| | 199.191.50.83 | 200 OK | 40 kB |
URL User Request GET HTTP/1.1IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (10734), with CRLF, LF line terminators Hash6f3997f04bb2e2f4c0647d92346ce49a 508ac23ec9d4a3e4ed995539405b237edb8f2649 cb2fe3feef76a6017143aa486acdbc0216ff92ccdc5b0d7fa40348327a41b764
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 04:53:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_bRx24da+xXRjGAk6Cb5np5Nlr8PvRujTVNajK7G095K2luTvwSs1VM6XVOamaWu3trHMLL9ULfw4X79x6h0gWQ==
|
|
| galyqaz.com/px.js?ch=1 | 199.191.50.83 | 200 OK | 346 B |
IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
Requested byhttps://galyqaz.com/login.php CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeASCII text, with very long lines (346), with no line terminators Hashf84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /px.js?ch=1 HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 04:53:13 GMT
Content-Type: application/javascript
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
|
|
| galyqaz.com/px.js?ch=2 | 199.191.50.83 | 200 OK | 346 B |
IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
Requested byhttps://galyqaz.com/login.php CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeASCII text, with very long lines (346), with no line terminators Hashf84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /px.js?ch=2 HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 04:53:13 GMT
Content-Type: application/javascript
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
|
|
| galyqaz.com/__media__/js/min.js?v2.3 | 199.191.50.83 | 200 OK | 8.4 kB |
URL GET HTTP/1.1galyqaz.com/__media__/js/min.js?v2.3 IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
Requested byhttps://galyqaz.com/login.php CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8349), with CRLF line terminators Hashc16c3a4c0fad29106f34d00e89f6886e 6e11811ab8a98bb295b0916cdee68b302c33403d 097786d677a859b7bc87e285377b083b76d66a2fc2832a16bcd50b0e99df77ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/js/min.js?v2.3 HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 04:53:13 GMT
Content-Type: application/javascript
Content-Length: 8435
Connection: keep-alive
Last-Modified: Thu, 16 Feb 2023 21:03:44 GMT
ETag: "20f3-5f4d78839b244"
Accept-Ranges: bytes
|
|
| cdn.consentmanager.net/delivery/recall/logos/68884 | 185.76.9.25 | 200 OK | 1.7 kB |
URL GET HTTP/2cdn.consentmanager.net/delivery/recall/logos/68884 IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://galyqaz.com/login.php CertificateIssuerLet's Encrypt Subject1376624012.rsc.cdn77.org FingerprintAF:BA:C5:36:2A:F9:83:4F:32:1A:8F:95:51:86:52:81:8F:51:7D:B8 ValiditySun, 14 Apr 2024 19:25:23 GMT - Sat, 13 Jul 2024 19:25:22 GMT
File typegzip compressed data, from Unix Hash036f1abc3ba9a9a6aa50e47fcbbdd720 371723f4e05fe1e06c5ba582331f4059d8066017 b9b117832c6af385a4caf13d905381e0c6db965778152be95879cfaa488c435e
GET /delivery/recall/logos/68884 HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:53:14 GMT
content-type: image/svg+xml
vary: Accept-Encoding
expires: Fri, 26 Apr 2024 13:41:15 GMT
cache-control: public, max-age=86400
edge-control: public, max-age=86400, max-age=2592000
x-77-nzt: EwwBuUwJFAH3qtUAAAwBuUwKDAH3FAAAAAwBisclwQHXAQAAAA
x-77-nzt-ray: af5856308efed52f3a332b662fd24f10
x-accel-expires: @1714138875
x-accel-date: 1714052496
x-77-cache: HIT
x-77-age: 54698
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 54698
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| a.delivery.consentmanager.net/delivery/cmp.php?&cdid=21fdca2281833&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&&l=en&o=1714107193965 | 87.230.98.78 | 200 OK | 631 B |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/cmp.php?&cdid=21fdca2281833&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&&l=en&o=1714107193965 IP87.230.98.78:443 ASN#61157 PlusServer GmbH
Requested byhttps://galyqaz.com/login.php CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typegzip compressed data, max speed, from Unix Hash1576078732ee7382d0f1c88e382d0702 5095d7ed02d748c0d6e7ed28b59b0d78bacdd40d 1d7253180aea5aaa00c6bb62c500153d8f20841c501db4d7480423bcd336406d
GET /delivery/cmp.php?&cdid=21fdca2281833&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&&l=en&o=1714107193965 HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:53:14 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 04:53:14 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| galyqaz.com/__media__/pics/29590/bg1.png | 199.191.50.83 | 200 OK | 18 kB |
URL GET HTTP/1.1galyqaz.com/__media__/pics/29590/bg1.png IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
Requested byhttps://galyqaz.com/login.php CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typePNG image data, 1730 x 988, 4-bit colormap, non-interlaced Hash825ccd29ac102fcadaf92b2343d5917b 24472e766cfac5b82a73b219796556a0a3702bd6 0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/pics/29590/bg1.png HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9sABGAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 04:53:13 GMT
Content-Type: image/png
Content-Length: 17986
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT
ETag: "4642-5ee4a7e31c9c9"
Accept-Ranges: bytes
|
|
| cdn.consentmanager.net/delivery/js/cmp_en.min.js | 185.76.9.25 | 200 OK | 113 kB |
URL GET HTTP/2cdn.consentmanager.net/delivery/js/cmp_en.min.js IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://galyqaz.com/login.php CertificateIssuerLet's Encrypt Subject1376624012.rsc.cdn77.org FingerprintAF:BA:C5:36:2A:F9:83:4F:32:1A:8F:95:51:86:52:81:8F:51:7D:B8 ValiditySun, 14 Apr 2024 19:25:23 GMT - Sat, 13 Jul 2024 19:25:22 GMT
File typegzip compressed data, from Unix Size113 kB (113066 bytes) Hash010daf5d58308eda0b2d57e70e9d921b 3b8c4baa8c1c566544e425d7221f99d077d20ed8 1b7780f2dfa0c5dd1ee8e26d6c5cc34bc71563850cff42050c9380626c56ef62
GET /delivery/js/cmp_en.min.js HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:53:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 24 Apr 2024 09:35:32 GMT
etag: W/"68f99-616d4644e6100"
cache-control: max-age=86400
expires: Thu, 25 Apr 2024 09:41:22 GMT
edge-control: max-age=86400
x-77-nzt: EwwBuUwJFAH39w0BAAgBuUwKDAGhDAGKxyXBAfdJFAAA
x-77-nzt-ray: af5856308efed52f3a332b6680961405
x-accel-expires: @1714124483
x-accel-date: 1714038083
x-77-cache: HIT
x-77-age: 69111
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 69111
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| galyqaz.com/favicon.ico | 199.191.50.83 | 404 Not Found | 10 B |
IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
Requested byhttps://galyqaz.com/login.php CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash6608dd3e21ca3beabd4bdfa625a0b221 e926d0f8694a4bc4013308afaca7af51e4c9fd9f c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9sABGAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty
Date: Fri, 26 Apr 2024 04:53:14 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 10
Connection: keep-alive
|
|
| galyqaz.com/sk-logabpstatus.php?a=aTFGOW5pV3dBbm0zUnlURjZVb1NCWW1EcWhMZ0NENzlOdHJCYXZ6TStmdFQxYmVvK3FFQW03U3F1eEFNVndZMFZPOG0rYnkvY0w4SmZPTjRoMDJpTVBHSStVVWluMEVjTnp5QVdWOEZYN2dOQmNSTlRQZ1cyZHdkMnY2YktnanY=&b=true | 199.191.50.83 | 200 OK | 0 B |
URL GET HTTP/1.1galyqaz.com/sk-logabpstatus.php?a=aTFGOW5pV3dBbm0zUnlURjZVb1NCWW1EcWhMZ0NENzlOdHJCYXZ6TStmdFQxYmVvK3FFQW03U3F1eEFNVndZMFZPOG0rYnkvY0w4SmZPTjRoMDJpTVBHSStVVWluMEVjTnp5QVdWOEZYN2dOQmNSTlRQZ1cyZHdkMnY2YktnanY=&b=true IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
Requested byhttps://galyqaz.com/login.php CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sk-logabpstatus.php?a=aTFGOW5pV3dBbm0zUnlURjZVb1NCWW1EcWhMZ0NENzlOdHJCYXZ6TStmdFQxYmVvK3FFQW03U3F1eEFNVndZMFZPOG0rYnkvY0w4SmZPTjRoMDJpTVBHSStVVWluMEVjTnp5QVdWOEZYN2dOQmNSTlRQZ1cyZHdkMnY2YktnanY=&b=true HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9sABGAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 04:53:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
|
|
| galyqaz.com/__media__/pics/28905/arrrow.png | 199.191.50.83 | 200 OK | 283 B |
URL GET HTTP/1.1galyqaz.com/__media__/pics/28905/arrrow.png IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
Requested byhttps://galyqaz.com/login.php CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typePNG image data, 17 x 27, 8-bit colormap, non-interlaced Hash80d42c82a6c37da90210fd60a2f36128 554ba7c84d2a27ecf3b1f29d03e62101936b54d8 a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/pics/28905/arrrow.png HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9sABGAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 04:53:15 GMT
Content-Type: image/png
Content-Length: 283
Connection: keep-alive
Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT
ETag: "11b-5d4c2ac970ed9"
Accept-Ranges: bytes
|
|
| a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=68884&o=1714107194&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&&l=en&odw=0&dlt=1&l=en | 87.230.98.78 | 200 OK | 982 B |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=68884&o=1714107194&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&&l=en&odw=0&dlt=1&l=en IP87.230.98.78:443 ASN#61157 PlusServer GmbH
Requested byhttps://galyqaz.com/login.php CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typeASCII text, with very long lines (1052), with no line terminators Hashbf8fa42db48f15da4fb1f42d672a01f1 58c729500ad365950bfb26e65e499247d845e8c6 39049ebc302407e015c967775a13e81f3b0f871de6a75ab64408c3419b19250d
GET /delivery/cmp.php?__cmpcc=1&id=68884&o=1714107194&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&&l=en&odw=0&dlt=1&l=en HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:53:14 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 04:53:14 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=68884&o=1714107194&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&&l=en&odw=0&dlt=1&l=en | 87.230.98.78 | 200 OK | 5.4 kB |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=68884&o=1714107194&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&&l=en&odw=0&dlt=1&l=en IP87.230.98.78:443 ASN#61157 PlusServer GmbH
Requested byhttps://galyqaz.com/login.php CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typeASCII text, with very long lines (5910), with no line terminators Hash8e82cf52b35043a64ae8ceb1d5320959 6d4be4b1f6e7df932fb51e5112b430488e879f08 92f466a73bb79aca23fef38ab1d31522e3608340711e8767c682eaab4df74c14
GET /delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=68884&o=1714107194&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&&l=en&odw=0&dlt=1&l=en HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:53:14 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 04:53:14 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=33664&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&o=1714107194282&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& | 87.230.98.78 | 200 OK | 43 B |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=33664&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&o=1714107194282&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& IP87.230.98.78:443 ASN#61157 PlusServer GmbH
Requested byhttps://galyqaz.com/login.php CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6f81c41597d3f5a336f458822cc0c32a 8cd77a54b38f1fb376b45af2eaab8f5982523b8d 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /delivery/info/?id=68884&did=2&cfdid=33664&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&o=1714107194282&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:53:14 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 04:53:14 GMT
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2
|
|
| cdn.consentmanager.net/delivery/flags-rect/en.svg | 185.76.9.25 | 200 OK | 31 kB |
URL GET HTTP/2cdn.consentmanager.net/delivery/flags-rect/en.svg IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://galyqaz.com/login.php CertificateIssuerLet's Encrypt Subject1376624012.rsc.cdn77.org FingerprintAF:BA:C5:36:2A:F9:83:4F:32:1A:8F:95:51:86:52:81:8F:51:7D:B8 ValiditySun, 14 Apr 2024 19:25:23 GMT - Sat, 13 Jul 2024 19:25:22 GMT
File typeSVG Scalable Vector Graphics image Hashbd6a0ea3787e858b72d71dac1438fedd d59ba1a15ada77c2bc7a8edaa117f20893b3ee03 467dc751e1a67b8c2211ea6b0d5a8e77774f7e17bd542f8811c31f03d4d39907
GET /delivery/flags-rect/en.svg HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:53:14 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 15 Jul 2022 22:22:41 GMT
etag: W/"78f6-5e3df74d6ce40"
cache-control: max-age=31536000
expires: Sat, 15 Feb 2025 13:39:56 GMT
edge-control: max-age=2592000
x-77-nzt: EwwBuUwJFAH3QcFbAAwBuUwKDAH3SgwAAAwBJRPCNAH3AwAAAA
x-77-nzt-ray: af5856308efed52f3a332b66c438dc11
x-accel-expires: @1739626796
x-accel-date: 1708093945
x-77-cache: HIT
x-77-age: 6013249
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 6013249
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| cdn.consentmanager.net/delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8zMzY2NC54XzMzLnYucC50XzMzNjY0Lnh0XzMz.js | 185.76.9.25 | 200 OK | 108 kB |
URL GET HTTP/2cdn.consentmanager.net/delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8zMzY2NC54XzMzLnYucC50XzMzNjY0Lnh0XzMz.js IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://galyqaz.com/login.php CertificateIssuerLet's Encrypt Subject1376624012.rsc.cdn77.org FingerprintAF:BA:C5:36:2A:F9:83:4F:32:1A:8F:95:51:86:52:81:8F:51:7D:B8 ValiditySun, 14 Apr 2024 19:25:23 GMT - Sat, 13 Jul 2024 19:25:22 GMT
File typeASCII text, with very long lines (28179) Size108 kB (108301 bytes) Hashdaa828b02122662e3bfbc304beb0b39a 99447a42367d3145381d5b52b414c645a213eb2b fae634afaa27a701f3b24203e207407758b25acc21c6f9f53e7dae2bdcb5b416
GET /delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8zMzY2NC54XzMzLnYucC50XzMzNjY0Lnh0XzMz.js HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:53:14 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 0
expires: Fri, 26 Apr 2024 05:17:54 GMT
cache-control: public, max-age=1800
edge-control: public, max-age=1800
last-modified: Fri, 26 Apr 2024 04:47:54 GMT
x-77-nzt: EwwBuUwJFAH3/gAAAAwBuUwKAQH3PwAAAAwBJRPCLgH3AwAAAA
x-77-nzt-ray: af5856308efed52f3a332b667673d00d
x-accel-expires: @1714108674
x-accel-date: 1714106940
x-77-cache: HIT
x-77-age: 254
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 254
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| galyqaz.com/__media__/fonts/montserrat-bold/montserrat-bold.woff | 0.0.0.0 | | 0 B |
URL GET galyqaz.com/__media__/fonts/montserrat-bold/montserrat-bold.woff IP0.0.0.0:0
Requested byhttps://galyqaz.com/login.php CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/fonts/montserrat-bold/montserrat-bold.woff HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9sABGAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=2&t=cv&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&o=1714107194285&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& | 87.230.98.78 | 200 OK | 43 B |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=2&t=cv&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&o=1714107194285&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& IP87.230.98.78:443 ASN#61157 PlusServer GmbH
Requested byhttps://galyqaz.com/login.php CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6f81c41597d3f5a336f458822cc0c32a 8cd77a54b38f1fb376b45af2eaab8f5982523b8d 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /delivery/info/?id=68884&did=2&cfdid=2&t=cv&h=https%3A%2F%2Fgalyqaz.com%2Flogin.php&o=1714107194285&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:53:14 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 04:53:14 GMT
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2
|
|
| galyqaz.com/__media__/fonts/montserrat-regular/montserrat-regular.woff | 199.191.50.83 | 200 OK | 17 kB |
URL GET HTTP/1.1galyqaz.com/__media__/fonts/montserrat-regular/montserrat-regular.woff IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
Requested byhttps://galyqaz.com/login.php CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 17264, version 2.1 Hasha43b107861b42ce1335e41e43d4e4d00 99bdb1cec4a68ebe29249c46fefefb6880d009e5 a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/fonts/montserrat-regular/montserrat-regular.woff HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/login.php
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9sABGAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 04:53:14 GMT
Content-Type: font/woff
Content-Length: 17264
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "4370-5b952a63d1833"
Accept-Ranges: bytes
|
|