doxbin.org/upload/pretorandom
91.215.42.4301 Moved Permanently 568 B URL HTTP/1.1 doxbin.org/upload/pretorandom
IP 91.215.42.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/pretorandom HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Wed, 28 Sep 2022 03:01:06 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://doxbin.org/upload/pretorandom
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3780
Expires: Wed, 28 Sep 2022 04:04:06 GMT
Date: Wed, 28 Sep 2022 03:01:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 02:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mx_53vzlXlwWBweUwi1t56_dYmjCTMQ4ixJSbLjcY_96YJ-sEvt3tQ==
Age: 2729
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6QPlrYY9zjq6GOOdGYKy6NRiw1azvYaxAAV-UQ-gSzoYAL6SvtAe2A==
age: 63413
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8f7bab1dd5e270cddf66d637150a9315
f27ff0df57f2ba31ad63d900517c2c94b71748d0
de6a8da4c14e8b9778bf5373514def122c1588ef93556f778af9f79b9729146f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE6A8DA4C14E8B9778BF5373514DEF122C1588EF93556F778AF9F79B9729146F"
Last-Modified: Tue, 27 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2548
Expires: Wed, 28 Sep 2022 03:43:34 GMT
Date: Wed, 28 Sep 2022 03:01:06 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 03:01:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 02:10:46 GMT
Expires: Wed, 28 Sep 2022 02:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GNmBv5vPNkMcXLGJVqvFCnN1w1qHW2tvEJzqesC_P5bHT3adjA1J-Q==
Age: 3021
doxbin.org/aes.min.js
91.215.42.4200 OK 26 kB IP 91.215.42.4:0
File type ASCII text, with very long lines (25638), with no line terminators
Hash 535ff81ab45764c67a7336a70ee7c7a6
c1cdb3fc5b8e033fbc2be2638b6189e9f3a4f669
991fa3ac0febff65dd238aa07315e6ccb792fb207828b371de8cb353bd4dd121
Analyzer Verdict Alert quad9 Sinkholed
GET /aes.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Sep 2022 23:43:27 GMT
content-type: application/javascript
content-length: 25638
last-modified: Sun, 22 May 2022 22:06:03 GMT
etag: "628ab3cb-6426"
accept-ranges: bytes
age: 703060
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
doxbin.org/vddosw3data.js
91.215.42.4200 OK 7.5 kB URL HTTP/2 doxbin.org/vddosw3data.js
IP 91.215.42.4:0
File type ASCII text, with very long lines (7534), with no line terminators
Hash bb3a9b6b5ddda91ae29a727b1046557b
a29f70854e4529198b57fc73c5ecbf6f766b9db9
6f29342ca774d88009dc8c7b06d6db074daadbe5ccf73d46862e09d3035f3e02
Analyzer Verdict Alert quad9 Sinkholed
GET /vddosw3data.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 23 Sep 2022 10:36:49 GMT
content-type: application/javascript
content-length: 7534
last-modified: Sun, 22 May 2022 22:06:03 GMT
accept-ranges: bytes
etag: "628ab3cb-1d6e"
age: 404658
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3037
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:07 GMT
Last-Modified: Wed, 28 Sep 2022 02:10:30 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.228.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yFEjYrxaKvhXSLUoSb7R6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UBk54Ks8yACs0cOun7Pl9Tid2EQ=
files.catbox.moe/wgd9em.png
107.160.74.131200 OK 18 kB URL HTTP/2 files.catbox.moe/wgd9em.png
IP 107.160.74.131:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash b060e9feb5ba1659c60950f63bc7658a
25063d81f827b59500b6e92888fe4c585558829e
d56c360fece0243b77eba515590cc598c124499bbec3a7a3395fa38acb76df95
GET /wgd9em.png HTTP/1.1
Host: files.catbox.moe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.3
date: Wed, 28 Sep 2022 03:01:08 GMT
content-type: image/png
content-length: 17831
last-modified: Wed, 20 Oct 2021 21:52:17 GMT
etag: "61708f91-45a7"
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Wed, 28 Sep 2022 03:39:42 GMT
Date: Wed, 28 Sep 2022 03:01:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Wed, 28 Sep 2022 03:39:42 GMT
Date: Wed, 28 Sep 2022 03:01:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Wed, 28 Sep 2022 03:39:42 GMT
Date: Wed, 28 Sep 2022 03:01:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Wed, 28 Sep 2022 03:39:42 GMT
Date: Wed, 28 Sep 2022 03:01:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:55:01 GMT
age: 79568
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 19220
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 18846
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d039db0b842a4cbbaefdaab98bc6722b
78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:19 GMT
age: 17510
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccfb4931d41ca01aa55b4b8e9ef6b4e1
2351d2547f4bd0aac45bb21a5aa8277e80ef15f2
89de9954ee2874b476c907810189812efe13234a46910180f34f68082429260f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7020
x-amzn-requestid: 1258ee7b-987a-4454-8963-e76b7c1470f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4EVxIAMFrmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7a1fbaa251600686757f9583;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VLZucSrpwv4p9vPso373WdFZsbrj-savmu1WPx7nkUuTDaZJ6NWzwg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 18846
etag: "2351d2547f4bd0aac45bb21a5aa8277e80ef15f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1fa8cb4f4be5057788cd1a2a4d0e76d6
1aec1d67a36867bee8069a144fb1b0d95ff2cb54
5193131db8040ef254554d59109002ec7b8cfc2eab1e872b63e5f65db7cf5105
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5944
x-amzn-requestid: 040b4452-4120-4ae5-9ad2-c5b341abbb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34BFdmIAMFmew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cff-103adde82b57535e4f3fb16a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q03mXCSikJcsTBGqk1Xq7452EiDz4t9PFbp5Qj4xwobiFgqtPwGCBw==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 23:06:54 GMT
age: 14055
etag: "1aec1d67a36867bee8069a144fb1b0d95ff2cb54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
doxbin.org/upload/pretorandom
91.215.42.4200 OK 4.1 kB URL HTTP/2 doxbin.org/upload/pretorandom
IP 91.215.42.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (340), with CRLF, LF line terminators
Hash 499069ac89ac8d9df569d17fb75fabee
fb503d16b56ab6f63ac9a4bb45026114762961ff
b6d30a89bd1da671212c2c657ca5944797d248ef9d6ab56c1aa5dc485d490167
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/pretorandom HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 28 Sep 2022 03:01:15 GMT
content-type: text/html; charset=UTF-8
content-length: 4098
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; expires=Wed, 28-Sep-2022 05:01:15 GMT; Max-Age=7200; path=/; domain=.doxbin.org
doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D; expires=Wed, 28-Sep-2022 05:01:15 GMT; Max-Age=7200; path=/; domain=.doxbin.org; httponly
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
doxbin.org/legacy/app.css?r=46
91.215.42.4200 OK 6.8 kB URL HTTP/2 doxbin.org/legacy/app.css?r=46
IP 91.215.42.4:0
File type ASCII text, with very long lines (418)
Hash 3aa2ba843ff94ab1170288204207580e
27e715ef74db34d7a486b2903fbe6c9effe72fce
03ab86bd3330800c18612c17566adf50d857629ffb085dc2f21867998fda99d7
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/app.css?r=46 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 26 Sep 2022 00:30:07 GMT
content-type: text/css
content-length: 6797
last-modified: Fri, 29 Oct 2021 09:05:45 GMT
etag: "8eb1-5cf7a21e26c40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 181868
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
doxbin.org/legacy/css/show.css?r=44
91.215.42.4200 OK 1.1 kB URL HTTP/2 doxbin.org/legacy/css/show.css?r=44
IP 91.215.42.4:0
File type ASCII text, with CRLF line terminators
Hash 45d77a420e4f56a17a5e43e889966a60
374c0586c90de8c191b3f3fe4f7d086bba297d3d
b100664684cf77936ebe366fa08c98c522e60adfbc59a99467630f27fd6eb67e
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/css/show.css?r=44 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 25 Sep 2022 20:59:50 GMT
content-type: text/css
content-length: 1075
last-modified: Fri, 29 Oct 2021 09:15:56 GMT
etag: "f6c-5cf7a464d8b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 194485
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
doxbin.org/legacy/google-code-prettify/tomorrow-night.css
91.215.42.4200 OK 631 B URL HTTP/2 doxbin.org/legacy/google-code-prettify/tomorrow-night.css
IP 91.215.42.4:0
Hash 14172877df2c3152a0920f9c59aacdd5
6d71eb16a228e87f5837db0dad0f3c61023dbb75
6eea1b72122420f8159aa99110fc199d659fa86210e35f99c645445bd83cfaf8
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/google-code-prettify/tomorrow-night.css HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 Sep 2022 18:22:03 GMT
content-type: text/css
content-length: 631
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "627-5812499852980-gzip"
age: 290352
X-Firefox-Spdy: h2
doxbin.org/legacy/toastr/toastr.min.css
91.215.42.4200 OK 2.6 kB URL HTTP/2 doxbin.org/legacy/toastr/toastr.min.css
IP 91.215.42.4:0
File type ASCII text, with very long lines (5420), with no line terminators
Hash e7704a200e8febcf5089d234128d31c7
057efc4bfbec76b4461bb6a35318c221b7fcb5ef
55f77801ff999c03885f1ebae94191fce529b122e1e020444c87b76ca42eaf56
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/toastr/toastr.min.css HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 22 Sep 2022 17:35:58 GMT
content-type: text/css
content-length: 2625
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "152c-5812499852980-gzip"
age: 465917
X-Firefox-Spdy: h2
doxbin.org/legacy/custom.modernizr.js
91.215.42.4200 OK 4.1 kB URL HTTP/2 doxbin.org/legacy/custom.modernizr.js
IP 91.215.42.4:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (9108)
Hash caa42ec418e09c1aed22e089a0aba5c9
f278c0c05b98666dacab589f6311daaaf98c4a0a
d5b8b703ae2aa1b0b63f5cc76fba2162873650ca82628020653888d0cbc77b84
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/custom.modernizr.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 23 Sep 2022 20:40:19 GMT
content-type: application/javascript
content-length: 4092
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "2447-5812499852980-gzip"
age: 368456
X-Firefox-Spdy: h2
doxbin.org/legacy/jquery.min.js
91.215.42.4200 OK 33 kB URL HTTP/2 doxbin.org/legacy/jquery.min.js
IP 91.215.42.4:0
File type ASCII text, with very long lines (32072)
Hash 2e5fb36dad3c24834cfe1b1fbc011a4a
34ce5b37b118d6072f68253a8db98931fdf4f11c
9cec8821756a31e8620389bae7454b869d6dddaafd950a8c0f3d89752e27f318
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/jquery.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 Sep 2022 01:00:14 GMT
content-type: application/javascript
content-length: 32800
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
etag: "16bb2-5812499852980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 352861
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17883491aa4a759d270aefa42730e0ba
8e2f48dbf2b1af81b843f1880b459fdeeb10abd8
03d112eafbd3be87bf30191f6c1eae2cf3f4a665b903f35efe40aca4253cc3da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5923
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Last-Modified: Wed, 28 Sep 2022 01:22:32 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
doxbin.org/upload/pretorandom
91.215.42.4200 OK 1.5 kB URL HTTP/2 doxbin.org/upload/pretorandom
IP 91.215.42.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (579), with CRLF, LF line terminators
Hash cf2887460880721b973d913a43982213
9e76315bb5c852cd999dc7cf70daf946056bd62a
7e7e85ec4f2731464730f7fb08a371decab6e2aa560dc9d9b6fbac403b6029c7
Analyzer Verdict Alert quad9 Sinkholed
GET /upload/pretorandom HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; Domain=.doxbin.org; HttpOnly; Path=/; Expires=Thu, 28-Sep-2023 03:01:07 GMT
date: Wed, 28 Sep 2022 03:01:07 GMT
content-type: text/html
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
doxbin.org/legacy/mousetrap.min.js
91.215.42.4200 OK 1.9 kB URL HTTP/2 doxbin.org/legacy/mousetrap.min.js
IP 91.215.42.4:0
File type ASCII text, with very long lines (518)
Hash 9a5499cddf1310ac9d45dfe8bd7e6ff8
d6ac8631f24c19a364a042ae1c0c186086baecff
20ee7845ed0e1f908a40327f0a2471ccd6ec91a685732bb2cd9f4c01ea751ef7
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/mousetrap.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 22 Sep 2022 07:23:15 GMT
content-type: application/javascript
content-length: 1949
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
etag: "f09-5812499852980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 502681
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
doxbin.org/legacy/google-code-prettify/prettify.js
91.215.42.4200 OK 6.6 kB URL HTTP/2 doxbin.org/legacy/google-code-prettify/prettify.js
IP 91.215.42.4:0
File type ASCII text, with very long lines (594)
Hash 43cb3cbc99b459e5fc4636c07046300e
32e31a394a6b895f02074a8867f6bf6fd2bd0bad
97be0176a21c62cab376f2371b0ab4a4d9da73961fd622d5639e7ddfea6b1831
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/google-code-prettify/prettify.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 26 Sep 2022 18:09:37 GMT
content-type: application/javascript
content-length: 6573
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
etag: "38d7-5812499852980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 118299
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
doxbin.org/legacy/tabby.js
91.215.42.4200 OK 3.6 kB URL HTTP/2 doxbin.org/legacy/tabby.js
IP 91.215.42.4:0
Hash 1c5c328e5b2470174d3ad4edfc6aca45
2dea5dd726d63766902a87a9e81eaeabf4270678
baccc08ab799d50eec09177aa72fbb12a2ec2a3c5cc216f2551ee2a5a6eeb51d
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/tabby.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 27 Sep 2022 20:25:47 GMT
content-type: application/javascript
content-length: 3550
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "2e44-5812499852980-gzip"
age: 23728
X-Firefox-Spdy: h2
doxbin.org/legacy/toastr/toastr.min.js
91.215.42.4200 OK 1.3 kB URL HTTP/2 doxbin.org/legacy/toastr/toastr.min.js
IP 91.215.42.4:0
File type ASCII text, with very long lines (3466), with no line terminators
Hash b45e8b1fbbfdbdb3e93bf754d8c9d5bc
59453812d1314a47156ebe689daa0c7a2bccb1e0
cb42c33f27e79dd72aec3a6d143c6e5ef54197dd9681b55f96d930550cca8938
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/toastr/toastr.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 26 Sep 2022 19:18:21 GMT
content-type: application/javascript
content-length: 1330
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "d8a-5812499852980-gzip"
age: 114174
X-Firefox-Spdy: h2
doxbin.org/legacy/logout.js
91.215.42.4200 OK 223 B URL HTTP/2 doxbin.org/legacy/logout.js
IP 91.215.42.4:0
File type ASCII text, with CRLF line terminators
Hash 1ea314f009708e81cc4b94d2b1cc3416
a9e5300f5e4d65a1a4f843a87828b5cc25519537
77e9aeff73f251cc42f60424079219c0b4c901b97cf4b20bff23871ac082ba0e
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/logout.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 Sep 2022 08:48:30 GMT
content-type: application/javascript
content-length: 223
last-modified: Sat, 06 Nov 2021 17:08:59 GMT
etag: "182-5d021d0cac0c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 324765
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
doxbin.org/legacy/zclip.min.js
91.215.42.4200 OK 2.6 kB URL HTTP/2 doxbin.org/legacy/zclip.min.js
IP 91.215.42.4:0
File type ASCII text, with very long lines (7199)
Hash c743b7bf6e4e244b6d5456c6bd707432
29d39ed4dd26e8ba4b34dfcd09d4c268d6339de3
c5831a6d5ac9761d7474adabb2f16612aeb76ef85fb907d01aa9552fef0049ad
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/zclip.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 26 Sep 2022 18:59:08 GMT
content-type: application/javascript
content-length: 2649
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "1d01-5812499852980-gzip"
age: 115327
X-Firefox-Spdy: h2
doxbin.org/legacy/bin.js
91.215.42.4200 OK 2.8 kB IP 91.215.42.4:0
Hash 3b51d86bf1ba5afb89963e65581f7d8d
abcaf4b05d7be4ee85109e3b37aa089160593c79
e5c682f2d01fe3c7b9370d36255bbb2d913b37dc70ecd0b4498da57b5f0ffd36
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/bin.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 20 Sep 2022 12:10:47 GMT
content-type: application/javascript
content-length: 2750
last-modified: Tue, 13 Aug 2019 20:02:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "2766-590051f3ed140-gzip"
age: 658228
X-Firefox-Spdy: h2
doxbin.org/legacy/paste.js?r=1
91.215.42.4200 OK 2.1 kB URL HTTP/2 doxbin.org/legacy/paste.js?r=1
IP 91.215.42.4:0
File type HTML document, ASCII text, with very long lines (545), with CRLF line terminators
Hash c0aea23e4451e8d847b8298620ec6c16
bfc74a4b5265041a8831aac5d5e197f133b0be4c
95a1ae59feef659cf3f8d2612153bde838b8e29806a0179bf459531c81ddd028
Analyzer Verdict Alert quad9 Sinkholed
GET /legacy/paste.js?r=1 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 23 Sep 2022 19:36:14 GMT
content-type: application/javascript
content-length: 2145
last-modified: Sat, 15 Jan 2022 19:09:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "1daf-5d5a3a9ac494b-gzip"
age: 372301
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
104.18.10.207200 OK 4.5 kB URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
IP 104.18.10.207:0
File type troff or preprocessor input, ASCII text, with very long lines (305)
Hash f6223596dc0c2f997aecb449f937e79e
5642bcbb841da67fadfd9ad5e29e97fd7aa28088
1200f0e020150e8a48d420495ffda6971727695d8686b78e4836533ff4122f82
GET /font-awesome/4.0.3/css/font-awesome.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 03:01:15 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-08-03 04:14:00
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6358afe6e12aefed963ad27f3935d6d1
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 9780761
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75193bc21e81b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 554 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 2311f1fa9653aad9f269b060d254e517
5616b0baad9134f8e12ab3fb911578740aa392fb
51f53051cf837a6d1e0de5e5db5bb5d5a2c1e4b23d4e7323ce306e24a80ba2b7
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Sep 2022 03:01:15 GMT
date: Wed, 28 Sep 2022 03:01:15 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
IP 142.250.74.10:0
Hash 8de51c8b25e13ac51432caf97f05212a
88a7807bdd0b3948552149b9732765c96ca0e4ec
41c89acf2e739c51bfdd39e6ff7be5afae02404c72ce6c986e6a26d002fe24ae
GET /css?family=Source+Sans+Pro:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 03:01:15 GMT
date: Wed, 28 Sep 2022 03:01:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
104.18.10.207200 OK 44 kB URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
IP 104.18.10.207:0
File type Web Open Font Format, TrueType, length 44432, version 1.0\012- data
Hash 3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
GET /font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doxbin.org
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 03:01:15 GMT
content-type: font/woff
content-length: 44432
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "3293616ec0c605c7c2db25829a0a509e"
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 06/01/2022 09:21:37
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 565
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2e18599dca4d2931fbac2811314e3f3e
cdn-cache: HIT
cf-cache-status: HIT
age: 6157614
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75193bc34ad70b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
doxbin.org/MaterialIcons-Regular.woff2
91.215.42.4200 OK 105 kB URL HTTP/2 doxbin.org/MaterialIcons-Regular.woff2
IP 91.215.42.4:0
File type Web Open Font Format (Version 2), TrueType, length 104888, version 1.0\012- data
Size 105 kB (104888 bytes)
Hash 8fd34a1dc7ec7e2937a376a6e4d5e722
b380f5c2d6a9f921131358aa4b4e54d1232e9870
2c03dc5dde61b134d69d2200ccd620910e29b480a923596d70e6b7086723fae8
Analyzer Verdict Alert quad9 Sinkholed
GET /MaterialIcons-Regular.woff2 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 25 Sep 2022 20:26:40 GMT
content-type: font/woff2
content-length: 104888
last-modified: Sat, 24 Jul 2021 23:21:44 GMT
etag: "199b8-5c7e6c8833200"
accept-ranges: bytes
age: 196476
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doxbin.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:26:57 GMT
expires: Thu, 21 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 545658
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doxbin.org
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 189320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 189320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
142.250.74.163200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
IP 142.250.74.163:0
File type ASCII text, with very long lines (52762), with no line terminators
Hash f2d649025c814be9c33f166a5e04fe88
26bf59de631415927ba2c6c9e44fe9c763f95313
f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 08:33:30 GMT
expires: Mon, 25 Sep 2023 08:33:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/css
age: 239265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.163200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:02:15 GMT
expires: Mon, 03 Oct 2022 20:02:15 GMT
cache-control: public, max-age=604800
age: 111540
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 311357
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doxbin.org/5s.html
91.215.42.4200 OK 0 B IP 91.215.42.4:0
Analyzer Verdict Alert quad9 Sinkholed
GET /5s.html HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 28 Sep 2022 03:01:07 GMT
content-type: text/html
last-modified: Sun, 22 May 2022 22:06:03 GMT
etag: W/"628ab3cb-567"
content-encoding: gzip
X-Firefox-Spdy: h2
doxbin.org/favicon.ico
91.215.42.4404 Not Found 0 B IP 91.215.42.4:0
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 28 Sep 2022 03:01:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
content-encoding: gzip
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2