guardians-p2e.com/
77.73.133.46200 OK 2.5 kB IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f420a7d0c93788f97028eb2d431a95d4
a8721b474cbcd2ff921b14740079b0ef6bfa3bac
1f5c2ad4d6ac81a3ce9b51691d2069ff51da307d1984bf59adcfb760a268250e
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2548
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:15:50 GMT
ETag: "3cc1-5ef1cde4728ad-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6593
Expires: Thu, 08 Dec 2022 13:48:43 GMT
Date: Thu, 08 Dec 2022 11:58:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4352
Expires: Thu, 08 Dec 2022 13:11:22 GMT
Date: Thu, 08 Dec 2022 11:58:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 11:08:11 GMT
content-type: application/json
age: 3039
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4017
Expires: Thu, 08 Dec 2022 13:05:47 GMT
Date: Thu, 08 Dec 2022 11:58:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BtLMrz3t2SNkXM/kwjBqhvSlxlTWX0bUZoX1SwVPD/ISXCD9V4g6Zl4ucig7gqjBkvc7E2ayfFw=
x-amz-request-id: HEBDAYZ3YR59HDCZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 11:49:46 GMT
age: 544
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 11:58:50 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
guardians-p2e.com/style/main.css
77.73.133.46200 OK 5.0 kB URL HTTP/1.1 guardians-p2e.com/style/main.css
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
Hash 75ca553da7c8e4e0f7c228072518c3f8
b4a9887b557f9a3aa91f2568483b5da7a89ee944
8ceaaea9c0f90c11c4a91dea936afa1a1791360cf1935e04b15f51e5e438d4c6
Analyzer Verdict Alert quad9 Sinkholed
GET /style/main.css HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Dec 2022 23:16:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb8-53b1"
Content-Encoding: gzip
guardians-p2e.com/css/style.css
77.73.133.46200 OK 849 B URL HTTP/1.1 guardians-p2e.com/css/style.css
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
Hash 07eab8a39618011bf9ae41f1a5deea2c
feb357b7adf588e99592a60261be7412188a8945
29826d5b50ab774d4ec5612af79ad07619134e7ad251519dc1c900ad54dd1d0f
Analyzer Verdict Alert quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: text/css
Last-Modified: Mon, 05 Dec 2022 23:15:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7ba7-898"
Content-Encoding: gzip
code.jquery.com/jquery-3.4.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.4.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guardians-p2e.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 11:58:50 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670500730.dop231.sk1.t,1670500730.cds248.sk1.hn,1670500730.cds201.sk1.c
X-Firefox-Spdy: h2
guardians-p2e.com/js/script.js
77.73.133.46200 OK 204 B URL HTTP/1.1 guardians-p2e.com/js/script.js
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
Hash 3a0d927558e159cdbbd5d45363a9857a
bd5c0086ae15d999f0d2c3aea997bada741d9192
9927a924eab638ca0ea46c5f305e1ca2e0bb0d6fbfe5ce047fa294a529ba2286
Analyzer Verdict Alert quad9 Sinkholed
GET /js/script.js HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Dec 2022 23:16:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb8-148"
Content-Encoding: gzip
code.jquery.com/jquery-3.6.0.js
69.16.175.10200 OK 85 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.js
IP 69.16.175.10:0
Hash 416559bad4fc1149eba631e644a23a6e
20f8f18f94c74dbc1bde934719cbfa87d51828cf
37508a443be057a2fab1c4eee8d03632f406eaed15d09a26ac8dabe7877616e2
GET /jquery-3.6.0.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://guardians-p2e.com
Connection: keep-alive
Referer: http://guardians-p2e.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 11:58:50 GMT
content-encoding: gzip
content-length: 84714
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-46744"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670500730.dop024.sk1.t,1670500730.cds246.sk1.hn,1670500730.cds214.sk1.c
X-Firefox-Spdy: h2
guardians-p2e.com/js/slick.min.js
77.73.133.46200 OK 13 kB URL HTTP/1.1 guardians-p2e.com/js/slick.min.js
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type ASCII text, with very long lines (42862)
Hash 56a87b96b5d2b36115619f68b415b10a
1f7b1f564a157bbd05a8f2a5df40db96dd0a833a
b2249e4909f21c84aef1efc75b3ceebba5078ba6408cbbbb2247c8cc2a0a837a
Analyzer Verdict Alert quad9 Sinkholed
GET /js/slick.min.js HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 05 Dec 2022 23:16:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb8-a76f"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
guardians-p2e.com/image/dunnamed.svg
77.73.133.46200 OK 463 kB URL HTTP/1.1 guardians-p2e.com/image/dunnamed.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64841)
Size 463 kB (462653 bytes)
Hash e007b19dabd18b3871ddb5113ac9b5fc
6f48d525686bccdf48cc907f16a2b6343c153367
588df042f20b47b76d927020e3a93e217558ca180fb88948122d2719c794c490
Analyzer Verdict Alert quad9 Sinkholed
GET /image/dunnamed.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bad-922fa"
Content-Encoding: gzip
guardians-p2e.com/image/skreen3.svg
77.73.133.46200 OK 924 kB URL HTTP/1.1 guardians-p2e.com/image/skreen3.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (33638)
Size 924 kB (924065 bytes)
Hash 3e2c33cef0e0df0e5634360067061361
bff1bd70c374fb5185ee1c455964ad7697169c56
dc50b859fc5027735083db349847f329770d11a50dd672bdfae9b9c4a9a96e3d
Analyzer Verdict Alert quad9 Sinkholed
GET /image/skreen3.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb7-124092"
Content-Encoding: gzip
guardians-p2e.com/image/skreen6.svg
77.73.133.46200 OK 621 kB URL HTTP/1.1 guardians-p2e.com/image/skreen6.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (33638)
Size 621 kB (620919 bytes)
Hash 55fb75039bface4c69ead88d49097c7c
8573c4707f063f263f60f2a7c38797208a3d1c3f
4975dbc1fd92f9c43212dc18aec0b1dfcfe4ab8b70875ae24bb8ec6701fa62f5
Analyzer Verdict Alert quad9 Sinkholed
GET /image/skreen6.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb7-c41be"
Content-Encoding: gzip
guardians-p2e.com/image/invest.svg
77.73.133.46200 OK 1.2 MB URL HTTP/1.1 guardians-p2e.com/image/invest.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65153)
Size 1.2 MB (1197002 bytes)
Hash e1ed095f627b09a1ae2e48f03e3429b2
2505384e0053267b0c1b55a8b1302f1ea6ce6b03
83ff6b6c87e03dfb119cde507a98ee0758390546e83db4e5dd40365318e64180
Analyzer Verdict Alert quad9 Sinkholed
GET /image/invest.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb3-17a9e3"
Content-Encoding: gzip
guardians-p2e.com/image/skreen2.svg
77.73.133.46200 OK 1.8 MB URL HTTP/1.1 guardians-p2e.com/image/skreen2.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (33638)
Size 1.8 MB (1798932 bytes)
Hash da536e655099c9a942c1f03ed84f5ab5
3644ce5d9e954d69ca01d2f03b0c74cd9db47706
bb51cd42fd6506c85d2c717033befe765d14fff6c59736879dc8d13451affe3f
Analyzer Verdict Alert quad9 Sinkholed
GET /image/skreen2.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb8-238922"
Content-Encoding: gzip
guardians-p2e.com/fonts/SFPRODISPLAYMEDIUM.OTF
77.73.133.46200 OK 336 kB URL HTTP/1.1 guardians-p2e.com/fonts/SFPRODISPLAYMEDIUM.OTF
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type OpenType font data\012- data
Size 336 kB (335512 bytes)
Hash 51fd7406327f2b1dbc8e708e6a9da9a5
a5f5e08dd38cac2f857fb7510f7e92a2399b6f5c
cbfd17919856efcedabdd73781dad2984326928ae7c9635bef6227b1a7d71d21
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/SFPRODISPLAYMEDIUM.OTF HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: application/octet-stream
Content-Length: 335512
Last-Modified: Mon, 05 Dec 2022 23:15:51 GMT
Connection: keep-alive
ETag: "638e7ba7-51e98"
Accept-Ranges: bytes
guardians-p2e.com/image/header-img2.svg
77.73.133.46200 OK 258 kB URL HTTP/1.1 guardians-p2e.com/image/header-img2.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65127)
Size 258 kB (258503 bytes)
Hash 56aa445202f17bf7b8065546f3542399
40650e68da84f11330ff60bdd2f28838351f52f9
c2700c7eb9f3ae283891284405b488443359a66d66b8f02b4c8551595d8092b4
Analyzer Verdict Alert quad9 Sinkholed
GET /image/header-img2.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bae-51f03"
Content-Encoding: gzip
guardians-p2e.com/fonts/SFPRODISPLAYBOLD.OTF
77.73.133.46200 OK 335 kB URL HTTP/1.1 guardians-p2e.com/fonts/SFPRODISPLAYBOLD.OTF
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type OpenType font data\012- data
Size 335 kB (334728 bytes)
Hash 644563f48ab5fe8e9082b64b2729b068
100e7b7fd24facbca4db38e6d4d7e01c73b82818
a981001f6d4e70292fd26fa8e05437c4a9f0f8c5981027ff0ceead01bb30311f
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/SFPRODISPLAYBOLD.OTF HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: application/octet-stream
Content-Length: 334728
Last-Modified: Mon, 05 Dec 2022 23:15:51 GMT
Connection: keep-alive
ETag: "638e7ba7-51b88"
Accept-Ranges: bytes
guardians-p2e.com/fonts/universalserifrusbydaymari.ttf
77.73.133.46200 OK 49 kB URL HTTP/1.1 guardians-p2e.com/fonts/universalserifrusbydaymari.ttf
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 40 names, Macintosh, Data copyright \251 URW Software & Type GbmH., additional data copyright The Font Bureau, Inc. C\012- data
Hash 9cf102572fdf09eebf84cb075409e03c
b8cbbe885a3192ba5a5bff2d96025ef15300c1d0
5790b8df07c700bf6577fe1b7d12b378069105ec2fb580774b9545e7f2128843
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/universalserifrusbydaymari.ttf HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: application/font-sfnt
Content-Length: 48992
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:15:51 GMT
ETag: "bf60-5ef1cde4d04ac"
Accept-Ranges: bytes
guardians-p2e.com/image/skreen5.svg
77.73.133.46200 OK 2.9 MB URL HTTP/1.1 guardians-p2e.com/image/skreen5.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (33638)
Size 2.9 MB (2911609 bytes)
Hash 0d515a7e94d632b6d3b1909235c4b37e
a9ca38f70ddba26e6aceed1e4aba01633acebd45
311bfee6f8e07eaee5f186385fa71363ec139d0ce743555d1ee35f48ee96d35c
Analyzer Verdict Alert quad9 Sinkholed
GET /image/skreen5.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:50 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb7-3974fa"
Content-Encoding: gzip
guardians-p2e.com/image/index-mainpage.svg
77.73.133.46200 OK 315 kB URL HTTP/1.1 guardians-p2e.com/image/index-mainpage.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64222)
Size 315 kB (314772 bytes)
Hash 7ea2ecc97a4f74040ab9ab51d2e026a4
86aac99d66f7e0230a18190962c216ce1f11410d
53d334f3595904e7f4989343d3ed96ba7173b141f6236320437bdce2ac6b81bd
Analyzer Verdict Alert quad9 Sinkholed
GET /image/index-mainpage.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bae-63c09"
Content-Encoding: gzip
guardians-p2e.com/image/favicon.svg
77.73.133.46200 OK 403 kB URL HTTP/1.1 guardians-p2e.com/image/favicon.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65143)
Size 403 kB (403087 bytes)
Hash 8798b18fa26ca5952641156cb5cefed3
4bb6d88a7908b94a6e15e271b85399ca722ffcfb
a5eb6b932e1fbb56d7855460f6f7d9fd46117f7cf28e1ca221fa9e7808142ba9
Analyzer Verdict Alert quad9 Sinkholed
GET /image/favicon.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bae-7f8dc"
Content-Encoding: gzip
guardians-p2e.com/image/gatplay.svg
77.73.133.46200 OK 3.6 kB URL HTTP/1.1 guardians-p2e.com/image/gatplay.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3781)
Hash 84e8a0b1d3316c7fdf51eb8a9e1c8b2b
4b672c44b0ac76471303664abc8d2e1c5a380a68
bf2659f66942962ccd15ebf83f9e6133c46841d8991be67b5da71a600e341661
Analyzer Verdict Alert quad9 Sinkholed
GET /image/gatplay.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bae-1fe7"
Content-Encoding: gzip
guardians-p2e.com/image/garapp.svg
77.73.133.46200 OK 6.8 kB URL HTTP/1.1 guardians-p2e.com/image/garapp.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (965)
Hash ed0f067dd5c541c957d478c67710686e
eea4e7edae9c043efa52486e7840b88b9d712578
2cf160d580968ac112ee74c684c07fd845832ff08274c455aa7d535a1cff193d
Analyzer Verdict Alert quad9 Sinkholed
GET /image/garapp.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bae-3afa"
Content-Encoding: gzip
guardians-p2e.com/image/vi.svg
77.73.133.46200 OK 448 B URL HTTP/1.1 guardians-p2e.com/image/vi.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 9cb34ac4596e5311d6e03d685b22a252
39ee3657426cc7fe97b551bccab2dcff5e3ce7ab
27c87740fb063006c3ed4447f370fabe23cdd274ececd8fc8d7c3f1460176f76
Analyzer Verdict Alert quad9 Sinkholed
GET /image/vi.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb7-410"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 11:07:58 GMT
age: 3053
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5791
Cache-Control: max-age=168271
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:52 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:43:23 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5792
Cache-Control: max-age=168272
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:52 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:43:24 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
guardians-p2e.com/image/vector-inform.svg
77.73.133.46200 OK 428 B URL HTTP/1.1 guardians-p2e.com/image/vector-inform.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash df04892084f278bf46146b6b193107e6
bf9b867ec7da6c9b982ac870c6a874da1c988610
7ed4b054c61353c90ceeae6cdd37eec338e2979c598076a33c9f58031c0119e8
Analyzer Verdict Alert quad9 Sinkholed
GET /image/vector-inform.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb7-507"
Content-Encoding: gzip
guardians-p2e.com/image/bord.svg
77.73.133.46200 OK 570 kB URL HTTP/1.1 guardians-p2e.com/image/bord.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65132)
Size 570 kB (570445 bytes)
Hash bbc6791b8f0a8c4139d1613fbe9a7044
b667a27072c31bc96d4f387a83fb647b136dbc84
63f685b70a012712e174b439625b04afecf2f4ffae67a9aa4e72b6b34d25382c
Analyzer Verdict Alert quad9 Sinkholed
GET /image/bord.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bad-b5580"
Content-Encoding: gzip
guardians-p2e.com/image/lend1.svg
77.73.133.46200 OK 683 kB URL HTTP/1.1 guardians-p2e.com/image/lend1.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64850)
Size 683 kB (683282 bytes)
Hash eeb28d8978cf867fc19de36989c448f9
e76908f630c47b30b0d3cee23069c3e36564524e
3ce967622ccdee5009aedfe9e96278c82e5ebde23be20de5861230b719e0efce
Analyzer Verdict Alert quad9 Sinkholed
GET /image/lend1.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb3-d8c0c"
Content-Encoding: gzip
guardians-p2e.com/image/image-road.svg
77.73.133.46200 OK 6.5 MB URL HTTP/1.1 guardians-p2e.com/image/image-road.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (22172)
Size 6.5 MB (6497517 bytes)
Hash dd9292a1d78f24691595f1238283ac23
003bc6e7722438c3df9cc287487bbfd139bc5d3d
8158de4f00b42363163325a6a807fec5ac8a59cb1da9acef5f2a7af218df3faf
Analyzer Verdict Alert quad9 Sinkholed
GET /image/image-road.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb2-82415b"
Content-Encoding: gzip
guardians-p2e.com/image/about1.svg
77.73.133.46200 OK 160 kB URL HTTP/1.1 guardians-p2e.com/image/about1.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (44524)
Size 160 kB (159971 bytes)
Hash 6b71ebcd1d6cd23229f76f0d5b93e9b0
c94d5c0b373401d39e0527f6f0e3740910ce9c72
7414a8fd2f3419cbf17f998ea70abf9b642688f68380bc927f9f8e498ec18953
Analyzer Verdict Alert quad9 Sinkholed
GET /image/about1.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:52 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7ba7-38654"
Content-Encoding: gzip
guardians-p2e.com/image/about2.svg
77.73.133.46200 OK 153 kB URL HTTP/1.1 guardians-p2e.com/image/about2.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (33891)
Size 153 kB (152586 bytes)
Hash c65f774e61c1fc5d799f085faab1c7f4
d9b71fa36599f026729cf20db402d9ec4870e4ef
2a54f432b0f59e19e28fef7238c76768abc8ffc9cb96205fd70c0cdae896b0fe
Analyzer Verdict Alert quad9 Sinkholed
GET /image/about2.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:52 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7ba7-33dd9"
Content-Encoding: gzip
guardians-p2e.com/image/lend2.svg
77.73.133.46200 OK 1.3 MB URL HTTP/1.1 guardians-p2e.com/image/lend2.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64850)
Size 1.3 MB (1273209 bytes)
Hash 7858761f4d08b0dc021149f9390625d1
a598dfa41539bc3c9be1bccab46004bf5208e359
d8993da6bc1f3c0fbe11fc0fd55498f5edc631768f6f3611b22f2be7caf2e8b4
Analyzer Verdict Alert quad9 Sinkholed
GET /image/lend2.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:52 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb3-195cc1"
Content-Encoding: gzip
guardians-p2e.com/image/lend3.svg
77.73.133.46200 OK 345 kB URL HTTP/1.1 guardians-p2e.com/image/lend3.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (64851)
Size 345 kB (344600 bytes)
Hash b6acb4727d7be4e915572a22e01730bc
f68d927cce23cc4d6b1adc0bb9129527d95f94ce
45790af40e63d0bfcab34aaf236761117209af03bdeedfc9840e47fee6cd0343
Analyzer Verdict Alert quad9 Sinkholed
GET /image/lend3.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:52 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb3-6d086"
Content-Encoding: gzip
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x/F+R453YFC70Ra5QlbWDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xAmwaCj0qEGH8ahsCwclPIKxitw=
guardians-p2e.com/image/about3.svg
77.73.133.46200 OK 161 kB URL HTTP/1.1 guardians-p2e.com/image/about3.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (44267)
Size 161 kB (160758 bytes)
Hash 0be4ccc1bc48d97f4ce79d9ce57bdc19
c94d8aeb8ae87edead414718f067d8dc6436c3cd
da2570e47e0581984af2c77f2e72818588c550a28309ee7b104c921732f3dc7c
Analyzer Verdict Alert quad9 Sinkholed
GET /image/about3.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:52 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7ba7-38c1d"
Content-Encoding: gzip
guardians-p2e.com/image/skreen1.svg
77.73.133.46200 OK 2.6 MB URL HTTP/1.1 guardians-p2e.com/image/skreen1.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (33638)
Size 2.6 MB (2558256 bytes)
Hash 6e5273617189e914f73bf840795c5970
8a7875892a6dd6f666c47c749a7045ade3bb409f
40c1088ae0291dd34b6a0b02ae4faa2d71862c859f091dd2bab9f05116d79b2b
Analyzer Verdict Alert quad9 Sinkholed
GET /image/skreen1.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:52 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb6-32888a"
Content-Encoding: gzip
guardians-p2e.com/image/skreen4.svg
77.73.133.46200 OK 2.3 MB URL HTTP/1.1 guardians-p2e.com/image/skreen4.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (33638)
Size 2.3 MB (2324662 bytes)
Hash 5afc0e65b45c52df4ec509c3a2c4871f
2e650480ba81b7367f4f1ba615d0448e772e8cbd
11a06f0577b205dd3e378b659906f59e9917dcc180c302d0939c60bf8ae69b42
Analyzer Verdict Alert quad9 Sinkholed
GET /image/skreen4.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:52 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb7-2de8eb"
Content-Encoding: gzip
guardians-p2e.com/image/footer-img.svg
77.73.133.46200 OK 403 kB URL HTTP/1.1 guardians-p2e.com/image/footer-img.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65137)
Size 403 kB (403090 bytes)
Hash fe64867fa23aa67c1154b1d8de69c28c
b135113a0cb295922d8b6a744472bf15a17d4819
c804beb70949aa45668c1e20ab58d5f5a967edb3b9a15b2b0c776064fe41c068
Analyzer Verdict Alert quad9 Sinkholed
GET /image/footer-img.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:52 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bae-7f8e2"
Content-Encoding: gzip
guardians-p2e.com/image/papir.svg
77.73.133.46200 OK 3.7 MB URL HTTP/1.1 guardians-p2e.com/image/papir.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65130)
Size 3.7 MB (3740362 bytes)
Hash eb003a8e6b8e73864de9fb0e45fde931
ae48b9fffcf0757e1178d7cb6db3c7f736d59aec
27cb3f2b65465fff6b7c10e97829e1c60a99f2d73ddc6dee45c74b82a81f81fd
Analyzer Verdict Alert quad9 Sinkholed
GET /image/papir.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:52 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb4-49deb7"
Content-Encoding: gzip
guardians-p2e.com/image/play.svg
77.73.133.46200 OK 2.2 kB URL HTTP/1.1 guardians-p2e.com/image/play.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (954)
Hash dc702b3a9d535f5ba518629716bd06a1
23c2019fc3487d9e82ae60b4afc0f9441facce94
7dbd0f20ed09aafb0a4c6cac72af58d0f48d7d1cf2feb73b16c1576565fb8aba
Analyzer Verdict Alert quad9 Sinkholed
GET /image/play.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:53 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb4-1b81"
Content-Encoding: gzip
guardians-p2e.com/image/tw.svg
77.73.133.46200 OK 2.7 kB URL HTTP/1.1 guardians-p2e.com/image/tw.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4044)
Hash 9f8fc473dc460d203e8fbf0879ddfb8c
2d57d8f662909913884cd2360a0898a6366122e5
cea056e3686aa546c39f7dc16e0aa7f4c407be6b0315defe14961bd5cecbc680
Analyzer Verdict Alert quad9 Sinkholed
GET /image/tw.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:53 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:16:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bb7-1bb9"
Content-Encoding: gzip
guardians-p2e.com/image/dis.svg
77.73.133.46200 OK 2.3 kB URL HTTP/1.1 guardians-p2e.com/image/dis.svg
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2652)
Hash ba152f8d7e0ada21aeaf549ef674b992
682c63a47eacd606a921faba1c0e8234be08d554
c241ccf44e9e9f7f8233060a665f08a15fbcd7e8ed5fc52583d27daeff4d1a1f
Analyzer Verdict Alert quad9 Sinkholed
GET /image/dis.svg HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:53 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 05 Dec 2022 23:15:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"638e7bad-15cd"
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6794
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 11:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6794
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 11:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6794
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 11:58:53 GMT
Connection: keep-alive
guardians-p2e.com/image/ok.mp4
77.73.133.46206 Partial Content 30 kB URL HTTP/1.1 guardians-p2e.com/image/ok.mp4
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
Hash 11f5d415716186f51f7aa39622253812
d6e19d7b506e53048ee837e6eff811e963d58c17
9896d219058a52c8a035ecdda97a9f92af76739ea22d2e5d19d89f8f01cc7719
Analyzer Verdict Alert quad9 Sinkholed
GET /image/ok.mp4 HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=5931008-
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 206 Partial Content
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:53 GMT
Content-Type: video/mp4
Content-Length: 30099
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:16:04 GMT
ETag: "5af593-5ef1cdf1b9f3f"
Accept-Ranges: bytes
Content-Range: bytes 5931008-5961106/5961107
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6794
Expires: Thu, 08 Dec 2022 13:52:07 GMT
Date: Thu, 08 Dec 2022 11:58:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7786
Expires: Thu, 08 Dec 2022 14:08:39 GMT
Date: Thu, 08 Dec 2022 11:58:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 44601
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wFqXeAYHSBcj85PiuqhV790clAMWg_NHMCO5Q5WARXDaohFWZdeCig==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:19:17 GMT
age: 45576
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:20:15 GMT
age: 85118
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 49529
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57be99ac898a37d73f2ba4a24f56248f
04e32eb45581201a6a1863200e4d139df48285e6
a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 46495
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 280c788841ca669f2c8556f03ee85b68
c15a4519a69eb6b5cc624344a7c3d99335a095d9
451a816aa2129c3a7712a01b96daee492ae2ab25c4940405063098f3b7ad10ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc231183-b100-4921-9a48-0bac91da0d2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6032
x-amzn-requestid: 22b80af7-87cf-4719-8bc8-927077cc3aa1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4hoFraoAMFpVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a3-42927c064ee65d3b23121b36;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -6j01fDKCX0VuXQjVKCm1nPOqSRuh9_Pd-3cgxbEKWhLzlL27hs0fA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:07:32 GMT
age: 49881
etag: "c15a4519a69eb6b5cc624344a7c3d99335a095d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 569452
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 587892
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
guardians-p2e.com/image/back.png
77.73.133.46200 OK 8.3 kB URL HTTP/1.1 guardians-p2e.com/image/back.png
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
Hash 4e8a440e8a5a444652229019769ab9b9
d68c72bf94b714712ad3cda98f2e0363d6ae5e46
d01d0bb7a8ab90c0ec55ab9f8e7da9d1643022f109963c453382155d6eec80dc
Analyzer Verdict Alert quad9 Sinkholed
GET /image/back.png HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://guardians-p2e.com/style/main.css
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: image/png
Content-Length: 8776698
Last-Modified: Mon, 05 Dec 2022 23:15:56 GMT
Connection: keep-alive
ETag: "638e7bac-85ebfa"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5c27a4ab37c6c8203d281ea09fa3e4a
0c36ba3df7510a76b2062ad1584e564592a45035
4eac9570f12e3959c4944baf4f232cd994291cd1dfe334ffc93ac4737972bdb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 08 Dec 2022 11:58:56 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/WqL8i2dvQDo/maxresdefault.webp
142.250.74.54200 OK 47 kB URL HTTP/2 i.ytimg.com/vi_webp/WqL8i2dvQDo/maxresdefault.webp
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec9f7a465f9a1f56c17eb557827bd6b4
66ffb873505beb91f67ed8390d5b0e41d2ac4e11
21f2ba8499826cdef5d13aac4ebe3deae24a90eed0a357cd5b70edd7608a4d78
GET /vi_webp/WqL8i2dvQDo/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 46674
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 11:58:56 GMT
expires: Thu, 08 Dec 2022 13:58:56 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 3b4d73542199ef80a3578453ffdbe9b9
630f4b4cf32fba65109c959f6f2401570b1a101b
5cbc20ac1c77bd628f587845536a260ba76efc825a48314c737e151da781cd38
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 08 Dec 2022 11:58:56 GMT
server: ESF
cache-control: private
content-length: 30980
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5c27a4ab37c6c8203d281ea09fa3e4a
0c36ba3df7510a76b2062ad1584e564592a45035
4eac9570f12e3959c4944baf4f232cd994291cd1dfe334ffc93ac4737972bdb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8274b291596906eb3779dccb82ec41cb
b2ec554df1fa55e18a4316b76ac617dc626b7598
69129be0a1c2e3d1dfc602aea4ef004ea01b3bfa6c5863bd225843472f1bb7c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a5c2a2d50893431367319c3eb5fd0bc
c076b77d1c599d2711a212258ffd5dc4eca82925
0c98da58e2abb90a770dbd9d97277cd8836fb79fc15aace4a95d1fb5ee4c1db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
216.58.207.228200 OK 14 kB URL HTTP/2 www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (35818)
Hash 511a3814cb1663e9d9286015da587ae2
a9ef6e40f17b2659c823195354e912a8979cc1a0
a2e4a4711f28ea423fdcadcced71bdf38e190b285fdde3fc9f11868ad8730375
GET /js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14262
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 10:20:32 GMT
expires: Fri, 08 Dec 2023 10:20:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 5904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu-VKf-e058VjFGYORx5gY8coT0Q5MIqFo7ALg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 906 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-VKf-e058VjFGYORx5gY8coT0Q5MIqFo7ALg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 63e88cd7e93b29aea540b95de179f654
e1b48316fe5ed1b50527f6e8cb490b0a60ce0c65
e1a5b6db707de428e2bd748ccb68ed2b913c2e74f9d03a2bedc7c05dfcb54095
GET /ytc/AMLnZu-VKf-e058VjFGYORx5gY8coT0Q5MIqFo7ALg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 09 Dec 2022 11:58:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 11:58:56 GMT
server: fife
content-length: 906
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 08 Dec 2022 11:58:56 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a5c2a2d50893431367319c3eb5fd0bc
c076b77d1c599d2711a212258ffd5dc4eca82925
0c98da58e2abb90a770dbd9d97277cd8836fb79fc15aace4a95d1fb5ee4c1db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 11:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube-nocookie.com/embed/WqL8i2dvQDo
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube-nocookie.com/embed/WqL8i2dvQDo
IP 142.250.74.110:0
GET /embed/WqL8i2dvQDo HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://guardians-p2e.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 08 Dec 2022 11:58:51 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
cross-origin-resource-policy: cross-origin
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+126; expires=Sat, 07-Dec-2024 11:58:51 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
guardians-p2e.com/image/ok.mp4
77.73.133.46206 Partial Content 0 B URL HTTP/1.1 guardians-p2e.com/image/ok.mp4
IP 77.73.133.46:0
ASN #204197 Duomenu apdorojimo centras LTD
Analyzer Verdict Alert quad9 Sinkholed
GET /image/ok.mp4 HTTP/1.1
Host: guardians-p2e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://guardians-p2e.com/
HTTP/1.1 206 Partial Content
Server: nginx/1.18.0
Date: Thu, 08 Dec 2022 11:58:51 GMT
Content-Type: video/mp4
Content-Length: 5961107
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 23:16:04 GMT
ETag: "5af593-5ef1cdf1b9f3f"
Accept-Ranges: bytes
Content-Range: bytes 0-5961106/5961107