| loia.co.nz/irty/update/sms.php | 114.142.162.113 | 200 OK | 1.2 kB |
URL User Request GET HTTP/2loia.co.nz/irty/update/sms.php IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashc3273a99b6cf6b7183f4d80b68191f61 412f621b6589da2beb928804e6074ecd244d56c9 0192e9baf5e50efa942ae651db7116f3fd5bde22e0378af3821fcb83d2f30fce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/sms.php HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: text/html; charset=UTF-8
content-length: 1152
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2; path=/
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/css/helpers.css | 114.142.162.113 | 200 OK | 5.4 kB |
URL GET HTTP/2loia.co.nz/irty/update/assets/css/helpers.css IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeASCII text, with very long lines (41750), with CRLF line terminators Hashfd877f138d23d5a790645eb95167aec3 ee2f01ca01c5f7e6f674ad79a9fea30f78a66f2c f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/css/helpers.css HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: text/css
content-length: 5411
last-modified: Mon, 26 Nov 2018 17:16:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/css/fonts.css | 114.142.162.113 | 200 OK | 453 B |
URL GET HTTP/2loia.co.nz/irty/update/assets/css/fonts.css IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeASCII text, with CRLF line terminators Hashf76aa5eae082f07a8f5471d83e68770c dc15b4bb3825c68f464dfca9d89508dbd85bfadc 213e1c07e15eea7f20b56e8dab08ce45429188b20c55cd91d45c84cdda5c0635
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/css/fonts.css HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: text/css
content-length: 453
last-modified: Sun, 03 Nov 2019 16:14:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/css/main.css | 114.142.162.113 | 200 OK | 2.0 kB |
URL GET HTTP/2loia.co.nz/irty/update/assets/css/main.css IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeASCII text, with very long lines (6845), with CRLF line terminators Hash6f233e1fe812bac568521ca0d758d014 c1c56ff0f71c5f9359fc5a77fd64ea825e443fc1 12b149321ee22338ec4eea71aa7cd7e26f6a6523bb4fabb41a1cdddc70cb6bbe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/css/main.css HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: text/css
content-length: 1994
last-modified: Tue, 17 Dec 2019 22:42:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/images/logo.png | 114.142.162.113 | 200 OK | 8.0 kB |
URL GET HTTP/2loia.co.nz/irty/update/assets/images/logo.png IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typePNG image data, 2085 x 561, 8-bit/color RGB, non-interlaced Hash79e4397b05c0279708702f074dcd5faf d40f0a1b3311a933c3fdbb8ae89dc471498998bf 305b5de89053d7e8f5992ea78620dbd920302d3883af880d0a10b33a7babcf98
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/images/logo.png HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: image/png
content-length: 8040
last-modified: Sat, 09 Nov 2019 17:06:56 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/js/popper.min.js | 114.142.162.113 | 200 OK | 8.6 kB |
URL GET HTTP/2loia.co.nz/irty/update/assets/js/popper.min.js IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeJavaScript source, ASCII text, with very long lines (20164), with CRLF line terminators Hash5644e6835941af44dcb5cead916c2b79 6eb1840d55338895ce6ecc3eab56132b1d152b93 315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/js/popper.min.js HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: application/javascript
content-length: 8611
last-modified: Sun, 25 Nov 2018 13:02:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/js/main.js | 114.142.162.113 | 200 OK | 687 B |
URL GET HTTP/2loia.co.nz/irty/update/assets/js/main.js IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashfd75ba001e827158682d027447e113c3 eec753d9f5f9f30f9dbfceaea6606c5e1a5357c4 1610f592ec255322e51b61c1c024cf895fa3f0f1cf6606512091eedcfe068f96
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Anti-debugging code | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/js/main.js HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:25 GMT
content-type: application/javascript
content-length: 687
last-modified: Tue, 11 Feb 2020 18:10:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/js/jquery.payment.js | 114.142.162.113 | 200 OK | 4.9 kB |
URL GET HTTP/2loia.co.nz/irty/update/assets/js/jquery.payment.js IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeJavaScript source, ASCII text, with very long lines (386), with CRLF line terminators Hasha54741ed0f13b92822cff016d7da0def 0cee1784ab4baeb647d9a71672809670aa24c644 d7399d77beb8b8da046b06a4e106e28ac095ec09882a6cf6e04d52735396a1b6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/js/jquery.payment.js HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:25 GMT
content-type: application/javascript
content-length: 4851
last-modified: Thu, 24 Oct 2019 13:51:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/images/fav.ico | 114.142.162.113 | 200 OK | 17 kB |
URL GET HTTP/2loia.co.nz/irty/update/assets/images/fav.ico IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeMS Windows icon resource - 1 icon, 64x64, 32 bits/pixel Hash41b45fdce09bd6acd07c7a8949da675e 931e18dfc6e7d950dc2f2bbdfe31e1ea720acf7c abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/images/fav.ico HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:26 GMT
content-type: image/x-icon
content-length: 16958
last-modified: Sat, 09 Nov 2019 17:42:42 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 5.8 kB |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, max speed, from Unix Hash52a1e40d3746c76b0167007994950370 6c5838f16f22c0778bc428242b26ca65bf64683c 5ca94e7f36b9452fe67eeaf4a9898c2003278f9f9151c572b2cc6178afff781a
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:42 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=zhyTuicka19rAXQaz6D3kocvDVUnr3OJhl6HHDW98IzOOzs0kYsHBHMQhNlt4QB9f7GAofo81D5yXu2ACzxhvvPELHlz_Xoi8tqYdJttynUWaEtkkRILhJwmbAEbuR21
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/js/jquery.min.js | 114.142.162.113 | 200 OK | 88 kB |
URL GET HTTP/2loia.co.nz/irty/update/assets/js/jquery.min.js IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeJavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators Hash2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/js/jquery.min.js HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: application/javascript
last-modified: Wed, 11 Sep 2019 16:52:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/js/bootstrap.min.js | 114.142.162.113 | 200 OK | 60 kB |
URL GET HTTP/2loia.co.nz/irty/update/assets/js/bootstrap.min.js IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeJavaScript source, ASCII text, with very long lines (60035), with no line terminators Hashdd56f8b2471766feac89c4c7f24b2c23 136628494a3b5165b17478c55b717be325d6394b da31b50d5906c738ffbc3f2562e7d4ca1d2447a6c4745faaf3fded996c661da9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/js/bootstrap.min.js HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: application/javascript
last-modified: Thu, 09 Sep 2021 22:24:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/js/fontawesome.min.js | 114.142.162.113 | 200 OK | 1.1 MB |
URL GET HTTP/2loia.co.nz/irty/update/assets/js/fontawesome.min.js IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
Size1.1 MB (1061198 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/js/fontawesome.min.js HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: application/javascript
last-modified: Sun, 25 Nov 2018 16:03:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| loia.co.nz/irty/update/assets/css/bootstrap.min.css | 114.142.162.113 | 200 OK | 156 kB |
URL GET HTTP/2loia.co.nz/irty/update/assets/css/bootstrap.min.css IP114.142.162.113:443 ASN#38719 Dreamscape Networks Limited
Requested byhttps://loia.co.nz/irty/update/sms.php CertificateIssuerLet's Encrypt Subjectwww.loia.co.nz FingerprintE5:C3:44:3E:5E:37:ED:7A:30:D8:D5:1F:5B:40:10:56:98:41:A6:EF ValiditySun, 04 Feb 2024 01:48:28 GMT - Sat, 04 May 2024 01:48:27 GMT
File typeASCII text, with very long lines (65324) Size156 kB (155758 bytes) Hasha15c2ac3234aa8f6064ef9c1f7383c37 6e10354828454898fda80f55f3decb347fd9ed21 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /irty/update/assets/css/bootstrap.min.css HTTP/1.1
Host: loia.co.nz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loia.co.nz/irty/update/sms.php
Cookie: PHPSESSID=5fff8526960468a0b23367f339894bd2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 20:41:24 GMT
content-type: text/css
last-modified: Wed, 13 Feb 2019 01:01:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|