| irbah1.xyz/vpn/ar/ld3/panel.jpg | 104.21.71.37 | 200 OK | 7.3 kB |
URL GET HTTP/3irbah1.xyz/vpn/ar/ld3/panel.jpg IP104.21.71.37:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectirbah1.xyz Fingerprint4E:98:2D:E9:9F:C5:BE:39:6B:C5:82:97:FD:A2:42:19:18:DC:2F:DD ValidityFri, 19 Apr 2024 11:56:30 GMT - Thu, 18 Jul 2024 11:56:29 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 717x144, components 3 Hash9df1ba4e382721bcb7f45e4101ee4d89 fcc5a6e3346ce0137c97cbaeaa9789eff13a2888 b547d4e404af38b21169121bcb62ce588b8fa04edf35718dbb584835511384a5
GET /vpn/ar/ld3/panel.jpg HTTP/1.1
Host: irbah1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:52:33 GMT
content-type: image/jpeg
content-length: 7314
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "cd8ae567713b62fd427affabed3d3da9-ssl"
x-nf-request-id: 01HXA9DDN9E4DG8HGBSSE1EKTX
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOkqRj%2Fex8c7MQnNmOxG5Tr%2BvtrI%2FM6n4qiuWpWfgR826ToEq%2FEgzbVN%2Fn81pgHMNtUKFjfmkzNC6aulueyOvvfjpaUR93dXdf1z734IX3GAcytjGkffI4FCOsLO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804c7f598e1b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| irbah1.xyz/vpn/ar/ld3/loading.png | 104.21.71.37 | 200 OK | 8.7 kB |
URL GET HTTP/3irbah1.xyz/vpn/ar/ld3/loading.png IP104.21.71.37:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectirbah1.xyz Fingerprint4E:98:2D:E9:9F:C5:BE:39:6B:C5:82:97:FD:A2:42:19:18:DC:2F:DD ValidityFri, 19 Apr 2024 11:56:30 GMT - Thu, 18 Jul 2024 11:56:29 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hash8ba7c912e63b781f5e2b2cdefe93cb8b 4a5531b81fec2056fb286758eb345367c508f41a 75daef7c8ac811a996b0f8a4ad46d01938e7de10c27fa96a6b2a5bb20c18349b
GET /vpn/ar/ld3/loading.png HTTP/1.1
Host: irbah1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:52:33 GMT
content-type: image/png
content-length: 8670
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "8c22e40c766469b0a5a72903ab3d889f-ssl"
x-nf-request-id: 01HXA9DDNX03DPS2G3TBBJ3K3V
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sx8u4SSXhWtFj3j3ifzlO5O5XS6D2TLXjbQFgj3WYeRYgw9KB7%2BV8hYTKvzmg2Q02fNCk%2B09UHs%2B8qARa%2BSi0pm%2FtTgCDxafkw7Cq5zdsQu0RstK5yZeL9wySFh%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804c7f588e0b4f9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| irbah1.xyz/vpn/ar/ld3/script.js | 104.21.71.37 | 200 OK | 27 kB |
URL GET HTTP/3irbah1.xyz/vpn/ar/ld3/script.js IP104.21.71.37:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectirbah1.xyz Fingerprint4E:98:2D:E9:9F:C5:BE:39:6B:C5:82:97:FD:A2:42:19:18:DC:2F:DD ValidityFri, 19 Apr 2024 11:56:30 GMT - Thu, 18 Jul 2024 11:56:29 GMT
File typeJavaScript source, ASCII text, with very long lines (456) Hash6a5301e4fe2e932cb6f2dda75b74be5a 8fdfb9bf4454d08d25f965760e556712afd4370a 412e4d8ca8797cad6f0ddd33b61b7e26a6ac920f320fc20329ebd85eec70b6d6
GET /vpn/ar/ld3/script.js HTTP/1.1
Host: irbah1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:52:33 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"20e116a2129df632257a03696fb373f0-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HXA59W5G0C76WKHVQQ7ZT9KF
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2wQZOa1LUeoow4otqGbitb071jY18GVWO0Wx%2Bsk19eVSw7ffj%2BjX71D%2FuUxHdlYXlzssFgTXy4qEjIC5%2FdB6QQvPZol1cKThqeS8T%2ByQhUMripqnZb93CKJXjfo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c7f66947b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bujerdaz.com/zone?&pub=0&zone_id=7071124&is_mobile=false&domain=irbah1.xyz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=9297e522-cbbf-4c78-b31e-005877dbc3be&action=prerequest | 139.45.197.250 | 200 OK | 0 B |
URL POST HTTP/2bujerdaz.com/zone?&pub=0&zone_id=7071124&is_mobile=false&domain=irbah1.xyz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=9297e522-cbbf-4c78-b31e-005877dbc3be&action=prerequest IP139.45.197.250:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectbujerdaz.com Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3 ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7071124&is_mobile=false&domain=irbah1.xyz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=9297e522-cbbf-4c78-b31e-005877dbc3be&action=prerequest HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://irbah1.xyz
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 22:52:33 GMT
content-length: 0
x-trace-id: 4043b544e1e19ef271321993d19a0bd4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://irbah1.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| bujerdaz.com/pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js | 139.45.197.250 | 200 OK | 15 kB |
URL GET HTTP/2bujerdaz.com/pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js IP139.45.197.250:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectbujerdaz.com Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3 ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
File typegzip compressed data, max speed, from Unix Hash79ab4f5f20178d8996c060bb397118cb 1c4b2573fec4c28a0fabe5f38102b69cac5b9e97 05c6f230d524bab329e3cd7e74295e02df901851cc6350c1759b308d2ee09038
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 22:52:33 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:53 GMT
etag: W/"662a3515-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 582
Origin: https://irbah1.xyz
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 22:52:34 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: ff31de862d73f186b1d2c1f8ee192516
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://irbah1.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 581
Origin: https://irbah1.xyz
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 22:52:34 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f9c6406e9f7f83e4e9463c4313cebab1
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://irbah1.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| irbah1.xyz/vpn/ar/ld3/script.js | 104.21.71.37 | 200 OK | 1.9 kB |
URL GET HTTP/3irbah1.xyz/vpn/ar/ld3/script.js IP104.21.71.37:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectirbah1.xyz Fingerprint4E:98:2D:E9:9F:C5:BE:39:6B:C5:82:97:FD:A2:42:19:18:DC:2F:DD ValidityFri, 19 Apr 2024 11:56:30 GMT - Thu, 18 Jul 2024 11:56:29 GMT
File typeJavaScript source, ASCII text, with very long lines (456) Hash6a5301e4fe2e932cb6f2dda75b74be5a 8fdfb9bf4454d08d25f965760e556712afd4370a 412e4d8ca8797cad6f0ddd33b61b7e26a6ac920f320fc20329ebd85eec70b6d6
GET /vpn/ar/ld3/script.js HTTP/1.1
Host: irbah1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 22:52:33 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"20e116a2129df632257a03696fb373f0-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HXA59W5G0C76WKHVQQ7ZT9KF
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lkQr8WQCiCHxWlvubl3kjF31UP4b45DSuX62WXTQm%2BRARfHqRuLFW6x0j7OvEVQ8RifmVoJtWMgq7kbJySRvObZO2ilRkOSGevsh%2FSl31y1Dek%2BeKK6lLNr5HHTq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c7f598e4b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash5876df5cd9b723d67d4b11f8d5501f7c 055de0d392527b157e01b743fff6785f55df243b 0c2dbcc7c2991ca1c0fa83b7101faa4d28e72dae3b0505c05bbe9b5ac3aab670
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://irbah1.xyz/
Content-Type: application/json
Content-Length: 1207
Origin: https://irbah1.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 22:52:34 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://irbah1.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=tQfH0xS-boVx7OGCSWkIR21B7IDGTPkGwRXS1N31EOVodGDBtc0kx5Ga2DW8lZxoMfHyW2ohx_6FlHi80WrpZv6uxadVhqEBsVNEDld-pISbsOeDxzHwtbv_uyQi_qWi
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Tue, 07 May 2024 22:52:18 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 34
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 | 104.21.71.37 | 200 OK | 3.3 kB |
URL User Request GET HTTP/3irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 IP104.21.71.37:443
CertificateIssuerLet's Encrypt Subjectirbah1.xyz Fingerprint4E:98:2D:E9:9F:C5:BE:39:6B:C5:82:97:FD:A2:42:19:18:DC:2F:DD ValidityFri, 19 Apr 2024 11:56:30 GMT - Thu, 18 Jul 2024 11:56:29 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3330), with no line terminators Hash78550eb70ba8a87187491fbcf4d7db11 6e55a2caab49e0cd3ed51e6e07baf9340eacdb5e 639a117f320d3ef0bbd4168b4b555c4901af7176c1f6859ffcd9b1950ffe15be
GET /vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 HTTP/1.1
Host: irbah1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:52:33 GMT
content-type: text/html; charset=UTF-8
age: 17095
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
x-nf-request-id: 01HXAM4CW6K7V0XAJ7G5VRFVT9
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ftbrwNXaANqh2yd0klq8%2BZYJdrc1Y75rvos8FykJDn7SiDAV%2BubJFG8CTlreTxI8VJw%2Fj7KnO5pB2AWgqY4UGz%2FO5uFvnXVd7jTVJuvAyvbFxiF9oYokO0ppqW0H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c7f27eb1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| irbah1.xyz/sw-check-permissions-39799.js?zoneId=7071124 | 104.21.71.37 | 200 OK | 566 B |
URL GET HTTP/3irbah1.xyz/sw-check-permissions-39799.js?zoneId=7071124 IP104.21.71.37:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectirbah1.xyz Fingerprint4E:98:2D:E9:9F:C5:BE:39:6B:C5:82:97:FD:A2:42:19:18:DC:2F:DD ValidityFri, 19 Apr 2024 11:56:30 GMT - Thu, 18 Jul 2024 11:56:29 GMT
File typeASCII text, with very long lines (605), with no line terminators Hasha438a31ad30bcf0fc26f69eae78ab2f9 adba6a5873bd34085ce9b204c9be815d822e35f9 13040a957fe13225f89ccf2d8bb2d372c69cbc5727661bef2b43376d300e466a
GET /sw-check-permissions-39799.js?zoneId=7071124 HTTP/1.1
Host: irbah1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:52:34 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"b66b69ce955a5c83d67e661d27432485-ssl"
x-nf-request-id: 01HWRAACMD6PXVEJ9E81HC7S7H
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JcYrpKwKkR3x3qAhFsfvdh37ykezGd%2BphNZYrX02RXBs3ZT7ML9Rx1TKPzAA2RcVjMC%2BTmiZxFnUh6lcil5AyLhEWwsdbAS5M1v2nUzNZtUJyKTiDVn9KnHjCmcA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804c7f85a67b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| irbah1.xyz/vpn/ar/ld3/style.css | 104.21.71.37 | 200 OK | 8.4 kB |
URL GET HTTP/3irbah1.xyz/vpn/ar/ld3/style.css IP104.21.71.37:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectirbah1.xyz Fingerprint4E:98:2D:E9:9F:C5:BE:39:6B:C5:82:97:FD:A2:42:19:18:DC:2F:DD ValidityFri, 19 Apr 2024 11:56:30 GMT - Thu, 18 Jul 2024 11:56:29 GMT
File typeASCII text, with very long lines (8706), with no line terminators Hashcd092a1b2afa9078ff4bdc837a415686 3fb39e0151c8a6e80169d8af43eb3cc303c00104 3b08c525a446640a25b5f454e353ab0d7ddcda4ba26fb2f891374b3651eb4b20
GET /vpn/ar/ld3/style.css HTTP/1.1
Host: irbah1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 22:52:33 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"232e22405f00a42b567c273fbb84566d-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HXA9DDNCJ0ECH37PEKMAXR2N
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIMbAE6iOXsOXdbFxNlgZcGywryCTkf7kylLeqD9hBu6K3y189OOtR1UO8ZOr7hq5%2Bgl7%2FYilIAu6MmUirSrvYGXBPrmeFZcjSMWU0H51z4VI5EbCgmjRB3xcsLj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c7f588dab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| irbah1.xyz/vpn/ar/ld3?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 | 104.21.71.37 | 301 Moved Permanently | 3.3 kB |
URL User Request GET HTTP/2irbah1.xyz/vpn/ar/ld3?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 IP104.21.71.37:443
CertificateIssuerLet's Encrypt Subjectirbah1.xyz Fingerprint4E:98:2D:E9:9F:C5:BE:39:6B:C5:82:97:FD:A2:42:19:18:DC:2F:DD ValidityFri, 19 Apr 2024 11:56:30 GMT - Thu, 18 Jul 2024 11:56:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vpn/ar/ld3?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 HTTP/1.1
Host: irbah1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 07 May 2024 22:52:32 GMT
content-type: text/html; charset=UTF-8
accept-ranges: bytes
age: 17095
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
location: /vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962
x-nf-request-id: 01HXAM4CRD3AETSP8EARR2SK6E
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UuD0uu8W9Ou4KMPBQJJxU8XACwAe%2FvKqZk19stNBJ0HKJBWdANHNMCAs6Ccb8uinJWbBpy%2Fzj4QdSyxiE%2F2nRl4D8Iil4UfaXuB0HRJYHVXvPjqnfGz81PPsr%2Fk0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c7f1994c1bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| irbah1.xyz/favicon.ico | 104.21.71.37 | 404 Not Found | 3.1 kB |
IP104.21.71.37:443
Requested byhttps://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962 CertificateIssuerLet's Encrypt Subjectirbah1.xyz Fingerprint4E:98:2D:E9:9F:C5:BE:39:6B:C5:82:97:FD:A2:42:19:18:DC:2F:DD ValidityFri, 19 Apr 2024 11:56:30 GMT - Thu, 18 Jul 2024 11:56:29 GMT
File typeHTML document, ASCII text, with very long lines (3234), with no line terminators Hash983ad7ad3b11851a568dac1033e352b7 b97321d9a14c18bc49a2029cae02a7c6fae9e2a3 7037defc36dc79e60caa283cf5443f489b9daa5be1dee869404a3b0b95f687e6
GET /favicon.ico HTTP/1.1
Host: irbah1.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://irbah1.xyz/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962/vpn/ar/ld3/?uclick=15dvfna8&uclickhash=15dvfna8-15dvfna8-q51m-0-q5j2-k217-k2gx-f4a962
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 07 May 2024 22:52:33 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
x-nf-request-id: 01HXAM4DPQWDP8HAXE8FQV9T52
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2BRJa%2F3UYBcBfiacjA6XTcJnbxGtvPUiCGWuIDx5BaOkTsRIulJ5QEwTWSSyeg2VDIWy0YbSLi7fHLJE9BDQUyqKWhdHPJb8GanSF%2BsjCbOHk5sTdFiTXbxsP7pK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804c7f779f1b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|