Report - doxbin.org/upload/pretorandom

Report Overview

Submitted URL
doxbin.org/upload/pretorandom
IP
91.215.42.4
ASN
#0
Submitted
2022-09-28 03:01:18
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
doxbin.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	222 kB	91.215.42.4
files.catbox.moe	174913	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	18 kB	107.160.74.131
netdna.bootstrapcdn.com	3413	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	884 B	51 kB	104.18.10.207
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	1.9 kB	142.250.74.10
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	955 B	30 kB	142.250.74.163
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	347 kB	142.250.74.163
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.3 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.228.200
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	349 B	1.2 kB	142.250.74.164
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed
2022-09-27	medium	doxbin.org	Sinkholed

JavaScript (25)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 12:57:18 Times Seen37063071 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	doxbin.org/legacy/bin.js	10 kB	2023-03-07	2024-04-21
Pretty URL doxbin.org/legacy/bin.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:38 Last Seen2024-04-21 21:07:55 Times Seen86 Hash e996dfb945b23c92f41e18fcbb78321e 837ba6d02cf21e8fee291982a61b5d2fab004f35 0947d9ea0ca7c15a00023f63b14d1c9e08fedeaa77cb98651d45c8bac3492f7d Loading...

	doxbin.org/upload/pretorandom	123 B	2023-03-08	2023-03-08
Pretty URL doxbin.org/upload/pretorandom IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:52:22 Last Seen2023-03-08 02:52:22 Times Seen1 Hash 19e3eb5ff4f56fb664988f3d8ab8a92f 91b7f82e071803c71f8bdd2314ada17fcb379061 4d83a583f4adda812f9a95e1d00d9f3f4ab01f0a365aae7780c67b36a70e7760 Loading...

	doxbin.org/upload/pretorandom	5.1 kB	2023-03-08	2023-03-08
Pretty URL doxbin.org/upload/pretorandom IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:52:22 Last Seen2023-03-08 02:52:22 Times Seen1 Hash 3560a27790b986806ec3a5cd5b8d7850 38b9c42cc4c58f6c7ee9d6cbc32811c1b068d647 6cfc2a19521e01b70ad0910ef81ce85bcb24bd9e8129512891de8f4405001d27 Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-07	2023-03-08
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:47:17 Last Seen2023-03-08 03:37:10 Times Seen1 Hash ef68bda07baccd5632a374edbd17e6a1 376fc49084c3c6b13f6e730304c810278ca308f7 faa8e1c87e970ed9c20c2d77c7116e72561d7611fba40b0edd8e671eac137c71 Loading...

	doxbin.org/legacy/toastr/toastr.min.js	3.5 kB	2023-03-07	2024-04-21
Pretty URL doxbin.org/legacy/toastr/toastr.min.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2024-04-21 21:07:55 Times Seen85 Hash 6ed0f01ae15c74c5d006a440cd80896d 56f005cb789f21d75bedee30df6d9e6c967120f9 841361fc4315592446b392ba33babf7763882f939136713bcc3467b11d8f7286 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcWhUeAAAAAHuAdCjWcp5L_tWZn9sM9QPZAPcA&co=aHR0cHM6Ly9kb3hiaW4ub3JnOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&theme=dark&size=normal&cb=jb5618m9dv7y	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcWhUeAAAAAHuAdCjWcp5L_tWZn9sM9QPZAPcA&co=aHR0cHM6Ly9kb3hiaW4ub3JnOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&theme=dark&size=normal&cb=jb5618m9dv7y IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:52:22 Last Seen2023-03-08 02:52:22 Times Seen1 Hash d6441b2e4e5cba94694a7e4704db6b19 2bbc1bd9b435c7a22d915bbecef8fd78598cab0a c38430aebb26fadbadcb02eea732b2134182ac9c4375bf31b2ec4320d9d34fda Loading...

	doxbin.org/aes.min.js	26 kB	2023-03-07	2024-02-18
Pretty URL doxbin.org/aes.min.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:07 Last Seen2024-02-18 21:37:44 Times Seen75 Hash 535ff81ab45764c67a7336a70ee7c7a6 c1cdb3fc5b8e033fbc2be2638b6189e9f3a4f669 991fa3ac0febff65dd238aa07315e6ccb792fb207828b371de8cb353bd4dd121 Loading...

	doxbin.org/vddosw3data.js	7.5 kB	2023-03-07	2023-10-19
Pretty URL doxbin.org/vddosw3data.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:07 Last Seen2023-10-19 14:32:47 Times Seen56 Hash bb3a9b6b5ddda91ae29a727b1046557b a29f70854e4529198b57fc73c5ecbf6f766b9db9 6f29342ca774d88009dc8c7b06d6db074daadbe5ccf73d46862e09d3035f3e02 Loading...

	doxbin.org/upload/pretorandom	18 B	2023-03-07	2023-05-21
Pretty URL doxbin.org/upload/pretorandom IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:07 Last Seen2023-05-21 10:15:20 Times Seen11 Hash 129e1fdfd4269e01189658313aa005c9 2e4f86325989fc98611bdc626c7341ded5281e58 4045c06f1ad25d6b83b2fd1cfc492e2d53426d7257576d6953b366d5ed701027 Loading...

	doxbin.org/upload/pretorandom	794 B	2023-03-08	2023-03-08
Pretty URL doxbin.org/upload/pretorandom IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:52:22 Last Seen2023-03-08 02:52:22 Times Seen1 Hash 0c7baf0d6945de8b3b9c160f921c6a04 6d6aa5b7b90746ff2129d586f6496cb515aab614 50acba5057ac21971ece7aa7333d4acda726d8af80496e391633f874228780c0 Loading...

	doxbin.org/legacy/google-code-prettify/prettify.js	15 kB	2023-03-07	2024-04-22
Pretty URL doxbin.org/legacy/google-code-prettify/prettify.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:10 Last Seen2024-04-22 08:36:23 Times Seen183 Hash d435ff18c832044c3ddf7a0cf826eb72 d24b1da342b5c2d0582f0922118aaf0b2a6840d5 f48d85c6ea701e417a857cd9292de12c2c0ff795c5ba45f7127c51cc6a97cf3d Loading...

	doxbin.org/legacy/paste.js?r=1	7.6 kB	2023-03-07	2023-05-12
Pretty URL doxbin.org/legacy/paste.js?r=1 IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:01 Last Seen2023-05-12 16:35:30 Times Seen19 Hash 4dc1e88b2090ff6fc9725a16a9b2ad94 d4d240ac131e4c50e02028097f4900fbad5848df d174ced4fbd8ba0ec0368e1405b5c786d1a0a57c50696ce19e78f85831318d08 Loading...

	doxbin.org/legacy/mousetrap.min.js	3.8 kB	2023-03-07	2024-04-21
Pretty URL doxbin.org/legacy/mousetrap.min.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2024-04-21 21:07:54 Times Seen84 Hash a9161eaf1d9906986cef4ed907cd105b 58ffe3095d85e650e5cd937ceae9c4a2563a2203 77fa03cbc7bd83ce062a3792290216db6dd6a2b28e50df54ece92bd3abcedf33 Loading...

	doxbin.org/legacy/logout.js	386 B	2023-03-07	2024-04-21
Pretty URL doxbin.org/legacy/logout.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:27:07 Last Seen2024-04-21 21:07:55 Times Seen105 Hash afd41646ea71a1881edf5fed8cbb10ab 882b7b0e5104a768e590d1cbb5f7a571ea197cf4 3637f4cd47e07acb7831673e21bd3acf73b15a2da443efa5ab2c54d93cf49bc2 Loading...

	doxbin.org/legacy/custom.modernizr.js	9.3 kB	2023-03-07	2024-04-21
Pretty URL doxbin.org/legacy/custom.modernizr.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2024-04-21 21:07:55 Times Seen173 Hash 692789fedf79bf48689051f4c1bada2c 55a32a05ade94bd098f64d973eba54d79ad54068 f56dff20f3b4f45e54be41bea34ee24b5ed2e43c5ceaf90400ddcb1ba495b48c Loading...

	doxbin.org/legacy/tabby.js	12 kB	2023-03-07	2024-04-21
Pretty URL doxbin.org/legacy/tabby.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:02 Last Seen2024-04-21 21:07:55 Times Seen86 Hash 72d09a3a16912e2862da1aae17399388 243261b14dd3abc368dcb94963193a80a430636b bc51769a0f067f5bc58696f7505e36398cc2c686249827590d834bb65e1e23bc Loading...

	doxbin.org/legacy/zclip.min.js	7.4 kB	2023-03-07	2024-04-21
Pretty URL doxbin.org/legacy/zclip.min.js IP 91.215.42.4 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:22 Last Seen2024-04-21 21:07:55 Times Seen123 Hash 9e85741bf31afd921a7289b6cccdfdbd ed68e77078d387ac00c1050e19612f66d066ff7d dabff7fab90a3cd6d4470754cc171eeb54c3c174f9a9190740d13b3a76de825a Loading...

	www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js	398 kB	2023-03-07	2023-03-10
Pretty URL www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:46:10 Last Seen2023-03-10 14:27:44 Times Seen1 Hash dff1edaf9fa8e0138b7342527bb2fdaf 9c1d9e6f3a8785ffdd088f57e3e8803dd2c459b0 23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcWhUeAAAAAHuAdCjWcp5L_tWZn9sM9QPZAPcA&co=aHR0cHM6Ly9kb3hiaW4ub3JnOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&theme=dark&size=normal&cb=jb5618m9dv7y	69 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcWhUeAAAAAHuAdCjWcp5L_tWZn9sM9QPZAPcA&co=aHR0cHM6Ly9kb3hiaW4ub3JnOjQ0Mw..&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&theme=dark&size=normal&cb=jb5618m9dv7y IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 12:33:13 Times Seen99479 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

		Size	First Seen	Last Seen
	#1 Eval - 06053a1d89dc7f84d59d17e0ac62b822	22 B	2023-03-07	2023-03-09
Pretty Observations First Seen2023-03-07 23:17:40 Last Seen2023-03-09 07:21:42 Times Seen1 Hash 06053a1d89dc7f84d59d17e0ac62b822 38904bf3954aa2b95aba7f0a712ac03cc485ccc5 cddf3e74bfb30b711ab78ab593d81b8eeaceb67583ef5cb097cb54dcb14f24ce Loading...

	#2 Eval - c751292a3feb50e1424237d74032b3ea	16 kB	2023-03-07	2023-03-09
Pretty Observations First Seen2023-03-07 23:17:40 Last Seen2023-03-09 07:21:42 Times Seen1 Hash c751292a3feb50e1424237d74032b3ea 5d5e473fbea6a238961758c667724786c0f992c7 87ee55b6a14be406e7e5057321bfa597cef65647f5277f0e2f558c08388ebc67 Loading...

	#3 Eval - 345efbf1ce8c4352b9543a44e83cb511	23 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 02:52:22 Last Seen2023-03-08 02:52:22 Times Seen1 Hash 345efbf1ce8c4352b9543a44e83cb511 3e01faaa8be343107e79bf68d7ef3cb471e7db62 ddd0c2ec4aedb50cecdb7d8fb1246b9c24263d444e00fa41d6821dfe0a02ac18 Loading...

	#4 Eval - b14f0fb315df61942ef98b39ea93ca33	64 B	2023-03-07	2023-03-09
Pretty Observations First Seen2023-03-07 23:17:40 Last Seen2023-03-09 07:21:42 Times Seen1 Hash b14f0fb315df61942ef98b39ea93ca33 960ee95d88cd6dd518c0ad8659002cde35f241a1 f9b61a95c5995b1614d5988fe5a9aeebaa6ed941137234bd00d42e77f5661756 Loading...

	#5 Eval - e39060f02fde7b3d9bde5f0f7d9eda5b	22 B	2023-03-07	2023-03-09
Pretty Observations First Seen2023-03-07 23:17:40 Last Seen2023-03-09 07:21:42 Times Seen1 Hash e39060f02fde7b3d9bde5f0f7d9eda5b e8253fea9be8641e36d7e65d7393ed3eac05e6cb 590040aae3e25b40a2c334846d348c384c60ede4211a4373be806ca2ee55d9f9 Loading...

HTTP Transactions (57)

URL IP Response Size

doxbin.org/upload/pretorandom

91.215.42.4

301 Moved Permanently

568 B

URL HTTP/1.1
doxbin.org/upload/pretorandom
IP
91.215.42.4:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Size
568 B (568 bytes)
Hash
2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /upload/pretorandom HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Wed, 28 Sep 2022 03:01:06 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://doxbin.org/upload/pretorandom
Content-Type: text/html; charset=utf8
Content-Length: 568

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3780
Expires: Wed, 28 Sep 2022 04:04:06 GMT
Date: Wed, 28 Sep 2022 03:01:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 02:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mx_53vzlXlwWBweUwi1t56_dYmjCTMQ4ixJSbLjcY_96YJ-sEvt3tQ==
Age: 2729

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6QPlrYY9zjq6GOOdGYKy6NRiw1azvYaxAAV-UQ-gSzoYAL6SvtAe2A==
age: 63413
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8f7bab1dd5e270cddf66d637150a9315
f27ff0df57f2ba31ad63d900517c2c94b71748d0
de6a8da4c14e8b9778bf5373514def122c1588ef93556f778af9f79b9729146f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE6A8DA4C14E8B9778BF5373514DEF122C1588EF93556F778AF9F79B9729146F"
Last-Modified: Tue, 27 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2548
Expires: Wed, 28 Sep 2022 03:43:34 GMT
Date: Wed, 28 Sep 2022 03:01:06 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 03:01:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 02:10:46 GMT
Expires: Wed, 28 Sep 2022 02:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GNmBv5vPNkMcXLGJVqvFCnN1w1qHW2tvEJzqesC_P5bHT3adjA1J-Q==
Age: 3021

doxbin.org/aes.min.js

91.215.42.4

200 OK

26 kB

URL HTTP/2
doxbin.org/aes.min.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with very long lines (25638), with no line terminators
Size
26 kB (25638 bytes)
Hash
535ff81ab45764c67a7336a70ee7c7a6
c1cdb3fc5b8e033fbc2be2638b6189e9f3a4f669
991fa3ac0febff65dd238aa07315e6ccb792fb207828b371de8cb353bd4dd121

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /aes.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 19 Sep 2022 23:43:27 GMT
content-type: application/javascript
content-length: 25638
last-modified: Sun, 22 May 2022 22:06:03 GMT
etag: "628ab3cb-6426"
accept-ranges: bytes
age: 703060
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

doxbin.org/vddosw3data.js

91.215.42.4

200 OK

7.5 kB

URL HTTP/2
doxbin.org/vddosw3data.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with very long lines (7534), with no line terminators
Size
7.5 kB (7534 bytes)
Hash
bb3a9b6b5ddda91ae29a727b1046557b
a29f70854e4529198b57fc73c5ecbf6f766b9db9
6f29342ca774d88009dc8c7b06d6db074daadbe5ccf73d46862e09d3035f3e02

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vddosw3data.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 23 Sep 2022 10:36:49 GMT
content-type: application/javascript
content-length: 7534
last-modified: Sun, 22 May 2022 22:06:03 GMT
accept-ranges: bytes
etag: "628ab3cb-1d6e"
age: 404658
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3037
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:07 GMT
Last-Modified: Wed, 28 Sep 2022 02:10:30 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.228.200

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.228.200:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yFEjYrxaKvhXSLUoSb7R6w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UBk54Ks8yACs0cOun7Pl9Tid2EQ=

files.catbox.moe/wgd9em.png

107.160.74.131

200 OK

18 kB

URL HTTP/2
files.catbox.moe/wgd9em.png
IP
107.160.74.131:0
ASN
#40676 AS40676

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17831 bytes)
Hash
b060e9feb5ba1659c60950f63bc7658a
25063d81f827b59500b6e92888fe4c585558829e
d56c360fece0243b77eba515590cc598c124499bbec3a7a3395fa38acb76df95

HTTP Headers

GET /wgd9em.png HTTP/1.1
Host: files.catbox.moe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.21.3
date: Wed, 28 Sep 2022 03:01:08 GMT
content-type: image/png
content-length: 17831
last-modified: Wed, 20 Oct 2021 21:52:17 GMT
etag: "61708f91-45a7"
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Wed, 28 Sep 2022 03:39:42 GMT
Date: Wed, 28 Sep 2022 03:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Wed, 28 Sep 2022 03:39:42 GMT
Date: Wed, 28 Sep 2022 03:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Wed, 28 Sep 2022 03:39:42 GMT
Date: Wed, 28 Sep 2022 03:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2313
Expires: Wed, 28 Sep 2022 03:39:42 GMT
Date: Wed, 28 Sep 2022 03:01:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9733 bytes)
Hash
f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:55:01 GMT
age: 79568
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11314 bytes)
Hash
ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 19220
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8500 bytes)
Hash
6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 18846
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14018 bytes)
Hash
d039db0b842a4cbbaefdaab98bc6722b
78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:19 GMT
age: 17510
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7020 bytes)
Hash
ccfb4931d41ca01aa55b4b8e9ef6b4e1
2351d2547f4bd0aac45bb21a5aa8277e80ef15f2
89de9954ee2874b476c907810189812efe13234a46910180f34f68082429260f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7020
x-amzn-requestid: 1258ee7b-987a-4454-8963-e76b7c1470f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4EVxIAMFrmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7a1fbaa251600686757f9583;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VLZucSrpwv4p9vPso373WdFZsbrj-savmu1WPx7nkUuTDaZJ6NWzwg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 18846
etag: "2351d2547f4bd0aac45bb21a5aa8277e80ef15f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5944 bytes)
Hash
1fa8cb4f4be5057788cd1a2a4d0e76d6
1aec1d67a36867bee8069a144fb1b0d95ff2cb54
5193131db8040ef254554d59109002ec7b8cfc2eab1e872b63e5f65db7cf5105

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5944
x-amzn-requestid: 040b4452-4120-4ae5-9ad2-c5b341abbb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34BFdmIAMFmew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cff-103adde82b57535e4f3fb16a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q03mXCSikJcsTBGqk1Xq7452EiDz4t9PFbp5Qj4xwobiFgqtPwGCBw==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 23:06:54 GMT
age: 14055
etag: "1aec1d67a36867bee8069a144fb1b0d95ff2cb54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

doxbin.org/upload/pretorandom

91.215.42.4

200 OK

4.1 kB

URL HTTP/2
doxbin.org/upload/pretorandom
IP
91.215.42.4:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (340), with CRLF, LF line terminators
Size
4.1 kB (4098 bytes)
Hash
499069ac89ac8d9df569d17fb75fabee
fb503d16b56ab6f63ac9a4bb45026114762961ff
b6d30a89bd1da671212c2c657ca5944797d248ef9d6ab56c1aa5dc485d490167

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /upload/pretorandom HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 28 Sep 2022 03:01:15 GMT
content-type: text/html; charset=UTF-8
content-length: 4098
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; expires=Wed, 28-Sep-2022 05:01:15 GMT; Max-Age=7200; path=/; domain=.doxbin.org
doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D; expires=Wed, 28-Sep-2022 05:01:15 GMT; Max-Age=7200; path=/; domain=.doxbin.org; httponly
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

doxbin.org/legacy/app.css?r=46

91.215.42.4

200 OK

6.8 kB

URL HTTP/2
doxbin.org/legacy/app.css?r=46
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with very long lines (418)
Size
6.8 kB (6797 bytes)
Hash
3aa2ba843ff94ab1170288204207580e
27e715ef74db34d7a486b2903fbe6c9effe72fce
03ab86bd3330800c18612c17566adf50d857629ffb085dc2f21867998fda99d7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/app.css?r=46 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 26 Sep 2022 00:30:07 GMT
content-type: text/css
content-length: 6797
last-modified: Fri, 29 Oct 2021 09:05:45 GMT
etag: "8eb1-5cf7a21e26c40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 181868
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/css/show.css?r=44

91.215.42.4

200 OK

1.1 kB

URL HTTP/2
doxbin.org/legacy/css/show.css?r=44
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1075 bytes)
Hash
45d77a420e4f56a17a5e43e889966a60
374c0586c90de8c191b3f3fe4f7d086bba297d3d
b100664684cf77936ebe366fa08c98c522e60adfbc59a99467630f27fd6eb67e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/css/show.css?r=44 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 25 Sep 2022 20:59:50 GMT
content-type: text/css
content-length: 1075
last-modified: Fri, 29 Oct 2021 09:15:56 GMT
etag: "f6c-5cf7a464d8b00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 194485
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/google-code-prettify/tomorrow-night.css

91.215.42.4

200 OK

631 B

URL HTTP/2
doxbin.org/legacy/google-code-prettify/tomorrow-night.css
IP
91.215.42.4:0
ASN
#0

File type
ASCII text
Size
631 B (631 bytes)
Hash
14172877df2c3152a0920f9c59aacdd5
6d71eb16a228e87f5837db0dad0f3c61023dbb75
6eea1b72122420f8159aa99110fc199d659fa86210e35f99c645445bd83cfaf8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/google-code-prettify/tomorrow-night.css HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 Sep 2022 18:22:03 GMT
content-type: text/css
content-length: 631
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "627-5812499852980-gzip"
age: 290352
X-Firefox-Spdy: h2

doxbin.org/legacy/toastr/toastr.min.css

91.215.42.4

200 OK

2.6 kB

URL HTTP/2
doxbin.org/legacy/toastr/toastr.min.css
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with very long lines (5420), with no line terminators
Size
2.6 kB (2625 bytes)
Hash
e7704a200e8febcf5089d234128d31c7
057efc4bfbec76b4461bb6a35318c221b7fcb5ef
55f77801ff999c03885f1ebae94191fce529b122e1e020444c87b76ca42eaf56

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/toastr/toastr.min.css HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 22 Sep 2022 17:35:58 GMT
content-type: text/css
content-length: 2625
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "152c-5812499852980-gzip"
age: 465917
X-Firefox-Spdy: h2

doxbin.org/legacy/custom.modernizr.js

91.215.42.4

200 OK

4.1 kB

URL HTTP/2
doxbin.org/legacy/custom.modernizr.js
IP
91.215.42.4:0
ASN
#0

File type
HTML document text\012- HTML document, ASCII text, with very long lines (9108)
Size
4.1 kB (4092 bytes)
Hash
caa42ec418e09c1aed22e089a0aba5c9
f278c0c05b98666dacab589f6311daaaf98c4a0a
d5b8b703ae2aa1b0b63f5cc76fba2162873650ca82628020653888d0cbc77b84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/custom.modernizr.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 23 Sep 2022 20:40:19 GMT
content-type: application/javascript
content-length: 4092
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "2447-5812499852980-gzip"
age: 368456
X-Firefox-Spdy: h2

doxbin.org/legacy/jquery.min.js

91.215.42.4

200 OK

33 kB

URL HTTP/2
doxbin.org/legacy/jquery.min.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with very long lines (32072)
Size
33 kB (32800 bytes)
Hash
2e5fb36dad3c24834cfe1b1fbc011a4a
34ce5b37b118d6072f68253a8db98931fdf4f11c
9cec8821756a31e8620389bae7454b869d6dddaafd950a8c0f3d89752e27f318

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/jquery.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 Sep 2022 01:00:14 GMT
content-type: application/javascript
content-length: 32800
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
etag: "16bb2-5812499852980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 352861
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
17883491aa4a759d270aefa42730e0ba
8e2f48dbf2b1af81b843f1880b459fdeeb10abd8
03d112eafbd3be87bf30191f6c1eae2cf3f4a665b903f35efe40aca4253cc3da

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5923
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Last-Modified: Wed, 28 Sep 2022 01:22:32 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

doxbin.org/upload/pretorandom

91.215.42.4

200 OK

1.5 kB

URL HTTP/2
doxbin.org/upload/pretorandom
IP
91.215.42.4:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (579), with CRLF, LF line terminators
Size
1.5 kB (1523 bytes)
Hash
cf2887460880721b973d913a43982213
9e76315bb5c852cd999dc7cf70daf946056bd62a
7e7e85ec4f2731464730f7fb08a371decab6e2aa560dc9d9b6fbac403b6029c7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /upload/pretorandom HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; Domain=.doxbin.org; HttpOnly; Path=/; Expires=Thu, 28-Sep-2023 03:01:07 GMT
date: Wed, 28 Sep 2022 03:01:07 GMT
content-type: text/html
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

doxbin.org/legacy/mousetrap.min.js

91.215.42.4

200 OK

1.9 kB

URL HTTP/2
doxbin.org/legacy/mousetrap.min.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with very long lines (518)
Size
1.9 kB (1949 bytes)
Hash
9a5499cddf1310ac9d45dfe8bd7e6ff8
d6ac8631f24c19a364a042ae1c0c186086baecff
20ee7845ed0e1f908a40327f0a2471ccd6ec91a685732bb2cd9f4c01ea751ef7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/mousetrap.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 22 Sep 2022 07:23:15 GMT
content-type: application/javascript
content-length: 1949
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
etag: "f09-5812499852980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 502681
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/google-code-prettify/prettify.js

91.215.42.4

200 OK

6.6 kB

URL HTTP/2
doxbin.org/legacy/google-code-prettify/prettify.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with very long lines (594)
Size
6.6 kB (6573 bytes)
Hash
43cb3cbc99b459e5fc4636c07046300e
32e31a394a6b895f02074a8867f6bf6fd2bd0bad
97be0176a21c62cab376f2371b0ab4a4d9da73961fd622d5639e7ddfea6b1831

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/google-code-prettify/prettify.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 26 Sep 2022 18:09:37 GMT
content-type: application/javascript
content-length: 6573
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
etag: "38d7-5812499852980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 118299
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/tabby.js

91.215.42.4

200 OK

3.6 kB

URL HTTP/2
doxbin.org/legacy/tabby.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text
Size
3.6 kB (3550 bytes)
Hash
1c5c328e5b2470174d3ad4edfc6aca45
2dea5dd726d63766902a87a9e81eaeabf4270678
baccc08ab799d50eec09177aa72fbb12a2ec2a3c5cc216f2551ee2a5a6eeb51d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/tabby.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 27 Sep 2022 20:25:47 GMT
content-type: application/javascript
content-length: 3550
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "2e44-5812499852980-gzip"
age: 23728
X-Firefox-Spdy: h2

doxbin.org/legacy/toastr/toastr.min.js

91.215.42.4

200 OK

1.3 kB

URL HTTP/2
doxbin.org/legacy/toastr/toastr.min.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with very long lines (3466), with no line terminators
Size
1.3 kB (1330 bytes)
Hash
b45e8b1fbbfdbdb3e93bf754d8c9d5bc
59453812d1314a47156ebe689daa0c7a2bccb1e0
cb42c33f27e79dd72aec3a6d143c6e5ef54197dd9681b55f96d930550cca8938

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/toastr/toastr.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 26 Sep 2022 19:18:21 GMT
content-type: application/javascript
content-length: 1330
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "d8a-5812499852980-gzip"
age: 114174
X-Firefox-Spdy: h2

doxbin.org/legacy/logout.js

91.215.42.4

200 OK

223 B

URL HTTP/2
doxbin.org/legacy/logout.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with CRLF line terminators
Size
223 B (223 bytes)
Hash
1ea314f009708e81cc4b94d2b1cc3416
a9e5300f5e4d65a1a4f843a87828b5cc25519537
77e9aeff73f251cc42f60424079219c0b4c901b97cf4b20bff23871ac082ba0e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/logout.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 Sep 2022 08:48:30 GMT
content-type: application/javascript
content-length: 223
last-modified: Sat, 06 Nov 2021 17:08:59 GMT
etag: "182-5d021d0cac0c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
age: 324765
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

doxbin.org/legacy/zclip.min.js

91.215.42.4

200 OK

2.6 kB

URL HTTP/2
doxbin.org/legacy/zclip.min.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text, with very long lines (7199)
Size
2.6 kB (2649 bytes)
Hash
c743b7bf6e4e244b6d5456c6bd707432
29d39ed4dd26e8ba4b34dfcd09d4c268d6339de3
c5831a6d5ac9761d7474adabb2f16612aeb76ef85fb907d01aa9552fef0049ad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/zclip.min.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 26 Sep 2022 18:59:08 GMT
content-type: application/javascript
content-length: 2649
last-modified: Tue, 05 Feb 2019 12:17:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "1d01-5812499852980-gzip"
age: 115327
X-Firefox-Spdy: h2

doxbin.org/legacy/bin.js

91.215.42.4

200 OK

2.8 kB

URL HTTP/2
doxbin.org/legacy/bin.js
IP
91.215.42.4:0
ASN
#0

File type
ASCII text
Size
2.8 kB (2750 bytes)
Hash
3b51d86bf1ba5afb89963e65581f7d8d
abcaf4b05d7be4ee85109e3b37aa089160593c79
e5c682f2d01fe3c7b9370d36255bbb2d913b37dc70ecd0b4498da57b5f0ffd36

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/bin.js HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 20 Sep 2022 12:10:47 GMT
content-type: application/javascript
content-length: 2750
last-modified: Tue, 13 Aug 2019 20:02:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "2766-590051f3ed140-gzip"
age: 658228
X-Firefox-Spdy: h2

doxbin.org/legacy/paste.js?r=1

91.215.42.4

200 OK

2.1 kB

URL HTTP/2
doxbin.org/legacy/paste.js?r=1
IP
91.215.42.4:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (545), with CRLF line terminators
Size
2.1 kB (2145 bytes)
Hash
c0aea23e4451e8d847b8298620ec6c16
bfc74a4b5265041a8831aac5d5e197f133b0be4c
95a1ae59feef659cf3f8d2612153bde838b8e29806a0179bf459531c81ddd028

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /legacy/paste.js?r=1 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 23 Sep 2022 19:36:14 GMT
content-type: application/javascript
content-length: 2145
last-modified: Sat, 15 Jan 2022 19:09:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
ddg-cache-status: HIT,HIT
etag: "1daf-5d5a3a9ac494b-gzip"
age: 372301
X-Firefox-Spdy: h2

netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

104.18.10.207

200 OK

4.5 kB

URL HTTP/2
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
troff or preprocessor input, ASCII text, with very long lines (305)
Size
4.5 kB (4524 bytes)
Hash
f6223596dc0c2f997aecb449f937e79e
5642bcbb841da67fadfd9ad5e29e97fd7aa28088
1200f0e020150e8a48d420495ffda6971727695d8686b78e4836533ff4122f82

HTTP Headers

GET /font-awesome/4.0.3/css/font-awesome.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 03:01:15 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-08-03 04:14:00
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6358afe6e12aefed963ad27f3935d6d1
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 9780761
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75193bc21e81b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js

142.250.74.164

200 OK

554 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
554 B (554 bytes)
Hash
2311f1fa9653aad9f269b060d254e517
5616b0baad9134f8e12ab3fb911578740aa392fb
51f53051cf837a6d1e0de5e5db5bb5d5a2c1e4b23d4e7323ce306e24a80ba2b7

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Wed, 28 Sep 2022 03:01:15 GMT
date: Wed, 28 Sep 2022 03:01:15 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

142.250.74.10

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1189 bytes)
Hash
8de51c8b25e13ac51432caf97f05212a
88a7807bdd0b3948552149b9732765c96ca0e4ec
41c89acf2e739c51bfdd39e6ff7be5afae02404c72ce6c986e6a26d002fe24ae

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 03:01:15 GMT
date: Wed, 28 Sep 2022 03:01:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

104.18.10.207

200 OK

44 kB

URL HTTP/2
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 44432, version 1.0\012- data
Size
44 kB (44432 bytes)
Hash
3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

HTTP Headers

GET /font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doxbin.org
Connection: keep-alive
Referer: https://netdna.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 28 Sep 2022 03:01:15 GMT
content-type: font/woff
content-length: 44432
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "3293616ec0c605c7c2db25829a0a509e"
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 06/01/2022 09:21:37
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 565
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2e18599dca4d2931fbac2811314e3f3e
cdn-cache: HIT
cf-cache-status: HIT
age: 6157614
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75193bc34ad70b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

doxbin.org/MaterialIcons-Regular.woff2

91.215.42.4

200 OK

105 kB

URL HTTP/2
doxbin.org/MaterialIcons-Regular.woff2
IP
91.215.42.4:0
ASN
#0

File type
Web Open Font Format (Version 2), TrueType, length 104888, version 1.0\012- data
Size
105 kB (104888 bytes)
Hash
8fd34a1dc7ec7e2937a376a6e4d5e722
b380f5c2d6a9f921131358aa4b4e54d1232e9870
2c03dc5dde61b134d69d2200ccd620910e29b480a923596d70e6b7086723fae8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /MaterialIcons-Regular.woff2 HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9; XSRF-TOKEN=eyJpdiI6IklsdG1ZbTFpbTJFZ3RsTlBkeUhWcHc9PSIsInZhbHVlIjoiUURrSmpyXC9XT3NqUFJ2N0tQQXFCNEgxZGlobStYTHN2M2tydUU0MFIrQ01oMFZTbUg3bW1maytrOWpwcUs4dWQiLCJtYWMiOiIzZTY3YzM1MWY2OThmYjhiZGY1NDJkMDQ4ZDYzMmQ5MjJjMDYyNDdhZGQxNjBkNjg0MDU4NzYxNDg3N2JjODFiIn0%3D; doxbin_session=eyJpdiI6Ikh4TEdBXC9FVDNzVG5GdEcwVm1Ia1J3PT0iLCJ2YWx1ZSI6IkJoNFN3NEpWZEFXUlZkOFI1UzMralpmZDVQcjdNdVZFcHFQUlFKOFlYY0dKVDZROHQ5NGFFcTEzcDBVRkZ0d3AiLCJtYWMiOiIzZDRiMjI4MjI2ZDIwNGZjNjg3YTQ3ZTRlNzE3ZGZkY2ZmMGY5OWM4NjU3N2EzNDJjNjMzNjY5NDliMjkzMzE5In0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 25 Sep 2022 20:26:40 GMT
content-type: font/woff2
content-length: 104888
last-modified: Sat, 24 Jul 2021 23:21:44 GMT
etag: "199b8-5c7e6c8833200"
accept-ranges: bytes
age: 196476
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size
13 kB (13036 bytes)
Hash
0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

HTTP Headers

GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doxbin.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:26:57 GMT
expires: Thu, 21 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 545658
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

142.250.74.163

200 OK

158 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (826)
Size
158 kB (158248 bytes)
Hash
db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206

HTTP Headers

GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doxbin.org
Connection: keep-alive
Referer: https://doxbin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 189320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 03:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

142.250.74.163

200 OK

158 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (826)
Size
158 kB (158248 bytes)
Hash
db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206

HTTP Headers

GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 189320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

142.250.74.163

200 OK

24 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (52762), with no line terminators
Size
24 kB (24251 bytes)
Hash
f2d649025c814be9c33f166a5e04fe88
26bf59de631415927ba2c6c9e44fe9c763f95313
f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921

HTTP Headers

GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 08:33:30 GMT
expires: Mon, 25 Sep 2023 08:33:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/css
age: 239265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.163

200 OK

2.2 kB

URL HTTP/2
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:02:15 GMT
expires: Mon, 03 Oct 2022 20:02:15 GMT
cache-control: public, max-age=604800
age: 111540
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 311357
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

doxbin.org/5s.html

91.215.42.4

200 OK

0 B

URL HTTP/2
doxbin.org/5s.html
IP
91.215.42.4:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5s.html HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 28 Sep 2022 03:01:07 GMT
content-type: text/html
last-modified: Sun, 22 May 2022 22:06:03 GMT
etag: W/"628ab3cb-567"
content-encoding: gzip
X-Firefox-Spdy: h2

doxbin.org/favicon.ico

91.215.42.4

404 Not Found

0 B

URL HTTP/2
doxbin.org/favicon.ico
IP
91.215.42.4:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: doxbin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doxbin.org/upload/pretorandom
Cookie: __ddg1_=uY8I7jTueUQzzRiMnMyo; vDDoS=0aeddf06c36e7f1f5ccb7797d5ae6dc9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 28 Sep 2022 03:01:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
content-encoding: gzip
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (25)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP