IP has elevated risk: http://sameid.net/ip/212.90.148.43/
and abuse in the past: http://www.projecthoneypot.org/ip_212.90.148.43
IP badness history: https://www.virustotal.com/nl/ip-address/212.90.148.43/information/
One malicious page here: http://killmalware.com/crew7.de/
Flagged by Trustwave: https://www.virustotal.com/nl/url/60f5fa60b16bf2bd684f447c1d9223000ebcd5533c28895854aa3e6f16ac8d11/analysis/
index.html
Severity: Malicious
Reason: Detected encoded JavaScript code commonly used to hide malicious behaviour.
Details: Malicious obfuscated JavaScript threat
[[]]JS script loaded: htxp://www.din27001.de/8tvf7zjp.php?id=56145355 (210,000 B - 210,000 B) re suspicious page: http://www.google.is/safebrowsing/diagnostic?site=din27001.de/
Website server vulnerable to ShellShock OpenVPN Exploit remote file inclusion.
pol