Report - newburycafe.co.za/

Report Overview

Submitted URL
newburycafe.co.za/
IP
196.41.123.188
ASN
#36874 Cybersmart
Submitted
2024-05-08 04:03:54
Access
public
Website Title
Newbury Cafe Home and Deli
Final URL
www.newburycafe.co.za/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	887 B	166 kB	142.250.74.168
newburycafe.co.za	unknown	2018-06-14	2019-08-01	2024-04-18	472 B	303 B	196.41.123.188
www.newburycafe.co.za	unknown	2018-06-14	2019-08-01	2021-03-06	4.1 kB	586 kB	196.41.123.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed
2024-05-08	medium	newburycafe.co.za	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/js/jquery.fitvids.min.js	1.8 kB	2023-03-07	2024-05-19
Pretty URL www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/js/jquery.fitvids.min.js IP 196.41.123.188 ASN #36874 Cybersmart Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:40 Last Seen2024-05-19 16:20:32 Times Seen2605 Hash 882a4f6998e5d6878f6f53f15008e525 2f73282313194a5ea50186b3d94842b47f941274 233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e Loading...

	www.newburycafe.co.za/	0 B	2023-03-07	2024-05-19
Pretty URL www.newburycafe.co.za/ IP 196.41.123.188 ASN #36874 Cybersmart Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 20:11:05 Times Seen37841333 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.newburycafe.co.za/sandbox%20eval%20code	147 B	2023-04-11	2024-05-19
Pretty URL www.newburycafe.co.za/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 20:06:16 Times Seen350794 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 20:06:19 Times Seen350279 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.newburycafe.co.za/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-08	2024-05-19
Pretty URL www.newburycafe.co.za/wp-includes/js/jquery/jquery.min.js IP 196.41.123.188 ASN #36874 Cybersmart Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-19 16:20:32 Times Seen32160 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/js/scripts.min.js?ver=2.6.5	1.6 kB	2023-03-08	2024-05-17
Pretty URL www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/js/scripts.min.js?ver=2.6.5 IP 196.41.123.188 ASN #36874 Cybersmart Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:03:30 Last Seen2024-05-17 15:10:17 Times Seen236 Hash dfa641ad7912f204eb15457181784469 a28d972b6ee3f98c1ac2ad001937f238ce93687a 468f92187c7345baac080e149ac0b840ab0d4f441f4a2dd60c8adb2763211d12 Loading...

	www.googletagmanager.com/gtag/js?id=UA-132906120-1	208 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-132906120-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:03:55 Last Seen2024-05-08 06:03:55 Times Seen2 Hash 25b87e296bdc9ffd3118790237be0a33 928c964dbfb5a8c5a95fe72d9bdef19ed7f09b6a ac8911e257322a3a0264559c85aeb3a9849999b2cfdf84799abee8c726161eec Loading...

	www.newburycafe.co.za/	0 B	2023-03-07	2024-05-19
Pretty URL www.newburycafe.co.za/ IP 196.41.123.188 ASN #36874 Cybersmart Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 20:11:05 Times Seen37841333 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-DPC0HWRVQH&l=dataLayer&cx=c	254 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-DPC0HWRVQH&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:03:55 Last Seen2024-05-08 06:03:55 Times Seen2 Hash 3674a9ec7a8849dd4b3d5fd0d9b74cb5 ecd9dc355d8bf6cc842140d27e0bcab68e991eb8 4ad32f64ea57cfa6aca4e6283a3a58ebeed07b55034794bb9bae396356edf1b7 Loading...

HTTP Transactions (13)

URL IP Response Size

newburycafe.co.za/

196.41.123.188

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
newburycafe.co.za/
IP
196.41.123.188:443
ASN
#36874 Cybersmart

Certificate
IssuercPanel, Inc.
Subjectnewburycafe.co.za
FingerprintE3:5B:FD:93:0D:87:D9:C7:47:84:44:DE:F2:31:80:38:18:7B:52:16
ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 04:03:27 GMT
Server: Apache
X-UA-Compatible: IE=edge
X-Redirect-By: WordPress
Location: https://www.newburycafe.co.za/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.newburycafe.co.za/

196.41.123.188

503 Service Unavailable

4.5 kB

URL User Request GET HTTP/1.1
www.newburycafe.co.za/
IP
196.41.123.188:443
ASN
#36874 Cybersmart

Certificate
IssuercPanel, Inc.
Subjectnewburycafe.co.za
FingerprintE3:5B:FD:93:0D:87:D9:C7:47:84:44:DE:F2:31:80:38:18:7B:52:16
ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1816), with CRLF, LF line terminators
Size
4.5 kB (4494 bytes)
Hash
c679f438876c71bef4c85d77a53ce8f6
5033a4611a9683f9b9993aa290014fd89bca4faf
78fa294c6478241168ef093d58cad2b80e86cad7f763aa920e0d1528c3eaff5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 503 Service Unavailable
Date: Wed, 08 May 2024 04:03:28 GMT
Server: Apache
X-UA-Compatible: IE=edge
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Retry-After: 3600
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.newburycafe.co.za/

196.41.123.188

503 Service Unavailable

4.5 kB

URL User Request GET HTTP/1.1
www.newburycafe.co.za/
IP
196.41.123.188:443
ASN
#36874 Cybersmart

Certificate
IssuercPanel, Inc.
Subjectnewburycafe.co.za
FingerprintE3:5B:FD:93:0D:87:D9:C7:47:84:44:DE:F2:31:80:38:18:7B:52:16
ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1816), with CRLF, LF line terminators
Size
4.5 kB (4488 bytes)
Hash
0fe9f15b44001898045a7f250bb20114
0d3851b7575c55eb8bf189d74db916dc8225c53a
deed3d4d7222c2262ac94eb620c6a38f0a114fc8fa8106645216be1529b22a96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 503 Service Unavailable
Date: Wed, 08 May 2024 04:03:29 GMT
Server: Apache
X-UA-Compatible: IE=edge
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Retry-After: 3600
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.googletagmanager.com/gtag/js?id=UA-132906120-1

142.250.74.168

200 OK

75 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-132906120-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.newburycafe.co.za/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
75 kB (74754 bytes)
Hash
25b87e296bdc9ffd3118790237be0a33
928c964dbfb5a8c5a95fe72d9bdef19ed7f09b6a
ac8911e257322a3a0264559c85aeb3a9849999b2cfdf84799abee8c726161eec

HTTP Headers

GET /gtag/js?id=UA-132906120-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 04:03:30 GMT
expires: Wed, 08 May 2024 04:03:30 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/js/scripts.min.js?ver=2.6.5

196.41.123.188

200 OK

1.6 kB

URL GET HTTP/1.1
www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/js/scripts.min.js?ver=2.6.5
IP
196.41.123.188:80
ASN
#36874 Cybersmart

Requested by
http://www.newburycafe.co.za/

File type
JavaScript source, ASCII text, with very long lines (1605), with no line terminators
Size
1.6 kB (1605 bytes)
Hash
dfa641ad7912f204eb15457181784469
a28d972b6ee3f98c1ac2ad001937f238ce93687a
468f92187c7345baac080e149ac0b840ab0d4f441f4a2dd60c8adb2763211d12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-maintenance-mode/assets/js/scripts.min.js?ver=2.6.5 HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:03:30 GMT
Server: Apache
Last-Modified: Wed, 08 Mar 2023 20:40:45 GMT
Accept-Ranges: bytes
Content-Length: 1605
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/js/jquery.fitvids.min.js

196.41.123.188

200 OK

1.8 kB

URL GET HTTP/1.1
www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/js/jquery.fitvids.min.js
IP
196.41.123.188:80
ASN
#36874 Cybersmart

Requested by
http://www.newburycafe.co.za/

File type
JavaScript source, ASCII text, with very long lines (1767), with no line terminators
Size
1.8 kB (1767 bytes)
Hash
882a4f6998e5d6878f6f53f15008e525
2f73282313194a5ea50186b3d94842b47f941274
233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-maintenance-mode/assets/js/jquery.fitvids.min.js HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:03:30 GMT
Server: Apache
Last-Modified: Wed, 08 Mar 2023 20:40:45 GMT
Accept-Ranges: bytes
Content-Length: 1767
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/css/style.min.css?ver=2.6.5

196.41.123.188

200 OK

9.7 kB

URL GET HTTP/1.1
www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/css/style.min.css?ver=2.6.5
IP
196.41.123.188:80
ASN
#36874 Cybersmart

Requested by
http://www.newburycafe.co.za/

File type
ASCII text, with very long lines (9664), with no line terminators
Size
9.7 kB (9664 bytes)
Hash
bb49c3bc6c8b5a6e55d0c00a109991fd
a7335f126495c993a6464a7220b0fa83e31114e6
382d80223a5d69eeee5101b1b9f8582f991ffbb019bd3c9edf1d29c167eabf2f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-maintenance-mode/assets/css/style.min.css?ver=2.6.5 HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:03:30 GMT
Server: Apache
Last-Modified: Wed, 08 Mar 2023 20:40:45 GMT
Accept-Ranges: bytes
Content-Length: 9664
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.googletagmanager.com/gtag/js?id=G-DPC0HWRVQH&l=dataLayer&cx=c

142.250.74.168

200 OK

90 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-DPC0HWRVQH&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://www.newburycafe.co.za/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
90 kB (89883 bytes)
Hash
3674a9ec7a8849dd4b3d5fd0d9b74cb5
ecd9dc355d8bf6cc842140d27e0bcab68e991eb8
4ad32f64ea57cfa6aca4e6283a3a58ebeed07b55034794bb9bae396356edf1b7

HTTP Headers

GET /gtag/js?id=G-DPC0HWRVQH&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 04:03:30 GMT
expires: Wed, 08 May 2024 04:03:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.newburycafe.co.za/wp-content/uploads/2019/03/newbury-cafe-logo-splashpage.jpg

196.41.123.188

200 OK

10 kB

URL GET HTTP/1.1
www.newburycafe.co.za/wp-content/uploads/2019/03/newbury-cafe-logo-splashpage.jpg
IP
196.41.123.188:80
ASN
#36874 Cybersmart

Requested by
http://www.newburycafe.co.za/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 182x181, components 3
Size
10 kB (10389 bytes)
Hash
58e81fa234abb7220da0ab5df9c068e1
064d75f953326a625c9cb411ccb415f2008ad198
6a37e4e3ea93300a199cb9f8975b5d1f5bf38142c493394d20652f0e3f727690

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/newbury-cafe-logo-splashpage.jpg HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:03:30 GMT
Server: Apache
Last-Modified: Sat, 09 Mar 2019 13:09:58 GMT
Accept-Ranges: bytes
Content-Length: 10389
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/images/icn_sprite.png

196.41.123.188

200 OK

8.1 kB

URL GET HTTP/1.1
www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/images/icn_sprite.png
IP
196.41.123.188:80
ASN
#36874 Cybersmart

Requested by
http://www.newburycafe.co.za/

File type
PNG image data, 727 x 21, 8-bit/color RGBA, non-interlaced
Size
8.1 kB (8106 bytes)
Hash
96502df2701c48d53ed4fe8918dfffe4
792e42b2173664771ec2d4e1ef9e8ab8dd13d1b9
b5d6462ef85f026b15b28451dc050f53112a9bf65b57dd446eefa8769c098fa8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-maintenance-mode/assets/images/icn_sprite.png HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/wp-content/plugins/wp-maintenance-mode/assets/css/style.min.css?ver=2.6.5
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:03:30 GMT
Server: Apache
Last-Modified: Wed, 08 Mar 2023 20:40:45 GMT
Accept-Ranges: bytes
Content-Length: 8106
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

www.newburycafe.co.za/wp-includes/js/jquery/jquery.min.js

196.41.123.188

200 OK

90 kB

URL GET HTTP/1.1
www.newburycafe.co.za/wp-includes/js/jquery/jquery.min.js
IP
196.41.123.188:80
ASN
#36874 Cybersmart

Requested by
http://www.newburycafe.co.za/

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89684 bytes)
Hash
17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:03:30 GMT
Server: Apache
Last-Modified: Wed, 08 Mar 2023 20:42:49 GMT
Accept-Ranges: bytes
Content-Length: 89684
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.newburycafe.co.za/favicon.ico

196.41.123.188

503 Service Unavailable

4.5 kB

URL GET HTTP/1.1
www.newburycafe.co.za/favicon.ico
IP
196.41.123.188:80
ASN
#36874 Cybersmart

Requested by
http://www.newburycafe.co.za/

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1816), with CRLF, LF line terminators
Size
4.5 kB (4488 bytes)
Hash
0fe9f15b44001898045a7f250bb20114
0d3851b7575c55eb8bf189d74db916dc8225c53a
deed3d4d7222c2262ac94eb620c6a38f0a114fc8fa8106645216be1529b22a96

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/
Cookie: _ga_DPC0HWRVQH=GS1.1.1715141010.1.0.1715141010.0.0.0; _ga=GA1.1.840397800.1715141011
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 503 Service Unavailable
Date: Wed, 08 May 2024 04:03:31 GMT
Server: Apache
X-UA-Compatible: IE=edge
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Retry-After: 3600
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.newburycafe.co.za/wp-content/uploads/2019/03/nb-splash-page-bg.jpg

196.41.123.188

200 OK

448 kB

URL GET HTTP/1.1
www.newburycafe.co.za/wp-content/uploads/2019/03/nb-splash-page-bg.jpg
IP
196.41.123.188:80
ASN
#36874 Cybersmart

Requested by
http://www.newburycafe.co.za/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x1280, components 3
Size
448 kB (448141 bytes)
Hash
a84c4b20d4434e33ced1311800008f4e
0dcde5a81d012a685f300d722e650288d6b68622
b2345dbb2374c75daf0b6129733d48a16cbafc90a77063cd1bdcb4d20654af46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/nb-splash-page-bg.jpg HTTP/1.1
Host: www.newburycafe.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.newburycafe.co.za/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:03:30 GMT
Server: Apache
Last-Modified: Sat, 09 Mar 2019 13:07:00 GMT
Accept-Ranges: bytes
Content-Length: 448141
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML