Report - pos.restaurant-appelbaum-edersee.de/

Report Overview

Submitted URL
pos.restaurant-appelbaum-edersee.de/
IP
88.99.240.133
ASN
#24940 Hetzner Online GmbH
Submitted
2022-11-29 18:39:33
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
pos.restaurant-appelbaum-edersee.de	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	241 kB	88.99.240.133
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.43.61.95
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	49 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	pos.restaurant-appelbaum-edersee.de/	Phishing
2022-11-29	medium	pos.restaurant-appelbaum-edersee.de/	Phishing
2022-11-29	medium	pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js	Phishing
2022-11-29	medium	pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js	Phishing
2022-11-29	medium	pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js	Phishing
2022-11-29	medium	pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747162891	Phishing
2022-11-29	medium	pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747164891	Phishing
2022-11-29	medium	pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747166891	Phishing
2022-11-29	medium	pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747168891	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	pos.restaurant-appelbaum-edersee.de/	6.5 kB	2023-03-07	2023-03-17
Pretty URL pos.restaurant-appelbaum-edersee.de/ IP 88.99.240.133 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:26 Last Seen2023-03-17 11:41:34 Times Seen1 Hash 2533d61e86827faca6ea451ba2055b7b 096fb698b4bc1ae445321f2ca97809a950cdd5d2 a06508e5658124ffb992cf5f9623b6533ef9e7702d154b1e21a041cb1b04276a Loading...

	pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js	13 kB	2023-03-07	2023-03-13
Pretty URL pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js IP 88.99.240.133 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:33 Last Seen2023-03-13 19:55:47 Times Seen1 Hash e79ae7a2f41738053d6c367497442c29 b2eb56a863c0d642688e513ddde44a795d751bfd 74e3260f6701ef5c892db4adca2463eef2836d4f68c343df6a3acd52fa92fba7 Loading...

	pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js	84 kB	2023-03-07	2024-04-16
Pretty URL pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js IP 88.99.240.133 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:52 Last Seen2024-04-16 08:04:33 Times Seen1149 Hash 0a6e846b954e345951e710cd6ce3440e fbf9c77d0c4e3c34a485980c1e5316b6212160c8 b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba Loading...

	pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js	193 kB	2023-03-09	2023-11-28
Pretty URL pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js IP 88.99.240.133 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 06:21:43 Last Seen2023-11-28 06:59:27 Times Seen15 Hash 7f94ce6280638f57ec15b7eb634e84ec 72b904f8e9ace18443443817802b265f539c68b1 4f75d6799c65921b21c039e607cc32892177db503563ec962b4352aa69628cb5 Loading...

HTTP Transactions (45)

URL IP Response Size

pos.restaurant-appelbaum-edersee.de/

88.99.240.133

301 Moved Permanently

162 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 29 Nov 2022 18:39:22 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://pos.restaurant-appelbaum-edersee.de/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10648
Expires: Tue, 29 Nov 2022 21:36:50 GMT
Date: Tue, 29 Nov 2022 18:39:22 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6193
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:39:22 GMT
Last-Modified: Tue, 29 Nov 2022 16:56:09 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 18:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1287
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6384
Expires: Tue, 29 Nov 2022 20:25:46 GMT
Date: Tue, 29 Nov 2022 18:39:22 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: necRkWyxVwUGJn2ueWRe6r/OoOUWAP1jZAGpEe91N06+NzgZizCPee6/xtUegknKdnG+VAx2qbU=
x-amz-request-id: XECQZ4TZT2N759YE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 17:44:54 GMT
age: 3269
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

pos.restaurant-appelbaum-edersee.de/

88.99.240.133

200 OK

3.7 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (6489)
Size
3.7 kB (3704 bytes)
Hash
b1b94c22cff01344efd7b2fe8750bc83
addb54154abeb4b908de9d5abca09bd780bd332b
47229a39a03e2c33a1fb3550b3d98aac44e18779444ee2eb57557c66b3671618

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 3704
Connection: keep-alive
Accept-Ranges: bytes
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0, no-cache, s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 18:39:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

pos.restaurant-appelbaum-edersee.de/css,_bestformat.css,qv==2.0.20+css,_numfield.css,qv==2.0.20+php,_3rdparty,_orderstyle,_orderstyle-brightenergy.min.css.pagespeed.cc.RmEBPDaQlS.css

88.99.240.133

200 OK

8.0 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/css,_bestformat.css,qv==2.0.20+css,_numfield.css,qv==2.0.20+php,_3rdparty,_orderstyle,_orderstyle-brightenergy.min.css.pagespeed.cc.RmEBPDaQlS.css
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32122)
Size
8.0 kB (7969 bytes)
Hash
4247f62d8ea54f1240403125f3035ec6
74aa4d7364ea37f1e3161ef7f727f32dd4bb905b
713c9b4ccddccb03aede92cb15bb8ee8c1dc1ff0ad55b46f9835f1bc927c06ae

HTTP Headers

GET /css,_bestformat.css,qv==2.0.20+css,_numfield.css,qv==2.0.20+php,_3rdparty,_orderstyle,_orderstyle-brightenergy.min.css.pagespeed.cc.RmEBPDaQlS.css HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: text/css
Content-Length: 7969
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 29 Nov 2023 18:37:29 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Tue, 29 Nov 2022 18:37:29 GMT
X-Original-Content-Length: 55148
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/3rdparty/orderstyle/jquery.mobile.icons.min.css

88.99.240.133

200 OK

13 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/orderstyle/jquery.mobile.icons.min.css
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65397)
Size
13 kB (13162 bytes)
Hash
28be5d95e6f843b0930c7351d4918653
9603282b64e3028a4dd8ad45d38d0ec2bad3f1be
9d54435c2bdac4cde15c1c63efc6dae087291f8a6fc34ba429d1fb396135f372

HTTP Headers

GET /php/3rdparty/orderstyle/jquery.mobile.icons.min.css HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: text/css
Content-Length: 13162
Connection: keep-alive
Last-Modified: Mon, 10 May 2021 16:57:39 GMT
ETag: "220cf-5c1fcacdbb25c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js

88.99.240.133

200 OK

3.6 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6553)
Size
3.6 kB (3630 bytes)
Hash
c1a605a4fe6a826e8717a00118eb5bd3
0eee93d09dfc4a394b85e6c5f6304306667278c4
ef853fe4dc35b2fd1b95f69475e92ae64104a1bbb8a973e40f3f37d072475672

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /utilities.js,qv=2.0.20.pagespeed.jm.55rnovQXOA.js HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: application/javascript
Content-Length: 3630
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 29 Nov 2023 18:37:29 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Tue, 29 Nov 2022 18:37:29 GMT
X-Original-Content-Length: 16695
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.css

88.99.240.133

200 OK

26 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.css
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65397)
Size
26 kB (25463 bytes)
Hash
2144f8326abbc04cfa80d120c7a26aa6
20f009dee90cd1544b0ae7f4dee484001dad9d68
8557f566ddb523b5aecac3b01283ae021ff92cfdb0e1fd9f3658804726050a82

HTTP Headers

GET /php/3rdparty/jquery.mobile-1.4.0.min.css HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: text/css
Content-Length: 25463
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:51 GMT
ETag: "36036-5ab34904a70c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js

88.99.240.133

200 OK

29 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery-2.0.3.min.js
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32023)
Size
29 kB (29332 bytes)
Hash
b2c61db9eb9c5aaa68c6c181af908484
27fc2e57650dedb24ecfc47397e1d2fab0410dfe
b22c9fc5f6c0f545693010427ea6d45d2b7c504bb88f811193fe90fb5aa01a58

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /php/3rdparty/jquery-2.0.3.min.js HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: application/javascript
Content-Length: 29332
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:51 GMT
ETag: "1469c-5ab34904a70c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js

88.99.240.133

200 OK

54 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.js
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32146)
Size
54 kB (53907 bytes)
Hash
699ac69f4c281ecd5edd26dc5327ede7
de4feb0d3dbe4be2db1ca12382a0b376a168cae0
bfe5381686e661bc804da51ffa82dffd3a228047c9c80a4d55435844730e910a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /php/3rdparty/jquery.mobile-1.4.0.min.js HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: application/javascript
Content-Length: 53907
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:51 GMT
ETag: "2f2f1-5ab34904a70c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/img/printerstatus.png

88.99.240.133

200 OK

511 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/printerstatus.png
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 36 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
511 B (511 bytes)
Hash
4cac0061e753f7d0213e44622b0cc6be
82aa117da4e6a20955cba14412314bb34aa3282e
1beddea490e9322255a59d593a3b5f1f213f8e57b21f819652977476d35685c8

HTTP Headers

GET /img/printerstatus.png HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: image/png
Content-Length: 511
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:49 GMT
ETag: "1ff-5ab34902bec40"
Accept-Ranges: bytes
Expires: Tue, 29 Nov 2022 18:44:20 GMT
Cache-Control: max-age=300, s-maxage=10
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/img/tsestatus.png

88.99.240.133

200 OK

857 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/tsestatus.png
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 36 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
857 B (857 bytes)
Hash
945f67c2f95eb868da9e4b46179e6fc9
1c112c9b998ef74873bf68298a6da35913fd293f
967e0ef5c33d0f8822d8167e97d529c6c8a8d819fcea933ac3014e110cf24963

HTTP Headers

GET /img/tsestatus.png HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: image/png
Content-Length: 857
Connection: keep-alive
Last-Modified: Mon, 10 May 2021 16:57:57 GMT
ETag: "359-5c1fcadeb7cb5"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/img/xconnection.png.pagespeed.ic.kIVh8GuI6g.png

88.99.240.133

200 OK

1.3 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/xconnection.png.pagespeed.ic.kIVh8GuI6g.png
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 36 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1259 bytes)
Hash
908561f06b88ea0f16fb1f0a27de14d5
d67331074d643401ce720ff1e1b1f3bd9810ce17
cbdc49b2139f317cf77e42ea6961a8f0cf7343c4c287f7e5a36ace06236bcee5

HTTP Headers

GET /img/xconnection.png.pagespeed.ic.kIVh8GuI6g.png HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: image/png
Content-Length: 1259
Connection: keep-alive
Link: <https://pos.restaurant-appelbaum-edersee.de/img/connection.png>; rel="canonical"
Accept-Ranges: bytes
Expires: Wed, 29 Nov 2023 18:39:20 GMT
Cache-Control: max-age=31536000
Etag: W/"0"
Last-Modified: Tue, 29 Nov 2022 18:39:20 GMT
X-Original-Content-Length: 1372
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 18:08:56 GMT
cache-control: public,max-age=3600
age: 1827
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=printqueue&command=getBestLogoAsPngWithAlphaChannel&v=2.0.20&style=always

88.99.240.133

200 OK

42 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=printqueue&command=getBestLogoAsPngWithAlphaChannel&v=2.0.20&style=always
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 600 x 546, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (41757 bytes)
Hash
fb7ba23b3a3f8befce3c369b1aac54d0
ecca273105d0fa2d2a0d625549213836d8bac357
25b70b5b721c10136f2d4322da52c0f19fc72ef103818585e2755db2cab569bd

HTTP Headers

GET /php/contenthandler.php?module=printqueue&command=getBestLogoAsPngWithAlphaChannel&v=2.0.20&style=always HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Mon, 20 Dec 1998 01:00:00 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin

pos.restaurant-appelbaum-edersee.de/php/3rdparty/images/ajax-loader.gif

88.99.240.133

200 OK

6.2 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/3rdparty/images/ajax-loader.gif
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 46 x 46\012- data
Size
6.2 kB (6242 bytes)
Hash
8fd7e719b06cd3f701c791adb62bd7a6
2edfb2ffe3b5121f42113008cff449023db52f27
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

HTTP Headers

GET /php/3rdparty/images/ajax-loader.gif HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/php/3rdparty/jquery.mobile-1.4.0.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: image/gif
Content-Length: 6242
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:56 GMT
ETag: "1862-5ab349096bc00"
Accept-Ranges: bytes
Cache-Control: s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isInstalled

88.99.240.133

200 OK

9 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isInstalled
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
ccfc721949a9bef68fe57bc20274c7fb
5aea2ca631509fa55641ceffe2347600b7f2c8c4
887dd304c7e7d7f0d08f046a976ba79eaa5c88529bd2711537eca747c2b0279c

HTTP Headers

GET /php/contenthandler.php?module=admin&command=isInstalled HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo; expires=Wed, 30-Nov-2022 12:51:38 GMT; Max-Age=65535; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3417
Cache-Control: max-age=141862
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 18:39:23 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:03:45 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

pos.restaurant-appelbaum-edersee.de/favicon.ico

88.99.240.133

404 Not Found

243 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/favicon.ico
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
243 B (243 bytes)
Hash
54ee2e24cd48deb714bebee9ecc768d9
7ad0b537d7a17f236a19982e1940df7ee6d3f48f
f02e34b10295e3759e6b0f1c383f5ba90b606ab3ea2119f33f457546efaec195

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=getJsonMenuItemsAndVersion

88.99.240.133

200 OK

104 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=getJsonMenuItemsAndVersion
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
af9d07f02f76c93914e90df0e6a792ec
a40878bf2dc8b206216f06755add9df2dd3d748b
025c9e2fae287b2515244a11cec8166abf28477538f86a9f9ea0759faf981832

HTTP Headers

GET /php/contenthandler.php?module=admin&command=getJsonMenuItemsAndVersion HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747162891

88.99.240.133

200 OK

160 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747162891
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Size
160 B (160 bytes)
Hash
8e57a2a6645387ce2bb6e9302584d71c
fd6d26f8ab1294f0ad03e31d9540d4730ce14a27
a6841a109e7230a523c69aa59445018fe02b00efd40c2734ea448256d49bc93a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gray.png?t=1669747162891 HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: image/png
Content-Length: 160
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:49 GMT
ETag: "a0-5ab34902bec40"
Accept-Ranges: bytes
Cache-Control: s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isPrinterServerActive

88.99.240.133

200 OK

88 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isPrinterServerActive
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
88 B (88 bytes)
Hash
e96f01ec89f1045e9c2ee3de815f7ad9
37340377beb470dea197d388296e69fe4c1ccb45
d76a8ba2859d4c415c1989d0cc99c3c55012deb272f841013fc1d96961885236

HTTP Headers

GET /php/contenthandler.php?module=admin&command=isPrinterServerActive HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=getUserList

88.99.240.133

200 OK

42 kB

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=getUserList
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with very long lines (59493), with no line terminators
Size
42 kB (42351 bytes)
Hash
4c4e64435ae783d8c4fe3475e995a932
a2672f85da80f116b73624f45786782f3b7814cf
a7cd8f52087f9e02b386145324ecd60b2bbb67be981638a3d12ebf0a84bc0d92

HTTP Headers

GET /php/contenthandler.php?module=admin&command=getUserList HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

push.services.mozilla.com/

52.43.61.95

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.61.95:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SATkeIo0mW8IhTgezgbn2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l1nV5DY78zhJjtucxCGZ0vNIoYo=

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isUserAlreadyLoggedIn

88.99.240.133

200 OK

8 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isUserAlreadyLoggedIn
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
c9340d6546fceb8718c25e2afbe4a4e9
d199e1cc763a0d4abfffaace73610f10c7c94ad8
dcdcb557377aadcefb84fde70037599c3801f586fc3344c2f285dd0358611223

HTTP Headers

POST /php/contenthandler.php?module=admin&command=isUserAlreadyLoggedIn HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://pos.restaurant-appelbaum-edersee.de
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=askforcompanyinfo

88.99.240.133

200 OK

122 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=askforcompanyinfo
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
122 B (122 bytes)
Hash
a83604833a482eb2c056bb4dec0914db
d757b02330181322d123a1bed492554eaad27391
644b356ef4f980b24019b405fa37d9fa5548a9de2630341cbde8e505d53a6ee9

HTTP Headers

GET /php/contenthandler.php?module=admin&command=askforcompanyinfo HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10590
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 18:39:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10590
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 18:39:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10590
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 18:39:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10590
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 18:39:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10590
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 18:39:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 55274
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 75151
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 49775
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4871 bytes)
Hash
a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qh3WqWdBmMG3fzchn3OvxbEpwm2wl_CXi105CL4uJda47N9ZX3CyLA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 09:01:36 GMT
age: 34669
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 74250
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8921 bytes)
Hash
823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 75150
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747164891

88.99.240.133

200 OK

160 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747164891
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Size
160 B (160 bytes)
Hash
8e57a2a6645387ce2bb6e9302584d71c
fd6d26f8ab1294f0ad03e31d9540d4730ce14a27
a6841a109e7230a523c69aa59445018fe02b00efd40c2734ea448256d49bc93a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gray.png?t=1669747164891 HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:25 GMT
Content-Type: image/png
Content-Length: 160
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:49 GMT
ETag: "a0-5ab34902bec40"
Accept-Ranges: bytes
Cache-Control: s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747166891

88.99.240.133

200 OK

160 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747166891
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Size
160 B (160 bytes)
Hash
8e57a2a6645387ce2bb6e9302584d71c
fd6d26f8ab1294f0ad03e31d9540d4730ce14a27
a6841a109e7230a523c69aa59445018fe02b00efd40c2734ea448256d49bc93a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gray.png?t=1669747166891 HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:27 GMT
Content-Type: image/png
Content-Length: 160
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:49 GMT
ETag: "a0-5ab34902bec40"
Accept-Ranges: bytes
Cache-Control: s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isPrinterServerActive

88.99.240.133

200 OK

88 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/php/contenthandler.php?module=admin&command=isPrinterServerActive
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
88 B (88 bytes)
Hash
e96f01ec89f1045e9c2ee3de815f7ad9
37340377beb470dea197d388296e69fe4c1ccb45
d76a8ba2859d4c415c1989d0cc99c3c55012deb272f841013fc1d96961885236

HTTP Headers

GET /php/contenthandler.php?module=admin&command=isPrinterServerActive HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PHP/7.4.33, PleskLin
Content-Encoding: br

pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747168891

88.99.240.133

200 OK

160 B

URL HTTP/1.1
pos.restaurant-appelbaum-edersee.de/img/gray.png?t=1669747168891
IP
88.99.240.133:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Size
160 B (160 bytes)
Hash
8e57a2a6645387ce2bb6e9302584d71c
fd6d26f8ab1294f0ad03e31d9540d4730ce14a27
a6841a109e7230a523c69aa59445018fe02b00efd40c2734ea448256d49bc93a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/gray.png?t=1669747168891 HTTP/1.1
Host: pos.restaurant-appelbaum-edersee.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pos.restaurant-appelbaum-edersee.de/
Cookie: PHPSESSID=l93am2prmsbdhvmpj7g107tsfo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 18:39:29 GMT
Content-Type: image/png
Content-Length: 160
Connection: keep-alive
Last-Modified: Fri, 24 Jul 2020 18:58:49 GMT
ETag: "a0-5ab34902bec40"
Accept-Ranges: bytes
Cache-Control: s-maxage=10
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (45)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type