Report - bozent.xyz/1Dz/988.html

Report Overview

Visited public
2023-09-10 19:30:34
Tags
Submit Tags
URL
bozent.xyz/1Dz/988.html
Finishing URL
bozent.xyz/1Dz/988.html
IP / ASN
164.90.204.4
#14061 DIGITALOCEAN-ASN
Title
Avira Security

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-09-09 22:29:57	1.1 kB	7.3 kB	142.250.74.35
translate.googleapis.com	1005	2005-01-25	2012-05-31 09:21:21	2023-09-09 22:36:16	1.7 kB	80 kB	142.250.74.138
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-09 18:34:13	449 B	4.2 kB	216.58.207.227
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04 07:37:42	2023-09-09 21:19:57	526 B	2.3 kB	142.250.74.138
translate.google.com	1156	1997-09-15	2012-05-30 03:30:32	2023-09-09 18:12:53	446 B	88 kB	142.250.74.46
bozent.xyz	unknown	2023-08-09	2021-03-25 02:58:34	2023-09-09 22:32:22	13 kB	341 kB	164.90.204.4
threatdetect.org	unknown	2022-01-28	2022-01-28 15:40:10	2023-09-09 22:34:26	468 B	1.1 kB	188.114.97.1
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-09 18:12:06	1.7 kB	3.5 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed
2023-09-10	medium	bozent.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.VhLMa5Goqys.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp6Bt2OEGTMzKB1bcJzO6dB0ssCsA/m=el_main	ScriptElement	221 kB	2023-09-07	2025-07-12
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.VhLMa5Goqys.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp6Bt2OEGTMzKB1bcJzO6dB0ssCsA/m=el_main IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 23:01 Last Seen2025-07-12 14:05 Times Seen525 Hash a2a011d1e599db8ef632d98330bb23af 1424bdccf6af94e13cc47af4472870bf928a581e f057f2ea50996360cb788c5fc87da25674f5a3b48dc1d549440ae68817597415 Loading...

	bozent.xyz/1Dz/landings/209605/1618996856/js/translate6b42.js	ScriptElement	1.2 kB	2023-03-07	2025-07-14
Pretty URL bozent.xyz/1Dz/landings/209605/1618996856/js/translate6b42.js IP 164.90.204.4 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-14 09:53 Times Seen631 Hash fcd546809170dd574eb37b989529f69a 2e227e144e3b4bd68064354d8a7fbc61125f624c 350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920 Loading...

	bozent.xyz/1Dz/landings/209605/1618996856/js/main6b42.js	ScriptElement	870 B	2023-03-07	2025-05-09
Pretty URL bozent.xyz/1Dz/landings/209605/1618996856/js/main6b42.js IP 164.90.204.4 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-09 14:46 Times Seen110 Hash f3d1a3ef75bc5fb650046e4046059020 e6fd3e861b9433207fa570140a008b3eccfecdae 4958d4f4f54691bc9324b844b5b94f2667b9e54d66ac3b0623d547cca2d6d7c9 Loading...

	bozent.xyz/1Dz/landings/209605/1618996856/js/interactive6b42.js	ScriptElement	11 kB	2023-05-21	2023-09-10
Pretty URL bozent.xyz/1Dz/landings/209605/1618996856/js/interactive6b42.js IP 164.90.204.4 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 23:11 Last Seen2023-09-10 21:30 Times Seen1 Hash bb095e37cfd0a294021b3319e4d9c3d3 833f8570d12f6610c95354bff402c17c001e1589 9608b4961f81c8ac63d4222b83fa5452fc944eb66aba5e689c5738209319fe48 Loading...

	bozent.xyz/_/translate_http/_/js/k=translate_http.tr.no.VhLMa5Goqys.O/d=1/rs=AN8SPfp6Bt2OEGTMzKB1bcJzO6dB0ssCsA/m=el_conf	ScriptElement	87 kB	2023-09-10	2023-09-10
Pretty URL bozent.xyz/_/translate_http/_/js/k=translate_http.tr.no.VhLMa5Goqys.O/d=1/rs=AN8SPfp6Bt2OEGTMzKB1bcJzO6dB0ssCsA/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 21:16 Last Seen2023-09-10 21:35 Times Seen5 Hash d041f42515e288ee6d39cc090d214aca c978411465149e582bd0c0eaf34e3028aa774ec9 cda296864d23ad6329610f0b339dfaa08fc7808256d6a2e51d37e2d94c905990 Loading...

	bozent.xyz/1Dz/landings/209605/1618996856/js/jquery.min6b42.js	ScriptElement	87 kB	2023-03-07	2025-07-15
Pretty URL bozent.xyz/1Dz/landings/209605/1618996856/js/jquery.min6b42.js IP 164.90.204.4 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-15 20:06 Times Seen65765 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	bozent.xyz/1Dz/landings/209605/1618996856/js/js.cockie.min6b42.js	ScriptElement	2.2 kB	2023-03-07	2025-06-29
Pretty URL bozent.xyz/1Dz/landings/209605/1618996856/js/js.cockie.min6b42.js IP 164.90.204.4 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-29 23:53 Times Seen592 Hash c9e9a54501fc6f6e8918b2c0f2a53981 3d530e6c830ccba6284e79c7245bb45d6f4f2197 491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454 Loading...

	bozent.xyz/1Dz/988.html	ScriptElement	509 B	2023-05-21	2024-08-21
Pretty URL bozent.xyz/1Dz/988.html IP 164.90.204.4 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-21 23:11 Last Seen2024-08-21 07:23 Times Seen4 Hash 39340ed980e518e463acdc15cbaf9838 ac99cd17ade64ca462572e738d0268412e92c5d1 c9152c86ec89b25480ded5b0ca68299feb51f8e51b7a32e321171e65d8dd5645 Loading...

HTTP Transactions (42)

URL IP Response Size

GET bozent.xyz/1Dz/landings/209605/1618996856/js/main6b42.js

164.90.204.4

200 OK

870 B

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/js/main6b42.js
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
ASCII text
Size
870 B (870 bytes)
Hash
f3d1a3ef75bc5fb650046e4046059020
e6fd3e861b9433207fa570140a008b3eccfecdae
4958d4f4f54691bc9324b844b5b94f2667b9e54d66ac3b0623d547cca2d6d7c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/js/main6b42.js HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: application/javascript
content-length: 870
last-modified: Wed, 16 Nov 2022 15:40:44 GMT
etag: "6375047c-366"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/avira-white.png

164.90.204.4

200 OK

59 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/avira-white.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (59078 bytes)
Hash
15cac20be8d4fdd074e21a4a52604d2f
fd4c43583bec2c7bfae3cb9feb2699abbc50c578
d4ad291dfcf93d75db62260b5ba53ddda1f2a9c855a3019cf7ae52c3cd936739

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/avira-white.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 59078
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-e6c6"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/logo.jpg

164.90.204.4

200 OK

16 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/logo.jpg
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15758 bytes)
Hash
dcbaba5ccd82fe6d02fd206a21683030
228eb47edeee4c4e17a564ff065174d9cdb221cf
bb32a46a1eb78c4ce7504b42c1b4b7d1cc615bbb901ce6fae0fc77acc7e8dcb2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/logo.jpg HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/jpeg
content-length: 15758
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-3d8e"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/icons.png

164.90.204.4

200 OK

1.9 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/icons.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 124 x 22, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1932 bytes)
Hash
32fded5a952e60a48a879e414c590f24
834e44460475c20ce9f4c801a4ccf53130749af3
d712d6bf38edf55c605c2a568ce2de1caae95d26b00c02c4f9a1eed6f370d76e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/icons.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 1932
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-78c"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/menu1.png

164.90.204.4

200 OK

1.9 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/menu1.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1920 bytes)
Hash
b2b98941a9fe6bbcb6745989b3289b1e
5fb8fce5934af6d3426a37eb58b9846fa80ead39
d9efcb7b0f632cb3d2650c0c676b3c758f00c52f5d1cc5e7963dd456aaa03833

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/menu1.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 1920
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-780"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/menu2.png

164.90.204.4

200 OK

1.7 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/menu2.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1665 bytes)
Hash
bc32798c28d2145f979848809ba5f858
7bc0276cd56bf6463113a9c5d33ea9aacbdb5f51
7319ffc0fdb40740b07f1a286348fa0f29676127996481b6310f3dd7f322d4ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/menu2.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 1665
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-681"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/menu3.png

164.90.204.4

200 OK

1.5 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/menu3.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1483 bytes)
Hash
860d945f4bba4b150b4c6300bdd87527
4c3f11a2902bf437bb578871f7e27625f0ae6504
bdca8ddc4aaf7200e8c215c5eedeae489626d9df23313578ac0cfe45854ea0c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/menu3.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 1483
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-5cb"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/menu4.png

164.90.204.4

200 OK

1.8 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/menu4.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced\012- data
Size
1.8 kB (1812 bytes)
Hash
7af58322b67083908a8519d74471f47d
256a9119feb235759cf98f211bc6398f58c4ee43
bfab83c5a6c9c62450668ba960527fc9b17ed316a52436f0f63fd1eedcd45a3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/menu4.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 1812
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-714"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/check.png

164.90.204.4

200 OK

1.9 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/check.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 35 x 34, 8-bit/color RGB, non-interlaced\012- data
Size
1.9 kB (1946 bytes)
Hash
1eab4e4fb7a147352b0027c0e4df1fe6
99e621180265541383f5c081cd6f7c77b7d21e0d
a66a5ce08b112086075a336e9f18d5cea683143b552a50641971ef00d3895207

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/check.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 1946
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-79a"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/icon1.png

164.90.204.4

200 OK

5.9 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/icon1.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 139 x 130, 8-bit/color RGB, non-interlaced\012- data
Size
5.9 kB (5928 bytes)
Hash
fa6582524d715994e9d9036eca9b034b
06cce1b23faba93959df12a9eccaa3d6f51341ce
cf05a371ab1261c3e1f2785e26c95cc5869b37de15c9d48206e78a58894a0cdc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/icon1.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 5928
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-1728"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/info.png

164.90.204.4

200 OK

1.5 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/info.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 23 x 20, 8-bit/color RGB, non-interlaced\012- data
Size
1.5 kB (1545 bytes)
Hash
7f7b44979afb15dfdc18e7d754c6d0f5
7426889578a3a6f20f620611f7ea8d4dadaf3b87
cb2eff4a1cf5f187eda87e71d6039f24af63844617a7f890070b9afd5c965a33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/info.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 1545
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-609"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/icon2.png

164.90.204.4

200 OK

4.9 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/icon2.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 152 x 121, 8-bit/color RGB, non-interlaced\012- data
Size
4.9 kB (4856 bytes)
Hash
a0f86853c68b824dd5c15b0fae66fdfe
0c8ba75f1370ba3c10a309be4c1c96a5067c6098
f58fdb3b3ba6dc0943458179df29efb7201b84ff2edbf03d9ad5cb26c4e52917

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/icon2.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 4856
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-12f8"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/icon3.png

164.90.204.4

200 OK

5.9 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/icon3.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 137 x 131, 8-bit/color RGB, non-interlaced\012- data
Size
5.9 kB (5904 bytes)
Hash
8a07f71c9d0642e8b94bd2b9687c768f
fb2f6f1a6a421101a4b10c315f340d0565709abf
e77edd6c132664f48fb66468de2e1b5068d61e9f04e03d6a51668b14d00af0ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/icon3.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 5904
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-1710"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/icon-white.png

164.90.204.4

200 OK

2.4 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/icon-white.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 33 x 42, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 kB (2350 bytes)
Hash
f3714f02899353cb6c3b4dc7d223f74b
b5772266a87d7a8d8b5fd5fdaa34b0afcaf8c72c
8973d8cb17f938356a1421bc1e12eabc48a98231d2ebaf3fca0c04e60ed4f40e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/icon-white.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 2350
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-92e"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/images/cross.gif

164.90.204.4

200 OK

211 B

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/images/cross.gif
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
GIF image data, version 89a, 29 x 29\012- data
Size
211 B (211 bytes)
Hash
45b0c8a1e52d91e8cf84eaf75ebca9a9
0e358b8571f9062dedfacd0c31d54179270153cd
4e635bdab7a300d0ccb5aac26b4610a07ee1b33643578c1a4308e677d7eb595d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/images/cross.gif HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/gif
content-length: 211
last-modified: Wed, 16 Nov 2022 15:40:44 GMT
etag: "6375047c-d3"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/images/win_min.png

164.90.204.4

200 OK

128 B

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/images/win_min.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
128 B (128 bytes)
Hash
0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/images/win_min.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 128
last-modified: Wed, 16 Nov 2022 15:40:44 GMT
etag: "6375047c-80"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/images/win_cls.png

164.90.204.4

200 OK

293 B

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/images/win_cls.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
293 B (293 bytes)
Hash
9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/images/win_cls.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 293
last-modified: Wed, 16 Nov 2022 15:40:44 GMT
etag: "6375047c-125"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/images/ico_tray1.gif

164.90.204.4

200 OK

69 B

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/images/ico_tray1.gif
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/images/ico_tray1.gif HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/gif
content-length: 69
last-modified: Wed, 16 Nov 2022 15:40:44 GMT
etag: "6375047c-45"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/images/ico_tray2.gif

164.90.204.4

200 OK

377 B

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/images/ico_tray2.gif
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/images/ico_tray2.gif HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/gif
content-length: 377
last-modified: Wed, 16 Nov 2022 15:40:44 GMT
etag: "6375047c-179"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/images/ico_tray3.gif

164.90.204.4

200 OK

234 B

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/images/ico_tray3.gif
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/images/ico_tray3.gif HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/gif
content-length: 234
last-modified: Wed, 16 Nov 2022 15:40:44 GMT
etag: "6375047c-ea"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/globe-alpha.png

164.90.204.4

200 OK

36 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/globe-alpha.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x860, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
36 kB (35670 bytes)
Hash
568e089f59867948afa6685924507f18
f53c14257743c858f817b9233748444c24c3b6f8
16f7f871d2f26b47f061d3c77ae4ef13ec076671bed3ecafe44ccb3640af45e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/globe-alpha.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/landings/209605/1618996856/css/style6b426b42.css?1618996856
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 35670
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-8b56"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/img/avira-white.png

164.90.204.4

200 OK

59 kB

URL GET HTTP/2
bozent.xyz/1Dz/img/avira-white.png
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size
59 kB (59078 bytes)
Hash
15cac20be8d4fdd074e21a4a52604d2f
fd4c43583bec2c7bfae3cb9feb2699abbc50c578
d4ad291dfcf93d75db62260b5ba53ddda1f2a9c855a3019cf7ae52c3cd936739

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/img/avira-white.png HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: image/png
content-length: 59078
last-modified: Wed, 16 Nov 2022 15:40:42 GMT
etag: "6375047a-e6c6"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET threatdetect.org/fonts/?font=aHR0cHM6Ly9ib3plbnQueHl6LzFEei85ODguaHRtbA==

188.114.97.1

200 OK

472 B

URL GET HTTP/2
threatdetect.org/fonts/?font=aHR0cHM6Ly9ib3plbnQueHl6LzFEei85ODguaHRtbA==
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerGoogle Trust Services LLC
Subjectthreatdetect.org
Fingerprint56:3D:EC:2D:6B:CC:3F:10:36:7D:F1:A0:D5:2F:6D:55:FD:34:E6:BF
ValiditySat, 26 Aug 2023 06:01:40 GMT - Fri, 24 Nov 2023 06:01:39 GMT

File type
data
Size
472 B (472 bytes)
Hash
56af15b7a265e4982c0c260c6bb73900
636ba416d80152bf864aeacd3595219c0e34aa3d
577509443effa7144dabaad1b6dbb8930ab752f068ed32870b0a2004d1af30f7

HTTP Headers

GET /fonts/?font=aHR0cHM6Ly9ib3plbnQueHl6LzFEei85ODguaHRtbA== HTTP/1.1
Host: threatdetect.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bozent.xyz
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FSEDxuQ8Gyqm3vIEKklw1SSbd70OksfeW9ool7VYEISDzFojFudQGo6SiAwoFa9nG3mYVkwhvNo47pGWCVM3BaVjgbnyMjmmR0Ies8MR%2F4F9ajvUTUgLqN%2B6hHip18PVIQr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 804a15a48f08568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2493dac4863c9b8db5f23a37692ef71b
cca29fa30ba8ee3a86a1ef6a7151244908dba399
00b54431d117fc86713b52c9e0962a39b970d33e163f5551bc770ede78ab5efb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 19:30:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2060521e966a6a20a0bf1ababc2286c0
763ffc1aa1a10115e4a0526c747e9202dd085f16
9532f54419572a700481f1d886fe5e95a277ad19ccd7b2df29b1d30f154f00f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 19:30:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css

142.250.74.35

200 OK

4.0 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Sep 2023 20:35:52 GMT
expires: Wed, 04 Sep 2024 20:35:52 GMT
cache-control: public, max-age=31536000
age: 428064
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2060521e966a6a20a0bf1ababc2286c0
763ffc1aa1a10115e4a0526c747e9202dd085f16
9532f54419572a700481f1d886fe5e95a277ad19ccd7b2df29b1d30f154f00f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 19:30:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6177dcf0a4eb5ad573053fd1caca1572
0127fcb5e3e6f18919894194eb2e5cad031d0c22
b7375560b308d11b9bb7e01888d62afa373069aa912d7b9c2945251bfc1b9cdf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 19:30:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.VhLMa5Goqys.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp6Bt2OEGTMzKB1bcJzO6dB0ssCsA/m=el_main

142.250.74.138

200 OK

78 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.VhLMa5Goqys.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp6Bt2OEGTMzKB1bcJzO6dB0ssCsA/m=el_main
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
ASCII text, with very long lines (2009)
Size
78 kB (77700 bytes)
Hash
a2a011d1e599db8ef632d98330bb23af
1424bdccf6af94e13cc47af4472870bf928a581e
f057f2ea50996360cb788c5fc87da25674f5a3b48dc1d549440ae68817597415

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.VhLMa5Goqys.O/d=1/exm=el_conf/ed=1/rs=AN8SPfp6Bt2OEGTMzKB1bcJzO6dB0ssCsA/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 77700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Sep 2023 19:21:54 GMT
expires: Fri, 06 Sep 2024 19:21:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Sep 2023 15:12:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 259703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
14bee7661a70e20720ccfc970f1da1df
685187fc334995bb7d51766d5af831667d544c0b
71d72c05430a03aea95e674c232e5b1a93612b0325d1092ba180d8880afceeab

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 10 Sep 2023 19:30:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Sep 2023 09:24:11 GMT
expires: Sat, 07 Sep 2024 09:24:11 GMT
cache-control: public, max-age=31536000
age: 209166
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

216.58.207.227

200 OK

3.3 kB

URL GET HTTP/2
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAB:14:67:80:B6:91:41:34:54:E4:AE:2E:71:65:B4:8E:65:B2:D2:2D
ValidityMon, 14 Aug 2023 08:22:45 GMT - Mon, 06 Nov 2023 08:22:44 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6225), with no line terminators
Size
3.3 kB (3340 bytes)
Hash
2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Sep 2023 20:35:50 GMT
expires: Wed, 04 Sep 2024 20:35:50 GMT
cache-control: public, max-age=31536000
age: 428067
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.138

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 10 Sep 2023 19:30:17 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=dFljmaQnNHRlErZfPWHimt69AbQVs1FGObXtQ_ECNUbCe8VC0DRhqFfme-UaAPyT4MpHcpgpuJj3S4S4PkG4IvYv1pJFHMgx8lnLpfYMIVrowruvn9RpUcrcE-DfZbSkzh0FnJSw_Jpjj8ISNOf77Z-I8_rHkRLAa45h0p0OdZk; expires=Mon, 11-Mar-2024 19:30:17 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+048; expires=Tue, 09-Sep-2025 19:30:17 GMT; path=/; domain=.googleapis.com; Secure
expires: Sun, 10 Sep 2023 19:30:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.138

200 OK

0 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Referer: https://bozent.xyz/
Origin: https://bozent.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://bozent.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
content-type: text/plain; charset=UTF-8
date: Sun, 10 Sep 2023 19:30:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+269; expires=Tue, 09-Sep-2025 19:30:27 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Sep 2023 19:30:27 GMT
cache-control: private

POST translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.138

200 OK

131 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint09:AB:BF:F5:D0:04:69:59:E1:EA:AC:DA:8B:68:CF:62:94:2E:50:38
ValidityMon, 14 Aug 2023 08:22:09 GMT - Mon, 06 Nov 2023 08:22:08 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Encoding: gzip
Content-Type: application/binary
Content-Length: 316
Origin: https://bozent.xyz
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://bozent.xyz
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 10 Sep 2023 19:30:27 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+031; expires=Tue, 09-Sep-2025 19:30:27 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Sep 2023 19:30:27 GMT

GET bozent.xyz/1Dz/landings/209605/1618996856/css/style6b426b42.css?1618996856

164.90.204.4

200 OK

18 kB

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/css/style6b426b42.css?1618996856
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
ASCII text
Size
18 kB (17554 bytes)
Hash
ae3dff730755241dddb0411dfb12ecdc
150f9644b73917f95fdfa05651a0e7a68180fdab
26e87e96a3a488425e5535ebf0f0bfe70cc231f0590a650a8c35ac5fe8296bec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/css/style6b426b42.css?1618996856 HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: text/css
last-modified: Fri, 21 Apr 2023 11:38:06 GMT
vary: Accept-Encoding
etag: W/"6442759e-4492"
content-encoding: gzip
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/js/interactive6b42.js

164.90.204.4

200 OK

11 kB

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/js/interactive6b42.js
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
ASCII text, with very long lines (10061), with CRLF line terminators
Size
11 kB (10716 bytes)
Hash
bb095e37cfd0a294021b3319e4d9c3d3
833f8570d12f6610c95354bff402c17c001e1589
9608b4961f81c8ac63d4222b83fa5452fc944eb66aba5e689c5738209319fe48

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/js/interactive6b42.js HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: application/javascript
last-modified: Fri, 21 Apr 2023 11:36:38 GMT
vary: Accept-Encoding
etag: W/"64427546-29dc"
content-encoding: gzip
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/js/jquery.min6b42.js

164.90.204.4

200 OK

87 kB

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/js/jquery.min6b42.js
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/js/jquery.min6b42.js HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 15:40:44 GMT
vary: Accept-Encoding
etag: W/"6375047c-1538f"
content-encoding: gzip
X-Firefox-Spdy: h2

GET translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

142.250.74.46

200 OK

87 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5A:48:5B:27:A7:FB:0B:D6:63:83:8E:8E:80:DB:29:B7:2C:72:A8:8E
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT

File type
ASCII text, with very long lines (2450)
Size
87 kB (86849 bytes)
Hash
d041f42515e288ee6d39cc090d214aca
c978411465149e582bd0c0eaf34e3028aa774ec9
cda296864d23ad6329610f0b339dfaa08fc7808256d6a2e51d37e2d94c905990

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 10 Sep 2023 19:30:16 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+725; expires=Tue, 09-Sep-2025 19:30:16 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/js/translate6b42.js

164.90.204.4

200 OK

1.2 kB

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/js/translate6b42.js
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
ASCII text, with very long lines (1223), with no line terminators
Size
1.2 kB (1157 bytes)
Hash
00d68d5fcbe959205761ae2eb92bda5a
e70670eba70fd9428d8ee7d8acacea623bd72d4f
994454fb2f960994c4f0721e63734138eb06498b18f1236e39d4c66de579b054

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/js/translate6b42.js HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 15:40:46 GMT
vary: Accept-Encoding
etag: W/"6375047e-485"
content-encoding: gzip
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/landings/209605/1618996856/js/js.cockie.min6b42.js

164.90.204.4

200 OK

2.2 kB

URL GET HTTP/2
bozent.xyz/1Dz/landings/209605/1618996856/js/js.cockie.min6b42.js
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://bozent.xyz/1Dz/988.html
Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type
ASCII text, with very long lines (2304), with no line terminators
Size
2.2 kB (2198 bytes)
Hash
79218c8e4d6b9589da61b4daddd1d721
c8bdf2b44db9327ac24f0d02e2aa0bfc69097ab5
db4e31aaf6f2022d9cd8c052537ee237b0b69cd49ab27d6d29913bf401b1ea5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/landings/209605/1618996856/js/js.cockie.min6b42.js HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bozent.xyz/1Dz/988.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:16 GMT
content-type: application/javascript
last-modified: Wed, 16 Nov 2022 15:40:44 GMT
vary: Accept-Encoding
etag: W/"6375047c-896"
content-encoding: gzip
X-Firefox-Spdy: h2

GET bozent.xyz/1Dz/988.html

164.90.204.4

200 OK

13 kB

URL User Request GET HTTP/2
bozent.xyz/1Dz/988.html
IP
164.90.204.4:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectbozent.xyz
Fingerprint89:A7:1B:53:9B:19:E6:6D:0C:6E:E2:B3:DD:3C:C3:CD:D9:02:B5:24
ValidityTue, 22 Aug 2023 08:52:02 GMT - Mon, 20 Nov 2023 08:52:01 GMT

File type

Size
13 kB (12561 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1Dz/988.html HTTP/1.1
Host: bozent.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 10 Sep 2023 19:30:15 GMT
content-type: text/html
last-modified: Tue, 25 Apr 2023 14:35:54 GMT
vary: Accept-Encoding
etag: W/"6447e54a-3111"
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers