{"report_id":"52b08369-6726-42a9-80d5-5307ac3091f6","version":6,"status":"done","tags":[],"date":"2025-10-25T19:34:54Z","url":{"schema":"http","addr":"nastypetiteteens.com/","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"nastypetiteteens.com/","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"title":"FORBIDDEN FRUIT"},"submit":{"url":{"schema":"http","addr":"nastypetiteteens.com/","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":0,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-29T19:34:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-25","alert":"Sinkholed","trigger":"nastypetiteteens.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"nastypetiteteens.com","ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"domain_registered":"2024-01-02","domain_rank":1641149,"first_seen":"2024-01-31T07:44:08Z","last_seen":"2025-07-03T03:11:19.918785Z","alert_count":6,"request_count":6,"received_data":1104837,"sent_data":2760,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"nastypetiteteens.com/rums.js","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","size":2674,"data":"","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nastypetiteteens.com/","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ecbc8fd75e6fa706c118405730d1d3b0","sha1":"f56ffe686b864a37fd915578705c7467c00a2518","sha256":"f054156dabe13338167397cc189d146e4286218db496da8b575dc646cfa33de6","sha512":"27aa6fc6f918ae753839006dfcb30302a44a7e85f6a02cf8f9b5d9252903ade3b03f23d95eded92e18644d3374fe025a675c6ff05371671e3948b50f02e0cdd9","ssdeep":"","tlshash":"68d0125e887884b4525422d7bde3cde0b831d1ec165ac88c9a0d74e02f4b4c76745b63","size":199,"data":"","first_seen":"2025-10-25T19:34:56.340611Z","last_seen":"2025-10-25T19:34:56.340611Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"nastypetiteteens.com/rect.js","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"902d6dacc84459c122e175e9a8da9256","sha1":"6d42493bea6e55833358f8b951689a903e71f2ce","sha256":"1d0a3ecf088ae773d925978e08f8b9f048a293a5b48dd6f679f5e722c3b4f4eb","sha512":"8f5d5ea57f2d83994c9b2d14bdb595559947057b158e5ca97ca35855c1124d482cbfb71943640c23feb04baca5ea7ce3f7b6f6bcf9d7aec6cb36bbdfee0959f4","ssdeep":"","tlshash":"e101bdad60d128344da335bc8fff613850766183544a4a02b61e4e813f7121ed649c8c","size":799,"data":"","first_seen":"2025-10-25T19:34:56.336619Z","last_seen":"2025-10-25T19:34:56.336619Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"nastypetiteteens.com/rums.js","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nastypetiteteens.com/","date":"2025-10-25T19:34:33.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nastypetiteteens.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:04:26 GMT","end":"Sat, 10 Jan 2026 05:04:25 GMT"},"fingerprint":{"sha1":"46:39:C3:E6:C7:FD:EF:7D:C5:60:09:75:2D:9E:C7:BB:0E:E6:C9:7B","sha256":"2F:B5:A1:1C:63:AC:F8:82:E9:64:AD:72:1D:A1:4D:1E:C3:3D:F6:6B:23:F6:2D:44:09:7D:F1:AF:0C:21:21:3E"}}},"request":{"raw":"GET /rums.js HTTP/1.1\r\nHost: nastypetiteteens.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nastypetiteteens.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 25 Oct 2025 19:34:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2674\r\nlast-modified: Tue, 21 Oct 2025 09:53:12 GMT\r\netag: \"68f75808-a72\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2674,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (559)","md5":"8152432c915271c18e13c9c8e421348f","sha1":"0d602ed659308bca7c3b70867848dc8a2bc097f9","sha256":"91639b0366a8e73ce52bf08854906bff55ee58a6855257fa6bce393ad58f09b3","sha512":"f0940f9af4b15564f638079358d81e1114e6a897cf15308a255b98d8e59223b902e014989f355f6dfe5f95fcffd2c0576fe596c8a004adf6ff032670b6eb525e","ssdeep":"","tlshash":"ba51522564a5502f6237135aaf7ecb9db6327c01714bac39c22d52f13490c53db4ecba","first_seen":"2025-10-25T19:34:56.329143Z","last_seen":"2026-01-03T12:00:08.420639Z","times_seen":9,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-25","alert":"Sinkholed","trigger":"nastypetiteteens.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nastypetiteteens.com/images/VhMK.gif","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nastypetiteteens.com/","date":"2025-10-25T19:34:33.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nastypetiteteens.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:04:26 GMT","end":"Sat, 10 Jan 2026 05:04:25 GMT"},"fingerprint":{"sha1":"46:39:C3:E6:C7:FD:EF:7D:C5:60:09:75:2D:9E:C7:BB:0E:E6:C9:7B","sha256":"2F:B5:A1:1C:63:AC:F8:82:E9:64:AD:72:1D:A1:4D:1E:C3:3D:F6:6B:23:F6:2D:44:09:7D:F1:AF:0C:21:21:3E"}}},"request":{"raw":"GET /images/VhMK.gif HTTP/1.1\r\nHost: nastypetiteteens.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nastypetiteteens.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 25 Oct 2025 19:34:33 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1086767\r\nlast-modified: Wed, 06 Aug 2025 19:26:30 GMT\r\netag: \"6893ac66-10952f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1086767,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 338 x 302","md5":"aee7c987ea79873ca6b88283b8a814d8","sha1":"e698a70f7548394874d33ae556435d55c5a6daa2","sha256":"e4d48e9bd90b58a96ad3edbc1ecae73d622050197673e525c2152cf16f70fa32","sha512":"ab2f17429df15dec61c5285b2cb61d1e31fa6aba815a2984c45f62730111ca42598e8c034c27de1fc2f5232daadbd3097cb1ef46ce7d7bdd5a3c8391078bf214","ssdeep":"24576:K2gPI552/nZMvu6qzqQfrgvd4pRJSHFHPxbaH+:K2gk2vZRfbvcHFHJbx","tlshash":"9c25339a55728a6198cf46fa12928fb8651434ed4e1adbf7fe603ce1458c970c5f03cc","first_seen":"2025-10-25T19:34:56.331477Z","last_seen":"2025-10-25T19:34:56.331477Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1051,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":906,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-25","alert":"Sinkholed","trigger":"nastypetiteteens.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nastypetiteteens.com/favicon.ico","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nastypetiteteens.com/","date":"2025-10-25T19:34:33.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nastypetiteteens.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:04:26 GMT","end":"Sat, 10 Jan 2026 05:04:25 GMT"},"fingerprint":{"sha1":"46:39:C3:E6:C7:FD:EF:7D:C5:60:09:75:2D:9E:C7:BB:0E:E6:C9:7B","sha256":"2F:B5:A1:1C:63:AC:F8:82:E9:64:AD:72:1D:A1:4D:1E:C3:3D:F6:6B:23:F6:2D:44:09:7D:F1:AF:0C:21:21:3E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: nastypetiteteens.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nastypetiteteens.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cabb2=bm9yZWZ8fHwxfDB8MHxub25lfDA6; cabb2b=1761420873\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sat, 25 Oct 2025 19:34:33 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 22 Jul 2025 04:31:23 GMT\r\netag: W/\"b52-63a7d1097f7c5\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-04-04T01:52:25.0368Z","times_seen":5578,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-25","alert":"Sinkholed","trigger":"nastypetiteteens.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nastypetiteteens.com/","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-25T19:34:32.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nastypetiteteens.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:04:26 GMT","end":"Sat, 10 Jan 2026 05:04:25 GMT"},"fingerprint":{"sha1":"46:39:C3:E6:C7:FD:EF:7D:C5:60:09:75:2D:9E:C7:BB:0E:E6:C9:7B","sha256":"2F:B5:A1:1C:63:AC:F8:82:E9:64:AD:72:1D:A1:4D:1E:C3:3D:F6:6B:23:F6:2D:44:09:7D:F1:AF:0C:21:21:3E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: nastypetiteteens.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 25 Oct 2025 19:34:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 1226\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8593,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"b497c8bdaeb0a34658a66b3cf378bc03","sha1":"6147ab159334f17e41024c1d64390bd230447df9","sha256":"8e548fcdd8188bef6d6d6c82053ed70be4a57008c9e6c42827c04437fe1a6b01","sha512":"ef553e0112b7663d21c1d2392d648b513bc524cf5bb3100996ed10b17727d74901a0e4f5ec932f0341479bda6f48bf996230f7a30648ae779d426f6f9b1e0da3","ssdeep":"96:63IrARUcM67Q7b7i7r7U7E7k7u7U797B707h7K7t7S71757n7u7h7G7ed7K7437w:uIOUcGlIzWT6","tlshash":"c30219a8f5cf344757bd2ebd98130d56521337d1d5621a08237f85affe1228868a33da","first_seen":"2025-10-25T19:34:56.334613Z","last_seen":"2025-10-25T19:34:56.334613Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1170,"timings":{"blocked":507,"dns":203,"connect":144,"send":0,"wait":156,"receive":0,"ssl":149},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-25","alert":"Sinkholed","trigger":"nastypetiteteens.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nastypetiteteens.com/rect.js","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://nastypetiteteens.com/","date":"2025-10-25T19:34:33.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nastypetiteteens.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:04:26 GMT","end":"Sat, 10 Jan 2026 05:04:25 GMT"},"fingerprint":{"sha1":"46:39:C3:E6:C7:FD:EF:7D:C5:60:09:75:2D:9E:C7:BB:0E:E6:C9:7B","sha256":"2F:B5:A1:1C:63:AC:F8:82:E9:64:AD:72:1D:A1:4D:1E:C3:3D:F6:6B:23:F6:2D:44:09:7D:F1:AF:0C:21:21:3E"}}},"request":{"raw":"GET /rect.js HTTP/1.1\r\nHost: nastypetiteteens.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nastypetiteteens.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 25 Oct 2025 19:34:33 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 799\r\nlast-modified: Thu, 16 Oct 2025 04:13:15 GMT\r\netag: \"68f070db-31f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":799,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (376)","md5":"902d6dacc84459c122e175e9a8da9256","sha1":"6d42493bea6e55833358f8b951689a903e71f2ce","sha256":"1d0a3ecf088ae773d925978e08f8b9f048a293a5b48dd6f679f5e722c3b4f4eb","sha512":"8f5d5ea57f2d83994c9b2d14bdb595559947057b158e5ca97ca35855c1124d482cbfb71943640c23feb04baca5ea7ce3f7b6f6bcf9d7aec6cb36bbdfee0959f4","ssdeep":"","tlshash":"e101bdad60d128344da335bc8fff613850766183544a4a02b61e4e813f7121ed649c8c","first_seen":"2025-10-25T19:34:56.336619Z","last_seen":"2025-10-25T19:34:56.336619Z","times_seen":1,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-25","alert":"Sinkholed","trigger":"nastypetiteteens.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"nastypetiteteens.com/images/redplay2_1691153100.png","fqdn":"nastypetiteteens.com","domain":"nastypetiteteens.com","tld":"com"},"ip":{"addr":"162.244.33.34","port":443,"asn":14576,"as":"HOSTING-SOLUTIONS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://nastypetiteteens.com/","date":"2025-10-25T19:34:33.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nastypetiteteens.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Oct 2025 05:04:26 GMT","end":"Sat, 10 Jan 2026 05:04:25 GMT"},"fingerprint":{"sha1":"46:39:C3:E6:C7:FD:EF:7D:C5:60:09:75:2D:9E:C7:BB:0E:E6:C9:7B","sha256":"2F:B5:A1:1C:63:AC:F8:82:E9:64:AD:72:1D:A1:4D:1E:C3:3D:F6:6B:23:F6:2D:44:09:7D:F1:AF:0C:21:21:3E"}}},"request":{"raw":"GET /images/redplay2_1691153100.png HTTP/1.1\r\nHost: nastypetiteteens.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://nastypetiteteens.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 25 Oct 2025 19:34:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 1389\r\nlast-modified: Tue, 03 Jun 2025 04:16:54 GMT\r\netag: \"683e7736-56d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1389,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 31 x 28, 8-bit/color RGBA, non-interlaced","md5":"6f13d6e456de782b0b121b721b05ffc2","sha1":"000fdd671bf50c7f334226686393d7ec989a4418","sha256":"2e4d5b85ba497af4af807a422115a1552bc8dbb06c58d7777e626aefa469f9ce","sha512":"a5ac841c9321dff61935bc6e6a9313a24e8d1d70f05547cfbd35bbb10548b6ba6d6aa63381ba0dbc60d395c22f5f58d5aeb094b6e15a0471eb42337862b9a83c","ssdeep":"","tlshash":"902108508a3b2c4ee21f4930a1c705e1f4ac8a228a4f5b8ce2cb45943f2431d069b47c","first_seen":"2025-10-25T19:34:56.338581Z","last_seen":"2025-10-25T19:34:56.338581Z","times_seen":1,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":434,"receive":151,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-10-25","alert":"Sinkholed","trigger":"nastypetiteteens.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}