doxbin.com/upload/octohookownerliamwootenPART1
190.115.31.91301 Moved Permanently 568 B URL HTTP/1.1 doxbin.com/upload/octohookownerliamwootenPART1
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/octohookownerliamwootenPART1 HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Sat, 03 Dec 2022 09:16:45 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://doxbin.com/upload/octohookownerliamwootenPART1
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7035
Expires: Sat, 03 Dec 2022 11:14:00 GMT
Date: Sat, 03 Dec 2022 09:16:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6299
Cache-Control: max-age=97169
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:45 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:16:14 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3453
Expires: Sat, 03 Dec 2022 10:14:18 GMT
Date: Sat, 03 Dec 2022 09:16:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 08:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3406
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aXLOJBxjhhF56a2BjzemT6Y/Dbslili1ewntRsn7WNtjViAdC0z9wMExu7Rx+q75jU5xj6CzQxM=
x-amz-request-id: DPQ93JW8Y6PTVCBT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 08:47:03 GMT
age: 1782
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c451b7ae028c30c935aad3243707c7ff
af352e0cf1d9d368cfe690ac39668bd6ce1fcf6c
dee5eb6ea9ef094fb8e728d9dba74f52101b40d012835f60eef207b333cbbb71
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DEE5EB6EA9EF094FB8E728D9DBA74F52101B40D012835F60EEF207B333CBBB71"
Last-Modified: Wed, 30 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4452
Expires: Sat, 03 Dec 2022 10:30:57 GMT
Date: Sat, 03 Dec 2022 09:16:45 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 09:16:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 09:08:58 GMT
cache-control: public,max-age=3600
age: 468
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
doxbin.com/aes.min.js
190.115.31.91200 OK 6.1 kB IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (25638), with no line terminators
Hash eba50e4eb66ac5a4883d93cd6163ae9c
8574b04cab6d12b745caf8865fbaf3f71ddd6d17
6302732cfef62c56f2a41e3aa9d6a1c065c661708730508dd43b6db863707db8
Analyzer Verdict Alert quad9 Sinkholed
GET /aes.min.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 24 Nov 2022 17:10:24 GMT
content-type: application/javascript
last-modified: Sun, 06 Mar 2022 23:01:30 GMT
etag: W/"62253d4a-6426"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 749182
content-length: 6113
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6285
Cache-Control: max-age=92093
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:46 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:51:39 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qGVZkLVOk8l8EQ+8MkqM4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nWqhlOPufIvI+EXUoiHlFiJeP7c=
files.catbox.moe/wgd9em.png
107.160.74.131200 OK 18 kB URL HTTP/2 files.catbox.moe/wgd9em.png
IP 107.160.74.131:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash b060e9feb5ba1659c60950f63bc7658a
25063d81f827b59500b6e92888fe4c585558829e
d56c360fece0243b77eba515590cc598c124499bbec3a7a3395fa38acb76df95
GET /wgd9em.png HTTP/1.1
Host: files.catbox.moe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.3
date: Sat, 03 Dec 2022 09:16:47 GMT
content-type: image/png
content-length: 17831
last-modified: Wed, 20 Oct 2021 21:52:17 GMT
etag: "61708f91-45a7"
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7120
Expires: Sat, 03 Dec 2022 11:15:27 GMT
Date: Sat, 03 Dec 2022 09:16:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7120
Expires: Sat, 03 Dec 2022 11:15:27 GMT
Date: Sat, 03 Dec 2022 09:16:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7120
Expires: Sat, 03 Dec 2022 11:15:27 GMT
Date: Sat, 03 Dec 2022 09:16:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7120
Expires: Sat, 03 Dec 2022 11:15:27 GMT
Date: Sat, 03 Dec 2022 09:16:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 41141
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
doxbin.com/5s.html
190.115.31.91200 OK 6.7 kB IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
Hash e28a35e45e194a7d5666157b6aebae52
fe2c4c480a7414890c6aea17fa6785b98f8ebea2
e4efd5a7c12f3d5a85395d14453a6ef9546b238490987c22f1e8d9a35faed7e3
Analyzer Verdict Alert quad9 Sinkholed
GET /5s.html HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 09:16:46 GMT
content-type: text/html
last-modified: Thu, 24 Mar 2022 21:48:15 GMT
etag: W/"623ce71f-568"
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcdb77a21f91a4a280ac9a8efbc48bbd
74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d
5ee7c45f21b38c653d03a24b10a190a9e9266226d221b006e787cd3719088d7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11233
x-amzn-requestid: 89afb72e-6967-47d0-a0ad-48cad8cd08e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIpgOEi0oAMFstg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638022ce-1e8087e734e71d611df75830;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 02:05:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d9wLy3xAxK6RiYf25v_GFT1gdezT8IzMxaFyGRuGm2nxOBh6uEOg3w==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:29 GMT
age: 40518
etag: "74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 15279
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 249aec334460c66dc88b9e8def4e48df
f86d1d278ba5b24587b10519b1b30d75044efd97
b083151804ced0533a5b33302ef110b50ddc4bf653de0fb8f6c7711f4bc29fe2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9449
x-amzn-requestid: c21c52f9-d971-46d9-b632-0439a0e23da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZkxHKbIAMFxkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6fb7-2b8cc0982af568626f4a4bbf;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XFIpOllaPcRJOsgZI2EVDyFv-Doz62OcY6gxFlejoXxdeVGya-PNFg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:53:26 GMT
age: 41001
etag: "f86d1d278ba5b24587b10519b1b30d75044efd97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 436b46a2eea584bd8ec1dba5603c8659
fed437d1919af63f9d58396f318568aadae3d868
fff21dd129f35807bfc29c6582661a79e764238076e540968b57fcad18811566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: bfb5f288-4467-467a-9b30-1055a4e6bc54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPeE4nIAMFvnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2f-53a5a66704157f4e003ecfa4;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:35 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lUqXgbpEaZh9DO_rv0K5pzHUAF1DsASkKYNTU6t5AUWZjHNV9LRojA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:05 GMT
age: 40542
etag: "fed437d1919af63f9d58396f318568aadae3d868"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
doxbin.com/upload/octohookownerliamwootenPART1
190.115.31.91200 OK 6.2 kB URL HTTP/2 doxbin.com/upload/octohookownerliamwootenPART1
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (355), with CRLF, LF line terminators
Hash fbe5b9357c79789dcd91f3e45c612a65
6625e20bb4aeb7ea155b77b2b79fd6a0c4c0339a
4919310c49cf9f8f8b72e890cfae4058d8f63b66892ff3562549d042a30900b8
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/octohookownerliamwootenPART1 HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 09:16:51 GMT
content-type: text/html; charset=UTF-8
content-length: 6200
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; expires=Sat, 03-Dec-2022 11:16:51 GMT; Max-Age=7200; path=/; domain=.doxbin.com
doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D; expires=Sat, 03-Dec-2022 11:16:51 GMT; Max-Age=7200; path=/; domain=.doxbin.com; httponly
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a96c48a3affad46a0b7f5b8178b926d3
cab43cf055876aa6e3a3e0563e9bc550a00f70da
f1bf5a7faea6b7ee9b5c8395188e4a5ba1840e1626e500803522c5950c472a68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6219
Cache-Control: max-age=170895
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:51 GMT
Etag: "638af447-116"
Expires: Mon, 05 Dec 2022 08:45:06 GMT
Last-Modified: Sat, 03 Dec 2022 07:01:27 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
doxbin.com/legacy/app.css?r=46
190.115.31.91200 OK 6.8 kB URL HTTP/2 doxbin.com/legacy/app.css?r=46
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (418)
Hash 43437a644e19923cc486927bc3cb2c52
a33a5f056993fcbe3f381f616002bc0be5b0191f
9ee8ec53e2eab15101b23bc53de4eee8f17334ed634f90d3d40230163f536e86
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/app.css?r=46 HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 17:29:58 GMT
content-type: text/css
last-modified: Fri, 29 Oct 2021 09:05:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6767
ddg-cache-status: HIT,HIT
etag: W/"8eb1-5cf7a21e26c40-gzip"
age: 316013
X-Firefox-Spdy: h2
doxbin.com/legacy/toastr/toastr.min.css
190.115.31.91200 OK 2.5 kB URL HTTP/2 doxbin.com/legacy/toastr/toastr.min.css
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (5420), with no line terminators
Hash 4403f2da27493c08ac0a495d58916a41
62f191d2a454ac2492606622d7b72c0ca22f1888
96271ab760ccad60c07d1cebaf7dcb1f303ab67c96087235f3f9c1f5d4ab09bf
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/toastr/toastr.min.css HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 11:14:11 GMT
content-type: text/css
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2511
ddg-cache-status: HIT,MISS
etag: W/"152c-5812499852980-gzip"
age: 338560
X-Firefox-Spdy: h2
doxbin.com/legacy/css/show.css?r=44
190.115.31.91200 OK 1.1 kB URL HTTP/2 doxbin.com/legacy/css/show.css?r=44
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with CRLF line terminators
Hash 45d77a420e4f56a17a5e43e889966a60
374c0586c90de8c191b3f3fe4f7d086bba297d3d
b100664684cf77936ebe366fa08c98c522e60adfbc59a99467630f27fd6eb67e
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/css/show.css?r=44 HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 02 Dec 2022 09:20:11 GMT
content-type: text/css
content-length: 1075
last-modified: Fri, 29 Oct 2021 09:15:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: W/"f6c-5cf7a464d8b00-gzip"
age: 86200
X-Firefox-Spdy: h2
doxbin.com/legacy/google-code-prettify/tomorrow-night.css
190.115.31.91200 OK 631 B URL HTTP/2 doxbin.com/legacy/google-code-prettify/tomorrow-night.css
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
Hash 14172877df2c3152a0920f9c59aacdd5
6d71eb16a228e87f5837db0dad0f3c61023dbb75
6eea1b72122420f8159aa99110fc199d659fa86210e35f99c645445bd83cfaf8
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/google-code-prettify/tomorrow-night.css HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 23 Nov 2022 17:45:15 GMT
content-type: text/css
content-length: 631
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: W/"627-5812499852980-gzip"
age: 833496
X-Firefox-Spdy: h2
doxbin.com/legacy/custom.modernizr.js
190.115.31.91200 OK 4.1 kB URL HTTP/2 doxbin.com/legacy/custom.modernizr.js
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document, ASCII text, with very long lines (9108)
Hash caa42ec418e09c1aed22e089a0aba5c9
f278c0c05b98666dacab589f6311daaaf98c4a0a
d5b8b703ae2aa1b0b63f5cc76fba2162873650ca82628020653888d0cbc77b84
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/custom.modernizr.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 29 Nov 2022 11:41:54 GMT
content-type: application/javascript
content-length: 4092
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: W/"2447-5812499852980-gzip"
age: 336897
X-Firefox-Spdy: h2
doxbin.com/files/doxbin.css?r=32
190.115.31.91200 OK 775 B URL HTTP/2 doxbin.com/files/doxbin.css?r=32
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with CRLF line terminators
Hash d2ca6fe16a15ea9210a5da7792806262
d8c185f0eb05080681f8440c1b09b1a04adcaf99
90ad0f92a10fb21afbfbc2563d0c879f7b0d749dc97026970bc0d85463e59237
Analyzer Verdict Alert quad9 Sinkholed
GET /files/doxbin.css?r=32 HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 12:46:23 GMT
content-type: text/css
content-length: 775
last-modified: Fri, 29 Oct 2021 09:15:55 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "975-5cf7a463e48c0-gzip"
age: 246628
X-Firefox-Spdy: h2
doxbin.com/legacy/jquery.min.js
190.115.31.91200 OK 32 kB URL HTTP/2 doxbin.com/legacy/jquery.min.js
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (32072)
Hash 77a7a70ddb6731c6f9d297682a63d655
7219bc91254c662b50b2b43337bd2097f4d33ea1
ab17d37ffea5a6448ff4c8d4821261868ad79a15dda3df6d49e07500da5b6793
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/jquery.min.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Nov 2022 19:23:07 GMT
content-type: text/javascript
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 31896
ddg-cache-status: HIT,HIT
etag: W/"16bb2-5812499852980-gzip"
age: 568424
X-Firefox-Spdy: h2
doxbin.com/legacy/mousetrap.min.js
190.115.31.91200 OK 1.9 kB URL HTTP/2 doxbin.com/legacy/mousetrap.min.js
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (518)
Hash 9a5499cddf1310ac9d45dfe8bd7e6ff8
d6ac8631f24c19a364a042ae1c0c186086baecff
20ee7845ed0e1f908a40327f0a2471ccd6ec91a685732bb2cd9f4c01ea751ef7
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/mousetrap.min.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 11:25:34 GMT
content-type: text/javascript
content-length: 1949
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: W/"f09-5812499852980-gzip"
age: 251477
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a96c48a3affad46a0b7f5b8178b926d3
cab43cf055876aa6e3a3e0563e9bc550a00f70da
f1bf5a7faea6b7ee9b5c8395188e4a5ba1840e1626e500803522c5950c472a68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6219
Cache-Control: max-age=170895
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:51 GMT
Etag: "638af447-116"
Expires: Mon, 05 Dec 2022 08:45:06 GMT
Last-Modified: Sat, 03 Dec 2022 07:01:27 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
doxbin.com/legacy/google-code-prettify/prettify.js
190.115.31.91200 OK 6.6 kB URL HTTP/2 doxbin.com/legacy/google-code-prettify/prettify.js
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (594)
Hash 43cb3cbc99b459e5fc4636c07046300e
32e31a394a6b895f02074a8867f6bf6fd2bd0bad
97be0176a21c62cab376f2371b0ab4a4d9da73961fd622d5639e7ddfea6b1831
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/google-code-prettify/prettify.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 25 Nov 2022 23:54:42 GMT
content-type: text/javascript
content-length: 6573
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "38d7-5812499852980-gzip"
age: 638529
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doxbin.com/legacy/zclip.min.js
190.115.31.91200 OK 2.6 kB URL HTTP/2 doxbin.com/legacy/zclip.min.js
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (7199)
Hash c743b7bf6e4e244b6d5456c6bd707432
29d39ed4dd26e8ba4b34dfcd09d4c268d6339de3
c5831a6d5ac9761d7474adabb2f16612aeb76ef85fb907d01aa9552fef0049ad
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/zclip.min.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 11:25:34 GMT
content-type: application/javascript
content-length: 2649
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "1d01-5812499852980-gzip"
age: 251477
X-Firefox-Spdy: h2
doxbin.com/legacy/bin.js
190.115.31.91200 OK 2.8 kB IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
Hash 3b51d86bf1ba5afb89963e65581f7d8d
abcaf4b05d7be4ee85109e3b37aa089160593c79
e5c682f2d01fe3c7b9370d36255bbb2d913b37dc70ecd0b4498da57b5f0ffd36
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/bin.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Nov 2022 21:50:15 GMT
content-type: text/javascript
content-length: 2750
last-modified: Tue, 13 Aug 2019 20:02:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,MISS
etag: W/"2766-590051f3ed140-gzip"
age: 559596
X-Firefox-Spdy: h2
doxbin.com/legacy/toastr/toastr.min.js
190.115.31.91200 OK 1.3 kB URL HTTP/2 doxbin.com/legacy/toastr/toastr.min.js
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (3466), with no line terminators
Hash b45e8b1fbbfdbdb3e93bf754d8c9d5bc
59453812d1314a47156ebe689daa0c7a2bccb1e0
cb42c33f27e79dd72aec3a6d143c6e5ef54197dd9681b55f96d930550cca8938
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/toastr/toastr.min.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 30 Nov 2022 11:25:34 GMT
content-type: application/javascript
content-length: 1330
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "d8a-5812499852980-gzip"
age: 251477
X-Firefox-Spdy: h2
doxbin.com/legacy/logout.js
190.115.31.91200 OK 169 B URL HTTP/2 doxbin.com/legacy/logout.js
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with CRLF line terminators
Hash e2d56ad34255b8c5a8592f127a33fb68
a2d4e3a7843fc9ce32e456fdd14df53df0d46113
43752e18234a0a3ece0e1c522a92ae4bf0e7c1e617411969e8c4bb19f320397a
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/logout.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Dec 2022 08:58:40 GMT
content-type: text/javascript
last-modified: Sat, 06 Nov 2021 17:08:59 GMT
etag: W/"182-5d021d0cac0c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
age: 173891
content-length: 169
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
doxbin.com/legacy/paste.js?r=1
190.115.31.91200 OK 2.1 kB URL HTTP/2 doxbin.com/legacy/paste.js?r=1
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document, ASCII text, with very long lines (545), with CRLF line terminators
Hash c0aea23e4451e8d847b8298620ec6c16
bfc74a4b5265041a8831aac5d5e197f133b0be4c
95a1ae59feef659cf3f8d2612153bde838b8e29806a0179bf459531c81ddd028
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/paste.js?r=1 HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 24 Nov 2022 16:51:21 GMT
content-type: text/javascript
content-length: 2145
last-modified: Sat, 15 Jan 2022 19:09:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: W/"1daf-5d5a3a9a37280-gzip"
age: 750330
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.132200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 03 Dec 2022 09:16:51 GMT
date: Sat, 03 Dec 2022 09:16:51 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
104.18.11.207200 OK 44 kB URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
IP 104.18.11.207:0
File type Web Open Font Format, TrueType, length 44432, version 1.0\012- data
Hash 3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
GET /font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doxbin.com
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:16:51 GMT
content-type: font/woff
content-length: 44432
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-06-08 07:47:10
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: f89a60a49248ee867403753ba665f282
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 3008313
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773b34b8dd970b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doxbin.com/MaterialIcons-Regular.woff2
190.115.31.91200 OK 105 kB URL HTTP/2 doxbin.com/MaterialIcons-Regular.woff2
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 104888, version 1.0\012- data
Size 105 kB (104888 bytes)
Hash 8fd34a1dc7ec7e2937a376a6e4d5e722
b380f5c2d6a9f921131358aa4b4e54d1232e9870
2c03dc5dde61b134d69d2200ccd620910e29b480a923596d70e6b7086723fae8
Analyzer Verdict Alert quad9 Sinkholed
GET /MaterialIcons-Regular.woff2 HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 09:16:51 GMT
content-type: font/woff2
content-length: 104888
last-modified: Sat, 24 Jul 2021 23:21:44 GMT
accept-ranges: bytes
ddg-cache-status: MISS,HIT
vary: Accept-Encoding
etag: "199b8-5c7e6c8833200"
age: 2
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doxbin.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:49 GMT
expires: Thu, 30 Nov 2023 19:28:49 GMT
cache-control: public, max-age=31536000
age: 222483
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doxbin.com
Connection: keep-alive
Referer: https://doxbin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 396415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 09:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 127729
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doxbin.com/legacy/tabby.js
190.115.31.91200 OK 0 B URL HTTP/2 doxbin.com/legacy/tabby.js
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/tabby.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f; XSRF-TOKEN=eyJpdiI6InhqS1VyekpGVzdndmxMVnpybW1mMkE9PSIsInZhbHVlIjoiNlhucG5PZVQ1NW9HaEpnYkM5SHRHd1NYWmhJSzFMNG0zajdEUUFxQ3doSGJkVGlYcGRhdnM2SmNVMWNVaHk2NyIsIm1hYyI6IjhlZWFiNWQ2ZTI4ZDdiYjQxMmQxZDM0MDBmNTkyM2ZkMTg3ODc3MjZkOWMxNmU5NWE5OGI4NDZlNDlmNGE4ZjIifQ%3D%3D; doxbin_session=eyJpdiI6IjBtTWY4T0Vjd1N4clZkcUk4NUY3elE9PSIsInZhbHVlIjoiSlgxSjE1dlZ0djZuT0ttKzlsQjNsNUdvSmUzRTFYUnVGOTl1STNkdlBkcE1iXC9EUVV5U3IwWEFWTytnTkdPUHAiLCJtYWMiOiJjODAxYmRjNmNhNjBkODhjOWMxM2I1ZWFlMTFiOTQ0ZGFmMTM3NjMzYzNiMjhhNTBjYzZhOWQ3ZTUzODU5MmIxIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 24 Nov 2022 10:12:54 GMT
content-type: text/javascript
content-length: 3550
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
etag: "2e44-5812499852980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 774237
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
IP 142.250.74.106:0
GET /css?family=Source+Sans+Pro:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 09:16:51 GMT
date: Sat, 03 Dec 2022 09:16:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doxbin.com/upload/octohookownerliamwootenPART1
190.115.31.91200 OK 0 B URL HTTP/2 doxbin.com/upload/octohookownerliamwootenPART1
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/octohookownerliamwootenPART1 HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; Domain=.doxbin.com; HttpOnly; Path=/; Expires=Sun, 03-Dec-2023 09:16:45 GMT
date: Sat, 03 Dec 2022 09:16:46 GMT
content-type: text/html
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
doxbin.com/vddosw3data.js
190.115.31.91200 OK 0 B URL HTTP/2 doxbin.com/vddosw3data.js
IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /vddosw3data.js HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 25 Nov 2022 05:51:55 GMT
content-type: application/javascript
last-modified: Sun, 06 Mar 2022 23:01:30 GMT
etag: W/"62253d4a-1d6e"
accept-ranges: bytes
age: 703491
ddg-cache-status: HIT,MISS
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
104.18.11.207200 OK 0 B URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
IP 104.18.11.207:0
GET /font-awesome/4.0.3/css/font-awesome.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 09:16:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-08-03 04:14:00
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6358afe6e12aefed963ad27f3935d6d1
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15505697
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 773b34b77ef7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
doxbin.com/favicon.ico
190.115.31.91404 Not Found 0 B IP 190.115.31.91:0
ASN #262254 DDOS-GUARD CORP.
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: doxbin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.com/upload/octohookownerliamwootenPART1
Cookie: __ddg1_=6dnc3AYuVrUvYTae8Lt7; vDDoS=f7544af956794432d2e19a66e0ca637f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 03 Dec 2022 09:16:46 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2