Report - pos.restaurant-appelbaum-edersee.de/

Report Overview

Submitted URL
pos.restaurant-appelbaum-edersee.de/
IP
88.99.240.133
ASN
#24940 Hetzner Online GmbH
Submitted
2022-12-10 06:40:34
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	796 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.187.187.233
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
pos.restaurant-appelbaum-edersee.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	241 kB	88.99.240.133
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-10	medium	pos.restaurant-appelbaum-edersee.de/	Phishing
2022-12-10	medium	pos.restaurant-appelbaum-edersee.de/	Phishing
2022-12-10	medium	pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js	Phishing
2022-12-10	medium	pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js.pagespeed.jm.N_RxtChr1k.js	Phishing
2022-12-10	medium	pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js.pagespeed.jm.pkv8dHWLVa.js	Phishing
2022-12-10	medium	pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654423399	Phishing
2022-12-10	medium	pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654425400	Phishing
2022-12-10	medium	pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654427400	Phishing
2022-12-10	medium	pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654429400	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js	13 kB	2023-03-07	2023-03-13
Pretty URL pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js IP 88.99.240.133 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:33 Last Seen2023-03-13 19:55:47 Times Seen1 Hash e79ae7a2f41738053d6c367497442c29 b2eb56a863c0d642688e513ddde44a795d751bfd 74e3260f6701ef5c892db4adca2463eef2836d4f68c343df6a3acd52fa92fba7 Loading...

	pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js.pagespeed.jm.N_RxtChr1k.js	84 kB	2023-03-07	2024-04-14
Pretty URL pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js.pagespeed.jm.N_RxtChr1k.js IP 88.99.240.133 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:20 Last Seen2024-04-14 04:17:18 Times Seen75 Hash 37f471b4286bd64d6ac0e6c7691c6411 51a6b97dec5a16081a530be145d82f975c3a2dc9 2199cdbc512d438f79a4c5338594a636cda28f8c701fa942c2745da9459f4163 Loading...

	pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js.pagespeed.jm.pkv8dHWLVa.js	193 kB	2023-03-07	2023-03-13
Pretty URL pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js.pagespeed.jm.pkv8dHWLVa.js IP 88.99.240.133 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:20 Last Seen2023-03-13 15:30:57 Times Seen1 Hash a64bfc74758b55a3a50c67208743d879 694132464c1a816b725e491a918fca974d8ddbe5 8163e4fca979d34ddcb27f38ae0514975480208cf15b2c3b6e114307f8485ca4 Loading...

	pos.restaurant-appelbaum-edersee.de/	6.5 kB	2023-03-07	2023-03-17
Pretty URL pos.restaurant-appelbaum-edersee.de/ IP 88.99.240.133 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:26 Last Seen2023-03-17 11:41:34 Times Seen1 Hash 2533d61e86827faca6ea451ba2055b7b 096fb698b4bc1ae445321f2ca97809a950cdd5d2 a06508e5658124ffb992cf5f9623b6533ef9e7702d154b1e21a041cb1b04276a Loading...

HTTP Transactions (44)

URL IP Response Size

pos.restaurant-appelbaum-edersee.de/

88.99.240.133

301 Moved Permanently

162 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 10 Dec 2022 06:40:23 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://pos.restaurant-appelbaum-edersee.de/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3771
Expires: Sat, 10 Dec 2022 07:43:14 GMT
Date: Sat, 10 Dec 2022 06:40:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4488
Expires: Sat, 10 Dec 2022 07:55:11 GMT
Date: Sat, 10 Dec 2022 06:40:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 06:08:23 GMT
content-type: application/json
age: 1920
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16775
Expires: Sat, 10 Dec 2022 11:19:58 GMT
Date: Sat, 10 Dec 2022 06:40:23 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: iBzaKVCQdZFLsHYgqaqa/3AjqDbFhHT9/fS06Mlng2QAx7KxeZo+Brwdb7/dhRwQGX93WAuUBNo=
x-amz-request-id: R9MQDR32QKY1D60N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 05:48:40 GMT
age: 3103
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

pos.restaurant-appelbaum-edersee.de/

88.99.240.133

200 OK

3.8 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (6489)
Size
3.8 kB (3808 bytes)
Hash
29ec171b6b900b6bc4297397d95b7cfa
e6aab7bea157fb1d540f9d005a3b73f90f6a0ab0
642e9653b620ef4bc3b2b253fc0beca7660e0d0b12b36a3685cbfec683150056

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 3808
Connection: keep-alive
Accept-Ranges: bytes
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 06:40:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

pos.restaurant-appelbaum-edersee.de/A.css,,_bestformat.css,,qv==2.0.20+css,,_numfield.css,,qv==2.0.20+php,,_3rdparty,,_orderstyle,,_orderstyle-brightenergy.min.css,Mcc.RmEBPDaQlS.css.pagespeed.cf.z87BHi8n1O.css

88.99.240.133

200 OK

7.1 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/A.css,,_bestformat.css,,qv==2.0.20+css,,_numfield.css,,qv==2.0.20+php,,_3rdparty,,_orderstyle,,_orderstyle-brightenergy.min.css,Mcc.RmEBPDaQlS.css.pagespeed.cf.z87BHi8n1O.css
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (33772)
Size
7.1 kB (7145 bytes)
Hash
647093ab8d1c9f30a956b37c3071c972
1f1784c9e39c9fc999a291f0427dcb0431a4ce61
531988c3d52a0d789662db441d7edfb91a30283cff51bca7397064f0374394b7

HTTP Headers

GET /A.css,,_bestformat.css,,qv==2.0.20+css,,_numfield.css,,qv==2.0.20+php,,_3rdparty,,_orderstyle,,_orderstyle-brightenergy.min.css,Mcc.RmEBPDaQlS.css.pagespeed.cf.z87BHi8n1O.css HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:23 GMT
Content-Type: text/css
Content-Length: 7145
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sun, 10 Dec 2023 06:40:16 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Sat, 10 Dec 2022 06:40:16 GMT
X-Original-Content-Length: 55148
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/3rdparty/orderstyle/A.jquery.mobile.icons.min.css.pagespeed.cf.D5IFLzDDAd.css

88.99.240.133

200 OK

14 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/orderstyle/A.jquery.mobile.icons.min.css.pagespeed.cf.D5IFLzDDAd.css
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
14 kB (14020 bytes)
Hash
b2bdeb500528404941930ccfdffa65ae
f152107e0086b007c6c08fd83260fa97b1527e64
7c8a64c242e0bbf99342f12fc358e0ab6e1c67236ac81e4c2e802489d64f6871

HTTP Headers

GET /php/3rdparty/orderstyle/A.jquery.mobile.icons.min.css.pagespeed.cf.D5IFLzDDAd.css HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: text/css
Content-Length: 14020
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sun, 10 Dec 2023 06:40:16 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Sat, 10 Dec 2022 06:40:16 GMT
X-Original-Content-Length: 139471
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js

88.99.240.133

200 OK

3.6 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6553)
Size
3.6 kB (3630 bytes)
Hash
c1a605a4fe6a826e8717a00118eb5bd3
0eee93d09dfc4a394b85e6c5f6304306667278c4
ef853fe4dc35b2fd1b95f69475e92ae64104a1bbb8a973e40f3f37d072475672

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: application/javascript
Content-Length: 3630
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sun, 10 Dec 2023 05:49:01 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Sat, 10 Dec 2022 05:49:01 GMT
X-Original-Content-Length: 16695
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/3rdparty/A.jquery.mobile-1.4.0.min.css.pagespeed.cf.F4fMWu4weV.css

88.99.240.133

200 OK

25 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/A.jquery.mobile-1.4.0.min.css.pagespeed.cf.F4fMWu4weV.css
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
25 kB (25033 bytes)
Hash
6dde4ece596171b83541cfd74ef0c758
18f44f2478d3358e120b1bab3c6338f1b0e4447c
2b499efb5a7beaed385a2e67724033929b3580d8b808712d6bd1b5be517feb1c

HTTP Headers

GET /php/3rdparty/A.jquery.mobile-1.4.0.min.css.pagespeed.cf.F4fMWu4weV.css HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: text/css
Content-Length: 25033
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sun, 10 Dec 2023 06:40:16 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Sat, 10 Dec 2022 06:40:16 GMT
X-Original-Content-Length: 221238
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js.pagespeed.jm.N_RxtChr1k.js

88.99.240.133

200 OK

29 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js.pagespeed.jm.N_RxtChr1k.js
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (29215 bytes)
Hash
7433ce3a3a50025b52bbd3ad8b178be9
0ef7670c5df6beae6c9b021ac76637a1ad1ac449
b98dccb1f7a3112b028374855cf777e7ca288766e9642a20bdd0f2ac5c6239ab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /php/3rdparty/jquery-2.0.3.min.js.pagespeed.jm.N_RxtChr1k.js HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: application/javascript
Content-Length: 29215
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sun, 10 Dec 2023 05:49:01 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Sat, 10 Dec 2022 05:49:01 GMT
X-Original-Content-Length: 83612
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js.pagespeed.jm.pkv8dHWLVa.js

88.99.240.133

200 OK

54 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js.pagespeed.jm.pkv8dHWLVa.js
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
54 kB (53575 bytes)
Hash
c27bb02281facd60351c55f6353cc762
dfb1b83b1ec8c7644255eaf1854600ac13cc9494
91e7ea98da73647f0cd8626e6804e60a23cea8ea2953b1b43770bc7dbc9f9168

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /php/3rdparty/jquery.mobile-1.4.0.min.js.pagespeed.jm.pkv8dHWLVa.js HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: application/javascript
Content-Length: 53575
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sun, 10 Dec 2023 05:49:01 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Sat, 10 Dec 2022 05:49:01 GMT
X-Original-Content-Length: 193265
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/img/tsestatus.png.pagespeed.ce.lF9nwvleuG.png

88.99.240.133

200 OK

857 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/tsestatus.png.pagespeed.ce.lF9nwvleuG.png
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 36 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
857 B (857 bytes)
Hash
945f67c2f95eb868da9e4b46179e6fc9
1c112c9b998ef74873bf68298a6da35913fd293f
967e0ef5c33d0f8822d8167e97d529c6c8a8d819fcea933ac3014e110cf24963

HTTP Headers

GET /img/tsestatus.png.pagespeed.ce.lF9nwvleuG.png HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: image/png
Content-Length: 857
Connection: keep-alive
Link: <https://pos.restaurant-appelbaum-edersee.de/img/tsestatus.png>; rel="canonical"
Accept-Ranges: bytes
Last-Modified: Mon, 10 May 2021 16:57:57 GMT
Expires: Sun, 10 Dec 2023 06:40:24 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
X-Original-Content-Length: 857
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/img/xconnection.png.pagespeed.ic.kIVh8GuI6g.png

88.99.240.133

200 OK

1.3 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/xconnection.png.pagespeed.ic.kIVh8GuI6g.png
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 36 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1259 bytes)
Hash
908561f06b88ea0f16fb1f0a27de14d5
d67331074d643401ce720ff1e1b1f3bd9810ce17
cbdc49b2139f317cf77e42ea6961a8f0cf7343c4c287f7e5a36ace06236bcee5

HTTP Headers

GET /img/xconnection.png.pagespeed.ic.kIVh8GuI6g.png HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: image/png
Content-Length: 1259
Connection: keep-alive
Link: <https://pos.restaurant-appelbaum-edersee.de/img/connection.png>; rel="canonical"
Accept-Ranges: bytes
Expires: Sun, 10 Dec 2023 06:40:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Sat, 10 Dec 2022 06:40:15 GMT
X-Original-Content-Length: 1372
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/img/xprinterstatus.png.pagespeed.ic.J46ZOAMceK.png

88.99.240.133

200 OK

294 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/xprinterstatus.png.pagespeed.ic.J46ZOAMceK.png
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 36 x 30, 4-bit colormap, non-interlaced\012- data
Size
294 B (294 bytes)
Hash
278e9938031c78aa3dc3915d9d56f34b
92fc71e1a2ef4357d1e939512e3c8c5d11544ab5
3885285e6b4aa440690e4ae5acb194f0001bf8d983c739b82cae16d659149557

HTTP Headers

GET /img/xprinterstatus.png.pagespeed.ic.J46ZOAMceK.png HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: image/png
Content-Length: 294
Connection: keep-alive
Link: <https://pos.restaurant-appelbaum-edersee.de/img/printerstatus.png>; rel="canonical"
Accept-Ranges: bytes
Expires: Sun, 10 Dec 2023 06:40:15 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Sat, 10 Dec 2022 06:40:15 GMT
X-Original-Content-Length: 511
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=printqueue&command=getBestLogoAsPngWithAlphaChannel&v=2.0.20&style=always

88.99.240.133

200 OK

42 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=printqueue&command=getBestLogoAsPngWithAlphaChannel&v=2.0.20&style=always
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 600 x 546, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (41757 bytes)
Hash
fb7ba23b3a3f8befce3c369b1aac54d0
ecca273105d0fa2d2a0d625549213836d8bac357
25b70b5b721c10136f2d4322da52c0f19fc72ef103818585e2755db2cab569bd

HTTP Headers

GET /php/contenthandler.php?module=printqueue&command=getBestLogoAsPngWithAlphaChannel&v=2.0.20&style=always HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Mon, 20 Dec 1998 01:00:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 06:33:14 GMT
age: 430
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

pos.restaurant-appelbaum-edersee.de/php/3rdparty/images/ajax-loader.gif.pagespeed.ce.j9fnGbBs0_.gif

88.99.240.133

200 OK

6.2 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/images/ajax-loader.gif.pagespeed.ce.j9fnGbBs0_.gif
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 46 x 46\012- data
Size
6.2 kB (6242 bytes)
Hash
8fd7e719b06cd3f701c791adb62bd7a6
2edfb2ffe3b5121f42113008cff449023db52f27
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

HTTP Headers

GET /php/3rdparty/images/ajax-loader.gif.pagespeed.ce.j9fnGbBs0_.gif HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/php/3rdparty/A.jquery.mobile-1.4.0.min.css.pagespeed.cf.F4fMWu4weV.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: image/gif
Content-Length: 6242
Connection: keep-alive
Link: <https://pos.restaurant-appelbaum-edersee.de/php/3rdparty/images/ajax-loader.gif>; rel="canonical"
Accept-Ranges: bytes
Last-Modified: Fri, 24 Jul 2020 18:58:56 GMT
Expires: Sun, 10 Dec 2023 06:40:24 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
X-Original-Content-Length: 6242
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isInstalled

88.99.240.133

200 OK

9 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isInstalled
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
ccfc721949a9bef68fe57bc20274c7fb
5aea2ca631509fa55641ceffe2347600b7f2c8c4
887dd304c7e7d7f0d08f046a976ba79eaa5c88529bd2711537eca747c2b0279c

HTTP Headers

GET /php/contenthandler.php?module=admin&command=isInstalled HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq; expires=Sun, 11-Dec-2022 00:52:39 GMT; Max-Age=65535; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/favicon.ico

88.99.240.133

404 Not Found

243 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/favicon.ico
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
243 B (243 bytes)
Hash
54ee2e24cd48deb714bebee9ecc768d9
7ad0b537d7a17f236a19982e1940df7ee6d3f48f
f02e34b10295e3759e6b0f1c383f5ba90b606ab3ea2119f33f457546efaec195

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: br

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1078
Cache-Control: max-age=96269
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 06:40:24 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:24:53 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=getJsonMenuItemsAndVersion

88.99.240.133

200 OK

104 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=getJsonMenuItemsAndVersion
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
af9d07f02f76c93914e90df0e6a792ec
a40878bf2dc8b206216f06755add9df2dd3d748b
025c9e2fae287b2515244a11cec8166abf28477538f86a9f9ea0759faf981832

HTTP Headers

GET /php/contenthandler.php?module=admin&command=getJsonMenuItemsAndVersion HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654423399

88.99.240.133

200 OK

160 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654423399
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Size
160 B (160 bytes)
Hash
8e57a2a6645387ce2bb6e9302584d71c
fd6d26f8ab1294f0ad03e31d9540d4730ce14a27
a6841a109e7230a523c69aa59445018fe02b00efd40c2734ea448256d49bc93a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gray.png?t=1670654423399 HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: image/png
Content-Length: 160
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:49 GMT
ETag: "a0-5ab34902bec40"
Accept-Ranges: bytes
Cache-Control: s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isPrinterServerActive

88.99.240.133

200 OK

88 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isPrinterServerActive
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
88 B (88 bytes)
Hash
e96f01ec89f1045e9c2ee3de815f7ad9
37340377beb470dea197d388296e69fe4c1ccb45
d76a8ba2859d4c415c1989d0cc99c3c55012deb272f841013fc1d96961885236

HTTP Headers

GET /php/contenthandler.php?module=admin&command=isPrinterServerActive HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=getUserList

88.99.240.133

200 OK

42 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=getUserList
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with very long lines (59493), with no line terminators
Size
42 kB (42351 bytes)
Hash
4c4e64435ae783d8c4fe3475e995a932
a2672f85da80f116b73624f45786782f3b7814cf
a7cd8f52087f9e02b386145324ecd60b2bbb67be981638a3d12ebf0a84bc0d92

HTTP Headers

GET /php/contenthandler.php?module=admin&command=getUserList HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isUserAlreadyLoggedIn

88.99.240.133

200 OK

8 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isUserAlreadyLoggedIn
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
c9340d6546fceb8718c25e2afbe4a4e9
d199e1cc763a0d4abfffaace73610f10c7c94ad8
dcdcb557377aadcefb84fde70037599c3801f586fc3344c2f285dd0358611223

HTTP Headers

POST /php/contenthandler.php?module=admin&command=isUserAlreadyLoggedIn HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://pos.restaurant-appelbaum-edersee.de
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=askforcompanyinfo

88.99.240.133

200 OK

122 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=askforcompanyinfo
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
122 B (122 bytes)
Hash
a83604833a482eb2c056bb4dec0914db
d757b02330181322d123a1bed492554eaad27391
644b356ef4f980b24019b405fa37d9fa5548a9de2630341cbde8e505d53a6ee9

HTTP Headers

GET /php/contenthandler.php?module=admin&command=askforcompanyinfo HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

push.services.mozilla.com/

54.187.187.233

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.187.233:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VYb/TsuKcTEIexMAF8f3IA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: d3c/tC3v9MX0prPKvK61EJ2/nk4=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4248
Expires: Sat, 10 Dec 2022 07:51:14 GMT
Date: Sat, 10 Dec 2022 06:40:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4248
Expires: Sat, 10 Dec 2022 07:51:14 GMT
Date: Sat, 10 Dec 2022 06:40:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4248
Expires: Sat, 10 Dec 2022 07:51:14 GMT
Date: Sat, 10 Dec 2022 06:40:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4248
Expires: Sat, 10 Dec 2022 07:51:14 GMT
Date: Sat, 10 Dec 2022 06:40:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8473 bytes)
Hash
afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IlrFT2ydf78BXS67A0IN1KSc_OghPx7hpoY9wmwUxtX8Ivwth70F1w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:13:10 GMT
age: 30436
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9084 bytes)
Hash
2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8aHbgs9DELCrVY_4QHSKpScXzzCW7bdBlNh_YEUGaas-bJTd9nsSVg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:07 GMT
age: 31639
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10205 bytes)
Hash
45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 18:08:09 GMT
age: 45137
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12047 bytes)
Hash
d3acf5a494a6bb8b26858974ede70a33
4bccc3032f7427d881a49250e576c05dd7d5614f
786db0da1198986aeba9aa420a7c89b5b27a09bc48c3806769342159f116705d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12047
x-amzn-requestid: 87cb3342-c784-4ea1-a96e-d1e581a86bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czqP1Fd0IAMFdww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63915731-178eb2960448312e146f5bd4;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:17:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BjbkkmxxwK9xut7yloGC9fRwhMLQRtfcU1JWiyqAUfMNk-WPQab1Cg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:10 GMT
age: 31036
etag: "4bccc3032f7427d881a49250e576c05dd7d5614f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6342 bytes)
Hash
96546d2bb2ce3e7746fcd882a65abb43
b49a885ef2b73191abcbb6f56e839b94aaafd556
ad90c8ecbcee56417a3da824e5a2c2be811e687467f953f9d23a8e2456a2755a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: a473f123-34cf-4c43-b01f-c9aec84df6eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czEZHFeQIAMFp5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911aa0-78b1466c6faa4d0c20dc61b0;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:58:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SUiLcs9cM_Q2oag4xs_Wo3Tya66gJQe5A3eoFoXBGQzXfDGGroojSw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:49 GMT
age: 30997
etag: "b49a885ef2b73191abcbb6f56e839b94aaafd556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3357 bytes)
Hash
a164807db41edd8da259af2cec18b328
99f89631065869ff2f25762feb2f39af108b5ed8
400c635040d3d141ec35237e64380b7cd1ba02016a90e36e8376afc41a14cb0f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3357
x-amzn-requestid: 860c993a-e391-474a-b306-064c0faabc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eLwFaSoAMFwfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4b-30dcd029382c1d825f2a0791;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -MI_dPaTXZPndQzYo2R9p-UiDQNyRh76-XU2fhwjXyKiTVRLjNc3fQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:04 GMT
age: 30982
etag: "99f89631065869ff2f25762feb2f39af108b5ed8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654425400

88.99.240.133

200 OK

160 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654425400
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Size
160 B (160 bytes)
Hash
8e57a2a6645387ce2bb6e9302584d71c
fd6d26f8ab1294f0ad03e31d9540d4730ce14a27
a6841a109e7230a523c69aa59445018fe02b00efd40c2734ea448256d49bc93a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gray.png?t=1670654425400 HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:26 GMT
Content-Type: image/png
Content-Length: 160
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:49 GMT
ETag: "a0-5ab34902bec40"
Accept-Ranges: bytes
Cache-Control: s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654427400

88.99.240.133

200 OK

160 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654427400
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Size
160 B (160 bytes)
Hash
8e57a2a6645387ce2bb6e9302584d71c
fd6d26f8ab1294f0ad03e31d9540d4730ce14a27
a6841a109e7230a523c69aa59445018fe02b00efd40c2734ea448256d49bc93a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gray.png?t=1670654427400 HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:28 GMT
Content-Type: image/png
Content-Length: 160
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:49 GMT
ETag: "a0-5ab34902bec40"
Accept-Ranges: bytes
Cache-Control: s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isPrinterServerActive

88.99.240.133

200 OK

88 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isPrinterServerActive
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
88 B (88 bytes)
Hash
e96f01ec89f1045e9c2ee3de815f7ad9
37340377beb470dea197d388296e69fe4c1ccb45
d76a8ba2859d4c415c1989d0cc99c3c55012deb272f841013fc1d96961885236

HTTP Headers

GET /php/contenthandler.php?module=admin&command=isPrinterServerActive HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654429400

88.99.240.133

200 OK

160 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1670654429400
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Size
160 B (160 bytes)
Hash
8e57a2a6645387ce2bb6e9302584d71c
fd6d26f8ab1294f0ad03e31d9540d4730ce14a27
a6841a109e7230a523c69aa59445018fe02b00efd40c2734ea448256d49bc93a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gray.png?t=1670654429400 HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=5fmbhclnihqdg7ndh49aqntoeq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Dec 2022 06:40:30 GMT
Content-Type: image/png
Content-Length: 160
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:49 GMT
ETag: "a0-5ab34902bec40"
Accept-Ranges: bytes
Cache-Control: s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (44)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type