{"report_id":"c223d941-4629-4400-8aed-3907075e9690","version":6,"status":"done","tags":[],"date":"2026-01-31T16:41:25Z","url":{"schema":"http","addr":"www-birb-allocation.xyz","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"172.67.211.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www-birb-allocation.xyz/","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"title":"$BIRB DISTRIBUTION","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www-birb-allocation.xyz","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"172.67.211.120","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-07T16:41:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"www-birb-allocation.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-29","domain_rank":0,"first_seen":"2026-01-31T16:41:26.034795Z","last_seen":"2026-01-31T16:41:26.034795Z","alert_count":18,"request_count":18,"received_data":1568157,"sent_data":8631,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www-birb-allocation.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"91406e14c00d5d38ec3dbc4a671ae4b2","sha1":"4f7cd096a2a9dce9932652184c8f6fae141f99f9","sha256":"d9ff766a428022b77ee3699e1007b54786978dd01e7fcd6a08a7eba827999f01","sha512":"0e6855531572438b11496464edc4c8fefce766e00f0f71589002998d66ff901700523351e0e8d58836186f4dbacfade023c2835968a5d50312925d9fd457f232","ssdeep":"384:fKbNqLY7xfEHImXOhbir9m+g7EvikvnhvAbBYdGDxofkM:iZqLY7VEdsbI9mzQvikpKYiGfx","tlshash":"1c9294ca3ec97d25d2bf30b9903f35c7a17eac40b0185b16c610ead9b9743c960bad58","size":20844,"data":"","first_seen":"2026-01-31T16:41:29.734783Z","last_seen":"2026-01-31T17:25:50.265345Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/snowflakes.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a492afe47e2af6e5f5cc87512db9b62","sha1":"47e1342d2e705c3fd5c917ac47d6c4ca6677ede2","sha256":"d63054d0d07b0e61e0f1e5a3ea8670fbe0f2eae377913603a043f03d1cb3252c","sha512":"4c14d1e90c11f74d16c28834f2ce68ee4acaee657f5d4bb7e7dc13def8018a5e540913481f757adb6d45187a306db0e7a4fd1a26f7dfa01253aa9f19053c56f9","ssdeep":"","tlshash":"08510d4860a23828157f631d7ad2988ce5302027be014d7ebeae42635f71c4cdc98dfd","size":2457,"data":"","first_seen":"2025-08-31T03:13:37.754782Z","last_seen":"2026-05-01T15:06:22.864567Z","times_seen":342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"adb5accbf3eea1a9809fe2f31a17dc51","sha1":"b5dd2e8dd5de9825a940e9b3cac200a1a3b022ac","sha256":"74f41e9217fdfb6538bad20759a5185689b15ad82280de27abe2dfc2b3c034b0","sha512":"01774b850246e42054968343c0726b2f1d81c0542a03f7cf26952862207dc1517e01bd321ce411cbbb8342b1a41c6191076139e4d6ec8a058ae1753a4c36cbeb","ssdeep":"","tlshash":"dc71282ce9b41cb3104ab07908be5247b570955b0d2a3d35bd4c829c5f0ee6e61be7e9","size":3587,"data":"","first_seen":"2024-08-19T21:41:20.669609Z","last_seen":"2026-05-06T23:47:35.269243Z","times_seen":366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/particles.min.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"00debcf6cf0789a19cee2278011afcd4","sha1":"8017f8b1869077db728573f1ca4684a00af69462","sha256":"faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6","sha512":"29e7f9b1cee07d369c47b4d929e95cad1b35e62a5fefeb7e9fb661ea628d25b996fbf4517425bd9f07cb9f8617d2cda73ba2afe58d8286a8086a4682e8f5b4f4","ssdeep":"384:NkfJtGvWjT6uYvqhCz8wSEHESxtVAFPQcYpeib+9rOEKXWd/:NC7T6uYvn8wRxwyryVOEKXW5","tlshash":"61a2934d23f73e77378ab2e09be9d122c774a4d1399b04b0f93c667da52549201ee7a0","size":23364,"data":"","first_seen":"2023-03-07T01:16:44Z","last_seen":"2026-06-08T22:35:33.735126Z","times_seen":5017,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/index_1.html","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac4786192a3916566ee22c5fc6ad0a9e","sha1":"1ec501d88894554b12177a24ce0d2fabfd718d7a","sha256":"90c19ed8f3fde66963f3bbecab7a6aa3b587baf67e2cdddfd99642d615873e4e","sha512":"26f003352039e1794a65f64ce5a3c933abd3e371dade96d76d891e2babc125a0b562550542e36a5cf120c308b84093f4c5a8f977363c045f0b7233e556b0e8e1","ssdeep":"","tlshash":"13d02bae48a2892456c6004e21fec364351161c85967628055d9cc19d904d578551d56","size":263,"data":"","first_seen":"2025-08-07T19:45:13.889869Z","last_seen":"2026-05-01T15:06:22.86674Z","times_seen":211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/main.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1f216e5143a1d3a59abf6d0141053981","sha1":"260102aa3f4f88cd051e9d5ea84ffde2538fcc44","sha256":"2df1d83244ca5ef0c0e749d6854927d7317de9b4735ea08d2ba06e1c836dfdaf","sha512":"a8f43481669d4b6fc0deafca36801a539dca1f992f2d75a93f2cb59e6743051c8d9bc30283dce8039a6a4cd2e69a43b538e7c08ea898fe21ae75259e596d5ef8","ssdeep":"192:UjT5pwq3bv9M6b8/888vdB3uacRu7boDVvQPkfNVb:UjT5pT3bv9M6b8iFB7Mhv2cNVb","tlshash":"c4f1e8da7f82b54202726db7108f6ce3a09d9f6259204c5be160c4d8bb37344e0eeed6","size":7922,"data":"","first_seen":"2025-09-06T12:15:29.241549Z","last_seen":"2026-05-01T15:06:22.861257Z","times_seen":201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fdeeplab.desktop.umd.js%3Ft%3D29497961%26u%3DDFEVxoxB2OhOFVhvGDY5MjU2NDNjMjhjZmYzYzM0MDI3YTQ2Ob5-H5Ar3fQ2yWWhsg","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","size":656642,"data":"","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-08T13:18:27.600009Z","times_seen":2556,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www-birb-allocation.xyz/logo.jpg","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:03.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /logo.jpg HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21341\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\netag: \"697b6624-535d\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8DDN1xLsEcMaEuigPnhfYMFS4sceCoKZY83DormZ9EUxtD48qkB4ND4xHoQd2h3TbuXewbM%2BeBqLauKSyHvBDOn2AooR63VMDnEIXTdG0ZV7eBEfebhD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c6aa7840cf675ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21341,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"05cd5b256514065eee97fa76ceb1d5e8","sha1":"7beb572b558c23b2d4fefc12495c4961b56a0bb9","sha256":"26a432de9acc4a03a68b899b48bcfba700adb9317ee1dbbe28fe0eefb988f77c","sha512":"8f994cccb174c57e41f07ebf19da36afe0fa0a4bb88418230d499b212bf64a723cc613f26eee11ed573d30828e9229358e1a994e00c8710b92fd0d1e2b2696a8","ssdeep":"384:CkJR+GkH0pne4DMl22hCNm7PjCjtHyJ1sApgINbAzdW5B7v9/+X80y:fR+z13rhCN0PjYpQbAzdW7L887","tlshash":"cfa26bc6cfdc0176cdc82676e4840586abb81e5cadf012d115b2093f3f9995c32e89be","first_seen":"2026-01-31T16:41:29.732475Z","last_seen":"2026-01-31T16:41:29.732475Z","times_seen":1,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/f0438febff768476c4bd646204034239a5fc20d9.svg","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:03.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /f0438febff768476c4bd646204034239a5fc20d9.svg HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ynw8EWerAtW5gpCEKS3T2%2FuaKuFv8txOliz3C5NR0oj85EdFKQGR1lTT7%2FL8yE7i6eszlk%2FevZ7RQ%2BJax07KUN5GMmmdAVqAwRnCRVn%2Fib67V69GB%2BDM\"}]}\r\netag: W/\"697b6624-286\"\r\ncontent-encoding: br\r\ncf-ray: 9c6aa7840cf875ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":646,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bcb0acca5ca36852531960b5d63a86be","sha1":"f0438febff768476c4bd646204034239a5fc20d9","sha256":"3bd151eb77e3cc456935eb7decbc0984759fb4d00598088fef0e3632968140ff","sha512":"757a3b9e03791be66c6a21e54115ab9a1d29f41eb23809f8512ba13d899960b3eb91bbf4b2a4779329469199f4f0b5e3571aaa24bae2b1cbc3d03da540533d9a","ssdeep":"","tlshash":"7cf07bd366684368cd06c0cfb30fa810564770c9e25a5e9b924c0b2b958fbcf34425d8","first_seen":"2023-11-14T00:56:20Z","last_seen":"2026-06-02T16:59:59.330573Z","times_seen":358,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-birb-allocation.xyz/index_1.html","date":"2026-01-31T16:41:04.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/de9364586261/main.js HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/index_1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:04 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fPP199H5qt72ps8%2FYnv7Q7I2gsGGDJ0CU3C3NfZXjHPgJYo0G5garqkDVpEAfJhJie9VRiOjO5cHMSU4oW2P4z6HoQEsb8r8YA2wrKkAJ21xXnWYdM5DxgRxxNgeNm1mVxgoYsBMqSkDoA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9c6aa78e2db375ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1883\u0026min_rtt=818\u0026rtt_var=868\u0026sent=190\u0026recv=49\u0026lost=0\u0026retrans=1\u0026sent_bytes=179164\u0026recv_bytes=6614\u0026delivery_rate=14491883\u0026cwnd=24000\u0026unsent_bytes=0\u0026cid=976113fe8b9f3384\u0026ts=1875\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20844,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (20844), with no line terminators","md5":"91406e14c00d5d38ec3dbc4a671ae4b2","sha1":"4f7cd096a2a9dce9932652184c8f6fae141f99f9","sha256":"d9ff766a428022b77ee3699e1007b54786978dd01e7fcd6a08a7eba827999f01","sha512":"0e6855531572438b11496464edc4c8fefce766e00f0f71589002998d66ff901700523351e0e8d58836186f4dbacfade023c2835968a5d50312925d9fd457f232","ssdeep":"384:fKbNqLY7xfEHImXOhbir9m+g7EvikvnhvAbBYdGDxofkM:iZqLY7VEdsbI9mzQvikpKYiGfx","tlshash":"1c9294ca3ec97d25d2bf30b9903f35c7a17eac40b0185b16c610ead9b9743c960bad58","first_seen":"2026-01-31T16:41:29.734783Z","last_seen":"2026-01-31T17:25:50.265345Z","times_seen":4,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/snowflakes.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:03.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /snowflakes.js HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\netag: W/\"697b6624-999\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JeYcLisV24ltQfoY1cV2x1fbzdLrjLlxhxFWaW373vWIWLnsNgSHFHRRACKuzO8YV%2FFsDqzJSsNlq5W6YJQ%2Ff6myEiA1Z1sSeV1lBToNCF7TyECUNjG%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c6aa783fcf075ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2457,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"4a492afe47e2af6e5f5cc87512db9b62","sha1":"47e1342d2e705c3fd5c917ac47d6c4ca6677ede2","sha256":"d63054d0d07b0e61e0f1e5a3ea8670fbe0f2eae377913603a043f03d1cb3252c","sha512":"4c14d1e90c11f74d16c28834f2ce68ee4acaee657f5d4bb7e7dc13def8018a5e540913481f757adb6d45187a306db0e7a4fd1a26f7dfa01253aa9f19053c56f9","ssdeep":"","tlshash":"08510d4860a23828157f631d7ad2988ce5302027be014d7ebeae42635f71c4cdc98dfd","first_seen":"2025-08-31T03:13:37.754782Z","last_seen":"2026-05-01T15:06:22.864567Z","times_seen":342,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/119246100adcd76322fde730b9f8859e.txt","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:04.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /119246100adcd76322fde730b9f8859e.txt HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:05 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D1B5owK9Gbz%2BuPYnwhT6z5c9X3zczWnIg4ihhWJIWJNmSB3ADpEX%2FUlB17A0mSK%2FAgoTbOB1qtlLK7ipFvggCkpFGYOJVCEY9Ogy7mtQ25XaBrCYzX3d\"}]}\r\netag: W/\"697b6624-0\"\r\ncontent-encoding: br\r\ncf-ray: 9c6aa78c9c4a75ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz//secureproxy?s=%2Fjmpd%2F","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:07.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"POST //secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www-birb-allocation.xyz/\r\ncontent-type: application/json\r\nContent-Length: 2212\r\nOrigin: https://www-birb-allocation.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":2212,"data":"{\"route\":\"8XUwkBv9vhPYfVpD1fxb7EC65sUXJdqr\",\"payload\":\"dVDBPuFbSUMAsJoi3CKFgCMbZk2fndd7rR4PzhPHhZP2GpNAqeWcRMYwAe2BbGVaqgsQPWdcWnJmNbhRwJxMzgSUQirU7p17MGVYeG3fF9VTfMag8V4dfmWD5aYESA43VFvbXjnQZ51J6b5vaNCe1nCjfG7pYUimXNjZNbio4dyPnFjYR9RHRKZ8oXwkzhUtU8ssB2EAbZH4XzLpfuDnVwosXEH3w6uiU7WsPBBa2g5QbcFvB4MHTQzQYtwZwvLncMWbquCmVxCgaTece2AUEYBgZHi63NaDWvg55p5VN9ivwkF2SyjCpb4sQa2WDT6BBCLiGzrNMhZuUj99sXwns3LHL1rKwGBQfB8nViS5YS7tG4rhTniNppiEbGq84UC4sLNeZ3UYJKQXXV5HevzzBxtUEK48ongetvaBFKuKhx66mtnncuaNhEe7xnrhP39GHAjSWrNS3SnegZFX5Ux4GyFoAVNMsMxCqAXRrSqLQ3GChacupxLw1jbeahZsuz6qeFrhGZyFBRauGhSXx6rthFzaWBNYxGDGm16vfgiaCcdoxyZ5BgkYspq2ankurV1wp5cBNLf5gcwmrkvMT8ATCaLLJV9q59dxnSXgrL7chBowjV9pdVWgQ3nNuwjYmtT53k7eGGa931aMkay9QnKJZATsCLAxrSYdWz9iXGJcp2wetSVKxAY5w4yE5QYbWDUHSQQJLPK723n1jENMVhAT3XwEJah99GjNn3Wf84DrGUCiLM3H4HVdyf9NVvhuUGXtN5rPTY4rFjn7XnuPpwsyxBrBx53oCoz2rXWP9PXZzvG96AuWqSWgUqmctZQa1mcF5pgQfFP1XcYJJWEx1UDMSnZEXMa6roCZibMxSnYy9azuz2NKYJLHQbUaWtsHZ4tK8rXnnsx3bhp1U1iXsktUHgNihiqn26xUDKMUFLmD3zqvqZEDi7ujrzuryJifuRBPALagSTGuycePTtscYQ42mFtk7DhSfzDK4mKeQF5iiU1w2rWpEqjMz1WfgoEfwuw7LRWz6tYWVcQPDi3nWfaj8EveRojcxr4f4rc86HF6B5oz6csofTipjqgRnqKj7B5p83hZutgqGXogs8wnGxJoGXMPRSwyAa8LGh5UTb4rSJ7srg2wRqG4LDp7Qmjy1XkwvHTd1BMR9UynQhot927rrbQBTZhcAkQ5kUmK9x1wnRv8hCWBtqfRMwXYwTNTUdgTVsjvCWM36THYWZW3oeBc3h9Y57RvQ88jGTQjTJzDKWQvao5NEYkAwGDBv1SucRV5QYdfhz5pkR891frg8zN3y3CozaknHyb9cLjq389bm9M8Zxdz3RAuPV56byuxEMVNjff3D9E1x6KH3KXU7M1Hx9LP1oRJG5a8f1h1HFhQXM2LvwjBaMZ3iQp2vbmaCu59bczen7CsmZQjTn6PXhiSZYhkCNyn5BGjnXE2gcArzj8cVc6ZgG6gMygxCD5Tm5zgoTAJBJffH3vCXTpVXrKR2hf91tUbU6h1qAocnWgnT1gg3imbtSaCPbXyhn11jo2NXZPvisA8MCe81fTduvx7kPUHTwqGZjfPjPmm38e6P95hd8keazw9m5yVGMPYLQxabZfkBjk7NZe3EEZaA4xFkK7wxJ8bZykTHrUtQQZaMjdE6Ma2dRjh7jtKon9KVmb9TVFKZKFjsUZdrJ5crJTnmj2zZosaiYKn9AP91vVb3yMsybmeV2X7CANvKF2r9R5e49ysm1aY5jS1YzrSb8wTZbC8XZQHxSj8L5pfe684kDqXmfFcVhti2YQQ5KWj62W9Qi9R6NoNHDLF4t9U8EtB3gibvsC5M2JB4Vw8nR9QxsrBCvzVST5Sv6JRxpDDhfTetZe9Jad5zTQpRV6EceNsXAxjQxetPwSpv8NHD5JMykxzspXmxK6W8DVpKLZUpnZzh8ayFE1THmjSMHVKZsemtWctBrn96dxDTxurb14EL8tfJdBKGnS5XNnUCUFrN3ByZJXheumGjvFMNRRuJhjcpUqcqmcqBFUFywsLoeUsKeMtKdvQeaDUHY3mjbv2uUxYTKLb3DdjGbKSKB1KuVdSiWWwm73Z4mKvJUgqeRrFxbWVVkhCjwaCdPRZRWeCjBS536uL1xtQsGUsLLBP6Eeotg3rcSC6oUKxETKPYK5WXrZ\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:07 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"e1-6a1TsojaJ0A/gSGTtnwKi+S4P9M\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1769877727477\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/31/2026 16:41:07\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: f9e6068458f3aa0dd869790513108a70\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zqDtxlkpND7zuY%2Fy1iTj%2B77CaO2HxyZzVMGpGs%2BD1DUvkIsU%2FS4hHMtf5FFGsRuG3MvRJWvuyNM3i3VaG%2FEAPfb6eWnjZyLqIpILTExwjkZzRDBLvUgF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c6aa79bab3975ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":225,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7245795015b6822d78e0adac6faab8c0","sha1":"e9ad53b288da27403f812193b67c0a8be4b83fd3","sha256":"55633e3cf84f6b32828f3f7e6399e90715401e617552eba5840ec21cf24d6fde","sha512":"e84aba62a041575a668cf9955e45f3a363aa2845d894d9dbe0b59d32e3f33ac0dd46431f6017454585be970032b0be836a20dbf9c882bcff447720b2d2516753","ssdeep":"","tlshash":"6dd09768228e0d480a0a89120981086190a670c2b088ac694a568403def40306e9051b","first_seen":"2026-01-31T16:41:29.737561Z","last_seen":"2026-01-31T16:41:29.737561Z","times_seen":1,"resource_available":false,"data":null}},"time_used":622,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":621,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-31T16:41:02.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pEV6Q4nF03rvuq6dmq%2FcQU6nEXPU7Qt4qkdri3KE1yycpccpyFHtXviNZT9N7kEKBAber%2BeHvhw1A37oXfgUc%2F2gYJ6nAgc9ZEIp9sBcn5fH%2BS7Lzt9f\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9c6aa7811ba63181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":169012,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (26105)","md5":"ca320c39b6dfdb2df3119cbe906388f4","sha1":"8212e10f9eb24623b5a075b41c1b3d14b408b313","sha256":"d67c963ec8ed51442f3c4515392391d40237fc78c6c2e21a7db3d008dc0ec7ab","sha512":"ebb64429bec3204526ae0b98c6f0ffe93323f2612c859248efe49af4fc0ded18ce47f578430faa63d005c1d734dfbcb523e35db533e4d0924ac35dcb3fe1de46","ssdeep":"1536:vYmd2naB93jBRvb7zj9VcvyxvxE4ZmhMcR239kPJdM9Nt3ZrPLaseUOdzuDO2:TqafzPr/wMT39kBMt35PLOg","tlshash":"eff3c6155c1ca72f3333086fdbc2a43d6a8160ceea22a5cf75deb0d8cb8756a5671d90","first_seen":"2026-01-31T16:41:29.738663Z","last_seen":"2026-01-31T16:41:29.738663Z","times_seen":1,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":70,"dns":50,"connect":1,"send":0,"wait":227,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/f9fa0444b908def7e2cacce9c162c39a60167a27.svg","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:03.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /f9fa0444b908def7e2cacce9c162c39a60167a27.svg HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7n%2FCF8DHxj16D4RriMTFCxH2Bz25HNiq%2F8uBCyfYeV4dabREprGMeHJr7mi21Y3FtuKkQTN5%2F4mR6ryplgspK5uGpcW%2BF24O8aN2TSacbDgfvwsJPlnQ\"}]}\r\netag: W/\"697b6624-1a6\"\r\ncontent-encoding: br\r\ncf-ray: 9c6aa7840cfa75ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":422,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9e47aa80842b4d43a41898ac56baa984","sha1":"f9fa0444b908def7e2cacce9c162c39a60167a27","sha256":"e94f4ec3d5f854f7281c9c36eeff5313fe0b739a16c7f2b6336eea87f1c013d3","sha512":"be8707bd09706a2691cd3f855f1fdd9f5bc3c4b49c87c876b7da2dc97b611ef52ced2b5290afdc1bd9efd378e42d60daf38deca85f0c955a228dbb2f27daedd1","ssdeep":"","tlshash":"6ee02395523ed45d6403d94dfe2934d15856b1e9b3084ff9e354533c9cd09ff3441164","first_seen":"2023-06-14T18:42:25Z","last_seen":"2026-06-02T16:59:59.322744Z","times_seen":357,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/e56b52e48bc2824b9833e6b5e5470e1c6e04451f.svg","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:03.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /e56b52e48bc2824b9833e6b5e5470e1c6e04451f.svg HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=02lNc9en4fYW4pjn27YO3I2WgL1z1ThOtQEV3TX7GNRgxfyOqOPGG9s7hoi%2BpHMWGj7wz9QG0nMCcqof2ziVS7%2FbfTm3amETKv%2FTB%2F%2FjMn9sk32YZna%2F\"}]}\r\netag: W/\"697b6624-3dc51\"\r\ncontent-encoding: br\r\ncf-ray: 9c6aa7840cfb75ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":253009,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6af765d49f03a1d726a49e72ab2df3e1","sha1":"e56b52e48bc2824b9833e6b5e5470e1c6e04451f","sha256":"5785e2a1df6aee7333aed78b1c3163b915a6c88a26f9cdd42329c5082df4e79c","sha512":"b39a46f586125452b17d1289c554e73f746f5762b0e65fdc1a94420142da058d424a427246452088782f7dbcd5f8cb876f4606d9c741cbba0694b4db722365af","ssdeep":"768:pf+qNBs8IWBD9WW1m/ztiNEtoTdacD7WGZAdfFuulqGW3R4HjWmoN7CI1g8xOME5:u8IWBD9WGm/ztiNS","tlshash":"e1346c38c068f4d85229563da3a4dedb2403a75b6728ea4d4748a127fe0bc705a3d77f","first_seen":"2025-08-07T19:45:13.876916Z","last_seen":"2026-05-01T15:06:22.8605Z","times_seen":213,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":156,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/secureproxy?e=ping_proxy","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:04.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www-birb-allocation.xyz/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:04 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nlast-modified: Sat, 31 Jan 2026 16:41:04 GMT\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yuN1rqs5tt%2FYLCRvhoXTl8NxPi230U5uzdoIidA1j%2BiAUdVJhcarRTLK1oKiGG1qPaH8ym7Z2kXeHQHcjQIigIEcXZuQyYhT%2BeDbJTbELuGd3oSd4qFC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9c6aa78818ac75ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"6fdb087aa3fbfbcb8287a593a0919e61","sha1":"0e514a0662bcb69dc863953d1ce26e3d40e81a87","sha256":"9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2","sha512":"be5457d14c930b51b47ab152850c1ceaafe6ef88c8671b48164abbc83410b0c07a1e178540f6cdeac5f2672cadb1d1cbbb3434b3e39bc2c50c4646a2bae57437","ssdeep":"","tlshash":"fe300000300000000000000c0000000000000000000000000000000000300000000000","first_seen":"2023-04-12T09:14:15Z","last_seen":"2026-06-08T21:23:45.649253Z","times_seen":8785,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/index_1.html","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:04.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:04 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RCwj3OSEH1bj%2FgiYVoYKsGWfqpuzadDFfUZ40VZ2FunDcSFcTJRu26u3sK0sX76v%2FHEd8SV7C00IVOF9qDn5ATjGL0CuZnHwXXC6hW4YKADQvQhS%2B%2B3k\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c6aa78c8c3875ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":408,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (408), with no line terminators","md5":"8a8b7e62710d21e30e70634977369ada","sha1":"9a74072f39167533862cfaca554ff48e4f860203","sha256":"9aaad00c216a7686ef1ce601884c0b298a1ee6d96237c62e4bb38cb34ccda5a2","sha512":"03f99764a5ff6c7e3c70def3bf4b26fdec7be2426b3166465c49f935d533c4a6501c6b331c330e0beb627f97b5a422b0150dea1ea8f897a48937fff5773e5600","ssdeep":"","tlshash":"71e0f1bf8c62c82959c1098d33ffd38c2400e4987832e54064e9dc15cd08fa7c803d86","first_seen":"2025-08-07T19:45:13.865763Z","last_seen":"2026-03-18T15:57:30.946795Z","times_seen":210,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/main.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-birb-allocation.xyz/index_1.html","date":"2026-01-31T16:41:04.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /main.js HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/index_1.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:05 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\netag: W/\"697b6624-1ef2\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XnEvMtVB84pNRtsBl%2BhcmD16KVDhdgSBnUAKnR8aB%2B6BJHuLiShXHzFEoXu1IzPRd3WGIJKJ7x7ATugZ2jA9q%2F%2Ff7mwKfaJ6fpz%2F901cXP%2FUjNjHjMT5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c6aa78e1da775ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7922,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7922), with no line terminators","md5":"1f216e5143a1d3a59abf6d0141053981","sha1":"260102aa3f4f88cd051e9d5ea84ffde2538fcc44","sha256":"2df1d83244ca5ef0c0e749d6854927d7317de9b4735ea08d2ba06e1c836dfdaf","sha512":"a8f43481669d4b6fc0deafca36801a539dca1f992f2d75a93f2cb59e6743051c8d9bc30283dce8039a6a4cd2e69a43b538e7c08ea898fe21ae75259e596d5ef8","ssdeep":"192:UjT5pwq3bv9M6b8/888vdB3uacRu7boDVvQPkfNVb:UjT5pT3bv9M6b8iFB7Mhv2cNVb","tlshash":"c4f1e8da7f82b54202726db7108f6ce3a09d9f6259204c5be160c4d8bb37344e0eeed6","first_seen":"2025-09-06T12:15:29.241549Z","last_seen":"2026-05-01T15:06:22.861257Z","times_seen":201,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/css2.css","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:03.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\netag: W/\"697b6624-756\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eZyWUKW1De%2BqzmkkTdtFWKHrF%2FQ%2FtxbCeYoo4GqpUug26OwC7lOl7fG5KPAVjqBBVeUHx1QC4ycTt9URI9JZAhiggvedEy0PMSYqSHyo2bEApFEw1jdC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c6aa7840cf375ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1878,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"9062a655afcc97c2d427b10f735a8aea","sha1":"b22103ec1665985589e0be5b9f5e9686461dc12f","sha256":"66489ff17cd8cbe69f7dc79d660975d2910614eda742803f69181a0ecf3bc4bd","sha512":"ab721d03c97484fcb5cef9844c74968d7bb643c1ebee2eea3a2e8129f9366306f24d0b42e6889213aa56bd28047ad42645cbc4457fc3dc681dd8e7df4d4265eb","ssdeep":"","tlshash":"89419b414c3a5104a3d32ce263ce7d31cd4ef244b045ca34bffe1859ac4ad6563a4b5c","first_seen":"2025-08-07T19:45:13.885497Z","last_seen":"2026-05-01T15:06:22.858559Z","times_seen":359,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/particles.min.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:03.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /particles.min.js HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\netag: W/\"697b6624-5b44\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZbAD0vEQ6dz8weAMNZRGhi4y%2FxcCqj1st20QSMDIPV6V%2FHrChMQ2VN5d%2BzBoMwgx6BAT7UxFs%2Bc44UxbTa%2Bz3SAwrOOlb0wlhRJc%2B6mUFT26%2FeXvQL9U\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c6aa7840cf775ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23364,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (23002)","md5":"00debcf6cf0789a19cee2278011afcd4","sha1":"8017f8b1869077db728573f1ca4684a00af69462","sha256":"faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6","sha512":"29e7f9b1cee07d369c47b4d929e95cad1b35e62a5fefeb7e9fb661ea628d25b996fbf4517425bd9f07cb9f8617d2cda73ba2afe58d8286a8086a4682e8f5b4f4","ssdeep":"384:NkfJtGvWjT6uYvqhCz8wSEHESxtVAFPQcYpeib+9rOEKXWd/:NC7T6uYvn8wRxwyryVOEKXW5","tlshash":"61a2934d23f73e77378ab2e09be9d122c774a4d1399b04b0f93c667da52549201ee7a0","first_seen":"2023-03-07T01:16:44Z","last_seen":"2026-06-08T22:35:33.735126Z","times_seen":5017,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/logo.jpg","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:04.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /logo.jpg HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:04 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 21341\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\netag: \"697b6624-535d\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oRtLsi1snLpQfLXigBD392ZfnYsxhvxPZPKPQkFLTpxHnvkXV2SOz1pIXRmC95VVIamr3wKxa6SgWKvl3ed0aV5RvBI4ujDlOTKkYZqnQ0VoG4F7ffZJ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c6aa78d1cbd75ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21341,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.3], baseline, precision 8, 400x400, components 3","md5":"05cd5b256514065eee97fa76ceb1d5e8","sha1":"7beb572b558c23b2d4fefc12495c4961b56a0bb9","sha256":"26a432de9acc4a03a68b899b48bcfba700adb9317ee1dbbe28fe0eefb988f77c","sha512":"8f994cccb174c57e41f07ebf19da36afe0fa0a4bb88418230d499b212bf64a723cc613f26eee11ed573d30828e9229358e1a994e00c8710b92fd0d1e2b2696a8","ssdeep":"384:CkJR+GkH0pne4DMl22hCNm7PjCjtHyJ1sApgINbAzdW5B7v9/+X80y:fR+z13rhCN0PjYpQbAzdW7L887","tlshash":"cfa26bc6cfdc0176cdc82676e4840586abb81e5cadf012d115b2093f3f9995c32e89be","first_seen":"2026-01-31T16:41:29.732475Z","last_seen":"2026-01-31T16:41:29.732475Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fdeeplab.desktop.umd.js%3Ft%3D29497961%26u%3DDFEVxoxB2OhOFVhvGDY5MjU2NDNjMjhjZmYzYzM0MDI3YTQ2Ob5-H5Ar3fQ2yWWhsg","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:05.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fdeeplab.desktop.umd.js%3Ft%3D29497961%26u%3DDFEVxoxB2OhOFVhvGDY5MjU2NDNjMjhjZmYzYzM0MDI3YTQ2Ob5-H5Ar3fQ2yWWhsg HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:05 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\nvary: Accept-Encoding\r\ncache-control: max-age=2592000, must-revalidate\r\netag: W/\"a0502-14+i6Bt7XM8ofHk8WpmFyqoPYWI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=deeplab.desktop.umd.js\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 01/31/2026 16:41:05\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: 5a7343551a86b463b3da3ed17a96eb60\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yGB%2Fu439t16ZKDvh440SzSrZwwrTiziOG8S5Eni3aBNlSSt9r2OV7%2F%2B1kMptSJQj7Vgrs%2FCdBGHWhiUjItaTFey886AryBlGdUxSx2tpRR%2FAYpv7Yzc6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c6aa7905ffe75ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":656642,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-08T13:18:27.600009Z","times_seen":2556,"resource_available":true,"data":null}},"time_used":604,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":421,"receive":183,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/gridsome.plus.min.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:03.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /gridsome.plus.min.js HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\netag: W/\"697b6624-5a7df\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WKtQWnpB%2FhjgBsE6bo3XjNM8Lrerrkuwzg1mgfHCzbowYLAnqSVt2kM6uIjI%2B7zsc2C9biv3JwHjf3WSGMS1pq79mTCdgwKas6uArs081htTrc8b3X%2FF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9c6aa783fcec75ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":370655,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65159)","md5":"b1070b961675253e6530490564d6e433","sha1":"2a003903ee23c703d9c18d0ef6acbf559ff2b9f3","sha256":"a8c3236a266a9972cbb3e5f34d9a99f3afd9eac142e48aca7b4802083b6bf98c","sha512":"dd3847fce922b4d068d2a7c3ef773154f8ec3013ad9c9289a4af61928d53e67a1c6cf5f34b97cbe5f9c04b7f84237cce5638cad3cadfb82e28f34a0fb3a34dfe","ssdeep":"6144:LW80XxuzZAOL0ZS/Rt27Jvm0lKT1iNdcU2RwHFzTLYkwlRbcYk3gaGbYk3gttj3Q:LGo1AOL0ZS/Rt27Jvm0lKTY3ctwHFzTy","tlshash":"2f744f9a0caa66cccedd90504538d89cb9c01c468bfd9f75e98ef39af48047154ef29e","first_seen":"2026-01-23T23:57:15.23163Z","last_seen":"2026-04-30T11:07:04.994304Z","times_seen":180,"resource_available":true,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-birb-allocation.xyz/endless.js","fqdn":"www-birb-allocation.xyz","domain":"www-birb-allocation.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www-birb-allocation.xyz/","date":"2026-01-31T16:41:03.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www-birb-allocation.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 13:45:04 GMT","end":"Wed, 29 Apr 2026 14:43:39 GMT"},"fingerprint":{"sha1":"28:52:50:8E:05:29:15:D1:08:90:5C:95:98:4B:6E:28:47:A3:CF:80","sha256":"4C:F1:E4:E1:08:9D:68:5E:62:12:3F:E4:64:62:62:9B:34:C9:CF:81:E1:F6:B6:A5:DF:B4:CF:E3:B4:A5:E3:A6"}}},"request":{"raw":"GET /endless.js HTTP/1.1\r\nHost: www-birb-allocation.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www-birb-allocation.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 31 Jan 2026 16:41:03 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 29 Jan 2026 13:52:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=goGn%2B2KPOShe%2BZ1xXrJgY%2BXrNyUatcyOBSJ5rypMOKCvDT8XqX0JhLW0D2AoY2nM7%2BJ34JMaRKvzw2tKVMYsD1%2FKIMe9waoA9F3WYv9tvwSjEhpj4GEw\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9c6aa7840cf175ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"www-birb-allocation.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}