Report - ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0

Report Overview

Submitted URL
ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0
IP
104.21.55.221
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-02 17:41:38
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
google-verified.minimum-distreebutes.top	unknown			9.2 kB	1.2 MB	188.114.96.1
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.0 kB	67 kB	142.250.74.35
ld.sigma-distreebute.top	unknown			924 B	1.4 kB	104.21.55.221
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	432 B	6.1 kB	104.17.24.14
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.26.115.190
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	61 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.6 kB	9.2 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-02 17:41:54	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-02-02 17:41:54	medium	Client IP	104.21.55.221	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0	925 B	2023-03-07	2023-11-13
Pretty URL ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0 IP 104.21.55.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:04 Last Seen2023-11-13 08:49:20 Times Seen6 Hash 02aab42d7ed8f7926a940fa1f7813f65 4767108713b52690ed397ee9c43db932d289d4c2 39fbb42b4efdabfc14dc998871c18bebb8949b23cfca48a3f1a10b181268f104 Loading...

	google-verified.minimum-distreebutes.top/Ger-Lid/js/jquery.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL google-verified.minimum-distreebutes.top/Ger-Lid/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-25 06:14:26 Times Seen25895 Hash 4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Loading...

	google-verified.minimum-distreebutes.top/Ger-Lid/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-25
Pretty URL google-verified.minimum-distreebutes.top/Ger-Lid/js/bootstrap.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-25 07:37:29 Times Seen54569 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0	2.7 kB	2023-03-07	2023-11-13
Pretty URL ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0 IP 104.21.55.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:04 Last Seen2023-11-13 08:49:20 Times Seen6 Hash d2a6fafa966ce62c97f720da3f14e805 f3156ef7c14a8314747323441a67e569ff33a6b6 e7602cdf643f04524a3936a7cd275b62c0bc87b7fb199393dc6be48eac6ac5a1 Loading...

	ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0	455 B	2023-03-07	2023-11-13
Pretty URL ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0 IP 104.21.55.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:04 Last Seen2023-11-13 08:49:20 Times Seen10 Hash bfd63c6a30babcbbba7e41c0ac03913f 9dff50d252afc99112cc75e60c0dfc341b794255 b8632d0d4f0c9b842430d71c299eaba7e88b90847026fa55088db8585b532b06 Loading...

	ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0	777 B	2023-03-07	2023-03-13
Pretty URL ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0 IP 104.21.55.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:27:04 Last Seen2023-03-13 15:10:40 Times Seen1 Hash 81a0f388c6a3269ba35088b70707396f fe1dc05df034e6e5248398142e3ee46c3e899655 7fa2acc97ed19af131d54022908e1f9e51175ba1cf00799168e3d176578092a5 Loading...

HTTP Transactions (60)

URL IP Response Size

ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0

104.21.55.221

301 Moved Permanently

0 B

URL HTTP/1.1
ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0
IP
104.21.55.221:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0 HTTP/1.1
Host: ld.sigma-distreebute.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 02 Feb 2023 17:41:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 02 Feb 2023 18:41:27 GMT
Location: https://ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6IbcM6%2FCUo1AbHMP%2FNMoyQMPBS5qaAbwkvoEOdrFCHCXqN7ug2NVQwok6wKOxY0d9o7UZXMAm3PFbPTzuWvrTs588n1U6qNDvIfDbvyljFwzXMHN%2Bj0k89F71OxntRBiNq0s0IiNPceOUM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7934b7c0ae781bfa-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7434
Expires: Thu, 02 Feb 2023 19:45:22 GMT
Date: Thu, 02 Feb 2023 17:41:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5893
Expires: Thu, 02 Feb 2023 19:19:41 GMT
Date: Thu, 02 Feb 2023 17:41:28 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 16:43:31 GMT
content-type: application/json
age: 3477
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5420
Expires: Thu, 02 Feb 2023 19:11:48 GMT
Date: Thu, 02 Feb 2023 17:41:28 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WeWKEANOG28uH9Fyd6TWdNo2B/1vFHzdn3qp621QZzart9qqw6ct2PW2WyG2lE5ofSbR4/BZNFw=
x-amz-request-id: GR8YVJYNNVD4ARQP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 16:52:03 GMT
age: 2965
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/7kLlj_uIIPA

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/7kLlj_uIIPA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8d2809f008cdb862c724683c2ad27e5b
3e1c9d5c1a510f6e74d581f6037430231185cfa4
cf8116b7067945aad36111993e2da61fec9afe462044480471e319016f55c08a

HTTP Headers

POST /s/gts1p5/7kLlj_uIIPA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 17:41:28 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/7kLlj_uIIPA

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/7kLlj_uIIPA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8d2809f008cdb862c724683c2ad27e5b
3e1c9d5c1a510f6e74d581f6037430231185cfa4
cf8116b7067945aad36111993e2da61fec9afe462044480471e319016f55c08a

HTTP Headers

POST /s/gts1p5/7kLlj_uIIPA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27303)
Size
5.0 kB (4972 bytes)
Hash
fb68fcb5e0519fb76559c9ab267f8f3f
b96c07f9ef44dbecb4ec4d1cb4a0b30a210f9825
8d0f29c4b3a8b511e6a46bc29ab3d96566fb244fdca5003156c04ea6b65cdd71

HTTP Headers

GET /ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:28 GMT
content-type: text/css; charset=utf-8
content-length: 4972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-6b4a"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20645283
expires: Tue, 23 Jan 2024 17:41:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVuHQkzC7Kw5GibBZrK8C16sn2rWwcvn1qU6evqPZ8wKVsM8PX8DbURLMeizvf7YZsNbj8Ute2zNWisJNwJ%2BT4oemP2Dq3KHkd0tu1rXf9bQ9S0yluhhKPplhf2qf%2BH9JMa5ySII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7934b7c4c85fb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/JVoFHSANMyI

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/JVoFHSANMyI
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
18bd2c44900fad1ea70d696221f06372
8e822019fb3003d90dbc6e007ee0e47564d654d9
c20f860598f8cf98b9942441c5c4bb1a89b2abe5ff0e5016e609cec91aa0e965

HTTP Headers

POST /s/gts1p5/JVoFHSANMyI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/JVoFHSANMyI

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/JVoFHSANMyI
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
18bd2c44900fad1ea70d696221f06372
8e822019fb3003d90dbc6e007ee0e47564d654d9
c20f860598f8cf98b9942441c5c4bb1a89b2abe5ff0e5016e609cec91aa0e965

HTTP Headers

POST /s/gts1p5/JVoFHSANMyI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/JVoFHSANMyI

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/JVoFHSANMyI
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
18bd2c44900fad1ea70d696221f06372
8e822019fb3003d90dbc6e007ee0e47564d654d9
c20f860598f8cf98b9942441c5c4bb1a89b2abe5ff0e5016e609cec91aa0e965

HTTP Headers

POST /s/gts1p5/JVoFHSANMyI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/JVoFHSANMyI

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/JVoFHSANMyI
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
18bd2c44900fad1ea70d696221f06372
8e822019fb3003d90dbc6e007ee0e47564d654d9
c20f860598f8cf98b9942441c5c4bb1a89b2abe5ff0e5016e609cec91aa0e965

HTTP Headers

POST /s/gts1p5/JVoFHSANMyI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/JVoFHSANMyI

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/JVoFHSANMyI
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
18bd2c44900fad1ea70d696221f06372
8e822019fb3003d90dbc6e007ee0e47564d654d9
c20f860598f8cf98b9942441c5c4bb1a89b2abe5ff0e5016e609cec91aa0e965

HTTP Headers

POST /s/gts1p5/JVoFHSANMyI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 17:07:19 GMT
age: 2049
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/list.png

188.114.96.1

200 OK

13 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/list.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 469 x 77, 8-bit/color RGB, non-interlaced\012- data
Size
13 kB (12844 bytes)
Hash
b68e28b46c391b1104496e70ea464aff
550aa5e54a0ceea01410e33664c0ce5dea8255cf
0a1d7f48617db2b2f7c4d2b29c4f1a06e508972de692bd23b4b4a9362827036d

HTTP Headers

GET /Ger-Lid/img/list.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:28 GMT
content-type: image/png
content-length: 12844
last-modified: Mon, 30 Jan 2023 13:13:29 GMT
etag: "322c-5f37afb396c8e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxh6JZ9BffVOomK73fNWOtc8Atoil6LR0ZQnOnjz5FsvF84Qs4%2BSytRKK6LbvXA5p%2B04KsRqqNzO7sI2azD9Qryxq61PWAkHtpruaE3fKz3NWxYNsA%2BuJbcQIWkjnXk4ry1A8Y8vBL%2FDEiytvJ1gtZkBkVJtIsY2P4mo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df901c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/discount-sale.png

188.114.96.1

200 OK

3.2 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/discount-sale.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 41 x 39, 8-bit/color RGB, non-interlaced\012- data
Size
3.2 kB (3244 bytes)
Hash
fd59fd55c3a364828846fe9d4e1b28d9
c96ad8497c60d2e409f0dd13f4670925946016cf
98af10efa1c0941653a763107804225fd48918c891b84d8becfd2b16f4e4281a

HTTP Headers

GET /Ger-Lid/img/discount-sale.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:28 GMT
content-type: image/png
content-length: 3244
last-modified: Mon, 30 Jan 2023 13:13:37 GMT
etag: "cac-5f37afbb0e752"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSXlRIWKpsyKGlWX2SsPG8YqszCIl4xFBMuKeJMm2OSxxLhzd33qjeyZGeBxEXfuky3BXgKAunKLDgHExgtlxcp3vhqROV2ZUUi0kLIe%2F6hDqcoDYECN7pMCMeDgMNg13Y6dl203IIT1fnTFQ6fuXE0uvBUO0ICJJ%2FAh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df931c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10227
Expires: Thu, 02 Feb 2023 20:31:55 GMT
Date: Thu, 02 Feb 2023 17:41:28 GMT
Connection: keep-alive

google-verified.minimum-distreebutes.top/Ger-Lid/img/hjjhyts6a5a.png

188.114.96.1

200 OK

40 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/hjjhyts6a5a.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 276 x 159, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (40222 bytes)
Hash
30c93ac90a972909a237027f0ea0f0cc
2a7b35facdd91c4ea3a9fb5e875a008c5c1ee888
bf774101379cf43bf56f39761b7160c8b1ddb1fd352a4c6875a9d6876592bf5f

HTTP Headers

GET /Ger-Lid/img/hjjhyts6a5a.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:28 GMT
content-type: image/png
content-length: 40222
last-modified: Mon, 30 Jan 2023 13:13:33 GMT
etag: "9d1e-5f37afb70539f"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSakWrTPUvbT%2Fda0ml0JyEVorkG9NIHDZSY8mVl1AIldn1%2BWezWiyeL3wt29UDWsZvCuZ0J%2F0bEKpjVzUon5MoV%2FC4Q2Srd6evCy%2BoBPCP31eqiLhE8fInTVEg6do8MrdA7q%2B6xgztCOOiAgmOB%2BA8iG6c4D2k3n0ABU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df991c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/Hyjuy765shgTs.png

188.114.96.1

200 OK

27 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/Hyjuy765shgTs.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (27101 bytes)
Hash
21e757f4b0f38cde7562a1a3caf55c98
3a1d50799627f18da807b1453db38cbfa9d22932
971b7cd6713c1d3b430dbdfb7b3467363311660be9b8a954038cdac208a9db1e

HTTP Headers

GET /Ger-Lid/img/Hyjuy765shgTs.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:28 GMT
content-type: image/png
content-length: 27101
last-modified: Mon, 30 Jan 2023 13:13:33 GMT
etag: "69dd-5f37afb68aaa1"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ%2F2aNf%2BEqMsox2XyQofCPjLRcEajHBfeLbwb%2BUZV7iTc0VcB96hNl%2Fq1adeRWvJK8DEVNgvCgH2wC%2FmwyYezkHY9VD1vmmOSXNMxVxw8eParNLpj23T3RoXszFipeR82uxispZYF1DA5FqT%2F5Q7wAVdgFRFWVOGPyEN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df9e1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/JVoFHSANMyI

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/JVoFHSANMyI
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
18bd2c44900fad1ea70d696221f06372
8e822019fb3003d90dbc6e007ee0e47564d654d9
c20f860598f8cf98b9942441c5c4bb1a89b2abe5ff0e5016e609cec91aa0e965

HTTP Headers

POST /s/gts1p5/JVoFHSANMyI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

google-verified.minimum-distreebutes.top/Ger-Lid/img/vfgt5ygtsx4.png

188.114.96.1

200 OK

57 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/vfgt5ygtsx4.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
57 kB (57111 bytes)
Hash
cfe6c75a0e0989fc9a1d42ace80554bb
afb677c31fa43d28d6af0a6d8ae00945ce2df6fd
a2c82e9484658f0b0c6bfc71dbf057dbd0db5e1346c738112ff51be4deb7c829

HTTP Headers

GET /Ger-Lid/img/vfgt5ygtsx4.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:29 GMT
content-type: image/png
content-length: 57111
last-modified: Mon, 30 Jan 2023 13:13:35 GMT
etag: "df17-5f37afb9091c0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6Kt4Ctyd148dPCoQ%2FOX6EvKjdVMGuTQUe%2FHirYjzGb1M0eugyg5U0uWKl1B7JD%2BXjYQB3UrYz83Sh4wt4BBPvAJI77aBCIDLOXC5poFP1DL12mssVVhnvpSB1CO4%2Bfe3K7KKwpg8ExRiGbMpNsMp0FIjTDtOtfw3njc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df9d1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/footerimg.png

188.114.96.1

200 OK

65 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/footerimg.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1223 x 146, 8-bit/color RGB, non-interlaced\012- data
Size
65 kB (65298 bytes)
Hash
ec197572f97d9c4cc77fd6bd51321b88
071ce596841f15368c647ecc1c2d6ce5674f3fdb
1282ccda060f45671637a672373f5dd5a6c70a05ec73c1206d012dcf1a3a58a3

HTTP Headers

GET /Ger-Lid/img/footerimg.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:29 GMT
content-type: image/png
content-length: 65298
last-modified: Mon, 30 Jan 2023 13:13:44 GMT
etag: "ff12-5f37afc1074eb"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYg50ngGcO3rqsxK77sEXY8nzHPztRRJ0Zcsl2N8F6lcAcCxsE59uo4AVC9N6GCMunsQT1OE7uoJSId8W3BGWcqqA9unaroTkeeSR3DJLsITFiLV4gkQblq2FV3HqDj9qSpYuuhhX5VR108Pe9EgWzLCKddhjW%2BdFcZM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df9f1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/edeka-gft.jpg

188.114.96.1

200 OK

59 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/edeka-gft.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, xresolution=86, yresolution=94, resolutionunit=2, software=PhotoScape, datetime=2019:03:22 16:29:41], baseline, precision 8, 300x250, components 3\012- data
Size
59 kB (58839 bytes)
Hash
add772d4cb641da1ae3e6ac10eb5dc7a
a87ce22192d62e860d6d4ab36ff7aa259ff26e54
4c9d6c0125f4db6947fe4e49bf0d673d126ced7fb9158ac5d8961062c8a50738

HTTP Headers

GET /Ger-Lid/img/edeka-gft.jpg HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:29 GMT
content-type: image/jpeg
content-length: 58839
last-modified: Mon, 30 Jan 2023 13:13:29 GMT
etag: "e5d7-5f37afb31bbc0"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3bN7X%2Fuonj8o4%2F8vp%2FUaL72OJBvbSZl1NU2QnQPzMC5ErZjGO%2FbkEj8WRu49vtvNgHddbOt%2FgF4lHxLVK%2F2iH7B%2BgFJa%2FNfqwAD14aBRJL3apjM1EW3SplJthbrlo9f9G6s74D6kBmx0FPofXh%2Bs4uZK0MVzgn9EK%2Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df951c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

google-verified.minimum-distreebutes.top/Ger-Lid/css/custome.css

188.114.96.1

200 OK

11 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/css/custome.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text
Size
11 kB (11165 bytes)
Hash
8da2a6ad5351dca4bc507ed8fc7690c8
e0cf5b7e58473a71cb1403da6ca97efe8b51976a
bdab9374c297868989ed9ba74ac9f64b118a9eced573ac8369cad2e2d3c8c569

HTTP Headers

GET /Ger-Lid/css/custome.css HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:29 GMT
content-type: text/css
last-modified: Mon, 30 Jan 2023 13:13:46 GMT
etag: W/"aa2b-5f37afc2f3822"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyY9aXejoTFNNEE4Au%2BXAmxyf8N4udCJ%2F8c3y6%2FgkXrra7zqYNxCNs2yHqrYuHlrYiBzshDf3t5LPT8CKWYcZu4eveqo%2FjHTOFtiNflGhQ%2BTiNNdIWFYKGa84%2B9SM6xO9dBY9WlZpNsaj0zRFCFVZfoZC3c70UqhzQ3S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5dfa71c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.26.115.190

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.26.115.190:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BcifrXnocxEHRD9V325CmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lkzJWdMkFpHIoxOydObUeWMIaeU=

google-verified.minimum-distreebutes.top/Ger-Lid/img/GffdErs45s.png

188.114.96.1

200 OK

46 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/GffdErs45s.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 248 x 213, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (45563 bytes)
Hash
ef3035f816b6d9c55c00ed8acb6be82b
97505dc852f71dedd09bf1feb3482e58bcb0d6bf
b680105b5dd97156bc2034f258b99035f72e1ded90b9766847e0d81d49980b39

HTTP Headers

GET /Ger-Lid/img/GffdErs45s.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:29 GMT
content-type: image/png
content-length: 45563
last-modified: Mon, 30 Jan 2023 13:13:30 GMT
etag: "b1fb-5f37afb412913"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNef84yJ64yBbKFI%2F9lc9V0L7ypoHRqDmlFPGXD8%2BP64Lqby%2FC7lH3pB7qTZg8%2FWYwVXehnkMFfoBrospo7cn5DLkEuDJXvanm%2BU86ZSIsqidLeiN5cg%2BV3Rc7sTErQq%2BZEJ1cyg4xoRylBzOlFoUa1PSggyzfz5zv%2BP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df9a1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/prds2.png

188.114.96.1

200 OK

413 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/prds2.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 564 x 848, 8-bit/color RGBA, non-interlaced\012- data
Size
413 kB (412982 bytes)
Hash
85c7a7e945586ad44ca4d603bd4236d3
5dc853cab018a4751bf3de6f001cf967759cb040
3845bf0ea8f2b24ead98dbfe9a513403506ce4f974aa5725779dd68bfafd243e

HTTP Headers

GET /Ger-Lid/img/prds2.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:29 GMT
content-type: image/png
content-length: 412982
last-modified: Mon, 30 Jan 2023 13:13:36 GMT
etag: "64d36-5f37afb994078"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ShN4k%2FPcPNthAK3Wn3xQGaJHiV%2F4r13HUSN6%2BzK95IKmHT1u994a7pv0onEP1lEhiIA1IGB%2BiC9woHwqEM8uHccOUkkItL0eS67nHDph%2FuLp1wXeiiapma%2FT3kB1bK4msZ8cHO4jh8WQzd%2Fbtwgc8UKBK4g2uVhLBdo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df941c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/sml.png

188.114.96.1

200 OK

5.9 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/sml.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 242 x 42, 8-bit/color RGB, non-interlaced\012- data
Size
5.9 kB (5887 bytes)
Hash
86e68b267fdddd964f45cb140f1bc06d
55520b4634806594315112b0817ee08e92269939
1ea36fe63a8b27edbb9b0c0490a94a2778665f8d9df7c37be2e0dd3dda60bb4e

HTTP Headers

GET /Ger-Lid/img/sml.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:30 GMT
content-type: image/png
content-length: 5887
last-modified: Mon, 30 Jan 2023 13:13:40 GMT
etag: "16ff-5f37afbe0d147"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoAdCTOd5oqfcHfLjsMwxcldSmwf816e3VGPNzufiJhP4W9XNwGjN3dzfoJEDsJWLjoPzMo7szxKhfN%2BGvSw0GBbnsFwqzvusxEmkhy05GNPm%2FFgBR%2B4c9xn1YieYRBK6tzIEcXe50MdO7Wwi%2Bm%2FW0FSsvzxkt7duby%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df921c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10189
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:41:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10189
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:41:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10189
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:41:30 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10189
Expires: Thu, 02 Feb 2023 20:31:19 GMT
Date: Thu, 02 Feb 2023 17:41:30 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5356 bytes)
Hash
7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 69592
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8642 bytes)
Hash
0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: f47f7616-41aa-4983-8ada-20f6f0b6856b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frfXtHkUoAMFr1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadf64-083a903959cdab540bd38265;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:53:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UqoeSWse0jZAC3IEIWk5fj9q_4xsAoZRkn67U4m2L5NkayHxsAYmlA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:35 GMT
age: 70855
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8944 bytes)
Hash
b9af1fd56c0de8f128ddce88d49c1b4d
e3bb3d4950f7c0267f4476eef21872da332831aa
908153182f76362ff329803d9c11c06c66181e85e8e51dabd927f1f1ac630d5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3cca56-2e75-4efc-8090-c33c65a99f80.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8944
x-amzn-requestid: 07495184-ede8-485c-94e8-5302ec348ea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: freiLHRPoAMFYbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dade0d-275437a54eceb40e302a7f55;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:47:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: e0zaXjoBKOmsY4fPEbl1SWCBxetMssmszZug0-epLq-X5rGb5zKHZw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:36 GMT
age: 70914
etag: "e3bb3d4950f7c0267f4476eef21872da332831aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11367 bytes)
Hash
395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 71019
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4814 bytes)
Hash
86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: axFfTgcGtvqt1RcbyLpovD5Fr7J2Wx9pNwb92m2rwTdj-sGp0bIq-Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:10 GMT
age: 70940
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15857 bytes)
Hash
4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:16:08 GMT
age: 37522
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/bhgftys.png

188.114.96.1

200 OK

56 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/bhgftys.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
56 kB (55807 bytes)
Hash
1326ba05eaa2d29dc3d9f426926a3ed1
441cc7e4ad9c8b27e4835bff1a27548109c495e3
4ebf2ad6e41608b1a791606be3eb2d9bad45ee17e42bd9c90eb73e5242b11b25

HTTP Headers

GET /Ger-Lid/img/bhgftys.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:30 GMT
content-type: image/png
content-length: 55807
last-modified: Mon, 30 Jan 2023 13:13:41 GMT
etag: "d9ff-5f37afbe8765c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6meLGK%2F6t0Pbdf2K0%2BaE%2Fl3IwJWM1qiqlCh7FvsFE8gBmfl9%2Ficq3TNtohucpzjUfpmWoc3emmchxC0GdjKEc9ZNQEZQFWwL4S%2BXUrcohFjokGPzOMlz5Uf6PRXPl4czLKYQx89BGb05DRzqZ27aHloJdJ418s05u3%2Fe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df981c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/googleplay.png

188.114.96.1

200 OK

24 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/googleplay.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 521 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (23500 bytes)
Hash
76143eb68c85ac639733bf66877ece1b
2dde6f06fc6362fb8d2718131a11fe9362612880
21dd6800c90c1e85145598e898aa0bdacb5478a2eeefaa3e25c932a60eeb16b3

HTTP Headers

GET /Ger-Lid/img/googleplay.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:31 GMT
content-type: image/png
content-length: 23500
last-modified: Mon, 30 Jan 2023 13:13:30 GMT
etag: "5bcc-5f37afb48ddc9"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaegu78eohtW5GeehJFJpk%2FZ%2FPWJOkmUMwIpKzwe4fW%2F2g5X1T7gDlhPa032YidTOrF%2BS4q%2FFdfTl4U0nbgFf3yFE%2BGa4XWUJh%2BC4STAx9izdzN4PZRqvS2Iyz6UA%2BiAYiqUJ1%2FHqRJJ7wfckD%2Bj9r4XpDmYfb9ffSZC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5dfa01c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/6tystRes.png

188.114.96.1

200 OK

84 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/6tystRes.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
84 kB (83918 bytes)
Hash
ce541b05487e02153b68f8da226e1130
0e7d02e12dc8854ebabc6a9a9271e67c01d95fc1
875983a4d8ce5b1c5ad867dbb884a40e05d29bcdbf790159a072b4760fcd1e9c

HTTP Headers

GET /Ger-Lid/img/6tystRes.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:31 GMT
content-type: image/png
content-length: 83918
last-modified: Mon, 30 Jan 2023 13:13:28 GMT
etag: "147ce-5f37afb297e51"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIPp7%2BayUoSkp5zkSBhDE%2FbzIuSuyIq87xO5K7AhHvzFOLgQV8C3x9e%2FY%2Bu1iJqcUMbXDiX900MHSFIOMO8x7bWyZ0o%2BaRGph3FGO4ZTU8%2B4OB8LzAWhGPYXdaA%2BMHiJrdNMYNAH3ZQVko04Pl3CxZ%2BvkOE3Bc7GC1mc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5df9c1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/mobil-footer.png

188.114.96.1

200 OK

152 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/mobil-footer.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 620 x 1707, 8-bit/color RGB, non-interlaced\012- data
Size
152 kB (151636 bytes)
Hash
e27a48dbc10982d3efa861e73c4a3a11
feb56f47bf5b60b1b237d4f9db8d2c7d662bb78f
25fb261ea99b4b194f752ccdfca4b97d6648479b9aafebbad5a69d6ea7112e75

HTTP Headers

GET /Ger-Lid/img/mobil-footer.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:31 GMT
content-type: image/png
content-length: 151636
last-modified: Mon, 30 Jan 2023 13:13:31 GMT
etag: "25054-5f37afb50b5a7"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FjsERtRkZQW3VX%2BNp%2F7RDyA7GvYF8zpbC%2FfyZK3Qm73htIKU5q2X%2Bzu62U%2FK1agPyAfdvdruwVVoFH0kVEUTjfP1wQzpw7PVJU8mUA2tPDARhXWJZnBqAKm5S%2BmuD4SRdXfUn7QsTBx3nk%2BaWUEakU8oC5U%2BSbiuEiT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5dfa11c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/prds.png

188.114.96.1

200 OK

139 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/prds.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 535 x 472, 8-bit/color RGBA, non-interlaced\012- data
Size
139 kB (138951 bytes)
Hash
d37ee4a1cb7b9cdd835507110c9df69d
da134dffd7645ac30b554f51a02118c8744a77e8
1594e321177fa51c438971c68609bd82297cea5c4bfbf54b8f8c0395cd679197

HTTP Headers

GET /Ger-Lid/img/prds.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:31 GMT
content-type: image/png
content-length: 138951
last-modified: Mon, 30 Jan 2023 13:13:37 GMT
etag: "21ec7-5f37afba951dc"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVYwfTfw6oL0m6CMY6htDb%2FOAZrZJ9U53UCB8irpOt85jcRCyRrYMqLXQ0xJ%2Fm4s6NU%2BQRzti63m9BD6ZHYJU3t7yqwyeDVlG5EVp5oEKgKBQ%2BxKzu%2Fr%2BIocEAEjd246HhKYMDoLTs0gNmMhA68jszxc746x9TmvgZ5d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5dfa31c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/img/flag.png

188.114.96.1

200 OK

250 B

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/flag.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
250 B (250 bytes)
Hash
9106b58cd67a757d34013ad61e826fcb
5f01f848404a402ed52a377b718236d444d3205b
fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f

HTTP Headers

GET /Ger-Lid/img/flag.png HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:32 GMT
content-type: image/png
content-length: 250
last-modified: Mon, 30 Jan 2023 13:13:42 GMT
etag: "fa-5f37afbf82de8"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzchMT02jDnv%2F0YcSmjadPPvUXMO%2FPrvp233GFGG4LUDXj9TiSCbA1LC7qWpGHQFSfQFJGI44GL02PzyMqHdr5HlzLnaDNqTADcskZIepsVKSr0ngWyoHtApvPY3eQjZD1Bl7ecxXQ1HL4UOcSV5DoFmHy%2BOP0cC5%2BvY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5dfa51c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

google-verified.minimum-distreebutes.top/Ger-Lid/img/logo.svg

188.114.96.1

200 OK

1.0 kB

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/img/logo.svg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1160), with no line terminators
Size
1.0 kB (1022 bytes)
Hash
0c47386c47dab8017f611a2bbe0a87c6
37c6f843e0dba16d1fbb8d3f01f0fd8cb448792c
9ca0019780e25039caecd96cfd4e2cfe585574e5f569dfd4a5f4f93a05416ac8

HTTP Headers

GET /Ger-Lid/img/logo.svg HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:32 GMT
content-type: image/svg+xml
last-modified: Mon, 30 Jan 2023 13:13:43 GMT
etag: W/"488-5f37afc08183c"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4nuZAb5kfVJ3C7zkGgL7opOvea09%2FLcuq9U9fxrxZZSUsK3XtVNPT4GWQnPhK%2B%2FY%2FnRa1HqdqJ2HzVlSH9hDAe%2FiTCza%2F5GECtPpoXzuWaHXM2YPeWco0bu0M3mdrfKnlffqWiqcqgSxsfU9TKkWsBnsKiacaeXmVhQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5dfa61c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ld.sigma-distreebute.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 329972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ld.sigma-distreebute.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 458083
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ld.sigma-distreebute.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 189146
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ld.sigma-distreebute.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 121773
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 17:41:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

google-verified.minimum-distreebutes.top/Ger-Lid/js/jquery.min.js

188.114.96.1

200 OK

0 B

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/js/jquery.min.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Ger-Lid/js/jquery.min.js HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:29 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 13:13:51 GMT
etag: W/"1538e-5f37afc7ce764"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETcOlIvyJocvYKhQPFFS2mucHJhmTuElfoD8ad0mkOEGUAgFGkFNkdfFdnD0fQ3pWNCp9AqfIvlgzPJ9e3cj%2BYcnncU%2F3KhNxxOSPT4LWBvd%2FAia4zR90dBNHK2H%2BO96eQoey2WTltlY1bv2jdKnS0rlHrq9O0sE0yzV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c5cf8f1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/css/animate.css

188.114.96.1

200 OK

0 B

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/css/animate.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Ger-Lid/css/animate.css HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:32 GMT
content-type: text/css
last-modified: Mon, 30 Jan 2023 13:13:46 GMT
etag: W/"df07-5f37afc36fc77"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSttXVs75NUwiz4uZYpCYWdtrUpKoRPkJ%2F0N6rNYItddQrJQJDddEhGTbCe%2FTWmx4IqnnMHMpbW6Pqj%2FcUd7OoFeHAy1tbtlcsyvFS3PQaWlrsLOuXbvsiP7qZqyhtQWZ7q79fVgKqVOs2l8edduDClHZc44e2hJf4%2Bv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c698421c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0

104.21.55.221

200 OK

0 B

URL HTTP/2
ld.sigma-distreebute.top/?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0
IP
104.21.55.221:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /?offer-verified=cy616jsggj050-aj209h663a173-kg058ym87mbe0 HTTP/1.1
Host: ld.sigma-distreebute.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:28 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BmKRZ0Yr0BPyDn38vtamNPHP7sXpYpXrW0agPgWCxWPA0UpMtXC90NuHWKPjJm2bw7ojMMGei3SfG7pLox%2BY%2FSBhJLCCs5z0E465147kxCNw63RMqvgkL4Um3ErGK%2B1EZyqqkq16NqERwA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7934b7c2d8b71bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

google-verified.minimum-distreebutes.top/Ger-Lid/js/bootstrap.min.js

188.114.96.1

200 OK

0 B

URL HTTP/2
google-verified.minimum-distreebutes.top/Ger-Lid/js/bootstrap.min.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Ger-Lid/js/bootstrap.min.js HTTP/1.1
Host: google-verified.minimum-distreebutes.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ld.sigma-distreebute.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 02 Feb 2023 17:41:32 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 13:13:50 GMT
etag: W/"90b5-5f37afc6d08c7"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgrrV36srbKBc%2FupyfUq7gDOiqWdfF3pRp0ShVtg7XT6yunA6FU%2Flskm7n%2FhywvEcVa%2FrqF1ksfAeRmKFNqa51HNr%2FEWsALCl%2FOKap%2BrxLDsODve5QFj6stD0%2F9Ogaxx9hJ4BDUiKolcU%2F4v24N5mMQWdx8vWUGUmK4g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7934b7c698441c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (60)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN