Report - galaxyporn-net.yqlog.com/

Report Overview

Visited public
2025-03-25 19:37:43
Tags
URL
galaxyporn-net.yqlog.com/
Finishing URL
galaxyporn-net.yqlog.com/
IP / ASN
188.165.25.76
#16276 OVH SAS
Title
Galaxyporn | Best Porn Videos HD

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
flr-eu4.cbox.ws	unknown	2005-06-24	2024-02-17	2025-02-19	571 B	175 B	95.217.32.205
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-03-19	1.5 kB	968 kB	142.250.178.40
coursestiffenjealous.com	unknown	2025-02-25	2025-03-25	2025-03-25	2.8 kB	3.7 kB	172.240.253.132
galaxyporn-net.yqlog.com	unknown	2009-05-16	2025-03-25	2025-03-25	8.2 kB	400 kB	188.165.25.76
www5.cbox.ws	286738	2005-06-24	2014-04-17	2025-03-13	1.0 kB	31 kB	195.201.153.71
static.cbox.ws	161241	2005-06-24	2014-03-08	2025-03-21	967 B	152 kB	104.21.16.1
pop.hubhc.com	unknown	2020-01-13	2024-04-19	2025-02-05	422 B	10 kB	46.4.107.42
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-03-19	438 B	2.5 kB	142.250.178.42
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-03-19	549 B	23 kB	142.250.178.99
galaxyporn.net	unknown	2022-08-31	2018-06-29	2024-02-28	1.4 kB	33 kB	172.67.179.56
test.pop-hc.com	unknown	2024-05-23	2024-12-19	2025-02-05	533 B	213 B	46.4.107.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-25	medium	coursestiffenjealous.com	Sinkholed
2025-03-25	medium	coursestiffenjealous.com	Sinkholed
2025-03-25	medium	coursestiffenjealous.com	Sinkholed
2025-03-25	medium	coursestiffenjealous.com	Sinkholed
2025-03-25	medium	coursestiffenjealous.com	Sinkholed
2025-03-25	medium	coursestiffenjealous.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	From	Size	First Seen	Last Seen
	galaxyporn-net.yqlog.com/	ScriptElement	3.3 kB	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 7b8f32e941e795e1714f444e85e82009 537106eb8cf1338296d39d361ad2c68a81e2a3b6 41b2414a7ffac968dd3bcc7b2ed31d18e02c3c9266cece3f7c94738b638c568b Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	949 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash f9444ea2fc976c087a594380e10750cb b69116651e626547c6fd04dc5b5750a27ec0591b b9ebdfaec748f15a305ff646e651df9813a228bb3d5ccf85ce8bd01fc70d2457 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	485 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 21741819a2da201659e5b5a77e5f9135 53066557cf46dcfdf7a3dbcc99983eef8e38d1d6 eeaf6459b55d21b3d4b2e37bce6a96bc854b69730a2af0c7ed70b05fc05c5ab3 Loading...

	static.cbox.ws/jsc/jsc_10_1662968291.js	ScriptElement	78 kB	2023-03-07	2025-04-17
Pretty URL static.cbox.ws/jsc/jsc_10_1662968291.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:13 Last Seen2025-04-17 18:58 Times Seen144 Hash 313170096fa29b6180e803ea83b88b35 92a6a7211b5ab93f552e30a56983e6bfb4f480b7 ee9be91699ff4cf58c547b83514c18568a274bfa1a5e63726714798cf33fc4a0 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	152 B	2024-10-04	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-04 10:36 Last Seen2025-03-25 19:37 Times Seen2 Hash da953ad39219c069e4403f5ad65a8260 b5c955b1606550803a61901575485d9ccb048401 aa96d77814a713546f6eeebec851e2719e95fc9f2330bb245ce4db648222dad7 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	8.9 kB	2023-11-16	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-16 02:28 Last Seen2025-03-25 19:37 Times Seen8 Hash db1b5e7f03b74d4b299aac0941787976 c25d8f65593fb7d7ddfc3e3bfe13bd47313c77aa 5cacd83dcaa5ca10fa895809a0a69da60eed19446b4c7b6f2fa552b17ca05f69 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	955 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash dc3ad0d4aaddafc21374659954c9a30f 61a4399a15c7e87aef6ac3ce6393e1637ff7332f 914f3c4f253b373a60009078c48296e5b8388ae39a90cb833d6deec48cf2c10c Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	421 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 7d965d5cf559f9de624ae7f7cd454682 21ca26cafdd77c1016e54e7f303a4e93d1e071d9 97341ad9d9e96db92bb6233b23990bdc16a72f01732be5ae0634e373f483f695 Loading...

	galaxyporn.net/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2	ScriptElement	19 kB	2024-03-13	2025-04-26
Pretty URL galaxyporn.net/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2 IP 172.67.179.56 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02 Last Seen2025-04-26 00:55 Times Seen45424 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7	ScriptElement	2.8 kB	2025-03-25	2025-03-25
Pretty URL www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7 IP 195.201.153.71 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash cc550072fa6b2a2c7017d5ec5788b328 7036869763475b7a42136d8689398bbe79f5352f f7649d1c58599a51484b6fe7ae62b54528d7a9207618d3dd90065763349802e8 Loading...

	pop.hubhc.com:5043/pub.js	ScriptElement	10 kB	2025-03-25	2025-03-25
Pretty URL pop.hubhc.com:5043/pub.js IP 46.4.107.42 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 455b19f20f734f7258eb572d70c86f6d 7733af4b8f22c80f4ca86c2d98affe6b4fed4a52 8d03490289ccff76ac6e42369a69a5f408012023aea46be10b2eeca68dcbe645 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	953 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 90a583398924ed4917b13ac7342386f1 9a41e741a511a4fe6825a24702deeed6949554ac 8705278ee675b4042b3c6ef9be691ba1aa24c7da3633d245db1b0c7a1d7a0b2d Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	421 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 7d965d5cf559f9de624ae7f7cd454682 21ca26cafdd77c1016e54e7f303a4e93d1e071d9 97341ad9d9e96db92bb6233b23990bdc16a72f01732be5ae0634e373f483f695 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	421 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 7d965d5cf559f9de624ae7f7cd454682 21ca26cafdd77c1016e54e7f303a4e93d1e071d9 97341ad9d9e96db92bb6233b23990bdc16a72f01732be5ae0634e373f483f695 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	421 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 7d965d5cf559f9de624ae7f7cd454682 21ca26cafdd77c1016e54e7f303a4e93d1e071d9 97341ad9d9e96db92bb6233b23990bdc16a72f01732be5ae0634e373f483f695 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	421 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 7d965d5cf559f9de624ae7f7cd454682 21ca26cafdd77c1016e54e7f303a4e93d1e071d9 97341ad9d9e96db92bb6233b23990bdc16a72f01732be5ae0634e373f483f695 Loading...

	www.googletagmanager.com/gtag/js?id=UA-198246385-1	ScriptElement	261 kB	2025-03-25	2025-03-25
Pretty URL www.googletagmanager.com/gtag/js?id=UA-198246385-1 IP 142.250.178.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 760c681c973ab361e38e7d5b5869e01b 4551bea3161eec4045643c5dbdd4309116d5124f 5931528cdc708214fd1bd7ed5b74896792bb99f1722a649362e2ca70dc2cc81f Loading...

	www.googletagmanager.com/gtag/js?id=G-NCGEYMENH7&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327	ScriptElement	334 kB	2025-03-25	2025-03-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-NCGEYMENH7&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327 IP 142.250.178.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 4b15bc6f6d7323232d864ccd8d29676b 09058b1b1c2a8cf26f33f3016050d91459b9f694 c017e069c00f30ae6da8288de0139d842ad429bbdcf2db8168dff038ba354d88 Loading...

	www.googletagmanager.com/gtag/js?id=G-KMS337CM66&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327	ScriptElement	370 kB	2025-03-25	2025-03-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-KMS337CM66&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327 IP 142.250.178.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 571bda314f633b9b290b1aec3a08f07c 83942fbb73ffeeca4ab0a253d3254852ef7fe3e6 1bea7ad2246bb908b1ccad82a4a4733bf5de897c1219bb87f761d34a504a70b3 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	951 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash f0440e558d20da327b54fb834b85fdaf 19ecbe62cc5668a512e9eae526c6bd90bb64c401 71ff32b0f21bc002c49ddb9da645c821aa8bddf1ce05ef5fb73ba977388a784f Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	185 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash f1b4f66929aa26fe7eed65792b2ee970 bc41d491b0431c2c9566e4a53f8baa92b05be146 6255b711fb2c48c8a29dfb7494e081d9466570304611085a306d2489ee913d82 Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	328 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 1f6d170394a43ab3b03362d98150c5fd 06fc889289dc7bed9d27e7bb0129ddaf16ea4a2d 19619b9c322e73fbce7904878e8711091e5bc35cfc55213f51ae0f15b019350a Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	1.7 kB	2024-10-04	2025-03-26
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-04 10:36 Last Seen2025-03-26 20:15 Times Seen3 Hash 5f6d7e09f9dc78623dafdb003f918c50 5272b81a558f784af781b88a3fdb46854c678e4d 2b95bb1440eaaf7c5800021b638d0d90701af71c0c82bfa85f187541be2ed40c Loading...

	galaxyporn-net.yqlog.com/	ScriptElement	957 B	2025-03-25	2025-03-25
Pretty URL galaxyporn-net.yqlog.com/ IP 188.165.25.76 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash e2992a245916c17e4b152ee0e7d2302b c894acec50f512a980550582fe1c6629e98f5563 419cd7dbbd6f26b83a387bade4bec7237145d298abc4818f690b2b18d80ef29c Loading...

		Size	First Seen	Last Seen
	#1 Write - ebc8f73a601639e9c20241fc72d74f3e	297 B	2025-03-25 19:37	2025-03-25 19:37
Pretty Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash ebc8f73a601639e9c20241fc72d74f3e 45163f8abbc48c01bbba0fbef02917b06bb52160 db5ddd16cf3773217c83b66a7f53cee4824a77227f311d8ca6a9fd3a51fc14c0 Loading...

	#2 Write - 435a0743ebdbbbe3ff4dc5984f0c3fd5	118 B	2025-03-25 19:37	2025-03-25 19:37
Pretty Observations First Seen2025-03-25 19:37 Last Seen2025-03-25 19:37 Times Seen1 Hash 435a0743ebdbbbe3ff4dc5984f0c3fd5 74132b22afb5145baa5cea085160f17a85ec75f6 7e70d68976e0144d3c71a2167e6a067dbc096dbb97cb72e7dac1e56fd7796b7b Loading...

HTTP Transactions (37)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=G-KMS337CM66&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327

142.250.178.40

200 OK

370 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-KMS337CM66&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327
IP
142.250.178.40:443
ASN
#15169 GOOGLE

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D
ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT

File type
JavaScript source, ASCII text, with very long lines (6129)
Size
370 kB (369820 bytes)
Hash
571bda314f633b9b290b1aec3a08f07c
83942fbb73ffeeca4ab0a253d3254852ef7fe3e6
1bea7ad2246bb908b1ccad82a4a4733bf5de897c1219bb87f761d34a504a70b3

HTTP Headers

GET /gtag/js?id=G-KMS337CM66&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 25 Mar 2025 19:37:24 GMT
expires: Tue, 25 Mar 2025 19:37:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 123353
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Raleway

142.250.178.42

200 OK

1.8 kB

URL GET
fonts.googleapis.com/css?family=Raleway
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA
ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT

File type
ASCII text, with very long lines (1856), with no line terminators
Size
1.8 kB (1816 bytes)
Hash
02734ef92f9bc433d6fc9577d7b86707
8af50716465cf8bd35470f6c54f5e408d18d3a48
fe1016cbe83aaa34ac0d78f7a0171e28e2972236dd596a10e67d1a486f9acd95

HTTP Headers

GET /css?family=Raleway HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www5.cbox.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Mar 2025 19:37:24 GMT
date: Tue, 25 Mar 2025 19:37:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

142.250.178.99

200 OK

22 kB

URL GET
fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22432, version 1.0
Size
22 kB (22432 bytes)
Hash
cfd6d958f6802c9f4f64c05575b70801
7f0644e43c42902b466b66723aad8a95ba094b0c
3e44fb721d3be9376c6e5e946109067a04da84ae10b3f27a03ada7a3731e515c

HTTP Headers

GET /s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www5.cbox.ws
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Mar 2025 18:25:52 GMT
expires: Fri, 20 Mar 2026 18:25:52 GMT
cache-control: public, max-age=31536000
age: 436292
last-modified: Wed, 01 May 2024 20:31:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js

172.240.253.132

403 Forbidden

0 B

URL GET
coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerLet's Encrypt
Subjectcoursestiffenjealous.com
FingerprintEC:37:27:F0:3A:B2:4F:D7:A0:8D:49:EE:F6:CF:B2:09:67:63:E8:B3
ValidityTue, 25 Feb 2025 13:02:37 GMT - Mon, 26 May 2025 13:02:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8afb1fdc6553c5ffabb80fcbea07175a/invoke.js HTTP/1.1
Host: coursestiffenjealous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Tue, 25 Mar 2025 19:37:24 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 5
Host: coursestiffenjealous.com

galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0

188.165.25.76

200 OK

31 kB

URL GET
galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31162 bytes)
Hash
60f5aa99abb8311da057ab94769cbf1e
68147e22aab00248ab2d1b2ad1583db38266f194
b00a11e8e9333dab053bc194162a385e2fbf7e0bb155bd278dea4a470c332acc

HTTP Headers

GET /wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:22 GMT
content-type: text/css
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/jquery.bxslider.min.js?ver=4.2.15

188.165.25.76

200 OK

24 kB

URL GET
galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/jquery.bxslider.min.js?ver=4.2.15
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (24063)
Size
24 kB (24389 bytes)
Hash
9a4bc899dc82a4928dbf26f434953418
182ce4566df208a3b37755cf838d717b8e8d2c48
6d3d2ba38250dc4b7d2d10b60d1ee08fd5c2f52efb2ccc6350c29f7e364f9775

HTTP Headers

GET /wp-content/themes/retrotube/assets/js/jquery.bxslider.min.js?ver=4.2.15 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:22 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0

188.165.25.76

503 Service Unavailable

0 B

URL GET
galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 503 Service Unavailable
server: nginx
date: Tue, 25 Mar 2025 19:37:21 GMT
content-length: 0
retry-after: 10
cause: Netty Pool is full
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7&sec=css&theme=10&v=1742220502&h=ff04eb4b

195.201.153.71

200 OK

17 kB

URL GET
www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7&sec=css&theme=10&v=1742220502&h=ff04eb4b
IP
195.201.153.71:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7
Certificate
IssuerLet's Encrypt
Subjectcbox.ws
Fingerprint07:6E:3D:01:D3:14:34:96:15:23:E9:B5:0A:21:3F:32:F7:E9:4F:81
ValiditySun, 26 Jan 2025 11:21:50 GMT - Sat, 26 Apr 2025 11:21:49 GMT

File type

Size
17 kB (17116 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /box/?boxid=937307&boxtag=9zksm7&sec=css&theme=10&v=1742220502&h=ff04eb4b HTTP/1.1
Host: www5.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www5.cbox.ws/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:23 GMT
content-type: text/css;charset=UTF-8
p3p: CP="NOI DSP COR NID CURa OUR NOR"
expires: Tue, 15 Jul 2025 14:08:32 GMT
cache-control: public, max-age=10368000
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-NCGEYMENH7&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327

142.250.178.40

200 OK

334 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-NCGEYMENH7&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327
IP
142.250.178.40:443
ASN
#15169 GOOGLE

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D
ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT

File type
JavaScript source, ASCII text, with very long lines (7994)
Size
334 kB (334020 bytes)
Hash
4b15bc6f6d7323232d864ccd8d29676b
09058b1b1c2a8cf26f33f3016050d91459b9f694
c017e069c00f30ae6da8288de0139d842ad429bbdcf2db8168dff038ba354d88

HTTP Headers

GET /gtag/js?id=G-NCGEYMENH7&cx=c&gtm=457e53o0za200&tag_exp=102482433~102788824~102803279~102813109~102887800~102926327 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 25 Mar 2025 19:37:24 GMT
expires: Tue, 25 Mar 2025 19:37:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 115100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

galaxyporn-net.yqlog.com/

188.165.25.76

200 OK

79 kB

URL User Request GET
galaxyporn-net.yqlog.com/
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type

Size
79 kB (79400 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:21 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

galaxyporn-net.yqlog.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

188.165.25.76

200 OK

88 kB

URL GET
galaxyporn-net.yqlog.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65336)
Size
88 kB (87665 bytes)
Hash
adb6a5f27be99ddec618ca1bb664cee3
17ce2437bc1172a4ecef21d20560615caef9b2f3
72156036faaf2e0c48a80632ec19705992612559f8d34974d6b3c146e394b66e

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:22 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-198246385-1

142.250.178.40

200 OK

261 kB

URL GET
www.googletagmanager.com/gtag/js?id=UA-198246385-1
IP
142.250.178.40:443
ASN
#15169 GOOGLE

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D
ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT

File type
JavaScript source, ASCII text, with very long lines (5436)
Size
261 kB (261404 bytes)
Hash
760c681c973ab361e38e7d5b5869e01b
4551bea3161eec4045643c5dbdd4309116d5124f
5931528cdc708214fd1bd7ed5b74896792bb99f1722a649362e2ca70dc2cc81f

HTTP Headers

GET /gtag/js?id=UA-198246385-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 25 Mar 2025 19:37:21 GMT
expires: Tue, 25 Mar 2025 19:37:21 GMT
cache-control: private, max-age=900
last-modified: Tue, 25 Mar 2025 18:20:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 92634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

coursestiffenjealous.com/b1/cf/c2/b1cfc2eb57446e322dd21c1dede9ffa3.js

172.240.253.132

403 Forbidden

0 B

URL GET
coursestiffenjealous.com/b1/cf/c2/b1cfc2eb57446e322dd21c1dede9ffa3.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerLet's Encrypt
Subjectcoursestiffenjealous.com
FingerprintEC:37:27:F0:3A:B2:4F:D7:A0:8D:49:EE:F6:CF:B2:09:67:63:E8:B3
ValidityTue, 25 Feb 2025 13:02:37 GMT - Mon, 26 May 2025 13:02:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b1/cf/c2/b1cfc2eb57446e322dd21c1dede9ffa3.js HTTP/1.1
Host: coursestiffenjealous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Tue, 25 Mar 2025 19:37:25 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 5
Host: coursestiffenjealous.com

galaxyporn-net.yqlog.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2

188.165.25.76

503 Service Unavailable

0 B

URL GET
galaxyporn-net.yqlog.com/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.7.2 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 503 Service Unavailable
server: nginx
date: Tue, 25 Mar 2025 19:37:21 GMT
content-length: 0
retry-after: 10
cause: Netty Pool is full
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

galaxyporn-net.yqlog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

188.165.25.76

503 Service Unavailable

0 B

URL GET
galaxyporn-net.yqlog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 503 Service Unavailable
server: nginx
date: Tue, 25 Mar 2025 19:37:21 GMT
content-length: 0
retry-after: 10
cause: Netty Pool is full
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

galaxyporn-net.yqlog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

188.165.25.76

200 OK

14 kB

URL GET
galaxyporn-net.yqlog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13696 bytes)
Hash
ccbe19535c8e4b1478d4b9ce5e58370d
2403550f3442e1889e47676a2da53135bb16c2e1
daf4720b9eb50d31fb016bbda35fd90c710c2f551916634569a9d21b3f70dacb

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:23 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:23 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

static.cbox.ws/jsc/jsc_10_1662968291.js

104.21.16.1

200 OK

78 kB

URL GET
static.cbox.ws/jsc/jsc_10_1662968291.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7
Certificate
IssuerGoogle Trust Services
Subjectcbox.ws
FingerprintE9:43:44:DD:41:56:40:BC:6D:4C:7F:2F:BC:59:41:B0:3F:35:C8:74
ValidityMon, 03 Feb 2025 10:03:38 GMT - Sun, 04 May 2025 11:01:47 GMT

File type
JavaScript source, ASCII text, with very long lines (575)
Size
78 kB (77828 bytes)
Hash
313170096fa29b6180e803ea83b88b35
92a6a7211b5ab93f552e30a56983e6bfb4f480b7
ee9be91699ff4cf58c547b83514c18568a274bfa1a5e63726714798cf33fc4a0

HTTP Headers

GET /jsc/jsc_10_1662968291.js HTTP/1.1
Host: static.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www5.cbox.ws/
Origin: https://www5.cbox.ws
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 25 Mar 2025 19:37:24 GMT
content-type: application/x-javascript
content-length: 25769
last-modified: Mon, 12 Sep 2022 07:38:20 GMT
etag: "631ee1ec-64a9"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 322823
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=scAoH32YCrZZH0FJG8yBGpsf0s0GZzuUAgCnadyk%2FTqZ%2Fr901ZKEWDy2ut0oYzyAbYnGhAmtBVNHzHfdxfMfK8sc3Et0F0iMjzwKAr8BnhD1toBZblylMg8RNlV04czeLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9260dcd88c6070c7-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20581&min_rtt=19740&rtt_var=1672&sent=61&recv=20&lost=0&retrans=0&sent_bytes=76861&recv_bytes=1254&delivery_rate=570780&cwnd=215&unsent_bytes=0&cid=f58dd9d50ab5c82e&ts=191&x=0"
X-Firefox-Spdy: h2

galaxyporn.net/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2

172.67.179.56

200 OK

19 kB

URL GET
galaxyporn.net/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2
IP
172.67.179.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerGoogle Trust Services
Subjectgalaxyporn.net
Fingerprint91:AF:16:51:44:35:73:B6:89:80:8C:96:11:34:1F:68:D5:9E:FF:0A
ValidityTue, 04 Mar 2025 07:58:40 GMT - Mon, 02 Jun 2025 08:58:35 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
19 kB (18726 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.7.2 HTTP/1.1
Host: galaxyporn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 25 Mar 2025 19:37:26 GMT
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 10:55:22 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 4839
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yAVyfchdOzK9O8e9luA6sCWbr89VLpxDsj0Fbq51W5vZoLj%2BWtra4Lb1b5Pivnyxje3FxMOrdjdDundtzBetftRWVTW2rIr%2Fkw3Yhzr0Jwpm0wAMxvg%2Fb6k9qNC%2FjVvo7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9260dce31aaefeac-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20029&min_rtt=20012&rtt_var=4232&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3207&recv_bytes=1069&delivery_rate=216918&cwnd=229&unsent_bytes=0&cid=d6cb998eb3bd9ebe&ts=54&x=0"
X-Firefox-Spdy: h2

galaxyporn.net/icon.svg

172.67.179.56

200 OK

505 B

URL GET
galaxyporn.net/icon.svg
IP
172.67.179.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerGoogle Trust Services
Subjectgalaxyporn.net
Fingerprint91:AF:16:51:44:35:73:B6:89:80:8C:96:11:34:1F:68:D5:9E:FF:0A
ValidityTue, 04 Mar 2025 07:58:40 GMT - Mon, 02 Jun 2025 08:58:35 GMT

File type
SVG Scalable Vector Graphics image
Size
505 B (505 bytes)
Hash
1f2eb6b90e327180ac66555792588651
e8bffc7e8ceba9efcc7e2c006f28641f7215670b
d2ceb2cf44a792d1f7014de9e50fa920c293e4111615402f6774f683e48af1ba

HTTP Headers

GET /icon.svg HTTP/1.1
Host: galaxyporn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://galaxyporn-net.yqlog.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 25 Mar 2025 19:37:27 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Tue, 01 Apr 2025 14:10:22 GMT
last-modified: Tue, 25 Mar 2025 13:25:11 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19625
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lHAObtSSom3s7gCqSekKzlPH1475lRL2HkHtiI46KSA4O1h10juLL%2Fjw1valkmq5cmdCQcX8iLNO%2FQ1H26KiHepRzHjYakYMNOoy0v2VAzRBkWqsw%2Bu2GFHX2R5w48Ywew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9260dcebcc7dfc46-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27147&min_rtt=21485&rtt_var=12101&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4047&recv_bytes=1103&delivery_rate=27646&cwnd=12000&unsent_bytes=0&cid=6d63446c4e43661e&ts=1350&x=1", cfExtPri, cfHdrFlush;dur=0

galaxyporn-net.yqlog.com/wp-content/themes/retrotube/style.css?ver=1.7.6.1742923312

188.165.25.76

200 OK

76 kB

URL GET
galaxyporn-net.yqlog.com/wp-content/themes/retrotube/style.css?ver=1.7.6.1742923312
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
assembler source, ASCII text
Size
76 kB (75736 bytes)
Hash
fd11f69c8b00aa08c51bfdccd05e942c
d438aaea6d2f431bbb2ab6758db79786216d3d92
2a0563a5beb0f0971675c9e3175de71283861c074730b89e53b3b7e139315e50

HTTP Headers

GET /wp-content/themes/retrotube/style.css?ver=1.7.6.1742923312 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:22 GMT
content-type: text/css
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

pop.hubhc.com:5043/pub.js

46.4.107.42

200 OK

10 kB

URL GET
pop.hubhc.com:5043/pub.js
IP
46.4.107.42:5043
ASN
#24940 Hetzner Online GmbH

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
Issuernetart.com sp. z o.o.
Subject*.hubhc.com
FingerprintAD:F9:76:E0:E7:C8:9D:54:AE:8F:4E:81:9F:7B:4D:97:01:B3:E4:2D
ValidityWed, 08 May 2024 06:25:18 GMT - Tue, 06 May 2025 00:00:00 GMT

File type
JavaScript source, ASCII text, with very long lines (10042)
Size
10 kB (10043 bytes)
Hash
455b19f20f734f7258eb572d70c86f6d
7733af4b8f22c80f4ca86c2d98affe6b4fed4a52
8d03490289ccff76ac6e42369a69a5f408012023aea46be10b2eeca68dcbe645

HTTP Headers

GET /pub.js HTTP/1.1
Host: pop.hubhc.com:5043
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 25 Mar 2025 19:37:21 GMT
Server: Popup Tracking Service
Cache-Control: public, max-age=86400, must-revalidate
Content-Type: text/javascript
Content-Length: 10043

galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/main.js?ver=1.7.6.1741077133

188.165.25.76

200 OK

39 kB

URL GET
galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/main.js?ver=1.7.6.1741077133
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
39 kB (39407 bytes)
Hash
be82e67d150fe3389c08e7a8c0ad85fb
262e3b6e3a49cb3fc13ba4ffa976ee3942dc45d4
7cc5a76e8a68ce8b924cdb7607b16a27ef82f20536828bfa000ed43838a51c82

HTTP Headers

GET /wp-content/themes/retrotube/assets/js/main.js?ver=1.7.6.1741077133 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:22 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

test.pop-hc.com:5043/bid_publisher?idfeed=3038&key=93cef9100723038a8df0f596211dbf472504da35&hints=

46.4.107.42

204 No Content

0 B

URL GET
test.pop-hc.com:5043/bid_publisher?idfeed=3038&key=93cef9100723038a8df0f596211dbf472504da35&hints=
IP
46.4.107.42:5043
ASN
#24940 Hetzner Online GmbH

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.pop-hc.com
FingerprintDA:E9:B1:15:43:D7:37:1D:04:CF:4E:9F:19:EA:63:FB:ED:FB:24:3E
ValidityThu, 23 May 2024 00:00:00 GMT - Fri, 23 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bid_publisher?idfeed=3038&key=93cef9100723038a8df0f596211dbf472504da35&hints= HTTP/1.1
Host: test.pop-hc.com:5043
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://galaxyporn-net.yqlog.com
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Date: Tue, 25 Mar 2025 19:37:26 GMT
Server: Popup Tracking Service
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Cache-Control: no-cache, no-store, must-revalidate

wss://flr-eu4.cbox.ws:4435/?pool=5-937307-0

95.217.32.205

101 Switching Protocols

0 B

URL GET
wss://flr-eu4.cbox.ws:4435/?pool=5-937307-0
IP
95.217.32.205:4435
ASN
#24940 Hetzner Online GmbH

Requested by
https://www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7
Certificate
IssuerLet's Encrypt
Subjectcbox.ws
Fingerprint07:6E:3D:01:D3:14:34:96:15:23:E9:B5:0A:21:3F:32:F7:E9:4F:81
ValiditySun, 26 Jan 2025 11:21:50 GMT - Sat, 26 Apr 2025 11:21:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pool=5-937307-0 HTTP/1.1
Host: flr-eu4.cbox.ws:4435
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www5.cbox.ws
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DiOGXfIUBceob9fKYhxPPg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-Websocket-Accept: owLuOf6HzSxXiMdL7sUhLo74Ohw=
Sec-WebSocket-Extensions: permessage-deflate

galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.0.0

188.165.25.76

200 OK

4.6 kB

URL GET
galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.0.0
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5089), with no line terminators
Size
4.6 kB (4627 bytes)
Hash
94c0b8315dee6f50f0a11c564b5ea89b
d0c6ffd707c1596ee930a9872e9ccd1613273d10
d418da85f16f21e7b8763f8bf35ca398cf0e1533d11b2a1e27a4c7fa92dcabcc

HTTP Headers

GET /wp-content/themes/retrotube/assets/js/navigation.js?ver=1.0.0 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:22 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/lazyload.js?ver=1.0.0

188.165.25.76

200 OK

5.9 kB

URL GET
galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/lazyload.js?ver=1.0.0
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6031), with no line terminators
Size
5.9 kB (5880 bytes)
Hash
dbdc8c5f8595c20d7322408adfd4df15
51233488c694e5214b65cee86f1200e39e4287bd
db4b2172bf11d66b497ee21257b6bd2383c95dbc5bb52d2903a90d31a1e1e4d8

HTTP Headers

GET /wp-content/themes/retrotube/assets/js/lazyload.js?ver=1.0.0 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:22 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7

195.201.153.71

200 OK

13 kB

URL GET
www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7
IP
195.201.153.71:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerLet's Encrypt
Subjectcbox.ws
Fingerprint07:6E:3D:01:D3:14:34:96:15:23:E9:B5:0A:21:3F:32:F7:E9:4F:81
ValiditySun, 26 Jan 2025 11:21:50 GMT - Sat, 26 Apr 2025 11:21:49 GMT

File type

Size
13 kB (12926 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /box/?boxid=937307&boxtag=9zksm7 HTTP/1.1
Host: www5.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:23 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR NID CURa OUR NOR"
cache-control: public, max-age=10
last-modified: Tue, 25 Mar 2025 18:00:39 GMT
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js

172.240.253.132

403 Forbidden

0 B

URL GET
coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerLet's Encrypt
Subjectcoursestiffenjealous.com
FingerprintEC:37:27:F0:3A:B2:4F:D7:A0:8D:49:EE:F6:CF:B2:09:67:63:E8:B3
ValidityTue, 25 Feb 2025 13:02:37 GMT - Mon, 26 May 2025 13:02:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8afb1fdc6553c5ffabb80fcbea07175a/invoke.js HTTP/1.1
Host: coursestiffenjealous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Tue, 25 Mar 2025 19:37:24 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 0
Host: coursestiffenjealous.com

coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js

172.240.253.132

403 Forbidden

0 B

URL GET
coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerLet's Encrypt
Subjectcoursestiffenjealous.com
FingerprintEC:37:27:F0:3A:B2:4F:D7:A0:8D:49:EE:F6:CF:B2:09:67:63:E8:B3
ValidityTue, 25 Feb 2025 13:02:37 GMT - Mon, 26 May 2025 13:02:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8afb1fdc6553c5ffabb80fcbea07175a/invoke.js HTTP/1.1
Host: coursestiffenjealous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Tue, 25 Mar 2025 19:37:24 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 5
Host: coursestiffenjealous.com

coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js

172.240.253.132

403 Forbidden

0 B

URL GET
coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerLet's Encrypt
Subjectcoursestiffenjealous.com
FingerprintEC:37:27:F0:3A:B2:4F:D7:A0:8D:49:EE:F6:CF:B2:09:67:63:E8:B3
ValidityTue, 25 Feb 2025 13:02:37 GMT - Mon, 26 May 2025 13:02:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8afb1fdc6553c5ffabb80fcbea07175a/invoke.js HTTP/1.1
Host: coursestiffenjealous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Tue, 25 Mar 2025 19:37:24 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 5
Host: coursestiffenjealous.com

galaxyporn-net.yqlog.com/apple-touch-icon.png

188.165.25.76

302 Found

11 kB

URL GET
galaxyporn-net.yqlog.com/apple-touch-icon.png
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type

Size
11 kB (10989 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Cookie: proxy-permission-asked=true; _ga_KMS337CM66=GS1.1.1742931444.1.0.1742931444.0.0.0; _ga=GA1.1.815049849.1742931444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 25 Mar 2025 19:37:27 GMT
content-type: image/png
content-length: 0
location: https://galaxyporn.net/apple-touch-icon.png
expires: Sat, 24 May 2025 19:37:27 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
X-Firefox-Spdy: h2

galaxyporn.net/apple-touch-icon.png

172.67.179.56

200 OK

11 kB

URL GET
galaxyporn.net/apple-touch-icon.png
IP
172.67.179.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerGoogle Trust Services
Subjectgalaxyporn.net
Fingerprint91:AF:16:51:44:35:73:B6:89:80:8C:96:11:34:1F:68:D5:9E:FF:0A
ValidityTue, 04 Mar 2025 07:58:40 GMT - Mon, 02 Jun 2025 08:58:35 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
11 kB (10989 bytes)
Hash
47617df9e5199f2a3d287b3b5f31c9a1
7d79722400422d724884cdf29f5af2c4c48c3261
70a99d5556722f6ea6419bba98c65a38c2bae29e3b65628a81d783d7d18f294d

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: galaxyporn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://galaxyporn-net.yqlog.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 25 Mar 2025 19:37:27 GMT
content-type: image/png
content-length: 10989
cache-control: public, max-age=604800
expires: Tue, 01 Apr 2025 14:14:11 GMT
last-modified: Tue, 25 Mar 2025 13:29:16 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19396
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67CRfQvCWclSLxdcDZE4M01dI2ruu4yFwVS%2Bj%2FCtR%2B6%2BsNLskN%2FYOVMsVksRHxB3ehCJgDi2hF%2FGQvViVPPlvV%2BMCKaPdnCfh7r%2BAHoC1UnuN%2FpN2tmPFtjYkgZQU1BOJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9260dcec1d92fc46-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28024&min_rtt=21485&rtt_var=10829&sent=13&recv=8&lost=0&retrans=0&sent_bytes=5160&recv_bytes=1438&delivery_rate=805&cwnd=12000&unsent_bytes=0&cid=6d63446c4e43661e&ts=1399&x=1", cfExtPri, cfHdrFlush;dur=0

galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0

188.165.25.76

200 OK

819 B

URL GET
galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (905), with no line terminators
Size
819 B (819 bytes)
Hash
01597dddfbc10e99d18ae837b1b8cb0c
4a75e20b1cfb0653b06590574286c8197593c09b
ad22361c015817a1ab020fd1856807801083c9a0a52ea157f410aaa633c08a6d

HTTP Headers

GET /wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Cookie: proxy-permission-asked=true; _ga_KMS337CM66=GS1.1.1742931444.1.0.1742931444.0.0.0; _ga=GA1.1.815049849.1742931444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:26 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:26 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18

188.165.25.76

200 OK

21 kB

URL GET
galaxyporn-net.yqlog.com/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (20018)
Size
21 kB (20570 bytes)
Hash
411d324de2ffdc734973324ea2327314
9eec8426d5ecc09acce14cefe9d617021ca1bfe2
4849bba2f1f6a90c929f95939a2487bf1cfcfbe7f27535466880c15f05618a78

HTTP Headers

GET /wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18 HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 25 Mar 2025 19:37:22 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Thu, 24 Apr 2025 19:37:22 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js

172.240.253.132

403 Forbidden

0 B

URL GET
coursestiffenjealous.com/8afb1fdc6553c5ffabb80fcbea07175a/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerLet's Encrypt
Subjectcoursestiffenjealous.com
FingerprintEC:37:27:F0:3A:B2:4F:D7:A0:8D:49:EE:F6:CF:B2:09:67:63:E8:B3
ValidityTue, 25 Feb 2025 13:02:37 GMT - Mon, 26 May 2025 13:02:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8afb1fdc6553c5ffabb80fcbea07175a/invoke.js HTTP/1.1
Host: coursestiffenjealous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Tue, 25 Mar 2025 19:37:24 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 5
Host: coursestiffenjealous.com

static.cbox.ws/fonts/fontawesome-webfont.woff2?v=4.6.3

104.21.16.1

200 OK

72 kB

URL GET
static.cbox.ws/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www5.cbox.ws/box/?boxid=937307&boxtag=9zksm7
Certificate
IssuerGoogle Trust Services
Subjectcbox.ws
FingerprintE9:43:44:DD:41:56:40:BC:6D:4C:7F:2F:BC:59:41:B0:3F:35:C8:74
ValidityMon, 03 Feb 2025 10:03:38 GMT - Sun, 04 May 2025 11:01:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: static.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www5.cbox.ws
DNT: 1
Connection: keep-alive
Referer: https://www5.cbox.ws/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 25 Mar 2025 19:37:24 GMT
content-type: application/octet-stream
content-length: 71896
last-modified: Fri, 29 Jul 2016 08:15:26 GMT
etag: "579b109e-118d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 649711
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rYe0nKJVfztvmN%2FGj5VfZcaPvOMJ0SLRLFHgu1opP3bgA9mojOhka3UJAWLa9A6vIn%2BpmUyr8r%2F2iGtB8FMb%2Fh3NYNakTWeKoIbhFVZx%2FKPmTDFYuL5aryyRzH%2Fcw8vfyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9260dcd7a9cf70c7-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=19820&min_rtt=19740&rtt_var=4293&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3184&recv_bytes=1112&delivery_rate=216928&cwnd=214&unsent_bytes=0&cid=f58dd9d50ab5c82e&ts=56&x=0"
X-Firefox-Spdy: h2

galaxyporn-net.yqlog.com/icon.svg

188.165.25.76

302 Found

505 B

URL GET
galaxyporn-net.yqlog.com/icon.svg
IP
188.165.25.76:443
ASN
#16276 OVH SAS

Requested by
https://galaxyporn-net.yqlog.com/
Certificate
IssuerCentralNic Luxembourg Sàrl
Subject*.yqlog.com
FingerprintCC:C2:9F:46:52:7C:A2:95:FF:D6:3B:46:AA:92:1F:DC:EE:BC:F2:0A
ValidityMon, 01 Jul 2024 00:00:00 GMT - Tue, 01 Jul 2025 23:59:59 GMT

File type

Size
505 B (505 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /icon.svg HTTP/1.1
Host: galaxyporn-net.yqlog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galaxyporn-net.yqlog.com/
Cookie: proxy-permission-asked=true; _ga_KMS337CM66=GS1.1.1742931444.1.0.1742931444.0.0.0; _ga=GA1.1.815049849.1742931444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 25 Mar 2025 19:37:27 GMT
content-type: image/svg+xml
content-length: 0
location: https://galaxyporn.net/icon.svg
expires: Sat, 24 May 2025 19:37:27 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML