| | 199.191.50.83 | 200 OK | 40 kB |
URL User Request GET HTTP/1.1IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (10731), with CRLF, LF line terminators Hasha6ea6e65c2c11023be7252f69e124e6b 4bf079635180a8100b9ff097c1df8ab138f4ea5b 33d8d6bf11099bfd8606df4cc1ac862520571b242abd1da633a6386c82dd57f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:02:32 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_kdLjRa2HgoiNW6utOh3OEfEURYdkxaGC7Dcf3Q/h8X87WzpySYx3vJHpmfJsVphwCgnxrp2bQR8iEfw0xwKIBQ==
Keep-Alive: timeout=5, max=121
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| galyqaz.com/Print_Services.cfm?fp=SW2zOGluRjzYOmr3oBHHfKLjoB3z/hRVuwyTtS+UGtu4SMlbfnxHPGMpBptxIpnxb/0W0ogP5shMPDdUCqc8xXgvv/zAGO9nDd3M++klHnzwbF0eFRkBOm4N/ZUqd1B2zpqvMBBMUG5+GjDc42U3J8rvM6+flHEuOeV/ccSrcIAQmWImNitgWkT2WomO000voFd2iUbVqyQw086bCXJdbunScrJg6vTYWawTQEgXrrDrqtSOkZbWZasaxMUJoUcZX/0pO9/6IyZ18bjKD+OxXC2KpcVPVCyxNW1Wv0r+xPgA2P4xJwdAItn5nwMomhD0&yep=bANeoS1Ucvwzy+pq/uLsIwUKniK3mG/xVu94SSPrE3cucynQFj13yVIriiGJrzXhrWQTfL+/MMD9w5WSrdLj0Rrk4SN6KcmjpiLtHf2EJQTt9EPOjnC9eM3bvpV4Tf8cdHDanrDF3oDCfRSdiKeWA2Vp+l9+fkH9Q7kBG4Wh4HYBy22871mIPmqgrwy0alU/IYaV6SpRzoWXPn5Mm11qVjNu213e0M+qTw29Kb/kIGFWwUJczuYbNna80sOstTs+S/Lc6yMowzo3BanTlHxYeqpjB6IqvjpImeN021GOqSc8AEaepOyax2+UsRfuiwl7fjKSFKwIw8ETnu5CzYdL430APsuFzX3cZyMTZmGITX4XZsH1XFFInBaDWSb506lVOANxs4AKCacl7bMAsLNBevqi6TcgJ9qEsq9IQoO7d9KSboMul3RY3umFSWk298OcdHff4myxAjBNPflECx8QcfLWMMWx0y7T0FFd0sYAjkA5yrcF8lOYlB9yrpZzkBqhMhTK+K/4/mVLmRwzeglmfkCyghMGxaEZSDg11+UGr8APBTQFKsUR/GdBxr9ER24l/LO6/IJPYWV3i7g9EqKI7Otif8RO6IJCzlYPwKJgX+aj57hsgJfX8vT9A0e77Qlvctfyc2Uj7AuxAdYCYhdfVf8ueO+VJ6dmhYi26kDMqdG/K87rqyBce7FvdZLCoImotUGKoIFAR82cjt4je+51XtlVgAy+4kd4pa1o1sVSgnvOettynoXKwsj39K0Lz4urdBP4rEQkCUAUwZf4IdFPLbOx+2EAITu+oRwvHae0VpBcF4g2zrLG7bVFGwjB2m8il8C74qx8vy50c3IdFtSBHnYFHBsZbV8EoJcD9izmGZpfWkgLMHZ2EZloQ2nUZlP16sHX2wS4iWnIoMeH1nZFt9+E3g07tUZ5oNsiBLPxcauv+lNz8zZo0De+5Nd++DpLup09bU62dCyYv5SZbYDr09wmTEnO7AzOUuruTY9Bw5X9Wc0xwzwfRv6SZkT6GH1Xwx6X300jBiO4oGvhD+Fx2zAPsDw3o1CI1C7rUWAs3K2fKsDdaXPPzAWIF3mZjVuJhV26F165oY3Vx6/DdMOrFCAfP0t97QSJ9/yCSdGnGNQ9RaRHzV0doo3GZ46tXz1s2ZKjKGgcjzw6TY40j/LV93jW51n2/kMbM5JYuySBwv5J7wef5sA2v6eTpXnrdqLtQNFRoDThMaCLrmL0INFGDavbefklvl21C0E7TPwNzaWeX2Qe+g+rQGSNyiTcU+VZg4MhExhdPFk3H4rakj9DRhJmaG0tZ73J+QM//wpGgis6bJ0sDGgyNndiZbKplUc52GOeZBhmxiqk9IeqWEmlsyvMVqEBTaV/E5LIWk2a38t6i+lBGVGlpN2t8osKB1vWMG41vJKB5epnZdjkVShKymWCxQdfHEN45WxJNDDkJ460XhePOjyab4t16exmaPAF5WN+axJQV+79DuMPJIofQfGWDF44WtZ+xOfxY2o8N2NXKrUJKmuoWF3AEDx9Wssh9f4TTwLOfltnmGuMRuWMliNu4oHeji4bmUYCUjjHIHoH0uXP1gQgSxIG3nPs1ekG8UPPJfq/69km75pl1sALura03NGnMKTKUdhfrjODAa6HM0Y8m2Ud6TXjtASx9NIMxSRpvxiGFXITO9mYCH1nPYr6W | 199.191.50.83 | 302 Found | 0 B |
URL User Request GET HTTP/1.1galyqaz.com/Print_Services.cfm?fp=SW2zOGluRjzYOmr3oBHHfKLjoB3z/hRVuwyTtS+UGtu4SMlbfnxHPGMpBptxIpnxb/0W0ogP5shMPDdUCqc8xXgvv/zAGO9nDd3M++klHnzwbF0eFRkBOm4N/ZUqd1B2zpqvMBBMUG5+GjDc42U3J8rvM6+flHEuOeV/ccSrcIAQmWImNitgWkT2WomO000voFd2iUbVqyQw086bCXJdbunScrJg6vTYWawTQEgXrrDrqtSOkZbWZasaxMUJoUcZX/0pO9/6IyZ18bjKD+OxXC2KpcVPVCyxNW1Wv0r+xPgA2P4xJwdAItn5nwMomhD0&yep=bANeoS1Ucvwzy+pq/uLsIwUKniK3mG/xVu94SSPrE3cucynQFj13yVIriiGJrzXhrWQTfL+/MMD9w5WSrdLj0Rrk4SN6KcmjpiLtHf2EJQTt9EPOjnC9eM3bvpV4Tf8cdHDanrDF3oDCfRSdiKeWA2Vp+l9+fkH9Q7kBG4Wh4HYBy22871mIPmqgrwy0alU/IYaV6SpRzoWXPn5Mm11qVjNu213e0M+qTw29Kb/kIGFWwUJczuYbNna80sOstTs+S/Lc6yMowzo3BanTlHxYeqpjB6IqvjpImeN021GOqSc8AEaepOyax2+UsRfuiwl7fjKSFKwIw8ETnu5CzYdL430APsuFzX3cZyMTZmGITX4XZsH1XFFInBaDWSb506lVOANxs4AKCacl7bMAsLNBevqi6TcgJ9qEsq9IQoO7d9KSboMul3RY3umFSWk298OcdHff4myxAjBNPflECx8QcfLWMMWx0y7T0FFd0sYAjkA5yrcF8lOYlB9yrpZzkBqhMhTK+K/4/mVLmRwzeglmfkCyghMGxaEZSDg11+UGr8APBTQFKsUR/GdBxr9ER24l/LO6/IJPYWV3i7g9EqKI7Otif8RO6IJCzlYPwKJgX+aj57hsgJfX8vT9A0e77Qlvctfyc2Uj7AuxAdYCYhdfVf8ueO+VJ6dmhYi26kDMqdG/K87rqyBce7FvdZLCoImotUGKoIFAR82cjt4je+51XtlVgAy+4kd4pa1o1sVSgnvOettynoXKwsj39K0Lz4urdBP4rEQkCUAUwZf4IdFPLbOx+2EAITu+oRwvHae0VpBcF4g2zrLG7bVFGwjB2m8il8C74qx8vy50c3IdFtSBHnYFHBsZbV8EoJcD9izmGZpfWkgLMHZ2EZloQ2nUZlP16sHX2wS4iWnIoMeH1nZFt9+E3g07tUZ5oNsiBLPxcauv+lNz8zZo0De+5Nd++DpLup09bU62dCyYv5SZbYDr09wmTEnO7AzOUuruTY9Bw5X9Wc0xwzwfRv6SZkT6GH1Xwx6X300jBiO4oGvhD+Fx2zAPsDw3o1CI1C7rUWAs3K2fKsDdaXPPzAWIF3mZjVuJhV26F165oY3Vx6/DdMOrFCAfP0t97QSJ9/yCSdGnGNQ9RaRHzV0doo3GZ46tXz1s2ZKjKGgcjzw6TY40j/LV93jW51n2/kMbM5JYuySBwv5J7wef5sA2v6eTpXnrdqLtQNFRoDThMaCLrmL0INFGDavbefklvl21C0E7TPwNzaWeX2Qe+g+rQGSNyiTcU+VZg4MhExhdPFk3H4rakj9DRhJmaG0tZ73J+QM//wpGgis6bJ0sDGgyNndiZbKplUc52GOeZBhmxiqk9IeqWEmlsyvMVqEBTaV/E5LIWk2a38t6i+lBGVGlpN2t8osKB1vWMG41vJKB5epnZdjkVShKymWCxQdfHEN45WxJNDDkJ460XhePOjyab4t16exmaPAF5WN+axJQV+79DuMPJIofQfGWDF44WtZ+xOfxY2o8N2NXKrUJKmuoWF3AEDx9Wssh9f4TTwLOfltnmGuMRuWMliNu4oHeji4bmUYCUjjHIHoH0uXP1gQgSxIG3nPs1ekG8UPPJfq/69km75pl1sALura03NGnMKTKUdhfrjODAa6HM0Y8m2Ud6TXjtASx9NIMxSRpvxiGFXITO9mYCH1nPYr6W IP199.191.50.83:80 ASN#40034 CONFLUENCE-NETWORK-INC
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Print_Services.cfm?fp=SW2zOGluRjzYOmr3oBHHfKLjoB3z/hRVuwyTtS+UGtu4SMlbfnxHPGMpBptxIpnxb/0W0ogP5shMPDdUCqc8xXgvv/zAGO9nDd3M++klHnzwbF0eFRkBOm4N/ZUqd1B2zpqvMBBMUG5+GjDc42U3J8rvM6+flHEuOeV/ccSrcIAQmWImNitgWkT2WomO000voFd2iUbVqyQw086bCXJdbunScrJg6vTYWawTQEgXrrDrqtSOkZbWZasaxMUJoUcZX/0pO9/6IyZ18bjKD+OxXC2KpcVPVCyxNW1Wv0r+xPgA2P4xJwdAItn5nwMomhD0&yep=bANeoS1Ucvwzy+pq/uLsIwUKniK3mG/xVu94SSPrE3cucynQFj13yVIriiGJrzXhrWQTfL+/MMD9w5WSrdLj0Rrk4SN6KcmjpiLtHf2EJQTt9EPOjnC9eM3bvpV4Tf8cdHDanrDF3oDCfRSdiKeWA2Vp+l9+fkH9Q7kBG4Wh4HYBy22871mIPmqgrwy0alU/IYaV6SpRzoWXPn5Mm11qVjNu213e0M+qTw29Kb/kIGFWwUJczuYbNna80sOstTs+S/Lc6yMowzo3BanTlHxYeqpjB6IqvjpImeN021GOqSc8AEaepOyax2+UsRfuiwl7fjKSFKwIw8ETnu5CzYdL430APsuFzX3cZyMTZmGITX4XZsH1XFFInBaDWSb506lVOANxs4AKCacl7bMAsLNBevqi6TcgJ9qEsq9IQoO7d9KSboMul3RY3umFSWk298OcdHff4myxAjBNPflECx8QcfLWMMWx0y7T0FFd0sYAjkA5yrcF8lOYlB9yrpZzkBqhMhTK+K/4/mVLmRwzeglmfkCyghMGxaEZSDg11+UGr8APBTQFKsUR/GdBxr9ER24l/LO6/IJPYWV3i7g9EqKI7Otif8RO6IJCzlYPwKJgX+aj57hsgJfX8vT9A0e77Qlvctfyc2Uj7AuxAdYCYhdfVf8ueO+VJ6dmhYi26kDMqdG/K87rqyBce7FvdZLCoImotUGKoIFAR82cjt4je+51XtlVgAy+4kd4pa1o1sVSgnvOettynoXKwsj39K0Lz4urdBP4rEQkCUAUwZf4IdFPLbOx+2EAITu+oRwvHae0VpBcF4g2zrLG7bVFGwjB2m8il8C74qx8vy50c3IdFtSBHnYFHBsZbV8EoJcD9izmGZpfWkgLMHZ2EZloQ2nUZlP16sHX2wS4iWnIoMeH1nZFt9+E3g07tUZ5oNsiBLPxcauv+lNz8zZo0De+5Nd++DpLup09bU62dCyYv5SZbYDr09wmTEnO7AzOUuruTY9Bw5X9Wc0xwzwfRv6SZkT6GH1Xwx6X300jBiO4oGvhD+Fx2zAPsDw3o1CI1C7rUWAs3K2fKsDdaXPPzAWIF3mZjVuJhV26F165oY3Vx6/DdMOrFCAfP0t97QSJ9/yCSdGnGNQ9RaRHzV0doo3GZ46tXz1s2ZKjKGgcjzw6TY40j/LV93jW51n2/kMbM5JYuySBwv5J7wef5sA2v6eTpXnrdqLtQNFRoDThMaCLrmL0INFGDavbefklvl21C0E7TPwNzaWeX2Qe+g+rQGSNyiTcU+VZg4MhExhdPFk3H4rakj9DRhJmaG0tZ73J+QM//wpGgis6bJ0sDGgyNndiZbKplUc52GOeZBhmxiqk9IeqWEmlsyvMVqEBTaV/E5LIWk2a38t6i+lBGVGlpN2t8osKB1vWMG41vJKB5epnZdjkVShKymWCxQdfHEN45WxJNDDkJ460XhePOjyab4t16exmaPAF5WN+axJQV+79DuMPJIofQfGWDF44WtZ+xOfxY2o8N2NXKrUJKmuoWF3AEDx9Wssh9f4TTwLOfltnmGuMRuWMliNu4oHeji4bmUYCUjjHIHoH0uXP1gQgSxIG3nPs1ekG8UPPJfq/69km75pl1sALura03NGnMKTKUdhfrjODAa6HM0Y8m2Ud6TXjtASx9NIMxSRpvxiGFXITO9mYCH1nPYr6W HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 26 Apr 2024 23:02:34 GMT
Server: Apache
Location: http://galyqaz.com/
Content-Length: 0
Keep-Alive: timeout=5, max=120
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| | 199.191.50.83 | 200 OK | 40 kB |
URL User Request GET HTTP/1.1IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (10734), with CRLF, LF line terminators Hashd7de9fa00e7bfb1a9b7f1f00bd89ef9c dcf7b2950c8526dd6af2fbacd953109fdf394092 10cc14b6281bd07a4dd9f21e457b3ec5c88ea215bd96c85f4be8478bde101f9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 23:02:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_kdLjRa2HgoiNW6utOh3OEfEURYdkxaGC7Dcf3Q/h8X87WzpySYx3vJHpmfJsVphwCgnxrp2bQR8iEfw0xwKIBQ==
|
|
| galyqaz.com/px.js?ch=1 | 199.191.50.83 | 200 OK | 346 B |
IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeASCII text, with very long lines (346), with no line terminators Hashf84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /px.js?ch=1 HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 23:02:36 GMT
Content-Type: application/javascript
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
|
|
| galyqaz.com/__media__/js/min.js?v2.3 | 199.191.50.83 | 200 OK | 8.4 kB |
URL GET HTTP/1.1galyqaz.com/__media__/js/min.js?v2.3 IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (8349), with CRLF line terminators Hashc16c3a4c0fad29106f34d00e89f6886e 6e11811ab8a98bb295b0916cdee68b302c33403d 097786d677a859b7bc87e285377b083b76d66a2fc2832a16bcd50b0e99df77ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/js/min.js?v2.3 HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 23:02:36 GMT
Content-Type: application/javascript
Content-Length: 8435
Connection: keep-alive
Last-Modified: Thu, 16 Feb 2023 20:41:01 GMT
ETag: "20f3-5f4d73705d8c0"
Accept-Ranges: bytes
|
|
| cdn.consentmanager.net/delivery/recall/logos/68884 | 185.76.9.26 | 200 OK | 1.7 kB |
URL GET HTTP/2cdn.consentmanager.net/delivery/recall/logos/68884 IP185.76.9.26:443 ASN#60068 Datacamp Limited
CertificateIssuerLet's Encrypt Subject1376624012.rsc.cdn77.org Fingerprint87:A7:6F:22:26:60:66:88:EF:24:3A:3C:5F:C3:B4:5D:03:F7:88:7B ValidityFri, 26 Apr 2024 11:50:47 GMT - Thu, 25 Jul 2024 11:50:46 GMT
File typegzip compressed data, from Unix Hash036f1abc3ba9a9a6aa50e47fcbbdd720 371723f4e05fe1e06c5ba582331f4059d8066017 b9b117832c6af385a4caf13d905381e0c6db965778152be95879cfaa488c435e
GET /delivery/recall/logos/68884 HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:02:37 GMT
content-type: image/svg+xml
vary: Accept-Encoding
expires: Sat, 27 Apr 2024 13:41:18 GMT
cache-control: public, max-age=86400
edge-control: public, max-age=86400, max-age=2592000
x-77-nzt: EwwBuUwJFAH3hIMAAAwBuUwKDAH3CgAAAAwBisclwQHXAQAAAA
x-77-nzt-ray: af585630f032b7bd8d322c666afbed10
x-accel-expires: @1714225278
x-accel-date: 1714138889
x-77-cache: HIT
x-77-age: 33668
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 33668
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=2&t=cv&h=https%3A%2F%2Fgalyqaz.com%2F&o=1714172557294&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& | 87.230.98.78 | 200 OK | 43 B |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=2&t=cv&h=https%3A%2F%2Fgalyqaz.com%2F&o=1714172557294&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& IP87.230.98.78:443 ASN#61157 PlusServer GmbH
CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6f81c41597d3f5a336f458822cc0c32a 8cd77a54b38f1fb376b45af2eaab8f5982523b8d 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /delivery/info/?id=68884&did=2&cfdid=2&t=cv&h=https%3A%2F%2Fgalyqaz.com%2F&o=1714172557294&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:02:37 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 23:02:37 GMT
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2
|
|
| a.delivery.consentmanager.net/delivery/cmp.php?&cdid=21fdca2281833&h=https%3A%2F%2Fgalyqaz.com%2F&&l=en&o=1714172556962 | 87.230.98.78 | 200 OK | 17 kB |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/cmp.php?&cdid=21fdca2281833&h=https%3A%2F%2Fgalyqaz.com%2F&&l=en&o=1714172556962 IP87.230.98.78:443 ASN#61157 PlusServer GmbH
CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typegzip compressed data, max speed, from Unix Hashdf2e4fd0d9c3725955c56177e743f4cf 75462128263336ff5edb8952ebffc62b5a059012 616f54b473bda457b575d61c96417fbcbb88735332da7c9156f8a4636eaf6672
GET /delivery/cmp.php?&cdid=21fdca2281833&h=https%3A%2F%2Fgalyqaz.com%2F&&l=en&o=1714172556962 HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:02:37 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 23:02:37 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| galyqaz.com/px.js?ch=2 | 199.191.50.83 | 200 OK | 346 B |
IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeASCII text, with very long lines (346), with no line terminators Hashf84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /px.js?ch=2 HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 23:02:38 GMT
Content-Type: application/javascript
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
|
|
| cdn.consentmanager.net/delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8zMzY2NC54XzMzLnYucC50XzMzNjY0Lnh0XzMz.js | 185.76.9.26 | 200 OK | 24 kB |
URL GET HTTP/2cdn.consentmanager.net/delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8zMzY2NC54XzMzLnYucC50XzMzNjY0Lnh0XzMz.js IP185.76.9.26:443 ASN#60068 Datacamp Limited
CertificateIssuerLet's Encrypt Subject1376624012.rsc.cdn77.org Fingerprint87:A7:6F:22:26:60:66:88:EF:24:3A:3C:5F:C3:B4:5D:03:F7:88:7B ValidityFri, 26 Apr 2024 11:50:47 GMT - Thu, 25 Jul 2024 11:50:46 GMT
File typegzip compressed data, from Unix Hash19194b4a945c9acb0f91b2d40dd08f7e 4c90a9ecbdd3082792fdc681d66d572eadc1b42c c7c82dc21900d863135edbc96e87004d63d54150faac9aa354494934e50b2d08
GET /delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8zMzY2NC54XzMzLnYucC50XzMzNjY0Lnh0XzMz.js HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:02:37 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 0
expires: Fri, 26 Apr 2024 23:18:55 GMT
cache-control: public, max-age=1800
edge-control: public, max-age=1800
last-modified: Fri, 26 Apr 2024 22:48:55 GMT
x-77-nzt: EwwBuUwJFAH35QIAAAwBuUwKAQH3UQAAAAwBJRPCLgH3AAAAAA
x-77-nzt-ray: af585630f032b7bd8d322c66810a750e
x-accel-expires: @1714173535
x-accel-date: 1714171816
x-77-cache: HIT
x-77-age: 741
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 741
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| galyqaz.com/sk-logabpstatus.php?a=ZWRtSVZ3UURvRjhwa2lmVkh6SS80QlppR1RXUTFvejFaYTlLQXMxSUY4R0draWo2ajIvZVF3RGQxUTk4QjBFL0dTTkFrM25ZZVk1dzZCRTc4YkJqTjlYTTAybFlHMUlDMFQyUGhRS0hIQkV6ZWVySGlhRzlIVUk4Nlg5ZkhkNS8=&b=true | 199.191.50.83 | 200 OK | 0 B |
URL GET HTTP/1.1galyqaz.com/sk-logabpstatus.php?a=ZWRtSVZ3UURvRjhwa2lmVkh6SS80QlppR1RXUTFvejFaYTlLQXMxSUY4R0draWo2ajIvZVF3RGQxUTk4QjBFL0dTTkFrM25ZZVk1dzZCRTc4YkJqTjlYTTAybFlHMUlDMFQyUGhRS0hIQkV6ZWVySGlhRzlIVUk4Nlg5ZkhkNS8=&b=true IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sk-logabpstatus.php?a=ZWRtSVZ3UURvRjhwa2lmVkh6SS80QlppR1RXUTFvejFaYTlLQXMxSUY4R0draWo2ajIvZVF3RGQxUTk4QjBFL0dTTkFrM25ZZVk1dzZCRTc4YkJqTjlYTTAybFlHMUlDMFQyUGhRS0hIQkV6ZWVySGlhRzlIVUk4Nlg5ZkhkNS8=&b=true HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9ufmEAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 23:02:38 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
|
|
| galyqaz.com/__media__/pics/29590/bg1.png | 199.191.50.83 | 200 OK | 18 kB |
URL GET HTTP/1.1galyqaz.com/__media__/pics/29590/bg1.png IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typePNG image data, 1730 x 988, 4-bit colormap, non-interlaced Hash825ccd29ac102fcadaf92b2343d5917b 24472e766cfac5b82a73b219796556a0a3702bd6 0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/pics/29590/bg1.png HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9ufmEAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 23:02:38 GMT
Content-Type: image/png
Content-Length: 17986
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT
ETag: "4642-5ee4a7e31c9c9"
Accept-Ranges: bytes
|
|
| galyqaz.com/__media__/fonts/montserrat-bold/montserrat-bold.woff | 199.191.50.83 | 200 OK | 17 kB |
URL GET HTTP/1.1galyqaz.com/__media__/fonts/montserrat-bold/montserrat-bold.woff IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 17312, version 2.1 Hashbebe201d813feaad85a3e66607d0da3a 28b049502afa8e9db5340c1a92400591b39870e8 58bb75322beb862803b0d156e1a1d01fb1e7fde82ee93c929b08bf5aea9fc55b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/fonts/montserrat-bold/montserrat-bold.woff HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9ufmEAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 23:02:38 GMT
Content-Type: font/woff
Content-Length: 17312
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "43a0-5b952a63ce953"
Accept-Ranges: bytes
|
|
| galyqaz.com/__media__/fonts/montserrat-regular/montserrat-regular.woff | 199.191.50.83 | 200 OK | 17 kB |
URL GET HTTP/1.1galyqaz.com/__media__/fonts/montserrat-regular/montserrat-regular.woff IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 17264, version 2.1 Hasha43b107861b42ce1335e41e43d4e4d00 99bdb1cec4a68ebe29249c46fefefb6880d009e5 a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/fonts/montserrat-regular/montserrat-regular.woff HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9ufmEAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 23:02:38 GMT
Content-Type: font/woff
Content-Length: 17264
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "4370-5b952a63d1833"
Accept-Ranges: bytes
|
|
| galyqaz.com/favicon.ico | 199.191.50.83 | 404 Not Found | 10 B |
IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash6608dd3e21ca3beabd4bdfa625a0b221 e926d0f8694a4bc4013308afaca7af51e4c9fd9f c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9ufmEAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty
Date: Fri, 26 Apr 2024 23:02:38 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 10
Connection: keep-alive
|
|
| cdn.consentmanager.net/delivery/js/cmp_en.min.js | 185.76.9.26 | 200 OK | 430 kB |
URL GET HTTP/2cdn.consentmanager.net/delivery/js/cmp_en.min.js IP185.76.9.26:443 ASN#60068 Datacamp Limited
CertificateIssuerLet's Encrypt Subject1376624012.rsc.cdn77.org Fingerprint87:A7:6F:22:26:60:66:88:EF:24:3A:3C:5F:C3:B4:5D:03:F7:88:7B ValidityFri, 26 Apr 2024 11:50:47 GMT - Thu, 25 Jul 2024 11:50:46 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size430 kB (429977 bytes) Hashe826e2568f3153d2e146bf66286bd521 b47610e60026f3db1e80bcf0026b53dbb089007b b601830d2f9a081099ea148ed53a859bf410ca3460f0029030fb663fef728c99
GET /delivery/js/cmp_en.min.js HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:02:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 24 Apr 2024 09:35:32 GMT
etag: W/"68f99-616d4644e6100"
cache-control: max-age=86400
expires: Thu, 25 Apr 2024 09:41:22 GMT
edge-control: max-age=86400
x-77-nzt: EwwBuUwJFAH3ybsAAAgBuUwKDAGhDAGKxyXBAfdJFAAA
x-77-nzt-ray: af585630f032b7bd8d322c663ee74d04
x-accel-expires: @1714210884
x-accel-date: 1714124484
x-77-cache: HIT
x-77-age: 48073
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 48073
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=68884&o=1714172557&h=https%3A%2F%2Fgalyqaz.com%2F&&l=en&odw=0&dlt=1&l=en | 87.230.98.78 | 200 OK | 973 B |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=68884&o=1714172557&h=https%3A%2F%2Fgalyqaz.com%2F&&l=en&odw=0&dlt=1&l=en IP87.230.98.78:443 ASN#61157 PlusServer GmbH
CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typeASCII text, with very long lines (1043), with no line terminators Hashdc459be2a8a918b07d389d9f2e045ce3 8ec57349c7c02a248d66f019c33d7c5599e7adbd b4b0000033461258e77821c9cfd02d21de2b13ac28a5dddfd85f117e47734994
GET /delivery/cmp.php?__cmpcc=1&id=68884&o=1714172557&h=https%3A%2F%2Fgalyqaz.com%2F&&l=en&odw=0&dlt=1&l=en HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:02:37 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 23:02:37 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| galyqaz.com/__media__/pics/28905/arrrow.png | 199.191.50.83 | 200 OK | 283 B |
URL GET HTTP/1.1galyqaz.com/__media__/pics/28905/arrrow.png IP199.191.50.83:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectgalyqaz.com FingerprintD1:EE:4B:CF:91:73:02:48:C0:F3:26:83:08:69:E3:56:0D:DA:A7:44 ValidityMon, 25 Mar 2024 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File typePNG image data, 17 x 27, 8-bit colormap, non-interlaced Hash80d42c82a6c37da90210fd60a2f36128 554ba7c84d2a27ecf3b1f29d03e62101936b54d8 a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /__media__/pics/28905/arrrow.png HTTP/1.1
Host: galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Cookie: __cmpcc=1; __cmpconsentx68884=CP9rVEAP9rVEAAfN0CENAyEgAAAAAAAAAAigAAAAAAAA; __cmpcccx68884=aBP9ufmEAAADgAXACCAE0ALwDiQIOAqIADWzstn1bhY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 23:02:38 GMT
Content-Type: image/png
Content-Length: 283
Connection: keep-alive
Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT
ETag: "11b-5d4c2ac970ed9"
Accept-Ranges: bytes
|
|
| a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=2&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fgalyqaz.com%2F&o=1714172557292&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& | 87.230.98.78 | 200 OK | 43 B |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/info/?id=68884&did=2&cfdid=2&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fgalyqaz.com%2F&o=1714172557292&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& IP87.230.98.78:443 ASN#61157 PlusServer GmbH
CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typeGIF image data, version 89a, 1 x 1 Hash6f81c41597d3f5a336f458822cc0c32a 8cd77a54b38f1fb376b45af2eaab8f5982523b8d 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /delivery/info/?id=68884&did=2&cfdid=2&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fgalyqaz.com%2F&o=1714172557292&l=EN&lv=96961&d=2&ct=14&e=&e2=&e3=&i=&sv=19&dv=33& HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:02:37 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 23:02:37 GMT
content-length: 43
content-type: image/gif
X-Firefox-Spdy: h2
|
|
| a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=68884&o=1714172557&h=https%3A%2F%2Fgalyqaz.com%2F&&l=en&odw=0&dlt=1&l=en | 87.230.98.78 | 200 OK | 5.4 kB |
URL GET HTTP/2a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=68884&o=1714172557&h=https%3A%2F%2Fgalyqaz.com%2F&&l=en&odw=0&dlt=1&l=en IP87.230.98.78:443 ASN#61157 PlusServer GmbH
CertificateIssuerLet's Encrypt Subjecta.delivery.consentmanager.net Fingerprint69:B9:38:2C:D2:98:EE:BC:2E:9B:83:33:E4:2F:BC:73:04:51:C8:79 ValidityThu, 14 Mar 2024 00:37:17 GMT - Wed, 12 Jun 2024 00:37:16 GMT
File typeASCII text, with very long lines (5906), with no line terminators Hashd3536b9c7a20913d50d8a7b9bbabbb7c 842695cfc8f9389633cc2d484d5f7734b7d7d8d8 298c4ea87f3f4788ac3dc9bdb4274bce5967319d8d6161cefe71fc5ca9ab34ea
GET /delivery/cmp.php?__cmpcc=2&__cmpfcc=1&id=68884&o=1714172557&h=https%3A%2F%2Fgalyqaz.com%2F&&l=en&odw=0&dlt=1&l=en HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:02:37 GMT
cache-control: no-store, no-cache, must-revalidate
edge-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-xss-protection: 0
last-modified: Fri, 26 Apr 2024 23:02:37 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.consentmanager.net/delivery/flags-rect/en.svg | 185.76.9.26 | 200 OK | 31 kB |
URL GET HTTP/2cdn.consentmanager.net/delivery/flags-rect/en.svg IP185.76.9.26:443 ASN#60068 Datacamp Limited
CertificateIssuerLet's Encrypt Subject1376624012.rsc.cdn77.org Fingerprint87:A7:6F:22:26:60:66:88:EF:24:3A:3C:5F:C3:B4:5D:03:F7:88:7B ValidityFri, 26 Apr 2024 11:50:47 GMT - Thu, 25 Jul 2024 11:50:46 GMT
File typeSVG Scalable Vector Graphics image Hashbd6a0ea3787e858b72d71dac1438fedd d59ba1a15ada77c2bc7a8edaa117f20893b3ee03 467dc751e1a67b8c2211ea6b0d5a8e77774f7e17bd542f8811c31f03d4d39907
GET /delivery/flags-rect/en.svg HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galyqaz.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:02:37 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 15 Jul 2022 22:22:41 GMT
etag: W/"78f6-5e3df74d6ce40"
cache-control: max-age=31536000
expires: Sat, 15 Feb 2025 13:39:56 GMT
edge-control: max-age=2592000
x-77-nzt: EwwBuUwJFAH3lMBcAAwBuUwKDAH3SgwAAAwBJRPCNAH3AwAAAA
x-77-nzt-ray: af585630f032b7bd8d322c6678a08712
x-accel-expires: @1739626796
x-accel-date: 1708093945
x-77-cache: HIT
x-77-age: 6078612
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 6078612
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|