| galynuh.com/favicon.ico |  0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://galynuh.com/login.phphO CertificateIssuerLet's Encrypt Subjectgalynuh.com FingerprintAE:8C:19:1C:11:86:6B:0A:DA:48:B7:93:C6:0B:B8:8F:44:64:C6:05 ValidityFri, 11 Apr 2025 23:07:47 GMT - Thu, 10 Jul 2025 23:07:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: galynuh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://galynuh.com/login.phphO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| |  64.190.63.136 | 439 No Reason Phrase | 0 B |
IP64.190.63.136:443
CertificateIssuerDigiCert Inc Subjectww2.galynuh.com Fingerprint9D:87:DD:92:75:6F:AC:8A:63:56:ED:B5:98:CB:AA:DA:92:F8:01:8C ValidityThu, 23 May 2024 00:00:00 GMT - Thu, 22 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: ww2.galynuh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 439 No Reason Phrase
date: Sat, 03 May 2025 05:19:29 GMT
server: Parking/1.0
content-length: 0
X-Firefox-Spdy: h2
|
|
| | 64.190.63.136 | 403 Forbidden | 93 B |
IP64.190.63.136:80
File typeHTML document, ASCII text Hashb0d506893d4802090edf1644f5f082cd 4bf0d7ecb70703857c7029754fa02a7496313b63 0d3e98ca727fc1201b436170af5a63f23348aaf146a3ac6234f6c4da283e8b34
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: ww2.galynuh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
content-length: 93
cache-control: no-cache
content-type: text/html
|
|
| ww2.galynuh.com/favicon.ico | 64.190.63.136 | 403 Forbidden | 93 B |
URL GET ww2.galynuh.com/favicon.ico IP64.190.63.136:80
File typeHTML document, ASCII text Hashb0d506893d4802090edf1644f5f082cd 4bf0d7ecb70703857c7029754fa02a7496313b63 0d3e98ca727fc1201b436170af5a63f23348aaf146a3ac6234f6c4da283e8b34
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ww2.galynuh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww2.galynuh.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
content-length: 93
cache-control: no-cache
content-type: text/html
|
|
| |  64.225.91.73 | 200 OK | 593 B |
IP64.225.91.73:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectgalynuh.com FingerprintAE:8C:19:1C:11:86:6B:0A:DA:48:B7:93:C6:0B:B8:8F:44:64:C6:05 ValidityFri, 11 Apr 2025 23:07:47 GMT - Thu, 10 Jul 2025 23:07:46 GMT
File typeHTML document, ASCII text Hash3b03d93d3487806337b5c6443ce7a62d 93a7a790bb6348606cbdaf5daeaaf4ea8cf731d0 7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /login.phphO HTTP/1.1
Host: galynuh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 03 May 2025 05:19:28 GMT
Content-Type: text/html
Last-Modified: Wed, 22 Feb 2023 21:25:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63f68860-251"
Content-Encoding: gzip
|
|
| domaincntrol.com/?orighost=https://galynuh.com/login.phphO | 104.18.26.45 | 200 OK | 24 B |
URL GET domaincntrol.com/?orighost=https://galynuh.com/login.phphO IP104.18.26.45:443
Requested byhttps://galynuh.com/login.phphO CertificateIssuerGoogle Trust Services Subjectdomaincntrol.com FingerprintF5:14:9D:E9:4D:BC:60:0D:43:AF:93:8A:61:99:A7:4D:22:06:C5:40 ValidityMon, 17 Mar 2025 15:50:25 GMT - Sun, 15 Jun 2025 16:49:59 GMT
File typeASCII text, with no line terminators Hashf3c40aeaa9222e9c80e4096fdcc4019a 581a1aea776b2f84386d514338b436d0236e297d c86576cfc75b58127283a0180a5a902c405da7377e2d454680a95e0e617e86cc
GET /?orighost=https://galynuh.com/login.phphO HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://galynuh.com/
Origin: https://galynuh.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 03 May 2025 05:19:29 GMT
content-type: text/javascript;charset=UTF-8
content-length: 24
access-control-allow-origin: *
x_details: {"destination":"sedo","orighost":"galynuh.com","type":"org","finalurl":"http://ww2.galynuh.com","browser":"firefox","os":"windows","country":"NO","device":"desktop","isbot":false,"botscore":17}
set-cookie: __cf_bm=18cn44ZeP_8O8jLWUKNKoJdsJZF0gLHZslBz8UWJ1Ec-1746249569-1.0.1.1-d6QTISjRWPe8YCrUUQXMqTqrHf5dDvTq0fwt6jS1HXJvUBtoSfI.Oow7JrqRGib2ENr2PmXZpDHXheIRbMR.Di5lZ8ltsNYpkWWqX4b0F5o; path=/; expires=Sat, 03-May-25 05:49:29 GMT; domain=.domaincntrol.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 939d4dbeca01b505-OSL
X-Firefox-Spdy: h2
|
|