| ww6.galyqaz.com/login.php?subid1=20240419-0553-1775-bc8e-182adf7c0736 | 199.59.243.225 | | 1.2 kB |
URL ww6.galyqaz.com/login.php?subid1=20240419-0553-1775-bc8e-182adf7c0736 IP199.59.243.225:0
File typeHTML document, ASCII text, with very long lines (446) Hashbc911568442a36128e90271940d73a81 93b2c7d394cb36648ea12fdfc3bd1447d375ecd0 fb8068de354ed7e26cda4c0af5a916a775ad8f6f365fc36999ef0743e163e88e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login.php?subid1=20240419-0553-1775-bc8e-182adf7c0736 HTTP/1.1
Host: ww6.galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 20:30:55 GMT
content-type: text/html; charset=utf-8
content-length: 1178
x-request-id: 655e6bf8-8486-4ae2-a507-913bc9f07f3b
cache-control: no-store, max-age=0
accept-ch: sec-ch-prefers-color-scheme
critical-ch: sec-ch-prefers-color-scheme
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_WeVARwcGDjjXLbU319DZ7K9RG0Z8PyUKBUeAFWCvDc7gLe+EePOoh0WAKLatsDV2aReD9LYOp/vwS/ixy/dl7w==
set-cookie: parking_session=655e6bf8-8486-4ae2-a507-913bc9f07f3b; expires=Thu, 18 Apr 2024 20:45:55 GMT; path=/
|
| ww6.galyqaz.com/bjQFGhqml.js | 199.59.243.225 | | 33 kB |
URL ww6.galyqaz.com/bjQFGhqml.js IP199.59.243.225:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33288) Hash4c0f57c52b87f02f9d2ed1ae3859243a 8942e2891e8e847934a601d561f4683d169c3b88 999eda15b8baaf116b1df2c02cca93e903773d939229ea3bf6a8a981815136e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bjQFGhqml.js HTTP/1.1
Host: ww6.galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww6.galyqaz.com/login.php?subid1=20240419-0553-1775-bc8e-182adf7c0736
Cookie: parking_session=655e6bf8-8486-4ae2-a507-913bc9f07f3b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 20:30:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 33291
x-request-id: 28c8f01c-9393-4871-b9fd-6d6983f31d9c
set-cookie: parking_session=655e6bf8-8486-4ae2-a507-913bc9f07f3b; expires=Thu, 18 Apr 2024 20:45:56 GMT
|
| ww6.galyqaz.com/_fd?subid1=20240419-0553-1775-bc8e-182adf7c0736 | 199.59.243.225 | | 2.6 kB |
URL ww6.galyqaz.com/_fd?subid1=20240419-0553-1775-bc8e-182adf7c0736 IP199.59.243.225:0
File typeASCII text, with very long lines (4909), with no line terminators Hash418dd750f7eefc0d0b19c71636f051c7 a72696aca314d6d51fe6e6f01f1111489ac56a71 1fb53f5d4f8b1b4c8cdfea6572f201e98ec2064e3147639171192d3cb42a69e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_fd?subid1=20240419-0553-1775-bc8e-182adf7c0736 HTTP/1.1
Host: ww6.galyqaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww6.galyqaz.com/login.php?subid1=20240419-0553-1775-bc8e-182adf7c0736
Content-Type: application/json
Origin: http://ww6.galyqaz.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=655e6bf8-8486-4ae2-a507-913bc9f07f3b
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
server: openresty
date: Thu, 18 Apr 2024 20:30:56 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
content-length: 2645
x-version: 2.117.5
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: parking_session=655e6bf8-8486-4ae2-a507-913bc9f07f3b; expires=Thu, 18 Apr 2024 20:45:56 GMT; Max-Age=900; path=/; httponly
|