Report - doxbin.org/upload/LukeSmithreposted

Report Overview

Submitted URL
doxbin.org/upload/LukeSmithreposted
IP
91.215.42.4
ASN
#57724 Ddos-Guard Ltd
Submitted
2024-05-07 18:14:12
Access
public
Website Title
Doxbin - LukeSmith ~ reposted
Final URL
doxbin.org/upload/LukeSmithreposted
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
newassets.hcaptcha.com	11055	2018-01-12	2021-03-22	2024-05-07	3.1 kB	995 kB	104.18.125.91
js.hcaptcha.com	23463	2018-01-12	2021-07-30	2024-05-06	395 B	388 kB	104.18.125.91
api2.hcaptcha.com	unknown	2018-01-12	2023-05-02	2024-05-06	599 B	1.5 kB	104.18.125.91
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	448 B	10 kB	142.250.74.106
doxbin.org	unknown	2018-03-30	2017-06-30	2024-03-02	19 kB	375 kB	91.215.42.4
netdna.bootstrapcdn.com	3413	2012-05-25	2012-09-07	2024-05-06	1.0 kB	68 kB	104.18.11.207
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	532 B	16 kB	142.250.74.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed
2024-05-07	medium	doxbin.org	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	doxbin.org/legacy/jquery.min.js	93 kB	2023-03-07	2024-05-17
Pretty URL doxbin.org/legacy/jquery.min.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:08 Last Seen2024-05-17 12:43:06 Times Seen1105 Hash 841dc30647f93349b7d8ef61deebe411 e0f962936599a6cd266f004b9d04b29d46811483 c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a Loading...

	doxbin.org/legacy/tabby.js	12 kB	2023-03-07	2024-05-09
Pretty URL doxbin.org/legacy/tabby.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2024-05-09 21:49:18 Times Seen90 Hash 72d09a3a16912e2862da1aae17399388 243261b14dd3abc368dcb94963193a80a430636b bc51769a0f067f5bc58696f7505e36398cc2c686249827590d834bb65e1e23bc Loading...

	doxbin.org/legacy/toastr/toastr.min.js	3.5 kB	2023-03-07	2024-05-09
Pretty URL doxbin.org/legacy/toastr/toastr.min.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2024-05-09 21:49:18 Times Seen88 Hash 6ed0f01ae15c74c5d006a440cd80896d 56f005cb789f21d75bedee30df6d9e6c967120f9 841361fc4315592446b392ba33babf7763882f939136713bcc3467b11d8f7286 Loading...

	doxbin.org/legacy/paste.js	7.8 kB	2023-05-21	2024-05-09
Pretty URL doxbin.org/legacy/paste.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 01:31:27 Last Seen2024-05-09 21:49:18 Times Seen70 Hash 8f00d44e4d023e712a2c05171e6f274b 20db5dcd06979a315258f1f5023f853d5d6fc85a cac01ec1275f478727236d185b7c7df61b7bec66031297aea074f9a15c29adc5 Loading...

	doxbin.org/upload/LukeSmithreposted	123 B	2024-05-07	2024-05-07
Pretty URL doxbin.org/upload/LukeSmithreposted IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 20:14:13 Last Seen2024-05-07 20:14:13 Times Seen1 Hash b9258822fdcd6a595282a736534b422d a71efe9bd637bc1b3818e471bcd1255a8d599d1e 0ccde339d6504662332d31c4b663d47f36b3c78a75986b80d2065e9bc3dc8ea1 Loading...

	js.hcaptcha.com/1/api.js	387 kB	2024-04-30	2024-05-07
Pretty URL js.hcaptcha.com/1/api.js IP 104.18.125.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 17:59:30 Last Seen2024-05-07 20:54:15 Times Seen187 Hash c6438f98ac4acd11054d196bf44310de 00a348466d30d26c486e48d464a2432dfcc28b69 1c7ee73f66b781ba78bdfd7189fc368805cb5e642ad5f095b505a206c5a19ba5 Loading...

	doxbin.org/legacy/custom.modernizr.js	9.3 kB	2023-03-07	2024-05-09
Pretty URL doxbin.org/legacy/custom.modernizr.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2024-05-09 21:49:18 Times Seen176 Hash 692789fedf79bf48689051f4c1bada2c 55a32a05ade94bd098f64d973eba54d79ad54068 f56dff20f3b4f45e54be41bea34ee24b5ed2e43c5ceaf90400ddcb1ba495b48c Loading...

	newassets.hcaptcha.com/c/f922a41/hsw.js	470 kB	2024-05-03	2024-05-14
Pretty URL newassets.hcaptcha.com/c/f922a41/hsw.js IP 104.18.125.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 01:29:42 Last Seen2024-05-14 03:33:19 Times Seen288 Hash a015c3f04def6c02f6d3a815ff97f100 2322366db22def41a31f2dae0a2133ad75e6d1ac 42d9a4011ac36ae483e8e3cb4bb2b3829b96bf366bbc1c0e2ab40d4d7deb9240 Loading...

	doxbin.org/legacy/google-code-prettify/prettify.js	15 kB	2023-03-07	2024-05-12
Pretty URL doxbin.org/legacy/google-code-prettify/prettify.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:10 Last Seen2024-05-12 04:53:57 Times Seen189 Hash d435ff18c832044c3ddf7a0cf826eb72 d24b1da342b5c2d0582f0922118aaf0b2a6840d5 f48d85c6ea701e417a857cd9292de12c2c0ff795c5ba45f7127c51cc6a97cf3d Loading...

	doxbin.org/legacy/bin.js	10 kB	2023-03-07	2024-05-09
Pretty URL doxbin.org/legacy/bin.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:38 Last Seen2024-05-09 21:49:18 Times Seen90 Hash e996dfb945b23c92f41e18fcbb78321e 837ba6d02cf21e8fee291982a61b5d2fab004f35 0947d9ea0ca7c15a00023f63b14d1c9e08fedeaa77cb98651d45c8bac3492f7d Loading...

	doxbin.org/upload/LukeSmithreposted	5.1 kB	2024-05-07	2024-05-07
Pretty URL doxbin.org/upload/LukeSmithreposted IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 20:14:13 Last Seen2024-05-07 20:14:13 Times Seen1 Hash 6fa7beac5dc28274965a19477dec0674 eff9b1fc022c4fabb56224aeb199317268bb5e05 b6fb54650f292010e5f9ab34ba8218b68858c29f380c5ab984c380da24c2051c Loading...

	doxbin.org/legacy/mousetrap.min.js	3.8 kB	2023-03-07	2024-05-09
Pretty URL doxbin.org/legacy/mousetrap.min.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2024-05-09 21:49:18 Times Seen88 Hash a9161eaf1d9906986cef4ed907cd105b 58ffe3095d85e650e5cd937ceae9c4a2563a2203 77fa03cbc7bd83ce062a3792290216db6dd6a2b28e50df54ece92bd3abcedf33 Loading...

	doxbin.org/legacy/zclip.min.js	7.4 kB	2023-03-07	2024-05-12
Pretty URL doxbin.org/legacy/zclip.min.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-05-12 09:19:47 Times Seen130 Hash 9e85741bf31afd921a7289b6cccdfdbd ed68e77078d387ac00c1050e19612f66d066ff7d dabff7fab90a3cd6d4470754cc171eeb54c3c174f9a9190740d13b3a76de825a Loading...

	doxbin.org/legacy/logout.js	386 B	2023-03-07	2024-05-09
Pretty URL doxbin.org/legacy/logout.js IP 91.215.42.4 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:07 Last Seen2024-05-09 21:49:18 Times Seen109 Hash afd41646ea71a1881edf5fed8cbb10ab 882b7b0e5104a768e590d1cbb5f7a571ea197cf4 3637f4cd47e07acb7831673e21bd3acf73b15a2da443efa5ab2c54d93cf49bc2 Loading...

	unknown	48 B	2023-04-11	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:45:29 Last Seen2024-05-19 16:53:21 Times Seen19451 Hash 43d643e449b4ea13394fe737b1d6a447 1c03d56d955fd266d7659379e63d5711bd5382db 4817661f6ac7d2e1691bc3aeb9966e66012891ccda569ff872dc0932010c540d Loading...

HTTP Transactions (31)

URL IP Response Size

doxbin.org/legacy/app.css?r=46

91.215.42.4

200 OK

6.4 kB

URL GET HTTP/2
doxbin.org/legacy/app.css?r=46
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
ASCII text, with very long lines (418)
Size
6.4 kB (6442 bytes)
Hash
c474a0e5b8cf3261e0e98c8cf6868602
55971ab13dc409ae62e2d9f7db9a61dae67f1bb6
f86f82d03215d5db022a770f1d6158a49f47ab615e305680e424958a0ecda09c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/app.css?r=46 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 05:55:55 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
etag: W/"6542b7af-8eb1"
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
age: 735471
content-length: 6442
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/google-code-prettify/tomorrow-night.css

91.215.42.4

200 OK

550 B

URL GET HTTP/2
doxbin.org/legacy/google-code-prettify/tomorrow-night.css
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
ASCII text
Size
550 B (550 bytes)
Hash
4a8fefe4252097e83f1a43f13e44e862
01cd61a5aee71cb3594a4d554e2d1e304dba1a38
b81db0561466ec3d462a0aab82df1732ffd919df2cf1f2e975b07dd4ae3ec41c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/google-code-prettify/tomorrow-night.css HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 10:10:05 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6542b7af-627"
age: 720221
content-length: 550
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/css/show.css?r=44

91.215.42.4

200 OK

964 B

URL GET HTTP/2
doxbin.org/legacy/css/show.css?r=44
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
ASCII text, with CRLF line terminators
Size
964 B (964 bytes)
Hash
ae21feac52d1d6b12b653cf1f2ae8c00
22c4b890880a8b8fdca18ff1d4f07543a2a731ec
3d2e99b1ab94b0ec2c41491b5b891d4de31d2d771e0869413cec2ecf5051a1e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/css/show.css?r=44 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 12:19:36 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6542b7af-f6c"
age: 712450
content-length: 964
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/toastr/toastr.min.css

91.215.42.4

200 OK

2.5 kB

URL GET HTTP/2
doxbin.org/legacy/toastr/toastr.min.css
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
ASCII text, with very long lines (5420), with no line terminators
Size
2.5 kB (2497 bytes)
Hash
7ddc0ff9437d0e9caf5364931a5de921
8c782e04e11bee0efb6dca347f08bfb458eb9b26
561ab72887e145be776ad0321fd55a66eab9e2ee9091e62fa3a103d31c126efe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/toastr/toastr.min.css HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 28 Apr 2024 16:43:36 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6542b7af-152c"
age: 783010
content-length: 2497
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/upload/LukeSmithreposted

91.215.42.4

200 OK

13 kB

URL User Request GET HTTP/2
doxbin.org/upload/LukeSmithreposted
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (373)
Size
13 kB (13212 bytes)
Hash
13549fed9f5964423dd5195f3d5b6590
ce157314b38c20c973094f3e35327809432d1d03
3f969ad950cd8734bc89ad56d62073848135cc32bdb6456342085b3c65a075c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/LukeSmithreposted HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 07 May 2024 18:13:45 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; Domain=.doxbin.org; HttpOnly; Path=/; Expires=Wed, 07-May-2025 18:13:45 GMT
XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; expires=Tue, 07-May-2024 20:13:45 GMT; Max-Age=7200; path=/; domain=.doxbin.org; secure
doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D; expires=Tue, 07-May-2024 20:13:45 GMT; Max-Age=7200; path=/; domain=.doxbin.org; secure; httponly
x-frame-options: DENY, DENY
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

doxbin.org/files/doxbin.css?r=32

91.215.42.4

200 OK

742 B

URL GET HTTP/2
doxbin.org/files/doxbin.css?r=32
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
ASCII text, with CRLF line terminators
Size
742 B (742 bytes)
Hash
efc22e09d7df7d44cc8250abc2f4253e
d6b84bf05bfe95aff80c627c57563e8b577c36b6
a047dfde33055aa488d387eab591459df1c4d3dc82ea5d3078b26a4fd3736ca3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /files/doxbin.css?r=32 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 12:19:23 GMT
content-type: text/css
last-modified: Fri, 08 Dec 2023 06:06:08 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6572b250-b61"
age: 712463
content-length: 742
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/jquery.min.js

91.215.42.4

200 OK

93 kB

URL GET HTTP/2
doxbin.org/legacy/jquery.min.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text, with very long lines (32072)
Size
93 kB (93106 bytes)
Hash
841dc30647f93349b7d8ef61deebe411
e0f962936599a6cd266f004b9d04b29d46811483
c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/jquery.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 19:38:04 GMT
content-type: application/javascript
content-length: 93106
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
etag: "6542b7af-16bb2"
x-frame-options: DENY
x-powered-by: PleskLin
accept-ranges: bytes
age: 686142
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/mousetrap.min.js

91.215.42.4

200 OK

1.9 kB

URL GET HTTP/2
doxbin.org/legacy/mousetrap.min.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text, with very long lines (518)
Size
1.9 kB (1853 bytes)
Hash
a9161eaf1d9906986cef4ed907cd105b
58ffe3095d85e650e5cd937ceae9c4a2563a2203
77fa03cbc7bd83ce062a3792290216db6dd6a2b28e50df54ece92bd3abcedf33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/mousetrap.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 12:19:01 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6542b7af-f09"
age: 712485
content-length: 1853
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/google-code-prettify/prettify.js

91.215.42.4

200 OK

6.4 kB

URL GET HTTP/2
doxbin.org/legacy/google-code-prettify/prettify.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text, with very long lines (594)
Size
6.4 kB (6435 bytes)
Hash
d435ff18c832044c3ddf7a0cf826eb72
d24b1da342b5c2d0582f0922118aaf0b2a6840d5
f48d85c6ea701e417a857cd9292de12c2c0ff795c5ba45f7127c51cc6a97cf3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/google-code-prettify/prettify.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 16:30:31 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
etag: W/"6542b7af-38d7"
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
age: 697395
content-length: 6435
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/tabby.js

91.215.42.4

200 OK

3.3 kB

URL GET HTTP/2
doxbin.org/legacy/tabby.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text
Size
3.3 kB (3337 bytes)
Hash
72d09a3a16912e2862da1aae17399388
243261b14dd3abc368dcb94963193a80a430636b
bc51769a0f067f5bc58696f7505e36398cc2c686249827590d834bb65e1e23bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/tabby.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 05 May 2024 20:01:54 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-powered-by: PleskLin
content-encoding: br
x-frame-options: DENY
etag: "6542b7af-2e44"
age: 166312
content-length: 3337
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/toastr/toastr.min.js

91.215.42.4

200 OK

1.2 kB

URL GET HTTP/2
doxbin.org/legacy/toastr/toastr.min.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text, with very long lines (3466), with no line terminators
Size
1.2 kB (1230 bytes)
Hash
6ed0f01ae15c74c5d006a440cd80896d
56f005cb789f21d75bedee30df6d9e6c967120f9
841361fc4315592446b392ba33babf7763882f939136713bcc3467b11d8f7286

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/toastr/toastr.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 12:19:23 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6542b7af-d8a"
age: 712463
content-length: 1230
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/zclip.min.js

91.215.42.4

200 OK

2.4 kB

URL GET HTTP/2
doxbin.org/legacy/zclip.min.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text, with very long lines (7199)
Size
2.4 kB (2379 bytes)
Hash
9e85741bf31afd921a7289b6cccdfdbd
ed68e77078d387ac00c1050e19612f66d066ff7d
dabff7fab90a3cd6d4470754cc171eeb54c3c174f9a9190740d13b3a76de825a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/zclip.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 09:51:57 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6542b7af-1d01"
age: 721310
content-length: 2379
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/bin.js

91.215.42.4

200 OK

2.6 kB

URL GET HTTP/2
doxbin.org/legacy/bin.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text
Size
2.6 kB (2555 bytes)
Hash
e996dfb945b23c92f41e18fcbb78321e
837ba6d02cf21e8fee291982a61b5d2fab004f35
0947d9ea0ca7c15a00023f63b14d1c9e08fedeaa77cb98651d45c8bac3492f7d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/bin.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 12:19:23 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6542b7af-2766"
age: 712463
content-length: 2555
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/logout.js

91.215.42.4

200 OK

169 B

URL GET HTTP/2
doxbin.org/legacy/logout.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
afd41646ea71a1881edf5fed8cbb10ab
882b7b0e5104a768e590d1cbb5f7a571ea197cf4
3637f4cd47e07acb7831673e21bd3acf73b15a2da443efa5ab2c54d93cf49bc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/logout.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 12:19:36 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "182-6091d474e91e2"
age: 712450
content-length: 169
ddg-cache-status: HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/paste.js

91.215.42.4

200 OK

2.0 kB

URL GET HTTP/2
doxbin.org/legacy/paste.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text, with very long lines (545), with CRLF line terminators
Size
2.0 kB (1997 bytes)
Hash
8f00d44e4d023e712a2c05171e6f274b
20db5dcd06979a315258f1f5023f853d5d6fc85a
cac01ec1275f478727236d185b7c7df61b7bec66031297aea074f9a15c29adc5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/paste.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 29 Apr 2024 12:19:23 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6542b7af-1e6a"
age: 712463
content-length: 1997
ddg-cache-status: HIT
X-Firefox-Spdy: h2

netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

104.18.11.207

200 OK

44 kB

URL GET HTTP/3
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format, TrueType, length 44432, version 1.0
Size
44 kB (44432 bytes)
Hash
3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

HTTP Headers

GET /font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doxbin.org
DNT: 1
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 18:13:46 GMT
content-type: font/woff
content-length: 44432
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "3293616ec0c605c7c2db25829a0a509e"
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 10/31/2023 18:59:39
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1076
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b01341ae873ee5eec638346f7b79be0e
cdn-cache: HIT
cf-cache-status: HIT
age: 596962
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 88032f959b9db511-OSL
alt-svc: h3=":443"; ma=86400

doxbin.org/MaterialIcons-Regular.woff2

91.215.42.4

200 OK

105 kB

URL GET HTTP/2
doxbin.org/MaterialIcons-Regular.woff2
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
Web Open Font Format (Version 2), TrueType, length 104888, version 1.0
Size
105 kB (104888 bytes)
Hash
8fd34a1dc7ec7e2937a376a6e4d5e722
b380f5c2d6a9f921131358aa4b4e54d1232e9870
2c03dc5dde61b134d69d2200ccd620910e29b480a923596d70e6b7086723fae8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MaterialIcons-Regular.woff2 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 27 Apr 2024 22:08:30 GMT
content-type: font/woff2
content-length: 104888
last-modified: Wed, 01 Nov 2023 20:40:14 GMT
etag: "6542b7ae-199b8"
x-frame-options: DENY
x-powered-by: PleskLin
accept-ranges: bytes
age: 849916
ddg-cache-status: HIT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.99

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doxbin.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 04:42:49 GMT
expires: Sat, 03 May 2025 04:42:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 394257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

doxbin.org/MaterialIcons-Regular.woff2

91.215.42.4

200 OK

105 kB

URL GET HTTP/2
doxbin.org/MaterialIcons-Regular.woff2
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
Web Open Font Format (Version 2), TrueType, length 104888, version 1.0
Size
105 kB (104888 bytes)
Hash
8fd34a1dc7ec7e2937a376a6e4d5e722
b380f5c2d6a9f921131358aa4b4e54d1232e9870
2c03dc5dde61b134d69d2200ccd620910e29b480a923596d70e6b7086723fae8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MaterialIcons-Regular.woff2 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 27 Apr 2024 22:08:30 GMT
content-type: font/woff2
content-length: 104888
last-modified: Wed, 01 Nov 2023 20:40:14 GMT
etag: "6542b7ae-199b8"
x-frame-options: DENY
x-powered-by: PleskLin
accept-ranges: bytes
age: 849916
ddg-cache-status: HIT
X-Firefox-Spdy: h2

newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html

104.18.125.91

1.2 kB

URL
newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
IP
104.18.125.91:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1165)
Size
1.2 kB (1176 bytes)
Hash
59836782f9d8b5cebefc67dfe2b0698d
ff4453e7c1bba8633aa11c9c86061b0fbdacb19d
04e0e037618a972453ea1fa2e3fe9e36794968ae9725d2ae853cb06e3761c1af

HTTP Headers

GET /captcha/v1/50fb34a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 18:13:46 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 18:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88032f966957b505-OSL
content-encoding: br

newassets.hcaptcha.com/c/f922a41/hsw.js

104.18.125.91

200 OK

213 kB

URL GET HTTP/3
newassets.hcaptcha.com/c/f922a41/hsw.js
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=challenge&id=0zo29drywro8&host=doxbin.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=c902269c-b6ad-4309-b393-c8c9fd010011&theme=dark&origin=https%3A%2F%2Fdoxbin.org
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
213 kB (213385 bytes)
Hash
a015c3f04def6c02f6d3a815ff97f100
2322366db22def41a31f2dae0a2133ad75e6d1ac
42d9a4011ac36ae483e8e3cb4bb2b3829b96bf366bbc1c0e2ab40d4d7deb9240

HTTP Headers

GET /c/f922a41/hsw.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 18:13:47 GMT
content-type: application/javascript
etag: W/"a015c3f04def6c02f6d3a815ff97f100"
cache-control: public, max-age=3024000
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 11 Jun 2024 18:13:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88032f995e01b505-OSL
content-encoding: br

newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html

104.18.125.91

200 OK

1.8 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
HTML document, ASCII text, with very long lines (1803), with no line terminators
Size
1.8 kB (1758 bytes)
Hash
1061da5ccf4d00902874135c386f3cec
3fbf23dcb9452a187c9ec136a7f5538776f8b9ad
f472028d948ffa52e1eb7cd913034240f740dab373e73ab17c07891dca16cd72

HTTP Headers

GET /captcha/v1/50fb34a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 18:13:46 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 18:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88032f967964b505-OSL
content-encoding: br

newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js

104.18.125.91

200 OK

387 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=checkbox&id=0zo29drywro8&host=doxbin.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=c902269c-b6ad-4309-b393-c8c9fd010011&theme=dark&origin=https%3A%2F%2Fdoxbin.org
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
387 kB (387118 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /captcha/v1/50fb34a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 18:13:46 GMT
content-type: application/javascript
etag: W/"43a836cde2f57b4747b92444069ecfc9"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 18:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88032f973acbb505-OSL
content-encoding: br

js.hcaptcha.com/1/api.js

104.18.125.91

200 OK

387 kB

URL GET HTTP/2
js.hcaptcha.com/1/api.js
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
387 kB (387118 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/api.js HTTP/1.1
Host: js.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 18:13:46 GMT
content-type: application/javascript
etag: W/"43a836cde2f57b4747b92444069ecfc9"
cache-control: max-age=300
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 18:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 88032f92e8800b49-OSL
content-encoding: br
X-Firefox-Spdy: h2

api2.hcaptcha.com/checksiteconfig?v=50fb34a&host=doxbin.org&sitekey=c902269c-b6ad-4309-b393-c8c9fd010011&sc=1&swa=1&spst=0

104.18.125.91

200 OK

718 B

URL POST HTTP/3
api2.hcaptcha.com/checksiteconfig?v=50fb34a&host=doxbin.org&sitekey=c902269c-b6ad-4309-b393-c8c9fd010011&sc=1&swa=1&spst=0
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=challenge&id=0zo29drywro8&host=doxbin.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=c902269c-b6ad-4309-b393-c8c9fd010011&theme=dark&origin=https%3A%2F%2Fdoxbin.org
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (734), with no line terminators
Size
718 B (718 bytes)
Hash
73e3d46ea547c491a894a53cdf65dea3
df27f6aacbbf2b04d6b5c396467f8d60586a4b79
e73fc41c1ff7692601883f4fc172c1016341edb2c1409581ab01d827cb354561

HTTP Headers

POST /checksiteconfig?v=50fb34a&host=doxbin.org&sitekey=c902269c-b6ad-4309-b393-c8c9fd010011&sc=1&swa=1&spst=0 HTTP/1.1
Host: api2.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://newassets.hcaptcha.com
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Tue, 07 May 2024 18:13:47 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFj9mU2fhedYxxWRD23mme2QVrx5; SameSite=None; Secure; path=/; expires=Tue, 07-May-24 18:43:47 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88032f990d88b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js

104.18.125.91

200 OK

387 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/50fb34a/hcaptcha.js
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html#frame=challenge&id=0zo29drywro8&host=doxbin.org&sentry=true&reportapi=https%3A%2F%2Faccounts.hcaptcha.com&recaptchacompat=true&custom=false&hl=en&tplinks=on&pstissuer=https%3A%2F%2Fpst-issuer.hcaptcha.com&sitekey=c902269c-b6ad-4309-b393-c8c9fd010011&theme=dark&origin=https%3A%2F%2Fdoxbin.org
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type

Size
387 kB (387118 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /captcha/v1/50fb34a/hcaptcha.js HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 18:13:46 GMT
content-type: application/javascript
etag: W/"43a836cde2f57b4747b92444069ecfc9"
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 18:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88032f973acfb505-OSL
content-encoding: br

newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html

104.18.125.91

200 OK

1.8 kB

URL GET HTTP/3
newassets.hcaptcha.com/captcha/v1/50fb34a/static/hcaptcha.html
IP
104.18.125.91:443
ASN
#13335 CLOUDFLARENET

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjecthcaptcha.com
Fingerprint8F:BD:51:60:5C:FC:EA:F0:74:47:AB:AC:1B:84:1A:7E:3C:68:A7:E5
ValidityFri, 15 Mar 2024 00:09:38 GMT - Thu, 13 Jun 2024 00:09:37 GMT

File type
HTML document, ASCII text, with very long lines (1803), with no line terminators
Size
1.8 kB (1758 bytes)
Hash
1061da5ccf4d00902874135c386f3cec
3fbf23dcb9452a187c9ec136a7f5538776f8b9ad
f472028d948ffa52e1eb7cd913034240f740dab373e73ab17c07891dca16cd72

HTTP Headers

GET /captcha/v1/50fb34a/static/hcaptcha.html HTTP/1.1
Host: newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 18:13:46 GMT
content-type: text/html
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=86400
vary: Origin, Accept-Encoding
cf-cache-status: HIT
expires: Tue, 21 May 2024 18:13:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 88032f966957b505-OSL
content-encoding: br

doxbin.org/legacy/custom.modernizr.js

91.215.42.4

200 OK

9.3 kB

URL GET HTTP/2
doxbin.org/legacy/custom.modernizr.js
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
JavaScript source, ASCII text, with very long lines (9515), with no line terminators
Size
9.3 kB (9287 bytes)
Hash
b03e8fa4b67bc0864a23243cb07a3fe9
2f3a86ed3ba0a49d8e12cba42ef8383c519450f8
a580343d940e6dc8094eb1d417f5f2c17cbf04b076013a13614efdea2c147075

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /legacy/custom.modernizr.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 03 May 2024 15:55:58 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 20:40:15 GMT
x-frame-options: DENY
x-powered-by: PleskLin
content-encoding: br
etag: "6542b7af-2447"
age: 353868
content-length: 3854
ddg-cache-status: HIT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

142.250.74.106

200 OK

9.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (9740), with no line terminators
Size
9.5 kB (9516 bytes)
Hash
70436d9f39b0910dd16bab076ea8943d
55ecc25f846d152e6314fd062a054c86bbcb2562
fdebc360647412ab40e32e406c577bcc44fda07b897625a2e822575d59217236

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 18:13:46 GMT
date: Tue, 07 May 2024 18:13:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

104.18.11.207

200 OK

22 kB

URL GET HTTP/2
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (305)
Size
22 kB (21658 bytes)
Hash
1f9e9d1a5a1d347d945ef4b7727f2ea0
2a8eccf4ac288eb99979b62dcc1cc1036d8ff8fa
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

HTTP Headers

GET /font-awesome/4.0.3/css/font-awesome.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 18:13:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"1f9e9d1a5a1d347d945ef4b7727f2ea0"
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 09/09/2023 15:04:09
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 712ee4b3c17826367971d61ec7639739
cdn-cache: HIT
cf-cache-status: HIT
age: 607605
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 88032f933aa50b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

doxbin.org/favicon.ico

91.215.42.4

404 Not Found

10 kB

URL GET HTTP/2
doxbin.org/favicon.ico
IP
91.215.42.4:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://doxbin.org/upload/LukeSmithreposted
Certificate
IssuerLet's Encrypt
Subjectdoxbin.org
FingerprintE8:D2:2F:D5:EB:B7:BE:2F:0F:39:4C:5C:AE:F6:F0:7D:7F:A7:42:1B
ValidityMon, 06 May 2024 19:23:55 GMT - Sun, 04 Aug 2024 19:23:54 GMT

File type
HTML document, ASCII text
Size
10 kB (10341 bytes)
Hash
1f4e153406feafe083159f22fa0f149f
428f2a9a53097c0d0519fc8ffb509526f2fb448f
b109b2191145cc8e08f5fce0b4b6e6cbddbdd63879723176964d7e333d54232e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doxbin.org/upload/LukeSmithreposted
Cookie: __ddg1_=uPGZp00taMGj9Pp3rrus; XSRF-TOKEN=eyJpdiI6ImoyRFhCcnhxcGNHK1BGY3A4VDdHblE9PSIsInZhbHVlIjoiUlBJemd1anRtaHFrWjJQejFTRlo2ZDY4ZlI3N1FTSFA5ZFlja1Z4d1M2ZUdZUXJiZEVHXC9MZGdxaDd6K0w3UnoiLCJtYWMiOiIxZGMyZDZhN2NmNDcwMjNmMzNjZDQ3Y2I5ODg4NGJlYzlmMDU0NmM1NTA0YmJhOGUyZWJmMzU5Yjg3ZmNmYzVmIn0%3D; doxbin_session=eyJpdiI6ImdlektNdnBaZDFxMEEzckF2Wnl6YlE9PSIsInZhbHVlIjoiOG1HaG1JeHJoR21oWEpFWHhWUFdkVXhZeHdTcDVzMW1OQ2Ztc2JTSzl2T0xYbFwvUk1zeGYxMThiQlQxTHdacmMiLCJtYWMiOiI0YWI1ZDAxMThjMzRlOTRiNDU0N2EzOWJlODY5ODc4MDg0M2Y1Y2FkMDk4ZmViYTFhMWVmNGMyZmVkZGNhZDFkIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 07 May 2024 18:13:46 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
x-frame-options: DENY
cache-control: no-cache, private
content-encoding: br
age: 0
ddg-cache-status: MISS
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML