Report - www.galaxyequipmentcorp.com/

Report Overview

Submitted URL
www.galaxyequipmentcorp.com/
IP
50.62.144.162
ASN
#398101 GO-DADDY-COM-LLC
Submitted
2022-09-16 15:41:15
Access
public
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
68

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-17T05:10:36Z	401 B	5.8 kB	143.204.55.110
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-17T05:09:22Z	2.6 kB	5.6 kB	142.250.74.3
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-17T10:03:17Z	415 B	6.4 kB	104.18.11.207
socialplugin.facebook.net	unknown	2022-07-19T22:27:01Z	2023-03-17T06:09:20Z	1.0 kB	1.6 kB	31.13.72.8
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-17T10:38:51Z	1.3 kB	79 kB	142.250.74.163
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-17T10:42:19Z	329 B	797 B	93.184.220.29
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-17T05:09:02Z	1.3 kB	3.5 kB	23.36.77.32
www.galaxyequipmentcorp.com	unknown			347 B	9.5 kB	50.62.144.162
galaxyequipmentcorp.com	unknown			30 kB	14 MB	50.62.144.162
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-17T05:11:12Z	405 B	8.7 kB	172.64.102.32
web.facebook.com	206	2015-05-14T09:35:40Z	2023-03-17T05:14:25Z	3.0 kB	3.1 kB	31.13.72.8
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-17T05:09:15Z	3.2 kB	69 kB	34.120.237.76
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-17T05:10:55Z	386 B	94 kB	31.13.72.12
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-17T05:09:04Z	758 B	2.7 kB	143.204.55.36
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-17T05:10:35Z	321 B	229 B	34.117.237.239
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-17T10:24:23Z	3.4 kB	94 kB	142.250.74.10
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-17T08:05:25Z	447 B	13 kB	104.17.24.14
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-17T05:10:36Z	594 B	127 B	34.208.31.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-16	medium	www.galaxyequipmentcorp.com/	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/counterup.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/waypoints-sticky.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/scrolla.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/shortcode.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/switcher.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.kenburn.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/rev-script-4.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/waypoints.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/jquery.bootstrap-touchspin.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.actions.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.carousel.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/stellar.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.parallax.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/custom.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.slideanims.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/magnific-popup.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.migration.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.navigation.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.video.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/bootstrap-select.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/bootstrap.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/isotope.pkgd.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/owl.carousel.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.layeranimation.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.revolution.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/js/jquery-1.12.4.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.tools.min.js	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/fonts/icomoon%EF%B9%96rrsgby.ttf	Malware
2022-09-16	medium	galaxyequipmentcorp.com/actrl/assets/equipment_images/6/WhatsApp_Image_2021-12-02_at_11_14_27_AM_(1)_cleanup.jpeg	Malware
2022-09-16	medium	galaxyequipmentcorp.com/actrl/assets/equipment_images/9/3.jpeg	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/fonts/revicons/revicons%EF%B9%965510888.woff	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/fonts/revicons/revicons%EF%B9%965510888.ttf	Malware
2022-09-16	medium	galaxyequipmentcorp.com/site_assets/fonts/icomoon%EF%B9%96rrsgby.woff	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.slideanims.min.js	31 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.slideanims.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 3f3c1c390b1bb208dc51fd1a490ce2a8 cef3537505ddec145f38b8a50319068ddfb21082 3a9b23c64f9c9ecb843eb49a031cabe9761a581cf8a9529d623701b5975e2cf0 Loading...

	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.revolution.min.js	67 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.revolution.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:44 Times Seen1 Hash abf8027ea7deca525552244ac228991a b5112037fb143701a2ed8e4dfeb07befd69a279c ee5cc151d1d77636909d8e16c18d07c2421be1aae789a3e2310fa2b058b92c40 Loading...

	galaxyequipmentcorp.com/site_assets/js/owl.carousel.min.js	45 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/owl.carousel.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 6b7583dcc8aeb9588fd38f2fb3fad2e2 c56afb89498ed1fc23445afcd2d5ced404857051 5b8441de820b10c97e012fa0d1f8051d77a244c49336ef643f380761c9b23e67 Loading...

	galaxyequipmentcorp.com/site_assets/js/shortcode.js	12 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/shortcode.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 415f5a227b0f86ed67ff9551d080a96a a99464a614072cd0ceab1816d558a409f493f560 625941a46dae8c8d96d600bd6f9740367114c473bc370c14c2edbfab73a0603d Loading...

	galaxyequipmentcorp.com/site_assets/js/bootstrap-select.min.js	35 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/bootstrap-select.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 1d3dbfdde64a59b336758d8d7cba0db4 89f55611dffe84593fec5cc4ed5d1c57dc993949 c39a25237e8a315333d0827261ada094c5c2251d1a9e8e0222e545dda8766cf4 Loading...

	galaxyequipmentcorp.com/site_assets/js/isotope.pkgd.min.js	37 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/isotope.pkgd.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 58f0476a98f7a1c4a9e43b64c18a4cde 00ca0f5a07577247970df3820d98fbe9ca21abec 6a9046d28830ddeea1c49f42d45fcfca10cd30778d9440312d714affddba1f3e Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 00:26:59 Times Seen36969153 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	galaxyequipmentcorp.com/site_assets/js/jquery.bootstrap-touchspin.min.js	11 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/jquery.bootstrap-touchspin.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 726cf9457c54151852e8909d89a0943b a16d5f1b8db073fc5503b6a661f0ea6f2be2dac8 a9b7a5d8ed112940d3ea5846697fd565c76848cafba685f0d6e01197a877a844 Loading...

	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.actions.min.js	10 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.actions.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:44 Times Seen1 Hash ca85f14599035a125bea2580d641bb12 1bf02cf435bd76c10d935ff99d7cfca4738598ab e37b0ac9f8ee2e3460784f55a8ea8a1047d7135f823ea003108aef0b9427af60 Loading...

	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.carousel.min.js	9.7 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.carousel.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 7e00f80e61627d4cffe1eea038e5afce e291b7558ac404cd15d8e16a72f0116c3fbbc1ee f866a1738519d49fbeff3e68fee2e3a54ce5d6f8c2a1aedd5618d1c194b01eb4 Loading...

	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.layeranimation.min.js	58 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.layeranimation.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:44 Times Seen1 Hash cfdb7b3aa268b5e98f74b3d74481568b 1f694823b8f100121eb774c14650e91d02503163 f88309fc1e74bf405b60e62ae5cd5bf3e56820f954bdffb5346e19724ba61363 Loading...

	galaxyequipmentcorp.com/site_assets/js/scrolla.min.js	3.2 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/scrolla.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 0ad4d18f8bf9e442904792f7e04f6222 4e0ef1ec331ee9a8d08586d7afd7cb7a282a0bf2 3996ca263fcd460e4d2e110959615a11453c64f28babc627329e98a406920a1d Loading...

	www.galaxyequipmentcorp.com/	499 B	2023-03-08	2023-12-02
Pretty URL www.galaxyequipmentcorp.com/ IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:25:51 Last Seen2023-12-02 03:11:42 Times Seen12 Hash c96cd05f5d21c882499c2f4297282aff 86ff4e0fdce1a21e620892c41a7f133feecb1a4c 35fa93c06da490f216ac4c13f873e3b036f13e3d823a2f981ace240e6e91e1b0 Loading...

	galaxyequipmentcorp.com/site_assets/js/switcher.js	12 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/switcher.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash f504397aded815f57891ff22c8c1dcae d7e541fa12af446558b72b9c48f9894e1f0f828d 9ff52154e3d1f68cb24ecba259db82793f6eca022a2af11535535dbdd09a8be8 Loading...

	galaxyequipmentcorp.com/site_assets/js/rev-script-4.js	5.5 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/rev-script-4.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash bf36b17f23a4667595add9e21252c9ac dcb74fbc38b2c42d91b68bb06291d0bcdfda0b00 8ca1d39289031186634b7e9ac96b687fd107fbc5278c9242f0cb3512b222a16a Loading...

	galaxyequipmentcorp.com/site_assets/js/custom.js	24 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/custom.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash c97bc672d1c6532866cdd714698dd11a ae22da9ae013bbe0efc04e9456f2e1d70fc18f58 f98cdff5cd428f147268662d2e3a4ecad9d8c634dfa398a94878f1a87a5da55a Loading...

	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.tools.min.js	112 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.tools.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:44 Times Seen1 Hash bdf1840bb4083abc9210aa3f354ee306 b17b1ec454fdacbfbf1a74ae67830265c0d545b4 25e48842fe6b7a46e453acc1a23e664d7696227fa627323709933dd61711398f Loading...

	www.galaxyequipmentcorp.com/	184 B	2023-03-17	2023-03-26
Pretty URL www.galaxyequipmentcorp.com/ IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-26 00:42:10 Times Seen2 Hash 751b6bb3644e048b2ffb7dc6e4705b41 c52f8396a84e648faf54f5a47b37d0884b20e0cf 7cb33131b3038436f3a93276928caf576cc2371f0dae4d83b8f9382a646df301 Loading...

	galaxyequipmentcorp.com/site_assets/js/waypoints.min.js	11 kB	2023-03-17	2023-03-26
Pretty URL galaxyequipmentcorp.com/site_assets/js/waypoints.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-26 00:42:10 Times Seen2 Hash 03a71c7f804ee7f1ab5086bbf985b970 cbc8ed9c3126326d27132005bd1183f6fe9b9d15 143fd0fa5c1d6e8597f0f4ed4d8910cca864a00c627b5c06eae106292833f1bd Loading...

	galaxyequipmentcorp.com/site_assets/js/stellar.min.js	15 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/stellar.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 1e7fe379862e538425435fdcc0bf65fe 4bf8b0beeb6df86b0e863d395100c35175f301ef 2bb38cf2033b1378572c9f0aeaa5ed51530f46a7dae7c2e14b016dbbad437423 Loading...

	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.video.min.js	28 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.video.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:44 Times Seen1 Hash cbeb08290eda16837ad12173a9060388 7b78ba53396e8fcc1d8932dcdea17299f8522436 bf77e48fb96c44de608c397b507f062b8154e594ca0933dc050055231e3c07e0 Loading...

	galaxyequipmentcorp.com/site_assets/js/counterup.min.js	3.1 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/counterup.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash ac426c6f005e3b0297a935a01da98cf3 cfc3010bc39a57b1150e458a6230bdd416058871 4d9fe2afaf925e695ebf13792709090a0106f252f3919f1e5d4e772cd905e477 Loading...

	cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/js/fontawesome.min.js	37 kB	2023-03-11	2023-11-22
Pretty URL cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/js/fontawesome.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:17:39 Last Seen2023-11-22 22:27:54 Times Seen29 Hash 3e90fca85fa1f25038604a2f0a18d0b1 d943307bd29d083cfab30778ad95cbac274be662 25c212a4a47fa3b6c9f2fbb20010525a3b0581ee46bc1a9fdd2492acdf3de484 Loading...

	galaxyequipmentcorp.com/site_assets/js/magnific-popup.min.js	22 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/magnific-popup.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 8878e7cbad34f1a8cea371dfc340c620 1b988160f01994048308b73c3a73d76f3b825e63 263880a8637afe90d9e97921667cba5ed4e2d60ae66150baacf7ea3768354d21 Loading...

	galaxyequipmentcorp.com/site_assets/js/bootstrap.min.js	39 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/bootstrap.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:44 Last Seen2023-03-17 12:44:44 Times Seen1 Hash 0d292e44c6500a341d876f7db9a65bd7 ba71a328af6b850b1ce371db807f6aef21771975 810dab3474dd1c05dd56046d544fc700ee68906337ebf742bc5cf5576294644e Loading...

	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.kenburn.min.js	5.8 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.kenburn.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:45 Times Seen1 Hash 090a27ee0d41242058f52a5813244f0c cce4fa2d75a4dcae25f6b135d9a3f3b0ade0603f 6a97393ede128e34bf419233172662faa54161135f223723fb8362822d1f522f Loading...

	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.parallax.min.js	13 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.parallax.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:45 Times Seen1 Hash 77546e8ad3e9e15a066002f3550e48a2 70a16329a0e79d1c9d3d5ccec24d3653803856ac 3d1614bd3adfbbf58fb137542018ea7b3f1f50e51351be7b11afb50678baea42 Loading...

	galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.migration.min.js	28 kB	2023-03-13	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.migration.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:45:25 Last Seen2023-03-17 12:44:45 Times Seen1 Hash 869e727b24bc94c4a037526d05138b88 226215eb094ea819088505454c0c89e1ee79fadf 8b27883de5a81d2bfc68cdef0d5d68ca12c9c2e335334dba2156e6ca6f50a180 Loading...

	galaxyequipmentcorp.com/site_assets/js/waypoints-sticky.min.js	3.3 kB	2023-03-17	2023-03-17
Pretty URL galaxyequipmentcorp.com/site_assets/js/waypoints-sticky.min.js IP 50.62.144.162 ASN #398101 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 12:44:45 Last Seen2023-03-17 12:44:45 Times Seen1 Hash e034901b70f1f350881b1661d7433e77 a1d30b2d3a80e4a6fa3f9b61b95d3049627bc72a 00dd1e8fcf9c253eeef84f49678ca6200fe0946f3f868befaf30278e6aa0f5e7 Loading...

HTTP Transactions (113)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 15:10:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VwF-5KGHR1LNod4qaNddTXWlrlxpaoiRva_uSgH6CNVdW3xvrLsiHg==
Age: 1813

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14113
Expires: Fri, 16 Sep 2022 19:36:16 GMT
Date: Fri, 16 Sep 2022 15:41:03 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: s-21HZHyoKJxRMn75pHVka2onIsgxGICx3LxjuRwMvvGUlHD5sN7yQ==
age: 39948
X-Firefox-Spdy: h2

www.galaxyequipmentcorp.com/

50.62.144.162

200 OK

9.0 kB

URL HTTP/1.1
www.galaxyequipmentcorp.com/
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (587)
Size
9.0 kB (8987 bytes)
Hash
62951cddae3cd469b9422b58045d8d4e
4b9e4b5e95a709d57ce0fe5f2e793a75c4c1d7e5
17de7f35787d2230ec4d0bab2bf31e160071c532ba64c7475fbe54933481359b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 15:41:03 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ci_session=405e577ddda96b3e2d470f7f107206854bdd18f8; expires=Fri, 16-Sep-2022 17:41:03 GMT; Max-Age=7200; path=/; HttpOnly
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8987
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 15:41:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,100,300,300italic,400italic,500,500italic,700,700italic,900italic,900

142.250.74.10

200 OK

1.1 kB

URL HTTP/1.1
fonts.googleapis.com/css?family=Roboto:400,100,300,300italic,400italic,500,500italic,700,700italic,900italic,900
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
1.1 kB (1059 bytes)
Hash
df298b7f70f72e948bf7b19e7bbe9579
b5bdcdc5c643ced4372a89b9aed50e8fa7a551e1
808d0a22abdf8781a4f4c41a98bd659e9b0b1aa01f5a99843bb811f1226ad0c0

HTTP Headers

GET /css?family=Roboto:400,100,300,300italic,400italic,500,500italic,700,700italic,900italic,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 16 Sep 2022 15:41:04 GMT
Date: Fri, 16 Sep 2022 15:41:04 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/js/fontawesome.min.js

104.17.24.14

200 OK

12 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/js/fontawesome.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (37144)
Size
12 kB (11529 bytes)
Hash
1968926e3926ce56acf829d47ad14499
5ebf2dbbc8d3377a850dde3b016756e5132af138
ff463b37b0c7fdfe4a47c03fd885d357b6eee6b3b2536d8cdfdbd6632a749a83

HTTP Headers

GET /ajax/libs/font-awesome/5.15.2/js/fontawesome.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 16 Sep 2022 15:41:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 11529
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fff7432-91d2"
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8779735
expires: Wed, 06 Sep 2023 15:41:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93wgLOCGx2r5zBZndyJE1x9UPxmo9Z29cpuKHp9L4mSJSUrTO7qufCWoZ6IFWn9ziztrpR7Yv9Dm2VHSZk0niLRT4Rr0KzHQnrcepLSntsfNtDgnmjBCmuuYIdBfGdmUyo%2Beo74r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74bab444afa6b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 15:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 15:21:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jzA_lXKXlKrq71SpEh63vfuAx-IlgeBwyEWCO8Is-kYhbqHbYBpxqg==
Age: 2262

fonts.googleapis.com/css?family=Nunito:300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&display=swap

142.250.74.10

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css?family=Nunito:300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1309 bytes)
Hash
e05d8086e5ea1a4aea7a2fc1ad2bd3a2
fe43ceb1ad03412d8985883255ac663573367e78
d2801971703c2898c55e4f1e545a2dcf5239f5dedccdd378d1ad5a66a695332b

HTTP Headers

GET /css?family=Nunito:300,300i,400,400i,600,600i,700,700i,800,800i,900,900i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 15:41:04 GMT
date: Fri, 16 Sep 2022 15:41:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/loader.min.css

50.62.144.162

200 OK

698 B

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/loader.min.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text
Size
698 B (698 bytes)
Hash
56a29fda4fe4840911a63aa491de15e2
fe1530832bc56364ff8b0508589d777cf7b1ec4e
61f32995516b7f1f339089a52fc48b744f793289fda4e19a2717a4d1cb0a63b5

HTTP Headers

GET /site_assets/css/loader.min.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:04:44 GMT
etag: "9a04f2-1690-5d5b962a49c35-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 698
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/custom.css

50.62.144.162

200 OK

48 B

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/custom.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text
Size
48 B (48 bytes)
Hash
74c9f9006509655f623c176bf074549f
e901299fab513c8b13bd5de566ad8c36c3be3be3
61a70018ee0e5416f407a92349e7e8ef70fba8bfc6983bd62e83d709a30064cc

HTTP Headers

GET /site_assets/css/custom.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:04:53 GMT
etag: "9a0502-6e-5d5b96332d72c-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 48
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/magnific-popup.min.css

50.62.144.162

200 OK

1.5 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/magnific-popup.min.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (5204)
Size
1.5 kB (1454 bytes)
Hash
7e8a944c72d3c3ca05cc2226760b03db
5e7f639b9cf78cdc2f96d31c139a734818f8a888
750a42b4b64904d7ed031f1595968846c1fa626c2e4da592f518175d1100e9bb

HTTP Headers

GET /site_assets/css/magnific-popup.min.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:04:41 GMT
etag: "9a04ee-146d-5d5b96281fcbb-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1454
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/switcher.css

50.62.144.162

200 OK

693 B

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/switcher.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text
Size
693 B (693 bytes)
Hash
25b6b60bf38e174c5d49041c83dd0648
93f5c9ad3c3db5e957f9d8754621891e2f6b7a42
d83601a663c92d6ec63e9810d89140dbd354301b0817439ebecc83a1c72c5feb

HTTP Headers

GET /site_assets/css/switcher.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 20 Jan 2022 16:02:36 GMT
etag: "9a04ff-ac8-5d605a182a228-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 693
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/skin/skin-12.css

50.62.144.162

200 OK

1.6 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/skin/skin-12.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
assembler source, ASCII text
Size
1.6 kB (1598 bytes)
Hash
e1c70040ce454f3b98c6cd22567cbcd7
fc62d92d6fdb3b9f5aad4711d2e05f629ecf73bf
0ec2819e0ca9b056caff048ae73b757b798eef4201bc078ce600f5a66e2b6ad7

HTTP Headers

GET /site_assets/css/skin/skin-12.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 20 Jan 2022 16:03:02 GMT
etag: "9a04f0-204b-5d605a30b6f18-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1598
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.0.1/css/all.css?ver=4.9.1

172.64.102.32

200 OK

7.8 kB

URL HTTP/2
use.fontawesome.com/releases/v5.0.1/css/all.css?ver=4.9.1
IP
172.64.102.32:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (33449)
Size
7.8 kB (7848 bytes)
Hash
37c1ee7e87dbc41cc15ddce92124977f
4f8cabdcf4721557689558501bf9ef01837c91bf
cf11dda4ccfb69594687198dc0138ed60ecee7c365576c8038cd8abf6f45ab22

HTTP Headers

GET /releases/v5.0.1/css/all.css?ver=4.9.1 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 16 Sep 2022 15:41:04 GMT
content-type: text/css
x-amz-id-2: JzSYB+HM0J0+DM72N/Vm/N3jibaMSrQ7aM8tJTww/41LQZs2iMSb3m7jAyUzg6tDlWcRz6Fw3Z0=
x-amz-request-id: XNMP9K6H802F93DG
last-modified: Wed, 30 Jun 2021 15:26:49 GMT
etag: W/"1e802d1ce4a6ec2c7cf8c249f29a5ea0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28109764
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bdmv0Sy0252EwS6lu0iqLhca1AVCsatvJPNW0xh8VexYZOiYXNVQ0kIH5GQ5aloeEf%2FRnAjCljcuAhT8hv7i69IlXIGFijahg8N3pZ8C1iyM8rnCXPpIu%2FMZLy1K8Vpq6cd9yvfu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74bab4475b2a74d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/css/settings.css

50.62.144.162

200 OK

6.9 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/css/settings.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (29946)
Size
6.9 kB (6895 bytes)
Hash
930a711113437548875ea0558e839c34
adae3c91ca3ba936f9bae78db4800a4b10a9bd9e
3d532a3ac896e7acc68b1b41d66f03677ddebef00b6a31a95672e40e8a48b4af

HTTP Headers

GET /site_assets/plugins/revolution/revolution/css/settings.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 01:22:11 GMT
etag: "9a0790-7661-5d5bcfb63f960-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6895
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/css/navigation.css

50.62.144.162

200 OK

7.7 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/css/navigation.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text
Size
7.7 kB (7654 bytes)
Hash
d581e298ba9431b2c928fef11b6fd1c6
44b463637e286f531d20bd55ad6f51ba54be4854
c4bf168c9e980e3a43798eaf1340022dddc492cf45a703ff71138d011ea7c5a5

HTTP Headers

GET /site_assets/plugins/revolution/revolution/css/navigation.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:07 GMT
etag: "9a07a0-e8b8-5d5bc8fd7afff-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 7654
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/bootstrap.min.css

50.62.144.162

200 OK

18 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/bootstrap.min.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65371)
Size
18 kB (18205 bytes)
Hash
27447b0c780930f97055ceb44feeb3d8
a550d6c894c356cbaaf74eadc9c3d3759d9dd668
d9f490838dd5344f0407121aab3ed3313c7373ce203eb2dc2fe0940599b27f2b

HTTP Headers

GET /site_assets/css/bootstrap.min.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 01:23:28 GMT
etag: "9a04ec-1da6e-5d5bcfff261b1-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 18205
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.208.31.97

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.31.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: i3BtuEDVg6FbG5oa9h06GA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eYUE2dQQIG8S+KOM1JGaf2LnA+8=

galaxyequipmentcorp.com/site_assets/css/style.css

50.62.144.162

200 OK

39 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/style.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text
Size
39 kB (38698 bytes)
Hash
48ab9e7354711648c8b1b483895c8f94
800bddc26ec86fec1f6726492522b94a0fa38d3e
07a899f74cdf7e14f342f391104298bb7ac0e28373161dd9fc402733d8352a79

HTTP Headers

GET /site_assets/css/style.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 29 Jan 2022 00:46:22 GMT
etag: "9a0504-3907b-5d6ade15d7751-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 38698
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/owl.carousel.min.css

50.62.144.162

200 OK

792 B

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/owl.carousel.min.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (2851)
Size
792 B (792 bytes)
Hash
aabe9243353493fde8183af22e4b3fc0
82eafa0d1da4ece3af39580aab850a77cdbf71c6
c2adde3684c88d696620bc0f37fce2615a225a66587b4724a81aed5d7e7ea283

HTTP Headers

GET /site_assets/css/owl.carousel.min.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:04:53 GMT
etag: "9a0503-b7d-5d5b96335dca0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 792
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/flaticon.min.css

50.62.144.162

200 OK

1.1 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/flaticon.min.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text
Size
1.1 kB (1145 bytes)
Hash
1a0383b05d524fc71192effb6fbf08f3
36d4f11dc518bd7d10cd61e030b5b930c8410ef1
cc7dc91d9f582444eabf93f866b63c17a64e21654b038b63a21af94a9bb0a79f

HTTP Headers

GET /site_assets/css/flaticon.min.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 01:23:15 GMT
etag: "9a0505-16cd-5d5bcff2a0398-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1145
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/bootstrap-select.min.css

50.62.144.162

200 OK

1.4 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/bootstrap-select.min.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (6433)
Size
1.4 kB (1402 bytes)
Hash
89b25939ab4cb05e9c532b9b9e6bcf4f
0554b61e9c12bc9197477a6f791eb95bcca4d244
9d078432a86cca09c582c5f4e5a63304beb250e3c73d13aa778ec0a54061edf6

HTTP Headers

GET /site_assets/css/bootstrap-select.min.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:04:52 GMT
etag: "9a0501-19fa-5d5b963258108-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1402
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/fontawesome/css/font-awesome.min.css

50.62.144.162

200 OK

6.7 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/fontawesome/css/font-awesome.min.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (31131)
Size
6.7 kB (6702 bytes)
Hash
2f082455ba115428ddd55add0af5083f
33105fa28dec4b53b9f9626f95b5fb61d874cb7d
226b1e2a4c21373905f71ad0c7b57082c297d195940bc5d2315fe7ca04e61681

HTTP Headers

GET /site_assets/css/fontawesome/css/font-awesome.min.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 01:22:22 GMT
etag: "9a04f5-7a3e-5d5bcfc0877ad-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6702
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/css/animate.min.css

50.62.144.162

200 OK

2.5 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/css/animate.min.css
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (16755)
Size
2.5 kB (2499 bytes)
Hash
fa16bcbf575f35b9f8d69175174498c2
f4b0ee045ae062dd678c0a2265c565ae607292af
db204b9deb3820f71b19cace73ba59226070365f07d32d83b4a48bee276f4fb0

HTTP Headers

GET /site_assets/css/animate.min.css HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:04:43 GMT
etag: "9a04f1-4236-5d5b9629e7dc4-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2499
content-type: text/css
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:41:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/1.1
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 14 Sep 2022 20:15:32 GMT
Expires: Thu, 14 Sep 2023 20:15:32 GMT
Cache-Control: public, max-age=31536000
Age: 156333
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2

galaxyequipmentcorp.com/site_assets/js/counterup.min.js

50.62.144.162

200 OK

1.5 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/counterup.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (2988)
Size
1.5 kB (1499 bytes)
Hash
f4dcf539159393348fd7155abd23cd64
fcda434d24a70926ad562ae268ccb7cc102dca87
f6f19376c5cc3ad75aa501e8ee91a8daa629a2d3f9dbfa201731432c169a04f7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/counterup.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:16 GMT
etag: "9a06cc-c45-5d5b98134450b-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1499
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/waypoints-sticky.min.js

50.62.144.162

200 OK

1.5 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/waypoints-sticky.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
Unicode text, UTF-8 text, with very long lines (3130)
Size
1.5 kB (1526 bytes)
Hash
f0e5d9598e6f960beb85f2a920b69c34
4c7fb22dfff584a5bab2f6eb76a333b5108fd01a
6fb4af37276622050c4a31214832a78b37e7fbb2de3c5270e368e431f245d06a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/waypoints-sticky.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:18 GMT
etag: "9a06d0-d05-5d5b98154294a-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1526
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:41:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 285004
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/scrolla.min.js

50.62.144.162

200 OK

1.5 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/scrolla.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (2073)
Size
1.5 kB (1507 bytes)
Hash
3b8e3eef0def9625719c65e176f91cc6
5eedda124f4e3f7cee9d0594a488483984f898f5
fc62d0db4f05eccadb5109c3a9e4be4a11a0f47dfe49cb760ac6ca2fd0a6b151

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/scrolla.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:16 GMT
etag: "9a06cb-c7f-5d5b981346064-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1507
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/shortcode.js

50.62.144.162

200 OK

2.2 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/shortcode.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (2073)
Size
2.2 kB (2153 bytes)
Hash
06b7f55202edda4f4233a25fb1f671cf
efca9858b478f8ad483e658168988fcd60c41b10
5c10c1eb20e0839ffee18fe56d36de771437c156adbccbf9e7dc91d69741adb6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/shortcode.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:20 GMT
etag: "9a06d2-2fc9-5d5b9816c0ab4-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2153
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/switcher.js

50.62.144.162

200 OK

2.1 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/switcher.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (2073)
Size
2.1 kB (2107 bytes)
Hash
8c4772d40521a9a9996e7e1da3f8820e
8a70bb459f99410964f29b1f88a772880857523d
ffd9d83e3f5d3fb3d385fcdbe07ee8d4e6d64cb549b50681b640474a95f2a8bd

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/switcher.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:06 GMT
etag: "9a06be-3033-5d5b9808f789c-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2107
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:41:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.kenburn.min.js

50.62.144.162

200 OK

2.5 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.kenburn.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (5588)
Size
2.5 kB (2469 bytes)
Hash
f79fa5448c3440a568a0241cfa76e3cd
4a2f8c0e4792d5e472bcb7bb118d4daa31e1f643
c871bda02ca849b6077e90ddedf4f9f2fff2dca8822d3596de3643fc4c9c7377

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.kenburn.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:14 GMT
etag: "9a07a8-16bf-5d5bc90448bcd-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2469
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/rev-script-4.js

50.62.144.162

200 OK

2.0 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/rev-script-4.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
exported SGML document, ASCII text, with very long lines (2141)
Size
2.0 kB (1972 bytes)
Hash
355d7ecebba7b64d03e14ebe1930d001
54806e86bb91c0beff64de79b3fc7d680b495ebe
7c1f66c0ec2776c97905c7ef074015965178d5eda218fa125b2cbd8badbfafba

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/rev-script-4.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:19 GMT
etag: "9a06d1-15a4-5d5b98159fd82-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1972
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/clients_images/JCB_LOGO1.png

50.62.144.162

200 OK

5.0 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/clients_images/JCB_LOGO1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 200 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (5004 bytes)
Hash
862f1336fc3ccaea19d7249340918dd5
ee77b324a6ea92c4de9ea6b1a9305fa3acce4f49
3547eaa9d230c201a676ed3a1dd02e93609ecf05fe784b9629df0a912ee1159d

HTTP Headers

GET /actrl/assets/clients_images/JCB_LOGO1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 22:22:04 GMT
etag: "fa0f3f-138c-5d724905b3e57"
accept-ranges: bytes
content-length: 5004
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/clients_images/CAT_LOGO1.png

50.62.144.162

200 OK

5.4 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/clients_images/CAT_LOGO1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 200 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5430 bytes)
Hash
75baf0191cb6833047f60817edcfc46a
7c776e024bc70a2ecedf0b2e446549d80fc79761
dcd8d2f5c7d46bde28bbb487868e57d43fbf37f620530e05cafa6a92f200e3b4

HTTP Headers

GET /actrl/assets/clients_images/CAT_LOGO1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 22:20:11 GMT
etag: "fa0f38-1536-5d72489a8cdc3"
accept-ranges: bytes
content-length: 5430
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/waypoints.min.js

50.62.144.162

200 OK

3.7 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/waypoints.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
Unicode text, UTF-8 text, with very long lines (10936)
Size
3.7 kB (3655 bytes)
Hash
cc7ea2a72a2748736221f5f79f578149
89c95ade4e115eb6586276dd21cc064b39ca2eed
4dfcf08e5fa70329f7358d4795f47c638e70e614d96b7c24c428263e0313b557

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/waypoints.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:10 GMT
etag: "9a06c5-2b68-5d5b980d3f440-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3655
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/jquery.bootstrap-touchspin.min.js

50.62.144.162

200 OK

3.3 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/jquery.bootstrap-touchspin.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (11100), with no line terminators
Size
3.3 kB (3318 bytes)
Hash
a6f90eea464e0779e771a33dbc0d5798
e06bfb94bc6d18a6c205ff85ea55a1a7b26e8354
8c905b7670183e58d8808ff905e857e7f5a24a7c3c8389b6ac893403b003b2d1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/jquery.bootstrap-touchspin.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:13 GMT
etag: "9a06c8-2b5c-5d5b980fc6bda-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3318
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/clients_images/Hitachi-Logo1.png

50.62.144.162

200 OK

5.6 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/clients_images/Hitachi-Logo1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 200 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5581 bytes)
Hash
2f2cfc6c8ed5737abcb2d3513f679a9d
0ba21a6df5686f95128d0aaaab6acb4c249860f6
c9241f577400d9b527642cf952391392b8f5ea8e28535299afeb171ad9cf9a67

HTTP Headers

GET /actrl/assets/clients_images/Hitachi-Logo1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 22:20:54 GMT
etag: "fa0f3b-15cd-5d7248c2b7515"
accept-ranges: bytes
content-length: 5581
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.actions.min.js

50.62.144.162

200 OK

3.5 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.actions.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (10162)
Size
3.5 kB (3466 bytes)
Hash
ccde0a6028e56ed9dfc611411f818377
898f723613535056d12e23043fd5705ba7d745c9
a974ee167336dd263f1bbee0fe7da4dde4a368139c3318d4b07b052ce31ce92f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.actions.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:12 GMT
etag: "9a07a4-289d-5d5bc901eeeae-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3466
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.carousel.min.js

50.62.144.162

200 OK

3.5 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.carousel.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (9443)
Size
3.5 kB (3520 bytes)
Hash
321f3a2849662263d3567ed6474e2385
6f6ed9b239dd4f7f7a292023fa91d3e8ca157285
be0f12311d6d1c785b4a38c7c95a1d873dae49b60dc66ae4faf870d63d6979b6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.carousel.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:11 GMT
etag: "9a07a3-25ca-5d5bc9015c2f9-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3520
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/images/background/scale-top.png

50.62.144.162

200 OK

886 B

URL HTTP/2
galaxyequipmentcorp.com/site_assets/images/background/scale-top.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 1903 x 36, 8-bit colormap, non-interlaced\012- data
Size
886 B (886 bytes)
Hash
8edcd3169c0a487e03a5a7aa73ef5a92
269e00460c1de13a185d560e0a2bcf979546e545
5f669979c69402d0f5c019960b7a7c2308309a99842303aabdbcd54a780763c7

HTTP Headers

GET /site_assets/images/background/scale-top.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://galaxyequipmentcorp.com/site_assets/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:05:01 GMT
etag: "9a0519-376-5d5b963af2818"
accept-ranges: bytes
content-length: 886
content-type: image/png
date: Fri, 16 Sep 2022 15:41:05 GMT
server: Apache
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

104.18.11.207

200 OK

5.5 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20604)
Size
5.5 kB (5526 bytes)
Hash
a3cf419c330c11b1dd49468cadefd978
aa0885a2ec93f0d78d3b3da96df926f7eab03683
152d6083c64e4e704d54307eaa4424d50893e92b33e2e2a54f8e848adf8775d3

HTTP Headers

GET /font-awesome/4.1.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 16 Sep 2022 15:41:04 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 723, 617
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-07-24 09:40:41
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 2b50aaedc481ac5a56e54a88a5b8c43a
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 6386563
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74bab4471819b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/images/footer-strip.png

50.62.144.162

200 OK

1.5 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/images/footer-strip.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 97 x 15, 8-bit colormap, non-interlaced\012- data
Size
1.5 kB (1453 bytes)
Hash
0abe12c7d8592473ab83fd40ad7b55dd
ea97b3838273f08217aa93670672c65cd733a7ce
6578fbd1ceed1ffa34b4114243cba9cc47cc0097ae1fa15679eacb4e7f38546c

HTTP Headers

GET /site_assets/images/footer-strip.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://galaxyequipmentcorp.com/site_assets/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:04:58 GMT
etag: "9a0537-5ad-5d5b96386b07d"
accept-ranges: bytes
content-length: 1453
content-type: image/png
date: Fri, 16 Sep 2022 15:41:05 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/clients_images/john-deere_LOGO1.png

50.62.144.162

200 OK

6.7 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/clients_images/john-deere_LOGO1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 200 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
6.7 kB (6685 bytes)
Hash
6907525baf40a12db0a44e7a2c091384
15c2f79b54f318297efa0dd5b0a868d18933e7ad
554fb4d875edba0ca4c73fda416cdd5cf97f5cb447b48324ebb76f2e4f9ae59b

HTTP Headers

GET /actrl/assets/clients_images/john-deere_LOGO1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 22:21:13 GMT
etag: "fa0f3c-1a1d-5d7248d4dbf41"
accept-ranges: bytes
content-length: 6685
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/stellar.min.js

50.62.144.162

200 OK

4.2 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/stellar.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (14526)
Size
4.2 kB (4229 bytes)
Hash
439abbc49e99c0fc29b3a8d0a656b0d9
f46f907d8ef574d21bbad6aa9c7bf920bee60bb4
cbb51f4764937f5f21eafcaa8f475e534d9bad9d5bb6c04f22cc4ec2f0b29bdc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/stellar.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:08 GMT
etag: "9a06c2-394e-5d5b980b4e2f3-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4229
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/clients_images/komatsu-LOGO1.png

50.62.144.162

200 OK

8.2 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/clients_images/komatsu-LOGO1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 216 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
8.2 kB (8211 bytes)
Hash
48cb28bab3007b0139ccc8e5c7f43cf9
b204d1d5a61f2b9991e63b32a43259d6efc47315
51443906caa523446682153cf4f3092fa0dbe28fd1de6631928b5640b963dd82

HTTP Headers

GET /actrl/assets/clients_images/komatsu-LOGO1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 22:20:30 GMT
etag: "fa0f39-2013-5d7248ac04a3f"
accept-ranges: bytes
content-length: 8211
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.parallax.min.js

50.62.144.162

200 OK

4.1 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.parallax.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (12765)
Size
4.1 kB (4057 bytes)
Hash
62a7adca2e4a4eaa65b307cd18c72181
c157c98cd8a74e9d2aed9d443964c511ea40a2e9
a623b3d59ce0b79dbdc2e7bcc1659e8c1a57d276328b1ea6a4bede6afdb3f67e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.parallax.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:14 GMT
etag: "9a07a7-32c8-5d5bc903e9c3d-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4057
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/clients_images/CASE-Construction-Logo1.png

50.62.144.162

200 OK

10 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/clients_images/CASE-Construction-Logo1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 200 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10219 bytes)
Hash
d2a294192e6f8527479e9d31d94d0e5f
2fa60665eb608e1bf842a8f06e060e34cd50c49a
2176e4ea6b5d2ae9ca83cd50803ccd9949ecd29d6037a39bdbbcac99dcd1cd2d

HTTP Headers

GET /actrl/assets/clients_images/CASE-Construction-Logo1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 22:21:25 GMT
etag: "fa0f3d-27eb-5d7248e1323a3"
accept-ranges: bytes
content-length: 10219
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/custom.js

50.62.144.162

200 OK

5.7 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/custom.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (2091)
Size
5.7 kB (5679 bytes)
Hash
2291411d7643f42f462aca153edc2d1c
87cd05fb0de309e19cea02cc58962cbb0918b1ca
619652f4f6b8bf77b5bd8204b436c0e6b99fcbf946fb6d19aeddbb5b4520c1cf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/custom.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:10 GMT
etag: "9a06c4-5e52-5d5b980cba734-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5679
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.slideanims.min.js

50.62.144.162

200 OK

7.6 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.slideanims.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (30891)
Size
7.6 kB (7582 bytes)
Hash
a59e07fdda111f06a9992db7ec55acc2
fcab5afed86dd3c7e83b3c2be1e25a14f2c5b058
8c70fcf67d4470d22873fa042c354a2e78ed5589b39fd85c004d0aa191a85750

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.slideanims.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:15 GMT
etag: "9a07a9-79a3-5d5bc90561fe7-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 7582
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/magnific-popup.min.js

50.62.144.162

200 OK

8.1 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/magnific-popup.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (22160)
Size
8.1 kB (8121 bytes)
Hash
b6da96b323cd963da2b5b5300dd12a87
986b97e7ad6a46cfc38724b281509744db72d736
d7d4adc328ba40114f9eae51c98beccdfbfb454478d1bad9a74f93d8c58b29e1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/magnific-popup.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:12 GMT
etag: "9a06c7-5715-5d5b980f2a3e4-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 8121
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.migration.min.js

50.62.144.162

200 OK

7.8 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.migration.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (27935)
Size
7.8 kB (7757 bytes)
Hash
ede4879c4a5912b1e9a997bc70f9a504
9cf1383023021ef44aa491b3193e348f132c8c55
589292b7d7f6bc13ee89b3cab5e31c7f9397d4cb1af39c402c9a4ee43d3cb32a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.migration.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:16 GMT
etag: "9a07aa-6e0c-5d5bc905fb8fd-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 7757
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.navigation.min.js

50.62.144.162

200 OK

7.8 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.navigation.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (27935)
Size
7.8 kB (7757 bytes)
Hash
ede4879c4a5912b1e9a997bc70f9a504
9cf1383023021ef44aa491b3193e348f132c8c55
589292b7d7f6bc13ee89b3cab5e31c7f9397d4cb1af39c402c9a4ee43d3cb32a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.navigation.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:13 GMT
etag: "9a07a6-6e0c-5d5bc9038471b-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 7757
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.video.min.js

50.62.144.162

200 OK

7.8 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.video.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (27906)
Size
7.8 kB (7755 bytes)
Hash
33f965b1f9a072fb4852a45513cbce47
5b995d80a5db8cf828b174490214c8ebe9c77dab
b0120734b44802db195cff462182189b2ef9596c9ac8871579b6cba0ab1daea9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.video.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:16 GMT
etag: "9a07ab-6df4-5d5bc90697923-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 7755
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/clients_images/volvo-construction_logo2.png

50.62.144.162

200 OK

16 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/clients_images/volvo-construction_logo2.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 184 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16067 bytes)
Hash
b9268caccbe685ebe4d0b98272f42ed8
7429028a97629589540e7463381e3fefd80d201f
67502d01f653e952d04168a6d2b1bc4a049ede30f953cfa93d850e14ffb1d249

HTTP Headers

GET /actrl/assets/clients_images/volvo-construction_logo2.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 22:23:34 GMT
etag: "fa0f40-3ec3-5d72495b72572"
accept-ranges: bytes
content-length: 16067
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/clients_images/doosan_LOGO1.png

50.62.144.162

200 OK

16 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/clients_images/doosan_LOGO1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 200 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15507 bytes)
Hash
0a32e118a80d4a01cb087bfaee90ccb3
ac27cbccc8b0401d950f041e800401c64f82c608
d5b71aea6811d54c15597f8fd4a1080913f002022690b7927ad0c6a8db5b5144

HTTP Headers

GET /actrl/assets/clients_images/doosan_LOGO1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 03 Feb 2022 22:20:42 GMT
etag: "fa0f3a-3c93-5d7248b7ff5c1"
accept-ranges: bytes
content-length: 15507
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/bootstrap-select.min.js

50.62.144.162

200 OK

11 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/bootstrap-select.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (32004)
Size
11 kB (10569 bytes)
Hash
28ad2fe6d42bdd798c8299f030bd6f0e
5664a6d9f5025c2c8a235f5d5ddaeada3e5ef756
72f6f557cca140201618dbb50a290efe7aa7b577450f9db30e13322fa5e21a09

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/bootstrap-select.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:11 GMT
etag: "9a06c6-8a77-5d5b980da64b9-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10569
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/bootstrap.min.js

50.62.144.162

200 OK

11 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/bootstrap.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (32033)
Size
11 kB (10582 bytes)
Hash
ef66e7a6420f71fff9bda9e47ffd4c06
1fcb40b3ced105fb8b063c07c3189c46ba461faf
19a6360d02ac5c81d6dced7c6f6c8824bb9a0075eecc41c934e7e860fab01291

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/bootstrap.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:16 GMT
etag: "9a06ca-98cc-5d5b9812dad82-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10582
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/isotope.pkgd.min.js

50.62.144.162

200 OK

11 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/isotope.pkgd.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (32014)
Size
11 kB (10699 bytes)
Hash
cc25da46b5ea3dbb70a0769159a69fb0
454d2cee3a56cb720f7508ec8b08eef39375ef32
bb226d805c07af7cd53ace93b370dbbcaf6a20e304b229d206d51960032983ab

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/isotope.pkgd.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:05 GMT
etag: "9a06bc-9202-5d5b980893703-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10699
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/js/owl.carousel.min.js

50.62.144.162

200 OK

12 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/owl.carousel.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (32000)
Size
12 kB (11750 bytes)
Hash
ee0e325f5fbf815a413031a4cace2c77
d833eede621e48ca37e301e5030e8d4fe251cba0
3aaa0f53e6064606424ff24af87ce01d307ed7f883b01e8bcea5079bac01c513

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/owl.carousel.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:14 GMT
etag: "9a06c9-af26-5d5b9810ecb15-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11750
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.layeranimation.min.js

50.62.144.162

200 OK

15 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.layeranimation.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (57629)
Size
15 kB (14826 bytes)
Hash
3f31419896684dc054f60da8f4477885
071f7eca019cca85741a57cb5568562f9ca3e52d
158ee91ad2935ef8a0ca7dfdd8d3350affc46f4eb3bda22752291cf053a5686e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/extensions/revolution.extension.layeranimation.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:12 GMT
etag: "9a07a5-e216-5d5bc902bd771-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 14826
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.revolution.min.js

50.62.144.162

200 OK

18 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.revolution.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65207)
Size
18 kB (18511 bytes)
Hash
d3d57c94cca4227421545343dedb3a23
418a94f19b66c0bc7361891a5d66ea9748acd425
73781467b3e215c9d60f153eeef66375764e70cfd95897185d85e509b6127819

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/jquery.themepunch.revolution.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:09 GMT
etag: "9a07a1-105f6-5d5bc8ff0839b-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 18511
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16842
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 15:41:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16842
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 15:41:06 GMT
Connection: keep-alive

galaxyequipmentcorp.com/site_assets/js/jquery-1.12.4.min.js

50.62.144.162

200 OK

34 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/js/jquery-1.12.4.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (32077)
Size
34 kB (33915 bytes)
Hash
3f945f89b6256688a1543972ce0afcab
5915576e77d18ac2344825e926c858f04f994f23
ab329be8799b0b5ef244022dd16a4588fe077e46dbc323fe8ab13c30e12e6252

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/js/jquery-1.12.4.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:13:08 GMT
etag: "9a06c0-183a8-5d5b980b5fc34-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 33915
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.tools.min.js

50.62.144.162

200 OK

38 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/plugins/revolution/revolution/js/jquery.themepunch.tools.min.js
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (27287)
Size
38 kB (37987 bytes)
Hash
cbd2b743fb60f4627358f77e712262f0
f2c4ff9adae5f81fb2aa773b5a252c08fdc38f69
d45d516c0fc8af30f75e73ecf6d93c21259caf2b66316855f78e46e7a759b96e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/plugins/revolution/revolution/js/jquery.themepunch.tools.min.js HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 17 Jan 2022 00:52:18 GMT
etag: "9a07ac-1b76c-5d5bc90809b25-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 37987
content-type: application/javascript
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/equipment_images/13/10.jpg

50.62.144.162

200 OK

36 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/equipment_images/13/10.jpg
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 360x480, components 3\012- data
Size
36 kB (36317 bytes)
Hash
be998efed1f62e41f76d74412ff43ac9
1c3ffe6617717c342e5013d95963f590101ea933
5964a423f72fb81b35a97008c8b81076ba0580ebcb960b2edb65e7b5801bf573

HTTP Headers

GET /actrl/assets/equipment_images/13/10.jpg HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 Feb 2022 19:08:14 GMT
etag: "14e02a7-8ddd-5d83b7cf99d5d"
accept-ranges: bytes
content-length: 36317
content-type: image/jpeg
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10163 bytes)
Hash
3a4ed510756efe784c4ca84c61c4b5ba
10262867cfb19d3ba8f618e235d1a98531048f34
b5ba0de5ce381579e49e3e3c23244048fc8aac693ce0c977560f28b9a51f6a0b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10163
x-amzn-requestid: 7c849e5d-468e-4f6a-ad44-c7995bfa81bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvuGFU5oAMF_Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202cc0-5376d2432c79a3146b6c29f4;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XGVoNQZeoG0AQ6LabPW2Zg7pAQqdl-bGTFAhbNpLlgTWNWx55-wEUQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:14 GMT
age: 64552
etag: "10262867cfb19d3ba8f618e235d1a98531048f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/fonts/icomoon%EF%B9%96rrsgby.ttf

50.62.144.162

200 OK

3.1 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/fonts/icomoon%EF%B9%96rrsgby.ttf
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
data
Size
3.1 kB (3085 bytes)
Hash
d46aed5693d26aad8d647fd34f47e566
9dc5b4727567970c111d34d554ff58426f831f8d
b107a6db746ec80efd8175141453c362bb31a2012aaec470904216520889b5d1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/fonts/icomoon%EF%B9%96rrsgby.ttf HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: https://galaxyequipmentcorp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:05:07 GMT
etag: "9a06b9-271c-5d5b9640f9824-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5717
content-type: font/ttf
date: Fri, 16 Sep 2022 15:41:05 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16842
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 15:41:06 GMT
Connection: keep-alive

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9904 bytes)
Hash
e6d17788c7d2a1a91e68eff48df14bd1
8e1090346d90bc69e7a95384e6a7a01154e31567
1e1eefa02e4c55e73be87a309ad5c2335856125cb678cff6ebc42c5ff73a0e2b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: a23cb4b3-db6e-48ae-90b1-3ecf6478bf52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDpH_CIAMFl4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-15869210609a18587467d1e2;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RbKcO0CPRsex8VWdIVqctamGyJ7D1PHD04ry2wbrcDPDYL0Yy5vPPQ==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
etag: "8e1090346d90bc69e7a95384e6a7a01154e31567"
content-type: image/jpeg
age: 64231
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12123 bytes)
Hash
f876cdc19dca10c62d83d19303512c7f
9f812c7bc1b42b0cea3e42694e7d1f6738789770
c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: 2beedee9-cf7e-47d6-ac4d-3ca9251aa565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfSWEFAZoAMFd6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322ca8d-37688e4a23c3234a25becf57;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 06:47:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: H2ySDtSQZtsrCA99y1a2_fLQcRI8hvN_nvA9U_V_iCm6c3cq3DigXQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:11:59 GMT
age: 62947
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Dancing+Script:400,700&display=swap

142.250.74.10

200 OK

14 kB

URL HTTP/2
fonts.googleapis.com/css?family=Dancing+Script:400,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (13981 bytes)
Hash
f74d51917d414c306a7d666563fe9849
46e30b59cf46798acf3580de27e3b1222279a0eb
04ef3f43ca78fd2c69f42122e35f8c1e43d7382431e9e15d9b3d9004401e691b

HTTP Headers

GET /css?family=Dancing+Script:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 15:41:04 GMT
date: Fri, 16 Sep 2022 15:41:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12425 bytes)
Hash
da1bd18c37b83b0ef4641036dc208eec
abb5c719ec9341c6d4146297a2a1eca171df9c81
0085a66912a814c619a1257545d36610c7109ba32f1b097176102d3d3db2c8d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12425
x-amzn-requestid: 96b5f0d2-1327-4180-9d48-f915630c3de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDqHyooAMFqyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-7d89d2d7024f6a821a62c948;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1Y5uBMPJvxTDKGnc5Q0lzKZXDv4lwTByGDO8eRIwgauut0yfJz-8Lg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
age: 64231
etag: "abb5c719ec9341c6d4146297a2a1eca171df9c81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8435 bytes)
Hash
b7d4ee58e0f26ec6817dbab72aa7db6d
b6e634ef27eba9da38c6472565e0fdca6898e4f0
07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rgjwYJ-ZzVF3bv7pl1l8TN8EAoENIcaSAXJU_YhFOSNRCzrCuPuKbQ==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:44:10 GMT
age: 64616
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/equipment_images/6/WhatsApp_Image_2021-12-02_at_11_14_27_AM_(1)_cleanup.jpeg

50.62.144.162

200 OK

47 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/equipment_images/6/WhatsApp_Image_2021-12-02_at_11_14_27_AM_(1)_cleanup.jpeg
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 280x280, components 3\012- data
Size
47 kB (46763 bytes)
Hash
32a20710ef7730c07b91f6ffcc3a3f8a
8ecf5ecbc68a98d55b41bc06b3b3481be9580f04
5a46142270d56570bcff3aef72cec604b1613cf17eea1915ebe98942783a123c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /actrl/assets/equipment_images/6/WhatsApp_Image_2021-12-02_at_11_14_27_AM_(1)_cleanup.jpeg HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 15 Feb 2022 18:11:46 GMT
etag: "f817c2-b6ab-5d812774e02ce"
accept-ranges: bytes
content-length: 46763
content-type: image/jpeg
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/images/logo-12.png

50.62.144.162

200 OK

50 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/images/logo-12.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 500 x 235, 8-bit/color RGB, non-interlaced\012- data
Size
50 kB (50459 bytes)
Hash
0db545bd7f4b92b96ee209ab948f9d69
c7956f34187bdfd0649fa6f626b0b5c344529b01
253dd1d92217ba92a75734539ab15a2b024af414c7ddd2b316a1e1ac9c5433e9

HTTP Headers

GET /site_assets/images/logo-12.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 20 Jan 2022 16:08:27 GMT
etag: "9a051e-c51b-5d605b670d4cb"
accept-ranges: bytes
content-length: 50459
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/images/background/bg-8.jpg

50.62.144.162

200 OK

59 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/images/background/bg-8.jpg
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x414, components 3\012- data
Size
59 kB (59024 bytes)
Hash
3cc8d63dae4c581862a7b40448515d9f
ea0d301ee8e4f2508881aea1e7ba17688a074629
2930ac536a8a3cf5a962f53eb672d5f592d1194c53abbf3c0e165e674f3da030

HTTP Headers

GET /site_assets/images/background/bg-8.jpg HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 22:27:49 GMT
etag: "9a051a-e690-5d5ba8bce031d"
accept-ranges: bytes
content-length: 59024
content-type: image/jpeg
date: Fri, 16 Sep 2022 15:41:05 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Vampiro+One&display=swap

142.250.74.10

200 OK

72 kB

URL HTTP/2
fonts.googleapis.com/css?family=Vampiro+One&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
72 kB (71530 bytes)
Hash
cff960d290c581018a7d24233e7679ce
cf525fc938fb919c6fa50cf30975efcef53f037b
da8b8796e910459f17e358814ef5ca0a38e97117d3084a2691c48e9caa0fe8d5

HTTP Headers

GET /css?family=Vampiro+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 15:41:04 GMT
date: Fri, 16 Sep 2022 15:41:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/1.1
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15920
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 14 Sep 2022 21:41:59 GMT
Expires: Thu, 14 Sep 2023 21:41:59 GMT
Cache-Control: public, max-age=31536000
Age: 151147
Last-Modified: Wed, 11 May 2022 19:24:45 GMT
Content-Type: font/woff2

galaxyequipmentcorp.com/actrl/assets/equipment_images/8/1.jpg

50.62.144.162

200 OK

94 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/equipment_images/8/1.jpg
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Size
94 kB (93920 bytes)
Hash
f10b093c3c1f5c177d59c60c8183937b
aff0e864a711e1d096fe2284710ecbff3753fc65
15ff6b7186b0af6aa0a1ddd29016e3debe049c892690612957b13a0a6434dcf6

HTTP Headers

GET /actrl/assets/equipment_images/8/1.jpg HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 Feb 2022 18:24:25 GMT
etag: "11c0399-16ee0-5d83ae03ee506"
accept-ranges: bytes
content-length: 93920
content-type: image/jpeg
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/equipment_images/12/DSC02371.jpg

50.62.144.162

200 OK

146 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/equipment_images/12/DSC02371.jpg
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=11, description= , manufacturer=SONY, model=DSC-P73, orientation=upper-left, xresolution=192, yresolution=200, resolutionunit=2, datetime=2005:10:23 23:35:12], baseline, precision 8, 640x480, components 3\012- data
Size
146 kB (146457 bytes)
Hash
80f2b1f81860f0a633d6fb7b9d159cb9
ba0f4c53df7d3b84e5417523ea0085fd5aed7032
3839b00160929a60584d49459ae6994871740a520594e37fa6a1e43edef475f4

HTTP Headers

GET /actrl/assets/equipment_images/12/DSC02371.jpg HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 Feb 2022 18:47:55 GMT
etag: "14e02a4-23c19-5d83b344ef1a9"
accept-ranges: bytes
content-length: 146457
content-type: image/jpeg
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/equipment_images/11/4.jpg

50.62.144.162

200 OK

194 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/equipment_images/11/4.jpg
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x900, components 3\012- data
Size
194 kB (193533 bytes)
Hash
a45ad46db91eba298e77d91921cb906e
55351985aa07fa68b62ffe56f39da755288d2ce8
96fce1a982b0a52bc6694edb7fc997b92098bfbd33fea4f4e3995c1514467c21

HTTP Headers

GET /actrl/assets/equipment_images/11/4.jpg HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 Feb 2022 18:45:32 GMT
etag: "14e029b-2f3fd-5d83b2bc4a54b"
accept-ranges: bytes
content-length: 193533
content-type: image/jpeg
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/equipment_images/9/3.jpeg

50.62.144.162

200 OK

251 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/equipment_images/9/3.jpeg
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x1200, components 3\012- data
Size
251 kB (250765 bytes)
Hash
5f7e1e37f6d30a7bc1fc17daf41fb002
fed2af3a14d17439499ab7077b1ddf1a3b5c3bc0
eb350bbb41b19a03e1685177c4427db23f25b4ca72ba295981491d9d6b8ccdf2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /actrl/assets/equipment_images/9/3.jpeg HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 Feb 2022 18:34:47 GMT
etag: "11e0a3a-3d38d-5d83b0550cb71"
accept-ranges: bytes
content-length: 250765
content-type: image/jpeg
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/fonts/revicons/revicons%EF%B9%965510888.woff

50.62.144.162

404 Not Found

1.7 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/fonts/revicons/revicons%EF%B9%965510888.woff
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.7 kB (1699 bytes)
Hash
12bc9fcd7f59bd4a0c74e0477ccbad55
9c866d208d2bc04fdc136dbc1fef2e889beb9cbf
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/fonts/revicons/revicons%EF%B9%965510888.woff HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: https://galaxyequipmentcorp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1699
content-type: text/html
date: Fri, 16 Sep 2022 15:41:06 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/equipment_images/10/20210420_143443_resized.jpg

50.62.144.162

200 OK

416 kB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/equipment_images/10/20210420_143443_resized.jpg
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1008x756, components 3\012- data
Size
416 kB (416099 bytes)
Hash
774f411bfac957235988bf26f74128e9
4c63903e94bc462d7e4e06c68e72e054683b5c31
2c3c6b83158d329703b842d0e36f55fccacc96900ad21423b8c4967498132d48

HTTP Headers

GET /actrl/assets/equipment_images/10/20210420_143443_resized.jpg HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 Feb 2022 18:38:08 GMT
etag: "14e0293-65963-5d83b114cbc3c"
accept-ranges: bytes
content-length: 416099
content-type: image/jpeg
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/fonts/revicons/revicons%EF%B9%965510888.ttf

50.62.144.162

404 Not Found

703 B

URL HTTP/2
galaxyequipmentcorp.com/site_assets/fonts/revicons/revicons%EF%B9%965510888.ttf
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
703 B (703 bytes)
Hash
8216b2246391d668b222b10fa7a8e365
4bb7699205a3dbd1e233b95769b6f09df666b3b7
4bd052f5166736de11ae4b9f8a7b8260c86928468f110b96666eed387e37b719

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/fonts/revicons/revicons%EF%B9%965510888.ttf HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: https://galaxyequipmentcorp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 703
content-type: text/html
date: Fri, 16 Sep 2022 15:41:06 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e93324d6ebf7de1bf51a43d1cfce9fbc
673a6701d07f44a1139eeb7693ca220cf1bdb954
c977af10b5b436b49e038bde9c841a77830cd20a1c3d084d4fb833e9089b495c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1389
Cache-Control: max-age=144770
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 15:41:07 GMT
Etag: "63242628-1d7"
Expires: Sun, 18 Sep 2022 07:53:57 GMT
Last-Modified: Fri, 16 Sep 2022 07:30:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/sdk/xfbml.customerchat.js

31.13.72.12

200 OK

93 kB

URL HTTP/2
connect.facebook.net/en_US/sdk/xfbml.customerchat.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (20954)
Size
93 kB (92756 bytes)
Hash
2409121f8b91bd0155148aa8dede2f3d
272e0a8e37581208136a72608d2157a9b449b5eb
d67dd11e06559ebb4a3dc28d7a558fcb9edc6fd02179247fb42ecda8cd698225

HTTP Headers

GET /en_US/sdk/xfbml.customerchat.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c4d98a9f28ee0f4e8c175f0df76392d3
etag: "501e4f4ec56f5fe1052c7496cc8fec3a"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 16 Sep 2022 15:46:11 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JAkSH4uRvQFVFIqo3t4vPQ==
x-fb-debug: fIgEbW/ZiH+mhwQU/qvS8LZpZ9atrW57fPE/wF7/CMmpnTQFTBGgQrUYo/1vsJGBjXXRhS7VIl8x9w+y3Ug+Ew==
content-length: 92756
x-fb-trip-id: 1904183273
date: Fri, 16 Sep 2022 15:41:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/images/favicon.png

50.62.144.162

200 OK

50 kB

URL HTTP/2
galaxyequipmentcorp.com/site_assets/images/favicon.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 500 x 235, 8-bit/color RGB, non-interlaced\012- data
Size
50 kB (50459 bytes)
Hash
0db545bd7f4b92b96ee209ab948f9d69
c7956f34187bdfd0649fa6f626b0b5c344529b01
253dd1d92217ba92a75734539ab15a2b024af414c7ddd2b316a1e1ac9c5433e9

HTTP Headers

GET /site_assets/images/favicon.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 29 Jan 2022 00:39:25 GMT
etag: "9a0729-c51b-5d6adc88a6720"
accept-ranges: bytes
content-length: 50459
content-type: image/png
date: Fri, 16 Sep 2022 15:41:07 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/slider_images/966FII_COVER_WEB_1.png

50.62.144.162

200 OK

3.6 MB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/slider_images/966FII_COVER_WEB_1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 2000 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 MB (3641141 bytes)
Hash
98a51ff23969880043e6e119f819ad85
77503c6ecc1d68365cd3bf4703339d9f39ead89b
9a0070f68bdc868402c1db0f5dc16243092ad121cb72a235686f19ee6eb52942

HTTP Headers

GET /actrl/assets/slider_images/966FII_COVER_WEB_1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 13:47:13 GMT
etag: "fa0e18-378f35-5d6908e4036f9"
accept-ranges: bytes
content-length: 3641141
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/slider_images/936_WEN_COBER1.png

50.62.144.162

200 OK

4.1 MB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/slider_images/936_WEN_COBER1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 2000 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 MB (4109025 bytes)
Hash
9768aa6f3861f5f80ee3a05201a6ea51
3e0d4491cc8d3cafd203350ca7fceb69d3bfb805
f2d6bd255099860974a539c708d1551867de49deea224c654679e86d06a3efb8

HTTP Headers

GET /actrl/assets/slider_images/936_WEN_COBER1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 14:00:21 GMT
etag: "fa0e32-3eb2e1-5d690bd302044"
accept-ranges: bytes
content-length: 4109025
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/actrl/assets/slider_images/140H_web_COVER1.png

50.62.144.162

200 OK

4.4 MB

URL HTTP/2
galaxyequipmentcorp.com/actrl/assets/slider_images/140H_web_COVER1.png
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type
PNG image data, 2000 x 900, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 MB (4400557 bytes)
Hash
0ebe5b460d27160946453a9a5d01da55
a7336f821e4652cff18cc82512c1bd053af10cfa
838ccb89bbedd4687f0e9da26c31d0ecf0019bc31b462cef1f2bf8c0a45831ad

HTTP Headers

GET /actrl/assets/slider_images/140H_web_COVER1.png HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 27 Jan 2022 14:00:47 GMT
etag: "fa0e33-4325ad-5d690bebffddd"
accept-ranges: bytes
content-length: 4400557
content-type: image/png
date: Fri, 16 Sep 2022 15:41:04 GMT
server: Apache
X-Firefox-Spdy: h2

socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&suppress_http_code=1

31.13.72.8

404 Not Found

0 B

URL HTTP/2
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&suppress_http_code=1
IP
31.13.72.8:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /new_domain_gating/?endpoint=customerchat&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/html; charset="utf-8"
x-fb-debug: kdCtUuyZ9VdUJjdM2L9sh0FZ2tii8Wb3c74K+BQn1mrm/qwpBLcoMR9yrY6ei3Ao9g3ykLSIlmYaY043p3t07Q==
content-length: 0
date: Fri, 16 Sep 2022 15:41:09 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

web.facebook.com/plugins/customer_chat/SDK/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dcfd68173a30e%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=12bea151-0932-4206-bae3-5dc5bd88b834&request_time=1663342852982&sdk=joey&suppress_http_code=1

31.13.72.8

302 Found

0 B

URL HTTP/2
web.facebook.com/plugins/customer_chat/SDK/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dcfd68173a30e%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=12bea151-0932-4206-bae3-5dc5bd88b834&request_time=1663342852982&sdk=joey&suppress_http_code=1
IP
31.13.72.8:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/customer_chat/SDK/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dcfd68173a30e%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=12bea151-0932-4206-bae3-5dc5bd88b834&request_time=1663342852982&sdk=joey&suppress_http_code=1 HTTP/1.1
Host: web.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: https://www.facebook.com/plugins/customer_chat/SDK/?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dcfd68173a30e%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=12bea151-0932-4206-bae3-5dc5bd88b834&request_time=1663342852982&sdk=joey&suppress_http_code=1&_rdc=1&_rdr
cross-origin-opener-policy: same-origin-allow-popups
x-fb-zr-redirect: 02|1663429269|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Jtn1p4BN5eRI+2YXzrsi1aEHVtDwNS/HLAkEHzFF5E7TQ8WTDnkkOu2GeUU8CK/PZD2fDqHltQL/q1PbPBhNxQ==
content-length: 0
date: Fri, 16 Sep 2022 15:41:09 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=105224844787739&suppress_http_code=1

31.13.72.8

200 OK

44 B

URL HTTP/2
socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=105224844787739&suppress_http_code=1
IP
31.13.72.8:0
ASN
#32934 FACEBOOK

File type
ASCII text, with no line terminators
Size
44 B (44 bytes)
Hash
2481d41c939bf3c8dd417c927a0c868b
61e6dbc1dc1251acd24726ccedd10f8577064a6c
76c6731b491cf295859f7ffd4392ab354149b9050c68edede7a1987cf2ca5025

HTTP Headers

GET /new_domain_gating/?endpoint=customerchat&page_id=105224844787739&suppress_http_code=1 HTTP/1.1
Host: socialplugin.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/json; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: http://www.galaxyequipmentcorp.com
x-fb-debug: aGTNU5E8TWf8kJLpFZ8vYCWUhlrML7bjv8zIwUZCJRfcxcFBm6g1UzKBJKqBPhh1mNbSBUMsFODkb5muplTqQQ==
date: Fri, 16 Sep 2022 15:41:09 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

web.facebook.com/plugins/customer_chat/facade/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dcfd68173a30e%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=12bea151-0932-4206-bae3-5dc5bd88b834&request_time=1663342852982&sdk=joey&suppress_http_code=1

31.13.72.8

302 Found

0 B

URL HTTP/2
web.facebook.com/plugins/customer_chat/facade/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dcfd68173a30e%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=12bea151-0932-4206-bae3-5dc5bd88b834&request_time=1663342852982&sdk=joey&suppress_http_code=1
IP
31.13.72.8:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/customer_chat/facade/?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dcfd68173a30e%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=12bea151-0932-4206-bae3-5dc5bd88b834&request_time=1663342852982&sdk=joey&suppress_http_code=1 HTTP/1.1
Host: web.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: https://www.facebook.com/plugins/customer_chat/facade/?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3dcfd68173a30e%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=12bea151-0932-4206-bae3-5dc5bd88b834&request_time=1663342852982&sdk=joey&suppress_http_code=1&_rdc=1&_rdr
cross-origin-opener-policy: same-origin-allow-popups
x-fb-zr-redirect: 02|1663429269|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: A0w0aWiaBx99GVqfllWdHPyRuecFIIGnFeLuIXUx9Z0X7Jvk7+97W4bt2Q3qO23ChWgbeHLDGGysj9xb4j9UUA==
content-length: 0
date: Fri, 16 Sep 2022 15:41:09 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

web.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df132ee9882ba18a%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=fabaa515-fa90-4bf1-90f0-15987cb04224&page_id=105224844787739&request_time=1663342852995&sdk=joey&should_use_new_domain=false&suppress_http_code=1

31.13.72.8

302 Found

0 B

URL HTTP/2
web.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df132ee9882ba18a%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=fabaa515-fa90-4bf1-90f0-15987cb04224&page_id=105224844787739&request_time=1663342852995&sdk=joey&should_use_new_domain=false&suppress_http_code=1
IP
31.13.72.8:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df132ee9882ba18a%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=fabaa515-fa90-4bf1-90f0-15987cb04224&page_id=105224844787739&request_time=1663342852995&sdk=joey&should_use_new_domain=false&suppress_http_code=1 HTTP/1.1
Host: web.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: https://www.facebook.com/plugins/customer_chat/facade/?app_id&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df132ee9882ba18a%26domain%3Dwww.galaxyequipmentcorp.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.galaxyequipmentcorp.com%252Ff107401d09a79cc%26relation%3Dparent.parent&current_url=http%3A%2F%2Fwww.galaxyequipmentcorp.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=fabaa515-fa90-4bf1-90f0-15987cb04224&page_id=105224844787739&request_time=1663342852995&sdk=joey&should_use_new_domain=false&suppress_http_code=1&_rdc=1&_rdr
cross-origin-opener-policy: same-origin-allow-popups
x-fb-zr-redirect: 02|1663429269|
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: DcYhwxxUPOqgRjTnAZ84YMS3hRltKEtljAq1KNcyc/3P7BJGBlLYO/xwxjpYZ0UwYEvejkQFQaCa8CScwsCnYg==
content-length: 0
date: Fri, 16 Sep 2022 15:41:09 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032fbd06-806d-41e6-9160-3fdf480555ac.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9256 bytes)
Hash
d242ded8ac40a1eb617303256d5f34eb
afbe7dae2d65763a004b5bddc697131762da7bf2
b4b08292f36acfca7df3710c29c184c5ff18592e6383eddc5582d302184fce59

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032fbd06-806d-41e6-9160-3fdf480555ac.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9256
x-amzn-requestid: 19e81e48-6501-4938-906c-60aa7acdb33a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUj5EE5oAMFvwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae5-3031e84f158e1ad94da4875b;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7sWzfcxt9YWCOnMbanWOiZhhv5DXzHDq8vBqd1AhMfxewBBS0ZtidA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:48 GMT
age: 64525
etag: "afbe7dae2d65763a004b5bddc697131762da7bf2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,800italic,800,700italic

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,800italic,800,700italic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,800italic,800,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 15:41:04 GMT
date: Fri, 16 Sep 2022 15:41:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

galaxyequipmentcorp.com/site_assets/fonts/icomoon%EF%B9%96rrsgby.woff

50.62.144.162

200 OK

0 B

URL HTTP/2
galaxyequipmentcorp.com/site_assets/fonts/icomoon%EF%B9%96rrsgby.woff
IP
50.62.144.162:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /site_assets/fonts/icomoon%EF%B9%96rrsgby.woff HTTP/1.1
Host: galaxyequipmentcorp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.galaxyequipmentcorp.com
Connection: keep-alive
Referer: https://galaxyequipmentcorp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 16 Jan 2022 21:05:08 GMT
etag: "9a06ba-2768-5d5b9641d5f90"
accept-ranges: bytes
content-length: 10088
vary: Accept-Encoding
content-type: font/woff
date: Fri, 16 Sep 2022 15:41:05 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Work+Sans:400,500,600,700,800,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Work+Sans:400,500,600,700,800,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Work+Sans:400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 15:41:04 GMT
date: Fri, 16 Sep 2022 15:41:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Akaya%20Kanadaka

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Akaya%20Kanadaka
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Akaya%20Kanadaka HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 15:41:04 GMT
date: Fri, 16 Sep 2022 15:41:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Crete+Round:400,400i&subset=latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Crete+Round:400,400i&subset=latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Crete+Round:400,400i&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.galaxyequipmentcorp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 15:41:04 GMT
date: Fri, 16 Sep 2022 15:41:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP