{"report_id":"a5ffb5f8-4e8a-42f6-aab4-e7ebea5f41fb","version":0,"status":"done","tags":[],"date":"2026-07-12T21:34:49Z","url":{"schema":"http","addr":"studioobs.com","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":0,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"final":{"url":{"schema":"https","addr":"studioobs.com/","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"title":"OBS Studio Free Download - Screen Recording \u0026 Streaming","dom":{"size":40565,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1157)","md5":"840ccb8c62022069c8c53e0617a3934c","sha1":"6c9f7a2926da8e54242c1512cb33de1e7a1c6d3b","sha256":"94c61867d0ee68be10caf17c56fc4d43a3704641efb97b972df35f28a8881a8f","sha512":"3387399d0ed2498a303ff900ae69b46ad69b01e34ece004aa2a7c635a94dae51b5eda906ef77e2b350302345e58dbe5cd25bedc5926ef3f0f24a8227ab07cf8a","ssdeep":"768:e1yTN/TNoduudCz6l+8euyDtHtskTX7lQ+RYwx:e1yTOuudCzTjDtHtskT3Ywx","tlshash":"6d03d63390f020760143c3e6a67b3f156fe3a017d6495858b1bd4ba8afd2e96cc27669","dom_hash":"domhash81ac88a24ac99ab4b40573892a8f1af0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"studioobs.com","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":0,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-16T21:34:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-07-05T22:22:24.069932Z","alert_count":0,"request_count":1,"received_data":15997,"sent_data":537,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"studioobs.com","ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"domain_registered":"2026-01-03","domain_rank":0,"first_seen":"2026-07-12T12:28:50.07184Z","last_seen":"2026-07-12T12:28:50.07184Z","alert_count":96,"request_count":32,"received_data":1233671,"sent_data":16172,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-07-05T22:19:28.847206Z","alert_count":0,"request_count":8,"received_data":363019,"sent_data":4585,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-07-05T22:30:27.189477Z","alert_count":0,"request_count":1,"received_data":485013,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"studioobs.com/","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"introduction_type":"scriptElement","is_inline":true,"md5":"c321b87b9b8030268b49cbe105cd7142","sha1":"f5dd1cc7b3dbba817e1ec6c6eddb7a0245294cf6","sha256":"f12d4df93cbf85de92af40f37801a9dbfadfa0684e4326d5cd8ecbda4ebddb85","sha512":"8aab1dd441f0ee9a1ae4e075ef1a32acb3a973f5926b887fc3953f0f7372a6ab8d8257064f85ae184aadfafc6936f12ddebe32fcaea9d53d1ea4c5d1a0ccc62b","ssdeep":"","tlshash":"f1c09b8c321e5c7157eb67448f7ff644b4513314d4e56933491a634c5d21e17db54854","size":149,"data":"","first_seen":"2026-07-12T12:28:55.130911Z","last_seen":"2026-07-12T21:34:56.831402Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"introduction_type":"scriptElement","is_inline":true,"md5":"a4dde12ab716a18aa3100fec9ecf5b2f","sha1":"f0a366af503c86702695796492d6c35bab6d99e2","sha256":"085487100643bcc4affebe16274aed9134b5e09c7477464c7fb0c21dddc6cfef","sha512":"836c3d1778cab2a4b8820200eb0215f334122819f45421ff1d73e3eee5406bbb2ccf3a2060b931afd0903152d4d5e9882c34f8fbe086aa9db7a73c4130734a75","ssdeep":"","tlshash":"ede0721a34c2003a02b388a633b7910a2622270bc48e8b127a5fc8e61f28ca9090750c","size":303,"data":"","first_seen":"2026-07-12T12:28:55.131874Z","last_seen":"2026-07-12T21:34:56.834017Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/link-download.js","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"introduction_type":"scriptElement","is_inline":false,"md5":"72e0b1c91ed0e0a683f9431657141df6","sha1":"962df485bfe1f095c42bab6e0f4739e74a916520","sha256":"ce17b273ebc5099fc14e58136b1dc32cce7500d86f93dc646d8c3861dcd04544","sha512":"2261ee4b720d19681de79255eb6fc45b6825d81614b62e48e973a0fa26c7b150dbd556620b6491f0196e906fdbca1bb790d5088162185a91b23fcfa7fb422de1","ssdeep":"96:3GG7/YWyAaWgKLGCuTyiQCXtJ4O9CtaUD/Z/g/8X1MdS9TH:2GjYWNgKjfCrV4t/D/Z/g/G9r","tlshash":"5891418fa9ca94671972b3248fdb2914fea364734141c544bc6cf985af70821e05edee","size":4581,"data":"","first_seen":"2026-04-02T21:22:34.471823Z","last_seen":"2026-07-12T21:34:56.804959Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/download.js","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"introduction_type":"scriptElement","is_inline":false,"md5":"edc0fecdbbfc7fe7855cbd7ba04b98de","sha1":"e02c40f6d1b72f4e5d3074bb854ad5183fa9c5af","sha256":"710cda0e00c2c420b137b3110e690352584be6e7142a7b3449ec47f0e3e413af","sha512":"bfad2c8524fb19a85924174722a2fec35156e2bb114820af509f9b76f5b9996cae78da625250e2ed62019dd6afe8e38ad8141768b66b0183fd0dcbe592c52bf1","ssdeep":"","tlshash":"8551ec5eb5db953291b7313a83afb3403972a0131008dd417e6c5a85aff09762aba6c7","size":2558,"data":"","first_seen":"2026-04-02T21:22:34.449888Z","last_seen":"2026-07-12T21:34:56.773171Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/scripts.js","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"introduction_type":"scriptElement","is_inline":false,"md5":"4653d06717121aef8fd4199cfea19461","sha1":"c94340e907bcb4f39e8ee799772fdadd07b58bc5","sha256":"40c8820d39b78009822686bdcbe9b357d338527c9419642f44ba406715a70aec","sha512":"2878b0c77392b7d02bb5c4b95fe3a4f24e87426f1afd66c8e981aaacaa41d4c34b3ae8c3d9baee73cc14e1aebb7848d8c0860fffa94109437c2147806c2319b2","ssdeep":"192:hGobyIMKw+WHQeNJfOqJD6p9RF3F09IxUZeBIcrVezGIH3E9Y3F4x3IfduTi2MgT:h3yIM5+WweNJLcp3F0ILezGUff18xlFd","tlshash":"ac42615a21b3203a407365be678f86953b3410476109ca0a7e9d97491fc2f74aff2bd9","size":12853,"data":"","first_seen":"2026-01-21T14:56:34.199179Z","last_seen":"2026-07-12T21:34:56.805678Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-9KF3HEPGC3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7410ae5271dfc2925d94c4647766d027","sha1":"631b6ac35cf609e8aa9e096c67c61a8fad97f63e","sha256":"6273f0458539f36bc407bd513d00459f3b8c351ff4f909bf11d02ab7b12bd6a3","sha512":"715722406c6e2f59fccc4b8561d9dd402a06c052e9e2c31bece4ec0b6dfc678f1025b8493a458cff6263262e2fdc3096a1eaf2da401569f5badf8efc7ae51bb0","ssdeep":"6144:lf3do0JeYuozbF3Vb25pvMlci0SJGWox3lytZDP3OfAn8/:F30YnFB2j4DmfA8/","tlshash":"baa4f9cdb3d674625396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","size":484409,"data":"","first_seen":"2026-07-12T12:28:55.121479Z","last_seen":"2026-07-12T21:34:56.791678Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"studioobs.com/assets/download.js","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.744Z","timestamp":1783892061744,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/download.js HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 02:59:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698a9f0e-9fe\"\r\nexpires: Mon, 13 Jul 2026 09:34:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2558,"size_decoded":1225,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"edc0fecdbbfc7fe7855cbd7ba04b98de","sha1":"e02c40f6d1b72f4e5d3074bb854ad5183fa9c5af","sha256":"710cda0e00c2c420b137b3110e690352584be6e7142a7b3449ec47f0e3e413af","sha512":"bfad2c8524fb19a85924174722a2fec35156e2bb114820af509f9b76f5b9996cae78da625250e2ed62019dd6afe8e38ad8141768b66b0183fd0dcbe592c52bf1","ssdeep":"","tlshash":"8551ec5eb5db953291b7313a83afb3403972a0131008dd417e6c5a85aff09762aba6c7","first_seen":"2026-04-02T21:22:34.449888Z","last_seen":"2026-07-12T21:34:56.773171Z","times_seen":7,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Portugal.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.764Z","timestamp":1783892061764,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Portugal.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 02 Jul 2025 12:03:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68651ffa-2036\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8246,"size_decoded":7357,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"ad7dc9c58db4053a22110f3e3d5c1127","sha1":"7fcf7f70505f592a8bfcab8d3a746e199982f4ed","sha256":"7f3c168d70626314f1ac4282ba599395df296ca7fc9636b6ff440b7cb530cfd1","sha512":"4ec0b32f84bb22eb63ae8391a2bdf5cc33f6b5f59ac939fed566145b02738d87edc2a0d9e7ae2c2f1092f9b5401001738c1dd98f19b6f6776ac94cf2febd28ee","ssdeep":"192:2ryvFiCjb7vqtonowrFqGdSCyp5EmhYCH9pUy4Zr:6yvFZbRrFhSCypxhyy4Zr","tlshash":"7902294be36f4c95e3268f7fc752067085b73f5c89264aab19ad3e6e106df08a84d704","first_seen":"2025-10-25T20:36:50.782332Z","last_seen":"2026-07-12T22:08:20.290495Z","times_seen":29,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Germany.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.758Z","timestamp":1783892061758,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Germany.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 02 Jul 2025 11:59:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68651f08-a6f\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2671,"size_decoded":1584,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"2ca86c63f2aa7997e926b27d4a36d40b","sha1":"95a58a6c59ce153268621d23f680ee87ef5096bf","sha256":"8e39c821ed395e073bf9911fdeb356ac1e2856c80a28fe3f17ae4b1dd0884e32","sha512":"18151f69cc114427c8f65eee1abe447b4eab9bea811ecf629f1f1ccd193824cfd5f0226efe7716651a218c0e49be5859f31da39ed8fc74ac054b7e262af3cb33","ssdeep":"","tlshash":"4351d485320e5759fe2c6132c6d307a1b5f6cd97f23f82a4202c940c4ae2d8b73167e1","first_seen":"2025-10-25T20:36:50.786629Z","last_seen":"2026-07-12T22:08:20.306615Z","times_seen":28,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Russia.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.762Z","timestamp":1783892061762,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Russia.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 02 Jul 2025 11:58:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68651ec8-77a\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1914,"size_decoded":725,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"5471e465a5457ea48aea23b18fb6806e","sha1":"83ed4098dc56588ec240d3df01050ceca1cd3d44","sha256":"d67a8976bdccf94cbe1e22f1c1b62502fe58ae208a8e6213e04388fb00c99a04","sha512":"00058324b242f3677a1caab3744938b6382d17904d355ed535ec34f046af75c7a8df9cc184508d1ade307a3b02898a10e144a2ece6fedc9da27346e3628abc15","ssdeep":"","tlshash":"c841180a53010783d139cc7acb170ca18df2cfd61bbf93a82a0d23590598b61fa18f80","first_seen":"2025-10-25T20:36:50.781393Z","last_seen":"2026-07-12T22:08:20.291132Z","times_seen":27,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/China.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.765Z","timestamp":1783892061765,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/China.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 12:54:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69415678-23e7\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9191,"size_decoded":8250,"mime_type":"image/png","magic":"PNG image data, 1280 x 854, 8-bit colormap, non-interlaced","md5":"333f14153dda086ca2ee4b1ee8d00e8b","sha1":"a91bbc68250ce847e2d2917a0b74b9db39fc4f4d","sha256":"ad8a51bda382b6680514c8108ba0e2d735172b60ee3b290c902dd037602f52a0","sha512":"63356add8031c2a81987983e64497505ea0176156c13107c267ad21d746496bb9d645b927beedc6a2651788da5b097c39fe19722b18123e7ad2b8f35f791a0b0","ssdeep":"192:6HHsweFM60c+W+OM/9hX6t3mth7eAP1G7hKz9TEOr:SsHMVOqXXXh6AdGczdr","tlshash":"2c124b53cc62360fd24a4196238331e1d8b54697b0959f8fbf89d0baed471e2f475e21","first_seen":"2026-01-21T14:56:34.203553Z","last_seen":"2026-07-12T22:08:20.30544Z","times_seen":21,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/India.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.778Z","timestamp":1783892061778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/India.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 13:56:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69416506-36746\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":223046,"size_decoded":159997,"mime_type":"image/png","magic":"PNG image data, 4500 x 3000, 8-bit/color RGBA, non-interlaced","md5":"607b9f69862d76af04b474113c0c7ff5","sha1":"34fdac9c060c00f11c91d78c69ec6b67116d89f5","sha256":"ff23c2563f52a779f19000c53479c330ee78f97c20768ec4a1788948db918be9","sha512":"6f7fcb7631420e84b3ccae877d54f7884bef6ce4782606432119580c20b48ba2770c97eccff9c6740b1f7420ca84267b63f0af196746dc828bb1b40069db543b","ssdeep":"3072:3VFze1qSYsbzErVmtl7nuKECt/gpNnTR8/HzMWYN75yR:3VFubfzaKEygnN8/4HlK","tlshash":"1f24bf7479978afeda0960719e87bf0e37742b53a5880333d7e6db78ac421b1920f518","first_seen":"2025-05-02T12:10:02.194403Z","last_seen":"2026-07-12T22:08:20.288608Z","times_seen":38,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.008Z","timestamp":1783892062008,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://studioobs.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 330340\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T16:18:12.587093Z","times_seen":233591,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":37,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2pL7W0I5nvwUgHU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.016Z","timestamp":1783892062016,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2pL7W0I5nvwUgHU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://studioobs.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 10212\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 06 Jul 2026 07:53:31 GMT\r\nexpires: Tue, 06 Jul 2027 07:53:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 567651\r\nlast-modified: Tue, 09 Sep 2025 18:33:56 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":10212,"size_decoded":11025,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10212, version 1.0","md5":"b4116ee119caa0aff77a0f99bf188184","sha1":"f1e75276e3c00e2023e07eef94288f1b5e5c4ee3","sha256":"0515874177f0862384d111fccea0b6e7c32a7da106202949775b96b1fb56b236","sha512":"956f75a5e7e46d9436c6c20d493988901701a8cb846296c27779d72f3a24c58f0d7083a52eac77ebdcd15dbb97a1654599a46a9dccc7120b30fe5516c5739971","ssdeep":"192:9STaMoBFOLgYxDRMI5Y7VblGW7jsBF9W5C1IK8WQrjNn5DCY8LRUNwjUiyq3K6+O:M0BFWVxiI5YhlnsBbgCxJQrHDECslyGf","tlshash":"5f22bf68a663671fdcc7e63004f0da5042662e491253d776dbbdb78901278fe0417bd3","first_seen":"2025-02-02T06:10:28.700493Z","last_seen":"2026-07-13T14:08:44.299467Z","times_seen":2451,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":56,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/link-downloads.txt?t=1783892062009","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.021Z","timestamp":1783892062021,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/link-downloads.txt?t=1783892062009 HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://studioobs.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:22 GMT\r\ncontent-type: text/plain\r\ncontent-length: 600\r\nlast-modified: Tue, 10 Feb 2026 03:01:36 GMT\r\netag: \"698a9f90-258\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":600,"size_decoded":869,"mime_type":"text/plain","magic":"ASCII text","md5":"1bc43d15a9a56fb14199209d7b59a6cd","sha1":"db606e68377b84f1ae7fdf906454f1cbc46874ec","sha256":"62237fc82237b8757a42c3333148f095e732ba462a230ea3a0fad28c4f131e6c","sha512":"a2a5b40581b29c33fd9b7abc77e5325594ed1e3b1d5687f80252867fe8561a300f00e184a30f6ed5ed685ca1d14abc69e20053edf7547096aea9fba7b3680a71","ssdeep":"","tlshash":"0af08ceb7c694c902eb5c0725ae43300eb0c603b40e24c76f8a984ea69687ab30ed210","first_seen":"2026-04-02T21:22:34.450998Z","last_seen":"2026-07-12T21:34:56.782717Z","times_seen":7,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/France.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.757Z","timestamp":1783892061757,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/France.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 02 Jul 2025 11:58:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68651efa-4d7\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1239,"size_decoded":915,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit colormap, non-interlaced","md5":"7213a16165e9ba30d33be8c953faae28","sha1":"9cad440e7ab01350a2e15833bb349c38adf82ba5","sha256":"29de8b1fa3269ff8c8638d8ca8a8c64eccda3b79188c9fadb9b9d32272e6078b","sha512":"01f83f7e8663ed0b25083df977ee320330d5be5b44121e34234b4c9e54925758653c4e20c91608c58ee35282d2d8435ecd02dd72e5a727510aee030d5846e639","ssdeep":"","tlshash":"3e217fd2d88e757fcda96b7133eab235cce306070d2004543892dd2298e8d027a77e6d","first_seen":"2024-12-08T05:39:00.972427Z","last_seen":"2026-07-12T22:08:20.299302Z","times_seen":39,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Saudi_Arabia.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.770Z","timestamp":1783892061770,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Saudi_Arabia.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 02 Jul 2025 11:59:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68651f2a-708c\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28812,"size_decoded":26967,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"00153a499a8bf115a5826ebf51fc2506","sha1":"9e40048ef6788b7bcdb6bdef72bc5b5eec059092","sha256":"e2c80eedf4790ef5857dfa93d9086691cb21dd81ed7b1c1a3ab8c1800f0112cb","sha512":"60562abdcca16e2b09b29b5e6fa97e6c0b96316f92f49a21832d7354a862584ca205e3b279fec2a4502da27fecf8593cf9b8317e7fbaa6985b826b1fad330626","ssdeep":"768:8qDml7Nd9VG4R4TVNZVWnVLk0I32tBKFMn4XqkftkD:bDu7Nd9DuNZ+Lk0Pd8Hfte","tlshash":"3dd2d0fd274399f7dc229fb8720b519c2bc40dec650aa8bcd693c5671352bd46e25243","first_seen":"2025-10-25T20:36:50.785504Z","last_seen":"2026-07-12T22:08:20.301429Z","times_seen":27,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.015Z","timestamp":1783892062015,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://studioobs.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 84924\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 12 Jul 2026 12:24:54 GMT\r\nexpires: Mon, 12 Jul 2027 12:24:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 32968\r\nlast-modified: Tue, 09 Sep 2025 18:33:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":84924,"size_decoded":85736,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 84924, version 1.0","md5":"f5b588b5cfef2173838149769c8a0269","sha1":"5312086a01f8e8299094ddee5819b9727a19cae2","sha256":"b8811a6cd6f7e0707dfc9e9e6f1daf5f6f450b51e887e163945a9ade91c2720f","sha512":"05d5271c633bbe102775c0b6df9c5e110dae3a2517061714bb5c26ec66a00f8e1b62961135ec96962e7ccaf3942d8e32bd86f42558cbac8ee16ff6c333117886","ssdeep":"1536:PABWz4rSN/GzH27xN5UR1OnX+uyRsd1osLZBi/JGyQI01xDj+C:PAG4rCGa7L5UR1OnX+fGd/VB03QI+xP","tlshash":"378302b4ae71b3968f1c7fe46396273c2a7bdf41053950aeae44e16787f00dba148784","first_seen":"2025-05-29T19:39:57.235915Z","last_seen":"2026-07-13T14:08:44.298745Z","times_seen":18160,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":49,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/favicon/apple-touch-icon.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.137Z","timestamp":1783892062137,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/favicon/apple-touch-icon.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 17 Dec 2025 12:28:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6942a208-78bd\"\r\nexpires: Tue, 11 Aug 2026 21:34:22 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30909,"size_decoded":31241,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"f7f9a490c2ba3c41337da25599cfef0a","sha1":"bd7970de7fbc0c5753deffcc4597f9a4831e3d3a","sha256":"0b193086576857cec685eefb808253098715e8532956b5e76d0486b70cfa71b3","sha512":"ebd9395942c076a227a197bb00b38690ed41a5d304d1e9e09dded93a6a79be5defb791d79748633b94aad93af6f8c1ff982be5c0a14512f32b9eaed7706bca6a","ssdeep":"768:rCaOadtF8JuQHhHqJflVIF2UqA2iwoaj4V5+0SOmBQJu4P:uaOcn8J9hH6lWMoak5+zyJ5","tlshash":"a2d2f1f355df95cea1d21a2e34270d4aadcc26ed8b19c8f9e36087c0cb9dae1140acd4","first_seen":"2026-01-21T14:56:34.184812Z","last_seen":"2026-07-12T21:34:56.788342Z","times_seen":10,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/favicon/favicon.svg","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.139Z","timestamp":1783892062139,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/favicon/favicon.svg HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:22 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 17 Dec 2025 12:28:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6942a208-b956\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47446,"size_decoded":36132,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5ff4f85e87ab73ac268194aec0f0f956","sha1":"8ad5a67b1aabdd6c3adec3efbffe2e4f1424f24b","sha256":"96f227169f9656f25afc0be898ad4dfc84c989eb937045b6d54a330b44729bb3","sha512":"6785c01ed34c65e976abd16329048e5443c6aee9a5f62a8433b5f6a5270dcc5ae9b7a7ad74924dbb84a54145c900279c4fad840253b86ce2e38dd8ea5ff05dbd","ssdeep":"768:SfhPzJMegU5F9Ry95yN7pBja1CrjW+n4QW1VEJJ6ook+jHp/1bcd6k:MdJzX9RyzyN7pocri+4Z7gJ5+B1s6k","tlshash":"6a230229d9e291bb481313b8692def0d9d0537c51be9e4ef7ea544b185c282077325ce","first_seen":"2026-01-21T14:56:34.1657Z","last_seen":"2026-07-12T21:34:56.790781Z","times_seen":9,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-9KF3HEPGC3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.72","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.732Z","timestamp":1783892061732,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:35:29 GMT","end":"Mon, 14 Sep 2026 08:35:28 GMT"},"fingerprint":{"sha1":"4E:CE:B0:5B:5A:94:F2:15:05:64:F7:63:8C:23:58:95:2F:72:74:7B","sha256":"16:29:FC:E9:EC:BC:FF:2E:2F:4D:FB:5F:6A:E5:8F:51:7A:25:FE:6D:73:E4:66:1E:AE:DF:5B:F6:06:F3:36:E9"}}},"request":{"raw":"GET /gtag/js?id=G-9KF3HEPGC3 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\nexpires: Sun, 12 Jul 2026 21:34:21 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 164668\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":484409,"size_decoded":165272,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"7410ae5271dfc2925d94c4647766d027","sha1":"631b6ac35cf609e8aa9e096c67c61a8fad97f63e","sha256":"6273f0458539f36bc407bd513d00459f3b8c351ff4f909bf11d02ab7b12bd6a3","sha512":"715722406c6e2f59fccc4b8561d9dd402a06c052e9e2c31bece4ec0b6dfc678f1025b8493a458cff6263262e2fdc3096a1eaf2da401569f5badf8efc7ae51bb0","ssdeep":"6144:lf3do0JeYuozbF3Vb25pvMlci0SJGWox3lytZDP3OfAn8/:F30YnFB2j4DmfA8/","tlshash":"baa4f9cdb3d674625396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","first_seen":"2026-07-12T12:28:55.121479Z","last_seen":"2026-07-12T21:34:56.791678Z","times_seen":2,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":2,"connect":15,"send":0,"wait":42,"receive":48,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Spain.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.759Z","timestamp":1783892061759,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Spain.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 02 Jul 2025 12:00:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68651f68-2188\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8584,"size_decoded":7692,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"530c161d2a2c44e69fa7f0134bb3b008","sha1":"c2db6aa06e2ff3707a739e87c08a93d2b23c01db","sha256":"bffe365be6726c7f7b9ad4966b2de413e4a7b4ac4ff7aac1a545015915da8852","sha512":"066c524597e083980312019c0bc9b3154e37603851b0b5bd71960e0701189a083b9fd1c0790edae49883d2f21c6e5a9d035833343f61a9439961cba47c3389c5","ssdeep":"192:eT+hIKePAIN3zJ8VfDyqNi2ZprkfnY/+jU6gOVBqK9nWwZX:eSpePEbyd2DkfY/iTgFKgwZX","tlshash":"500238d5cb998dbbc8b1c7b601c73d580ac38630a37713821fca82ad6e5b7250161e66","first_seen":"2023-08-13T10:47:13Z","last_seen":"2026-07-12T22:08:20.291904Z","times_seen":50,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/South_Korea.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.772Z","timestamp":1783892061772,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/South_Korea.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 12:50:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694155a8-625e\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25182,"size_decoded":23931,"mime_type":"image/png","magic":"PNG image data, 900 x 600, 8-bit/color RGB, non-interlaced","md5":"26168cddf75348cc28299de4daddcb5b","sha1":"d5ec4e17352617f6d9a569095a2a1a690a00530f","sha256":"e5e6466825c7481627492c8617d3add1ed7bfcfe501496d3c17e3e7ef6c31466","sha512":"64198a591002fb43bd16e3032ae5ab3951fcc199e2996fab9a60ebadaa5133e951a0461f1ffe27c89aca7ca074ab005e249d26ffe452e4390acb11d6aa56ca37","ssdeep":"384:TLMIK5E2qJ8bbWduyExu1v0NrY4r5C+VxuZXTSikpkiXQX4E2tIC:fMcab2Emv0FSIMTSikjXQL2v","tlshash":"c2b2c0cad4c0e6dc85ebbc951c43355c23362ec36f189c20e8907cf99eabb55c524069","first_seen":"2025-09-10T10:38:10.167381Z","last_seen":"2026-07-12T22:08:20.289867Z","times_seen":23,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Turkey.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.774Z","timestamp":1783892061774,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Turkey.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 12:51:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694155c2-2b75\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11125,"size_decoded":10858,"mime_type":"image/png","magic":"PNG image data, 800 x 534, 8-bit colormap, non-interlaced","md5":"e723f0a4b378c21325c9bf28d4513c78","sha1":"b9dca17011440366741f14ea4fadfb1c5388c81c","sha256":"7d24a9f3106f27f77571a965b0b2bf1f318011fcf65023074e145413f59458f5","sha512":"b3a4d3565e8707275d6b5b4b2ca49a99c585c0127e79340f345c6928bb2121a99c4a4cd5bd0b66b68592e17a5c9f5bf7d1ab926646c0b743448c6565ce4e192f","ssdeep":"192:KfXkAZhK0eVLuzNL7AhfBNHP9UlK7lMs1a9AqYbKINqWCUKDPQ:w0sY0zt7EZNv9Vr1avYbKIsWCzQ","tlshash":"45325b548bd86921967d16b25b338b7dfe24c7df2c620286439334333d27ad8b6b0b24","first_seen":"2025-10-29T00:38:51.799426Z","last_seen":"2026-07-12T22:08:20.292519Z","times_seen":23,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/images/scenes.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.781Z","timestamp":1783892061781,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/images/scenes.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 10:21:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694132a2-1a75\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6773,"size_decoded":6910,"mime_type":"image/png","magic":"PNG image data, 720 x 560, 8-bit colormap, non-interlaced","md5":"5f74135441eebf266954f7004118b9fc","sha1":"759d96d35cbe649d52ff6912d64b6d1d032dd15b","sha256":"59792e409f248c860f1d7351b73bb72e9f8b4c7b15b7190daef04e686831b1c0","sha512":"a84566065e4ecdc56b84c1adf30af5200e0a7fd3456a9c99c995540e0a69ef0703ca5fc6c202357b6195d16643f76079a95ec1937278b4e638a6b992a0784527","ssdeep":"96:91GGnrO0i6EoQSxKJncTLE54g8kw1kTPupadrmQDlHUI3VezJvhNRr0E4SJjYXP:91VnyD6XQXJcHg4g8hGupa9/JGvRFNw","tlshash":"98e1905d84f5ba4eef38cafb65760761c502026edc562008b629307de47d377571e28e","first_seen":"2023-07-19T18:21:06Z","last_seen":"2026-07-12T21:34:56.796081Z","times_seen":17,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/images/mixer.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.783Z","timestamp":1783892061783,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/images/mixer.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 10:21:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694132a8-92e3\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37603,"size_decoded":37202,"mime_type":"image/png","magic":"PNG image data, 1080 x 840, 8-bit colormap, non-interlaced","md5":"9e4b572b65a4de7ed471f3d817b3001f","sha1":"3ff1379fc43af0ffac11264d2848210e331b7d04","sha256":"bc826e2f4b783895f3c2aad53e8b6cc382ea3b1832425cf23cf182caa4424cbd","sha512":"afd9821a0cb7f397b65d212239bc0d7d70aebca8bb1e90bad4d923604b4ac3cd1c79dd327eded3e91d7f9c76606a06f41d345cd38861d496c35a010ffe7a5d7f","ssdeep":"768:qJGocJkwYdWsTmFXK8QtmWG4OcFHOjccj0zmnCm/1:qMJkwGWLFXK8QtmWacF72Xt","tlshash":"04f2e0ea2119cde06a1a190bf416ff18463f150f1ce4528d8a42e2d19dfe793671e8b7","first_seen":"2023-07-19T18:21:06Z","last_seen":"2026-07-12T21:34:56.796955Z","times_seen":17,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/images/transitions.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.784Z","timestamp":1783892061784,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/images/transitions.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 10:21:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694132b0-819a\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33178,"size_decoded":33107,"mime_type":"image/png","magic":"PNG image data, 1080 x 840, 8-bit colormap, non-interlaced","md5":"2e13274272d83bff592d08d6a59661d8","sha1":"020545b0678b86f8b3e73a0891aa8f07137ef663","sha256":"6be336d5e83f42c950d15e3f1752c181b11279a4903f6e3601ebbbd2732ea92d","sha512":"f384fa035f9ed494a9629237b87bc5a638838e880d02fd6df79180fa4a99d98850ccc12dfa4fc1980ec977522d7dcf43d3018c70fa9e0278d81a0a612d3d18ee","ssdeep":"768:Pa1hLDmJrTMg7cI2SyQ0701IXt2dyASilPdoTq:PiupYI2p9rt2YOP","tlshash":"14e2e1070d3ada3fa8f53bfe15c54d184332e92fea89c870c567a1595933712f28d868","first_seen":"2023-07-19T18:21:06Z","last_seen":"2026-07-12T21:34:56.799316Z","times_seen":17,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/images/docks.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.787Z","timestamp":1783892061787,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/images/docks.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 10:21:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694132ae-5e17\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24087,"size_decoded":24222,"mime_type":"image/png","magic":"PNG image data, 1080 x 840, 8-bit colormap, non-interlaced","md5":"2615959580d3ac9108236f8079cfcdd8","sha1":"b5ded3a7a5895c1d7caf432c7f79880748edc981","sha256":"bd9e768bc2e60f5a72d113afd6cb8666a0248e2a1efb182cc7249227649d4194","sha512":"0a07b073277f66cfb9f0b1a324c24725370009826c64dfb5da0fc51240245cc80f5be24a92ef3609f83fd91df2a4040aab829bda141ade82821651cee36e5cf7","ssdeep":"384:f0YPETKs8Q6I47M2xBM/X31NN5Xsy0pvEzheHQHA/3gskThElzMbpTFui74CsTmJ:f0BOHI4g2xB4XbNRsDVEzhewHa3g5Thx","tlshash":"72b2f1046710502dfd1afd92f0136933b8985eece630dba34847dd964ae984ad134e3a","first_seen":"2023-07-19T18:21:06Z","last_seen":"2026-07-12T21:34:56.80161Z","times_seen":16,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.009Z","timestamp":1783892062009,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://studioobs.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 330340\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T16:18:12.587093Z","times_seen":233591,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":30,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/styles.css","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.735Z","timestamp":1783892061735,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 19 Dec 2025 13:02:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69454cca-b179\"\r\nexpires: Mon, 13 Jul 2026 09:34:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45433,"size_decoded":8332,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with very long lines (387)","md5":"71c72fc7f29914f60b0099e8e2ce7b33","sha1":"38992f21185d92f5d1007ad9b52c59c7572e5821","sha256":"bfe179c46d1e17a352e2aed2818ad085d21355268fcdec81b0bdbbf8fcce3be0","sha512":"43265af61338047de15caefab03444b406904d24c5b257c501d24f5e9388134debfaf31313420a44f18d1a3f66a4a24b2b6ca04efae802af5554194ed1e2eef7","ssdeep":"768:2RdsIdA6SicPV3G2HyKtBvOvn2UPgw+XOSFomOCbXmOA3cIAN:FyKtBvOvn2UPgw++SymOC3N","tlshash":"d2133250677395b0a93ba2696befe70c3368a047890acc5d7bcd61044fc93fed192b49","first_seen":"2026-01-21T14:56:34.173917Z","last_seen":"2026-07-12T21:34:56.802416Z","times_seen":9,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/link-download.js","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.742Z","timestamp":1783892061742,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/link-download.js HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Feb 2026 02:59:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698a9f08-11e5\"\r\nexpires: Mon, 13 Jul 2026 09:34:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4581,"size_decoded":1899,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"72e0b1c91ed0e0a683f9431657141df6","sha1":"962df485bfe1f095c42bab6e0f4739e74a916520","sha256":"ce17b273ebc5099fc14e58136b1dc32cce7500d86f93dc646d8c3861dcd04544","sha512":"2261ee4b720d19681de79255eb6fc45b6825d81614b62e48e973a0fa26c7b150dbd556620b6491f0196e906fdbca1bb790d5088162185a91b23fcfa7fb422de1","ssdeep":"96:3GG7/YWyAaWgKLGCuTyiQCXtJ4O9CtaUD/Z/g/8X1MdS9TH:2GjYWNgKjfCrV4t/D/Z/g/G9r","tlshash":"5891418fa9ca94671972b3248fdb2914fea364734141c544bc6cf985af70821e05edee","first_seen":"2026-04-02T21:22:34.471823Z","last_seen":"2026-07-12T21:34:56.804959Z","times_seen":7,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/scripts.js","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.745Z","timestamp":1783892061745,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /scripts.js HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 19 Dec 2025 13:02:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69454cca-3235\"\r\nexpires: Mon, 13 Jul 2026 09:34:21 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12853,"size_decoded":3867,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"4653d06717121aef8fd4199cfea19461","sha1":"c94340e907bcb4f39e8ee799772fdadd07b58bc5","sha256":"40c8820d39b78009822686bdcbe9b357d338527c9419642f44ba406715a70aec","sha512":"2878b0c77392b7d02bb5c4b95fe3a4f24e87426f1afd66c8e981aaacaa41d4c34b3ae8c3d9baee73cc14e1aebb7848d8c0860fffa94109437c2147806c2319b2","ssdeep":"192:hGobyIMKw+WHQeNJfOqJD6p9RF3F09IxUZeBIcrVezGIH3E9Y3F4x3IfduTi2MgT:h3yIM5+WweNJLcp3F0ILezGUff18xlFd","tlshash":"ac42615a21b3203a407365be678f86953b3410476109ca0a7e9d97491fc2f74aff2bd9","first_seen":"2026-01-21T14:56:34.199179Z","last_seen":"2026-07-12T21:34:56.805678Z","times_seen":9,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/United_States.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.755Z","timestamp":1783892061755,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/United_States.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 02 Jul 2025 11:57:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68651e96-7289\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29321,"size_decoded":27593,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"a18d005784fa6ea4417a7eb9d0c66fd0","sha1":"7d1e1ed3386fd6d04aa380502f655b29865a72c1","sha256":"3051b9d5858848eadd8fc6d102cdfe1adffb173d03143f3a773873c549391993","sha512":"fadd9c36024806d0b37668330c6b1cd04a3b892aaee9100a00b2089bb0044137178ed48b0615f98898a5b84fa01f61c1cdffe587c1c62bd1449fbe90216c6c17","ssdeep":"768:ctwZvrrkD9R9Kp1Tbrb3FjIUxHpd0YTgYUCY:cWZv3WWTOUxUYb3Y","tlshash":"40d2e15a815792594fed33f64ac0a1f4fe1b549e8fa4d0c1ab37cbf8044a696c4d05c3","first_seen":"2023-05-21T22:42:23Z","last_seen":"2026-07-12T22:08:20.308663Z","times_seen":73,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Czech_Republic.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.768Z","timestamp":1783892061768,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Czech_Republic.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 12:46:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694154b0-91b\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2331,"size_decoded":2485,"mime_type":"image/png","magic":"GIF image data, version 89a, 120 x 80","md5":"ebb5200740061ca1cbd23ea92592c664","sha1":"e6b9b719160e6be74b9522ea6fd0907c87395632","sha256":"10ce1da0942e1a69d9d401f26fe6e24d51eb49e7fbf018991fa456a3b1c265ad","sha512":"06660712c8630f3f1d770b7ef0b8af9f40c2f930f2684442e0b9695c7ad0bca538c374a0bed7b176ec2d7fec6c9eb06e4b6e9f836bbb849e79d2ac4cd2234cf3","ssdeep":"","tlshash":"c641f94df5c45513fa2578f4938e28a542119f6023b96a6f15cbd0b8d410f955bd1f4c","first_seen":"2025-10-20T23:32:26.815365Z","last_seen":"2026-07-12T21:34:56.808923Z","times_seen":15,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/images/hero.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.780Z","timestamp":1783892061780,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/images/hero.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 10:16:20 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69413174-6a224\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":434724,"size_decoded":433559,"mime_type":"image/png","magic":"PNG image data, 2112 x 1740, 8-bit colormap, non-interlaced","md5":"eac5eaaf929f4438ecdf8d966fd5014c","sha1":"82e5b22316321b2aba58c5eb6391638bb1707571","sha256":"2a4b7e619edd3e87441769ba009592da48febe5c34ba814d5c787131aa8a8ff1","sha512":"00f79ee01651b6eca9fbd390b6fbf36762dfbfd3040e8563ae9a13538e638a661a4835b2825c3a149bd61641d4020357e1f027b20dbd590f236b373c48186da9","ssdeep":"12288:cHeo4QiarrrMeqLiO/q3Ehlsv7U5OThlF0PVw3dzw95+5WYABT7t:cHCdarrAeqLrzhli4+lldzwG5WY2t","tlshash":"349423bb6052b072fe553408bfe85a64241be8348e57f0cbb43519c85ee314d673b6e9","first_seen":"2023-07-19T18:21:06Z","last_seen":"2026-07-12T21:34:56.810963Z","times_seen":17,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/images/settings.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.786Z","timestamp":1783892061786,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/images/settings.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 10:21:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694132ac-4a1b\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18971,"size_decoded":18293,"mime_type":"image/png","magic":"PNG image data, 1080 x 840, 8-bit colormap, non-interlaced","md5":"fadd992775a5b4bc0330072915ebcd98","sha1":"f6fd03bbb4a47caa36520afc84110a3ee24a2c32","sha256":"6c7b4834cef9798f3a39284d272bc4a123d11e1653d3856a80fa8548dd6a6034","sha512":"32335122e8a56a133f48125ece660dea39b1c8d5f460f8d056e28300b230f0d8390cd359ffd37e7e740185fcd08c8062e903661a516384724cd5fc1c60e70d56","ssdeep":"384:qb5oyWUnW1ytRBan7nAN2ePYiuazza411ThFFHyVsdj1ZjWZdk4GfKGEtxzZ:qb5okMsyFg8azzRlFLLDfKGEV","tlshash":"1082c0ee7edf79d0549453606821780caf672f04e561a81f220be0cf4ce83d27b56ab9","first_seen":"2023-07-19T18:21:06Z","last_seen":"2026-07-12T21:34:56.811875Z","times_seen":18,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.006Z","timestamp":1783892062006,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://studioobs.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 330340\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T16:18:12.587093Z","times_seen":233591,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":31,"send":0,"wait":20,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/favicon/favicon.svg","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.754Z","timestamp":1783892061754,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/favicon/favicon.svg HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 17 Dec 2025 12:28:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6942a208-b956\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47446,"size_decoded":36132,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5ff4f85e87ab73ac268194aec0f0f956","sha1":"8ad5a67b1aabdd6c3adec3efbffe2e4f1424f24b","sha256":"96f227169f9656f25afc0be898ad4dfc84c989eb937045b6d54a330b44729bb3","sha512":"6785c01ed34c65e976abd16329048e5443c6aee9a5f62a8433b5f6a5270dcc5ae9b7a7ad74924dbb84a54145c900279c4fad840253b86ce2e38dd8ea5ff05dbd","ssdeep":"768:SfhPzJMegU5F9Ry95yN7pBja1CrjW+n4QW1VEJJ6ook+jHp/1bcd6k:MdJzX9RyzyN7pocri+4Z7gJ5+B1s6k","tlshash":"6a230229d9e291bb481313b8692def0d9d0537c51be9e4ef7ea544b185c282077325ce","first_seen":"2026-01-21T14:56:34.1657Z","last_seen":"2026-07-12T21:34:56.790781Z","times_seen":9,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Vietnam.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.776Z","timestamp":1783892061776,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Vietnam.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 13:55:16 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694164c4-4d4\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1236,"size_decoded":1595,"mime_type":"image/png","magic":"PNG image data, 275 x 183, 8-bit colormap, non-interlaced","md5":"af3417f25e7b9a7db8dfd325c0e23f2b","sha1":"ceac78d36c3c799cb38e9c880d6c298740c70580","sha256":"27a636d46104b3879faa18873e9e47d59819e71e498ad6a9a3b564e041ef5a01","sha512":"e5872e88f340e055e14d5c658d2bd57a087bdf88f631eb48bce1390b6b0ff6afaea483b9629bb9a20df3db8e575b5c470e9ee90ff0f261d5cb21f6be29e69494","ssdeep":"","tlshash":"cb21e76af6851ab7d865087952de4b7d779770121f1bd7a6d6103b4f0e9c01383d8102","first_seen":"2026-01-21T14:56:34.191993Z","last_seen":"2026-07-12T21:34:56.814253Z","times_seen":11,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.012Z","timestamp":1783892062012,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://studioobs.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 330340\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T16:18:12.587093Z","times_seen":233591,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":44,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7W0I5nvwUgHU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.014Z","timestamp":1783892062014,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7W0I5nvwUgHU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://studioobs.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18720\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 10 Jul 2026 18:22:21 GMT\r\nexpires: Sat, 10 Jul 2027 18:22:21 GMT\r\ncache-control: public, max-age=31536000\r\nage: 184321\r\nlast-modified: Tue, 09 Sep 2025 18:30:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":18720,"size_decoded":19533,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18720, version 1.0","md5":"2c753ee2983cf76ffeefa20db25a70c3","sha1":"13e20767faf339db1eb3b75b329e00f6d1b483fe","sha256":"28d124cbfadb7765f74a5688577c956ea3dd70f585b4645b2dc132742cd4c319","sha512":"0c9d6b356984e0f502a4a7ed99aef38621a53a580ceab2f1cb3f4f8d923f295891db0aac9eb2563541369a517e53def5b883a846eac8e138c169cd913044c8d7","ssdeep":"384:bNd6oCG7QqLLDPkev3w0zjoO9ETU1yZHG+2EuEn3iQ4:ZwozcqLLDM8Xf9ETU1yIzEuE3il","tlshash":"8982d0c11485e23c8e7c9ebb6a54f2b3acdb1238fed4371437127796504845b947a8bb","first_seen":"2025-09-10T18:13:11.027375Z","last_seen":"2026-07-13T14:23:44.743019Z","times_seen":10722,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":53,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-12T21:34:21.090Z","timestamp":1783892061090,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 10 Feb 2026 02:59:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"698a9f14-9b29\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39721,"size_decoded":9763,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1151)","md5":"282279b992f5282786680b46212a9829","sha1":"bdbb89c917250152ab8cb59a5c5633654be12ec7","sha256":"37c559bd515916af1f126151e659907e154367894f68bbff940a8a38a5f331eb","sha512":"65aaa27c0af328723071b24b49630ac58e2579a412a686f56e3a8dd1a02b90a181769ca1bef1198146ed9b818bd10db33d177d15509de725183cf5ed284ab207","ssdeep":"768:Xs6TNuiUSouu//Z8lX8euyDtHtskTOBlvwXYwm:Xs6T6uu//ZUjDtHtskTrYwm","tlshash":"3703c63390f05076018383e2a7773f256fe3a017d6495818b1bd4ba8afd2e56cc2766a","first_seen":"2026-07-12T12:28:55.108684Z","last_seen":"2026-07-12T21:34:56.816029Z","times_seen":2,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":20,"connect":33,"send":0,"wait":33,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Japan.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.767Z","timestamp":1783892061767,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Japan.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 12:50:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694155a0-b13c\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":45372,"size_decoded":29623,"mime_type":"image/png","magic":"PNG image data, 2560 x 1707, 8-bit/color RGBA, non-interlaced","md5":"506b1028554f44db158db3ce4e623b22","sha1":"0ab34befe54628d00cdfbf886f9fe7b773c3ee3f","sha256":"51119fe805a468a80e6cecace1a16409aa7068b49f325c482703df8334d2a9aa","sha512":"3468a1420df59f743d40bde0bf7aa3fe66103a99cb6b96727441d154f8070c681651bdb8ae08d49706a52d2921a6d446142c776d5b484cd34d46bec0cf96c78b","ssdeep":"768:ipoXQ1N6e13X0NTlYvdqHN+i/HKqTKZG48dOSz1djRJkGAjdQPDyXr0qi7:ipf1U20EvdqHNhqqm8jdJnjRSvubK0f","tlshash":"7c130777f2104cb9d078ce7e899b4b3077f364361597973b3278a419bca26171e1ab90","first_seen":"2026-01-21T14:56:34.176395Z","last_seen":"2026-07-12T22:08:20.289237Z","times_seen":21,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Poland.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.769Z","timestamp":1783892061769,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Poland.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 222\r\nlast-modified: Tue, 16 Dec 2025 13:54:18 GMT\r\netag: \"6941648a-de\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":222,"size_decoded":561,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"087f4bdfed90adbe13899805a482295f","sha1":"e892de8ab5e20a83e87793acb0d22f9398b8eb1f","sha256":"115004b9d63d480a42b3489e7e1b478e7b2a3fd135945b61ce2cdce2ba6a1683","sha512":"0b31674ff96f676db111d7b328c21084bc5bf310c624dc5470ad97e97bbc1b03376c6b63c475accac9ea7f14f1516e2607a52fc35e0b9707d775cef3b20316a5","ssdeep":"","tlshash":"71d001d15726801d4f0d28bf3fef1aa681741090609e86d1a9d74da53b778b1d7a8238","first_seen":"2026-01-13T16:26:19.973982Z","last_seen":"2026-07-12T21:34:56.82423Z","times_seen":15,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/flags/Thailand.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.773Z","timestamp":1783892061773,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/flags/Thailand.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 13:54:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694164aa-2b86\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11142,"size_decoded":1534,"mime_type":"image/png","magic":"PNG image data, 814 x 547, 8-bit/color RGBA, non-interlaced","md5":"a04b7f2cecca1828c473b3e4f0714968","sha1":"3f5fc984cd479c680ce15ba66be4821a6b20c821","sha256":"58fce49f05d3369b7a776e21db859f76894a6fbcc9627cf79d8d9b1129adaf04","sha512":"083fe405fc34bee2ac3554de102e7500b8a219def55c0c9c2b5e95b8c84c7351c17de0307906bf0eb35238cd2b1f71c0bc7097ff782b38b1ee4c67da189302a0","ssdeep":"192:Og9O9O9O9O9O9O9O9O9O9O9Yrrrrrrrrrrc/1WlO/1WlO/1WlO/1WlO/1WlO/qT:OU++++++++++YrrrrrrrrrriRRRRW","tlshash":"ec32eecb79ef3172d79a18a3e3a9f1be0127cc6d62141807b579ea81b1375681c3a474","first_seen":"2026-01-21T14:56:34.161381Z","last_seen":"2026-07-12T22:08:20.300285Z","times_seen":21,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"studioobs.com/assets/images/hotkeys.png","fqdn":"studioobs.com","domain":"studioobs.com","tld":"com"},"ip":{"addr":"91.188.254.36","port":443,"asn":15440,"as":"UAB Baltnetos komunikacijos","country":"Lithuania","country_code":"LT"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.785Z","timestamp":1783892061785,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"studioobs.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Jul 2026 09:04:12 GMT","end":"Tue, 06 Oct 2026 09:04:11 GMT"},"fingerprint":{"sha1":"14:4A:59:1E:FD:2C:9A:C5:AF:E9:9D:B2:89:07:47:67:E7:7B:10:E7","sha256":"44:A7:D9:7A:DC:EA:13:5C:76:0B:EA:BE:0C:EF:57:04:42:8A:8B:38:6E:22:1E:6E:BB:73:ED:AB:E0:78:3A:72"}}},"request":{"raw":"GET /assets/images/hotkeys.png HTTP/1.1\r\nHost: studioobs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 16 Dec 2025 10:21:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"694132b2-66ce\"\r\nexpires: Tue, 11 Aug 2026 21:34:21 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26318,"size_decoded":24636,"mime_type":"image/png","magic":"PNG image data, 1440 x 1120, 8-bit colormap, non-interlaced","md5":"422fc8bf5e1ec3f2c76dae01de0844a4","sha1":"e40d151b33b81d31859398d36468d4a38719c63b","sha256":"acfb9ba8c0d558152250899bd8a4c2799a7af7193996f8c322ab3a6aed87a338","sha512":"2c7b4dfab94f95b894dae1d007092e06190530fb1515bfb831242e574876c734961ea0bf3450f321c9a70758b4ccf267a93cf07215cd05c04e65b6486f69829b","ssdeep":"384:W09OYmzaCs0gSNRqm8NrKsqm7+eZwQ8xNR3Kg0OeVjb3Fhj9Tj4lDvP+CYk2LDpR:BRFChqlHRZwQwNRBeVD9TjCDH+22JUBY","tlshash":"80c2e0731ae1e4b3f94a253db63a03a97163200bc353b24718ba5ba3c3b85569e334c5","first_seen":"2023-07-19T18:21:06Z","last_seen":"2026-07-12T21:34:56.829621Z","times_seen":17,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"studioobs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:21.813Z","timestamp":1783892061813,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:24 GMT","end":"Mon, 14 Sep 2026 08:37:23 GMT"},"fingerprint":{"sha1":"85:D0:EC:C2:01:33:25:23:96:FB:2B:54:90:54:84:07:0A:49:1F:03","sha256":"9D:7C:1C:9C:6A:25:1E:17:E0:DC:FD:42:95:CA:47:3D:C1:9C:20:FB:22:47:02:E3:27:EC:7C:62:03:30:83:BA"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://studioobs.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 12 Jul 2026 21:34:21 GMT\r\ndate: Sun, 12 Jul 2026 21:34:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15162,"size_decoded":1675,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"cd46912baf19b9fe32c8e6a6320bcaf9","sha1":"08ee007e9656ed41ffbabdb06701a3895bfa0094","sha256":"92a04c9ec1ae41b88f1eda4e7c4d74ffea87294a25c63c0fcdd7472dd82f1035","sha512":"33912fabd74bd7afee0c49ddd4b89161dfc7939fabb2ac6a75b9a5b4fd3e745fcdb6a4dda2ba6ddef3c9177f4ac972ff43239bc2f1af456c7530e7b981510b9e","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kc:8KYXuM0p2+g7r","tlshash":"3f628892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-11T14:17:01.635764Z","last_seen":"2026-07-13T16:15:28.716899Z","times_seen":5174,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":18,"send":0,"wait":37,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://studioobs.com/","date":"2026-07-12T21:34:22.011Z","timestamp":1783892062011,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Jun 2026 08:37:23 GMT","end":"Mon, 14 Sep 2026 08:37:22 GMT"},"fingerprint":{"sha1":"CD:5B:53:23:61:72:75:37:AD:E9:F1:74:B2:D2:EE:09:81:05:55:E1","sha256":"9F:07:21:2D:14:EB:C5:C0:D4:2B:42:E4:55:80:7A:BB:AF:47:A8:BC:0C:5E:05:F3:2A:2B:1F:2A:78:4D:FF:D7"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://studioobs.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Jul 2026 01:48:42 GMT\r\nexpires: Fri, 09 Jul 2027 01:48:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 330340\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":48532,"size_decoded":49345,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T16:18:12.587093Z","times_seen":233591,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":24,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
