| galyqaz.com/login.php=G |  199.191.50.83 | | 40 kB |
IP199.191.50.83:0 ASN#40034 CONFLUENCE-NETWORK-INC
File typeHTML document, Unicode text, UTF-8 text, with very long lines (10734), with CRLF, LF line terminators Hash1bc1453a15387b70c55e718ae6fc80a1 fafb46f9812ebae47ca878356bc3d3cfdd0b2b16 3f995205c70f37336d21da3d785e42512975ffe95deafee9a3ee7b949dbde07f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /login.php=G HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 19 Apr 2024 07:09:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_drnDZWvP5VuNdTsik72IZ/NqfHILh1QPyYSWGD5edpLwJVyu3kI/19ID+mMPmYLyEgpWDWgUEqUri0alt7qBVA==
|
|
| galyqaz.com/px.js?ch=1 | 199.191.50.83 | | 346 B |
IP199.191.50.83:0 ASN#40034 CONFLUENCE-NETWORK-INC
File typeASCII text, with very long lines (346), with no line terminators Hashf84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /px.js?ch=1 HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php=G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 19 Apr 2024 07:09:15 GMT
Content-Type: application/javascript
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
|
|
| galyqaz.com/__media__/js/min.js?v2.3 | 199.191.50.83 | | 8.4 kB |
URL galyqaz.com/__media__/js/min.js?v2.3 IP199.191.50.83:0 ASN#40034 CONFLUENCE-NETWORK-INC
File typeJavaScript source, ASCII text, with very long lines (8349), with CRLF line terminators Hashc16c3a4c0fad29106f34d00e89f6886e 6e11811ab8a98bb295b0916cdee68b302c33403d 097786d677a859b7bc87e285377b083b76d66a2fc2832a16bcd50b0e99df77ff
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /__media__/js/min.js?v2.3 HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php=G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 19 Apr 2024 07:09:15 GMT
Content-Type: application/javascript
Content-Length: 8435
Connection: keep-alive
Last-Modified: Thu, 16 Feb 2023 20:42:04 GMT
ETag: "20f3-5f4d73abb75da"
Accept-Ranges: bytes
|
|
| cdn.consentmanager.net/delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8zMzY2NC54XzMzLnYucC50XzMzNjY0Lnh0XzMz.js |  185.76.9.16 | | 24 kB |
URL cdn.consentmanager.net/delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8zMzY2NC54XzMzLnYucC50XzMzNjY0Lnh0XzMz.js IP185.76.9.16:0 ASN#60068 Datacamp Limited
File typegzip compressed data, from Unix Hash8107d691232766be4bcde6f128bcf0d2 43d791508e5758a8850c658d06b8a20144a70366 486fa890d948c00a0b3fb7cb08addfbe965994cd02c305af877fc999e98328bc
GET /delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8zMzY2NC54XzMzLnYucC50XzMzNjY0Lnh0XzMz.js HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:09:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 0
expires: Fri, 19 Apr 2024 07:38:46 GMT
cache-control: public, max-age=1800
edge-control: public, max-age=1800
last-modified: Fri, 19 Apr 2024 07:08:46 GMT
x-77-nzt: EwwBuUwJDQH3DQAAAAwBuUwKAQH3EAAAAAwBJRPCLgH3AAAAAA
x-77-nzt-ray: c0a4cc2803800a489b1822661313dc18
x-accel-expires: @1713512326
x-accel-date: 1713510542
x-77-cache: HIT
x-77-age: 29
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 13
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=2&t=cv&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php%3DG&o=1713510555469&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& |  87.230.98.78 | | 43 B |
URL a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=2&t=cv&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php%3DG&o=1713510555469&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& IP87.230.98.78:0 ASN#61157 PlusServer GmbH
File typeGIF image data, version 89a, 1 x 1 Hash6f81c41597d3f5a336f458822cc0c32a 8cd77a54b38f1fb376b45af2eaab8f5982523b8d 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /delivery/info/?id=68884&did=2&cfdid=2&t=cv&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php%3DG&o=1713510555469&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:09:15 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 07:09:15 GMT
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2
|
|
| galyqaz.com/px.js?ch=2 | 199.191.50.83 | | 346 B |
IP199.191.50.83:0 ASN#40034 CONFLUENCE-NETWORK-INC
File typeASCII text, with very long lines (346), with no line terminators Hashf84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /px.js?ch=2 HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php=G
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 19 Apr 2024 07:09:15 GMT
Content-Type: application/javascript
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
|
|
| galyqaz.com/__media__/pics/29590/bg1.png | 199.191.50.83 | | 18 kB |
URL galyqaz.com/__media__/pics/29590/bg1.png IP199.191.50.83:0 ASN#40034 CONFLUENCE-NETWORK-INC
File typePNG image data, 1730 x 988, 4-bit colormap, non-interlaced Hash825ccd29ac102fcadaf92b2343d5917b 24472e766cfac5b82a73b219796556a0a3702bd6 0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /__media__/pics/29590/bg1.png HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php=G
Cookie: __cmpcc=1; __cmpconsentx68884=CP9UQgAP9UQgAAfN0CENAxEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9VPYSAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 19 Apr 2024 07:09:15 GMT
Content-Type: image/png
Content-Length: 17986
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT
ETag: "4642-5ee4a7e31c9c9"
Accept-Ranges: bytes
|
|
| galyqaz.com/__media__/fonts/montserrat-regular/montserrat-regular.woff | 199.191.50.83 | | 17 kB |
URL galyqaz.com/__media__/fonts/montserrat-regular/montserrat-regular.woff IP199.191.50.83:0 ASN#40034 CONFLUENCE-NETWORK-INC
File typeWeb Open Font Format, TrueType, length 17264, version 2.1 Hasha43b107861b42ce1335e41e43d4e4d00 99bdb1cec4a68ebe29249c46fefefb6880d009e5 a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /__media__/fonts/montserrat-regular/montserrat-regular.woff HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php=G
Cookie: __cmpcc=1; __cmpconsentx68884=CP9UQgAP9UQgAAfN0CENAxEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9VPYSAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 19 Apr 2024 07:09:15 GMT
Content-Type: font/woff
Content-Length: 17264
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "4370-5b952a63d1833"
Accept-Ranges: bytes
|
|
| galyqaz.com/__media__/pics/28905/arrrow.png | 199.191.50.83 | | 283 B |
URL galyqaz.com/__media__/pics/28905/arrrow.png IP199.191.50.83:0 ASN#40034 CONFLUENCE-NETWORK-INC
File typePNG image data, 17 x 27, 8-bit colormap, non-interlaced Hash80d42c82a6c37da90210fd60a2f36128 554ba7c84d2a27ecf3b1f29d03e62101936b54d8 a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /__media__/pics/28905/arrrow.png HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php=G
Cookie: __cmpcc=1; __cmpconsentx68884=CP9UQgAP9UQgAAfN0CENAxEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9VPYSAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 19 Apr 2024 07:09:15 GMT
Content-Type: image/png
Content-Length: 283
Connection: keep-alive
Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT
ETag: "11b-5d4c2ac970ed9"
Accept-Ranges: bytes
|
|
| galyqaz.com/favicon.ico | 199.191.50.83 | | 10 B |
IP199.191.50.83:0 ASN#40034 CONFLUENCE-NETWORK-INC
File typeASCII text, with no line terminators Hash6608dd3e21ca3beabd4bdfa625a0b221 e926d0f8694a4bc4013308afaca7af51e4c9fd9f c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php=G
Cookie: __cmpcc=1; __cmpconsentx68884=CP9UQgAP9UQgAAfN0CENAxEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9VPYSAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty
Date: Fri, 19 Apr 2024 07:09:15 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 10
Connection: keep-alive
|
|
| galyqaz.com/ | 199.191.50.83 | | 40 kB |
IP199.191.50.83:0 ASN#40034 CONFLUENCE-NETWORK-INC
File typeHTML document, Unicode text, UTF-8 text, with very long lines (10731), with CRLF, LF line terminators Hash2bf2e45947ddf7b2946386994887c9bb e2c862ada7b50d5fdbd602fd6fb7d7f415a8bc1d a56d5de4b72c07c3901323948ecadbb71bf1e8d580f89c8766d577fdd21c8e5a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:09:14 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_kdLjRa2HgoiNW6utOh3OEfEURYdkxaGC7Dcf3Q/h8X87WzpySYx3vJHpmfJsVphwCgnxrp2bQR8iEfw0xwKIBQ==
Keep-Alive: timeout=5, max=127
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=68884&o=1713510555&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php%3DG&&l=en&odw=0&dlt=1&l=en | 87.230.98.78 | | 8.1 kB |
URL a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=68884&o=1713510555&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php%3DG&&l=en&odw=0&dlt=1&l=en IP87.230.98.78:0 ASN#61157 PlusServer GmbH
File typegzip compressed data, max speed, from Unix Hash454729c83bbee0b0d144d13538c6d69e b4ccc12d0340f91bae50086ac6355750722eff49 b4026c04d0afe9446122ebeee3cff497ef5ccca8e68996dc7f57e8a72fdbcdba
GET /delivery/cmp.php?__cmpcc=1&id=68884&o=1713510555&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php%3DG&&l=en&odw=0&dlt=1&l=en HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:09:15 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 07:09:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
0.0.0.0