdd4c41afbbd6b260d9e46a095811
Sha256: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
                                        
                                            GET /r/collect?v=1&_v=j64&a=721278775&t=pageview&_s=1&dl=http%3A%2F%2Fwww.handyortenlassen.net%2F&ul=en-us&de=UTF-8&dt=Handy%20orten%20lassen%20%C3%9Cberwachung-Software&sd=24-bit&sr=1176x885&vp=1176x775&je=1&fl=10.0%20r45&_u=YEBAAUQAK~&jid=524022117&gjid=127779301&cid=1613517698.1507852526&tid=UA-43097825-1&_gid=1774924973.1507852526&_r=1&z=1978167215 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Thu, 12 Oct 2017 23:55:26 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /wp-content/themes/responsive/core/js/responsive-scripts.min.js?ver=1.2.6 HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb; _ga=GA1.2.1613517698.1507852526; _gid=GA1.2.1774924973.1507852526; _gat=1

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:26 GMT
Content-Length: 10002
Last-Modified: Wed, 09 Aug 2017 20:34:15 GMT
Connection: keep-alive
Etag: "598b71c7-2712"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   10002
Md5:    f044a6749f85db8bb787c7c236fc7b0a
Sha1:   42546c9195d89aef8e0bacf1e8494135ebfbce6c
Sha256: 18c90a6aeb6ed4708ced93136e7b3202460aa4def05f3c07029d2557fcd5b596

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/responsive/core/js/responsive-modernizr.min.js?ver=2.6.1 HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb; _ga=GA1.2.1613517698.1507852526; _gid=GA1.2.1774924973.1507852526; _gat=1

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:26 GMT
Content-Length: 19080
Last-Modified: Wed, 09 Aug 2017 20:34:15 GMT
Connection: keep-alive
Etag: "598b71c7-4a88"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   19080
Md5:    7c8306423254465ca9ff23cc98c3c467
Sha1:   e0892757fba897cb62e6566c69c0758779446d81
Sha256: dedf6e55c698c13a5f4a5d6fde91f8d76d5c24052bca93c7ec40ada710c7c936
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=4.8.2 HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb; _ga=GA1.2.1613517698.1507852526; _gid=GA1.2.1774924973.1507852526; _gat=1

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:26 GMT
Content-Length: 1398
Last-Modified: Mon, 06 Feb 2017 11:31:38 GMT
Connection: keep-alive
Etag: "58985e9a-576"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   1398
Md5:    5a03f97cc479b9f5d7efdaccec31bc17
Sha1:   54518be91b7c5d4b139e032d23ffae568cc7e9fd
Sha256: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2013/08/cropped-handyortenlassenlogo.png HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: wfvt_3044769150=59e000ed4b3fb; _ga=GA1.2.1613517698.1507852526; _gid=GA1.2.1774924973.1507852526; _gat=1

                                         
                                         104.251.217.38
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:26 GMT
Content-Length: 2539
Last-Modified: Sat, 10 Aug 2013 01:45:40 GMT
Connection: keep-alive
Etag: "52059b44-9eb"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 128 x 55, 8-bit/color RGBA, non-interlaced
Size:   2539
Md5:    4842e8b89295aa13f9df8f107aced015
Sha1:   0c72df5da816e34ebf6e76f864299eaac323bc3d
Sha256: 5891471e2dd67d98c72fc3eaa6cabe425595ccf826f49700af12599fd32eaa5b
                                        
                                            GET /embed/129z6sKyG44 HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/

                                         
                                         172.217.22.174
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
Location: https://www.youtube.com/embed/129z6sKyG44
X-Content-Type-Options: nosniff
Content-Length: 0
Date: Thu, 12 Oct 2017 23:55:27 GMT
Server: YouTube Frontend Proxy
Set-Cookie: VISITOR_INFO1_LIVE=Z4U2sl8ojRc; path=/; domain=.youtube.com; expires=Wed, 13-Jun-2018 11:48:27 GMT; httponly VISITOR_INFO1_LIVE=Z4U2sl8ojRc; path=/; domain=.youtube.com; expires=Wed, 13-Jun-2018 11:48:27 GMT; httponly YSC=PANoGOuyPA8; path=/; domain=.youtube.com; httponly


--- Additional Info ---
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 12 Oct 2017 23:55:27 GMT
Expires: Mon, 16 Oct 2017 23:55:27 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    4b45a06f488bc36f590ba9b61921b7d7
Sha1:   7611da687b1cb01236a61dfc29e35b2fc0ced459
Sha256: ca121f756e9fe64bc134d1c894236af096bcc89bfa9e49ed9fa20858b09384eb
                                        
                                            GET /embed/129z6sKyG44 HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.handyortenlassen.net/
Cookie: VISITOR_INFO1_LIVE=Z4U2sl8ojRc; YSC=PANoGOuyPA8

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
X-XSS-Protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Expires: Tue, 27 Apr 1971 19:44:06 EST
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Date: Thu, 12 Oct 2017 23:55:27 GMT
Server: YouTube Frontend Proxy
Set-Cookie: PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 13-Jun-2018 11:48:27 GMT
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   14048
Md5:    a6cd1243acf6382c100aaec6f0d557b8
Sha1:   cbfe64f8ca3c7d50a43bb4f3234f6d088ae2aa3e
Sha256: 90d8fc1db178f43571938914ce5fc56884f256ce00da7be3a676860e82f2a223
                                        
                                            GET /yts/jsbin/www-embed-player-vflWYCwde/www-embed-player.js HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/129z6sKyG44
Cookie: VISITOR_INFO1_LIVE=Z4U2sl8ojRc; YSC=PANoGOuyPA8; PREF=f1=50000000

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 31835
Date: Thu, 12 Oct 2017 18:15:26 GMT
Expires: Fri, 20 Oct 2017 18:15:26 GMT
Last-Modified: Thu, 12 Oct 2017 10:55:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=691200
Age: 20401
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   31835
Md5:    804bd76b540bd6eac8cea253e363a286
Sha1:   fbb2fdd65ea698d8b0eb94d8af5cc25e11e56010
Sha256: 4d97e45b6696a722a63f435ea9354b67907a9e2df40b140ed9103f38c69d7426
                                        
                                            GET /yts/cssbin/www-player-vflITOHz1.css HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/129z6sKyG44
Cookie: VISITOR_INFO1_LIVE=Z4U2sl8ojRc; YSC=PANoGOuyPA8; PREF=f1=50000000

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 45058
Date: Tue, 10 Oct 2017 01:17:25 GMT
Expires: Wed, 10 Oct 2018 01:17:25 GMT
Last-Modified: Mon, 09 Oct 2017 23:44:45 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 254282
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   45058
Md5:    8eb5b34ffe71b36386a23250a8b38ce5
Sha1:   874284afa9735f95aa5bcf0b41c1bbf81883ee85
Sha256: 0aa932821f3f2d2f8bdb52d98b924eec3923aeda4ea735d59b56bdb06fcc0395
                                        
                                            GET /yts/jsbin/player-vflwcUIMe/en_US/base.js HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/129z6sKyG44
Cookie: VISITOR_INFO1_LIVE=Z4U2sl8ojRc; YSC=PANoGOuyPA8; PREF=f1=50000000

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 429306
Date: Wed, 11 Oct 2017 23:03:18 GMT
Expires: Thu, 19 Oct 2017 23:03:18 GMT
Last-Modified: Wed, 11 Oct 2017 08:17:20 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=691200
Age: 89529
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   429306
Md5:    3471ec883431a5620ea506a6c07eea92
Sha1:   4729f83fbea27c289bd43043fe053ba7a59d2974
Sha256: 0e3fe033611a5cc3c947b76fa9d58da773df13a10f2e35f1aaa014abd6b669eb
                                        
                                            GET /s/roboto/v16/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/129z6sKyG44
Origin: https://www.youtube.com

                                         
                                         172.217.22.163
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18904
Date: Thu, 12 Oct 2017 18:15:34 GMT
Expires: Fri, 12 Oct 2018 18:15:34 GMT
Last-Modified: Mon, 17 Apr 2017 21:22:19 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 20395
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   18904
Md5:    a9fc51fd0214c75ee5953dda0f2a06a6
Sha1:   7a4ddb6733c33dfe9ec94c82a5e7f5da885f5182
Sha256: 8740f04a97202a2483d54a5781598c30cceac029a1522b6c5dd270250b9d1a17
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: wfvt_3044769150=59e000ed4b3fb; _ga=GA1.2.1613517698.1507852526; _gid=GA1.2.1774924973.1507852526; _gat=1

                                         
                                         104.251.217.38
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:29 GMT
Content-Length: 1030
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2017 11:22:09 GMT
Etag: "406-547dad79949ae"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text
Size:   1030
Md5:    331a19443dabe3e523f8250cfbc50c22
Sha1:   e081085e556ca19b0ca83a4c63864caad224cd9f
Sha256: 46e8eacf5be0befdaae1cb452d2081dbbd87a2bcd97f8427b6700139c02f0948
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.handyortenlassen.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: wfvt_3044769150=59e000ed4b3fb; _ga=GA1.2.1613517698.1507852526; _gid=GA1.2.1774924973.1507852526; _gat=1
Range: bytes=0-
If-Range: "406-547dad79949ae"

                                         
                                         104.251.217.38
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 12 Oct 2017 23:55:30 GMT
Content-Length: 1030
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2017 11:22:09 GMT
Etag: "406-547dad79949ae"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text
Size:   1030
Md5:    331a19443dabe3e523f8250cfbc50c22
Sha1:   e081085e556ca19b0ca83a4c63864caad224cd9f
Sha256: 46e8eacf5be0befdaae1cb452d2081dbbd87a2bcd97f8427b6700139c02f0948