Overview

URL nastyspice.com/
IP66.96.147.160
ASNBIZLAND-SD
Location United States
Report completed2022-09-21 05:27:25 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-21 2 nastyspice.com/ Malware
2022-09-21 2 nastyspice.com/index.html Malware
2022-09-21 2 nastyspice.com/index.html Malware
2022-09-21 2 nastyspice.com/files/theme/custom.js?1492801628 Malware
2022-09-21 2 nastyspice.com/files/theme/mobile.js?1492801628 Malware
2022-09-21 2 nastyspice.com/files/theme/plugins.js?1492801628 Malware
2022-09-21 2 nastyspice.com/uploads/7/7/8/4/77849150/editor/fheo350.png?1498332580 Malware
2022-09-21 2 nastyspice.com/uploads/7/7/8/4/77849150/editor/realtor-mls-logo.png?1498332716 Malware
2022-09-21 2 nastyspice.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[Customer (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_u (...)
IP  34.120.237.76
Magic gzip compressed data, max compression\012- data
Size 4816
MD5 ffac2a2cae9eba89724de57bfd899a79
SHA1 9d17ff92fc104da39a44d3f69c500c3ab1e6103b
SHA256 ad9aae7c5e8bcbbf0ab11b11b5ed638f127bb7dd41acf2db06ffa7701faa86f3
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cdn2.editmysite.com (7) 11564 2012-10-02 18:27:39 UTC 2022-09-21 04:28:02 UTC 151.101.85.46
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-21 04:08:37 UTC 54.148.228.45
mnemonic passive DNS nastyspice.com (15) 0 2022-02-13 19:02:44 UTC 2022-09-20 16:27:15 UTC 66.96.147.160 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-20 20:31:37 UTC 143.204.55.27
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-21 04:07:23 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (12) 175 2017-06-14 07:23:31 UTC 2022-09-20 04:47:45 UTC 142.250.74.3
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-20 22:30:14 UTC 142.250.74.164
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-20 13:42:45 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-21 04:08:37 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-21 04:08:37 UTC 143.204.55.110
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-21 00:49:48 UTC 34.120.237.76
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-21 04:07:58 UTC 216.58.211.10
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-20 04:47:04 UTC 34.117.237.239
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-20 04:47:45 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS www.weebly.com (1) 21455 2014-01-19 01:07:09 UTC 2022-09-21 04:08:30 UTC 74.115.50.110


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 66.96.147.160

Date UQ / IDS / BL URL IP
2022-11-05 18:02:45 +0000
0 - 0 - 7 dhsoftware.com.au/downloads/SpacesInstall_1.0 (...) 66.96.147.160
2022-10-21 06:33:57 +0000
0 - 0 - 2 wadja.org/ 66.96.147.160
2022-10-08 16:37:25 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160
2022-09-21 05:27:25 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160
2022-09-14 06:27:22 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160

Last 5 reports on ASN: BIZLAND-SD

Date UQ / IDS / BL URL IP
2022-12-01 15:24:26 +0000
0 - 0 - 0 www.benschasfoort.com 65.254.227.224
2022-12-01 14:32:47 +0000
0 - 0 - 1 www.joeware.net/downloads/files/AdFind.zip 65.254.227.224
2022-12-01 11:12:51 +0000
0 - 0 - 2 mypingi.com/ 66.96.162.147
2022-12-01 09:59:12 +0000
0 - 0 - 2 photo-services.info/ 66.96.149.32
2022-12-01 09:44:45 +0000
0 - 0 - 2 port-meadow.com/ 66.96.162.135

Last 4 reports on domain: nastyspice.com

Date UQ / IDS / BL URL IP
2022-10-08 16:37:25 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160
2022-09-21 05:27:25 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160
2022-09-14 06:27:22 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160
2022-09-11 23:28:26 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160

Last 3 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-08 16:37:25 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160
2022-09-14 06:27:22 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160
2022-09-11 23:28:26 +0000
0 - 0 - 9 nastyspice.com/ 66.96.147.160


JavaScript

Executed Scripts (20)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (58)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         66.96.147.160
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 21 Sep 2022 05:27:12 GMT
Content-Length: 240
Connection: keep-alive
Server: Apache/2
Location: http://nastyspice.com/index.html
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 06:27:09 GMT
Age: 4


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   240
Md5:    64ad32f10451334b50cb158708ecc2fa
Sha1:   4b8a264e79644e672cf36fdf9df4fa746777f9fe
Sha256: a24d8d2bdea00735b294913e139caba6b472a78c5a0d8740a649ccec11245dc4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 05:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0lCygrN-_3JPFW8j3K7lzrdLKxkDoFW98UjncX745ydOzM88IIpf9g==
Age: 821


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7882
Expires: Wed, 21 Sep 2022 07:38:35 GMT
Date: Wed, 21 Sep 2022 05:27:13 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Abi80iIbK9koyEte4qW7ykThhl2oejXz2iRj05WoGmszDZp_kbZ0gw==
age: 3120
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /index.html HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         66.96.147.160
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 21 Sep 2022 05:27:13 GMT
Content-Length: 217
Connection: keep-alive
Server: Apache/2
Location: https://nastyspice.com/index.html
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 06:27:09 GMT
Age: 4


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   217
Md5:    58f042b13aa332285f10fe46e7cad08a
Sha1:   bcf833e99cbb8f43e2a62415bbfd9cc4ab8af392
Sha256: 2f396dc486b2bb74481605dfffc4d3d5768966b4a1ae51a1f99faaa9e0954fe7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 21 Sep 2022 05:27:13 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 05:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 05:38:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8rf2c7FZnU0gfe5pKctk12bMOwIczOHz-vK4vZxg30Ya0LCWqPHxhg==
Age: 1431


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0421D602C79B33E05106ED8AF44692D5BC1C94315ADEF577041E22FEC1A91A6C"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Wed, 21 Sep 2022 11:26:26 GMT
Date: Wed, 21 Sep 2022 05:27:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4776
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 05:27:13 GMT
Last-Modified: Wed, 21 Sep 2022 04:07:37 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /index.html HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Wed, 21 Sep 2022 05:27:13 GMT
Content-Length: 24804
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 18 Nov 2021 07:53:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Etag: "60e4-5d10b760283ba"
Expires: Wed, 21 Sep 2022 06:27:13 GMT
Age: 0


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1350), with CRLF, LF line terminators
Size:   24804
Md5:    a3fc1be8dc662fb30b23de0cd85d8dc4
Sha1:   7b08f4c8b5e086c826ef577b0297a03764bba7ff
Sha256: 26b374a6dc9fa3c6b165a0a06fee04f015768dbf77def562423c48716633ea96

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/social-icons.css?buildtime=1498169384 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:48:41 GMT
etag: W/"631a5529-3319"
expires: Tue, 27 Sep 2022 11:32:35 GMT
cache-control: max-age=1209600
x-host: grn105.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:27:14 GMT
age: 669279
x-served-by: cache-sjc10029-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663738034.208270,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13080)
Size:   1639
Md5:    8d187cb7374eeeae857b6a61a61de0f4
Sha1:   b44aac11580606735fa1aa8b9637f56268267b0a
Sha256: 427bb56305a151eebd863996d75a06a7a3efe1a9861eefdea80c820ffcd4fb20
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/old/fancybox.css?1498169384 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Mon, 19 Sep 2022 20:20:53 GMT
etag: "6328cf25-f47"
expires: Tue, 04 Oct 2022 12:44:42 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:27:14 GMT
age: 60152
x-served-by: cache-sjc10041-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663738034.215200,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1637163223 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Mon, 19 Sep 2022 20:21:10 GMT
etag: "6328cf36-8250f"
expires: Tue, 04 Oct 2022 07:54:48 GMT
cache-control: max-age=1209600
x-host: grn52.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:27:14 GMT
age: 77545
x-served-by: cache-sjc10067-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663738034.208541,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 158975
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32007)
Size:   158975
Md5:    c29a5e4fd4ee0d3b7cd0597f2b9b602b
Sha1:   bb134ed641467954f4a724167dc7ea56a03e7fa8
Sha256: bf9850a7e6dd269898b78ecf07a34438bc300cad0bbb2d280e10ccadf81646b2
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xwtzMzHvL6/MQGRC1wRk0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.228.45
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KdfaVlimMkQWO20wj+b/BQ6ZgJY=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/sites.css?buildTime=1637163223 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:48:41 GMT
etag: W/"631a5529-347ac"
expires: Mon, 26 Sep 2022 13:16:40 GMT
cache-control: max-age=1209600
x-host: blu114.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:27:14 GMT
age: 749434
x-served-by: cache-sjc10036-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663738034.211140,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29746
Md5:    d10158b22b553f723d99dc78eaee6390
Sha1:   80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
Sha256: 939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
                                        
                                            GET /js/lang/en/stl.js?buildTime=1498169384& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:47:36 GMT
etag: "631a54e8-2c44e"
expires: Tue, 27 Sep 2022 08:40:31 GMT
cache-control: max-age=1209600
x-host: blu72.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:27:14 GMT
age: 679602
x-served-by: cache-sjc10059-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663738034.213127,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size:   32802
Md5:    40ee71f2f2de93b9561845efa9a0cbbc
Sha1:   13451e3fb165d1ad524d9863d8344eab4a2fe353
Sha256: 41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe
                                        
                                            GET /gdpr/gdprscript.js?buildTime=1637163223&hasRemindMe=true&stealth=false HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 227
Connection: keep-alive
Server: Apache/2
Last-Modified: Sun, 23 Sep 2018 13:24:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "e3-57689c944759c"
Expires: Wed, 21 Sep 2022 09:27:14 GMT
Age: 0


--- Additional Info ---
Magic:  ASCII text
Size:   227
Md5:    2339588fa78adf3430430caa9216110e
Sha1:   54993c13ac2d139c871fd1bc1125c61dccb1ffda
Sha256: 6cc73aa4822bdc024366ba999d93b6a62c18b3ef40814f8f253dfc557075c22b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/theme/custom.js?1492801628 HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 7090
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 19:35:53 GMT
ETag: "1bb2-552b9d370bee8"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 21 Sep 2022 09:27:14 GMT
Age: 0


--- Additional Info ---
Magic:  ASCII text
Size:   7090
Md5:    5da53b567e46be3a2bd71096fb2995bc
Sha1:   da54df2158a778807f91c6d899229d515a489dc6
Sha256: 5feb822d8698f127f0f85d3edf620c63ff5189509fb85992c1d74abbd25d83ee

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/site/main.js?buildTime=1637163223 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 08 Sep 2022 20:49:09 GMT
etag: "631a5545-74804"
expires: Mon, 26 Sep 2022 12:14:32 GMT
cache-control: max-age=1209600
x-host: blu83.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:27:14 GMT
age: 753162
x-served-by: cache-sjc10055-SJC, cache-bma1654-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1663738034.212644,VS0,VE353
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32147)
Size:   146400
Md5:    81b8673c5d3aa3ab8c0574f2a8f0e3b4
Sha1:   2e0661bc7907d9e2703b3347c3fec579f0aef5d6
Sha256: 0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
                                        
                                            GET /files/theme/mobile.js?1492801628 HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 16132
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 19:35:53 GMT
ETag: "3f04-552b9d37542d8"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 21 Sep 2022 09:27:14 GMT
Age: 0


--- Additional Info ---
Magic:  ASCII text
Size:   16132
Md5:    07e9e6c62f36b3d745591589ed2c0103
Sha1:   fe95eba44fe0df02f49aadb5bdd620fcc39e6689
Sha256: e35cdae965132932644d580706fba96e1b54e9affbe3abab406e54e95d17a0cd

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /files/theme/plugins.js?1492801628 HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 84796
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 11 Apr 2016 00:04:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "14b3c-5302a4b59d77b"
Expires: Wed, 21 Sep 2022 09:27:14 GMT
Age: 0


--- Additional Info ---
Magic:  ASCII text
Size:   84796
Md5:    a8bf2ebe41b28e96d5d8deb2b83e0ee3
Sha1:   279d33ee5dc06585c349301b852848489ae8ca10
Sha256: 2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /files/main_style.css?1498340581 HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 52691
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 21:43:09 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "cdd3-552bb9a98771a"
Expires: Wed, 21 Sep 2022 09:27:14 GMT
Age: 0


--- Additional Info ---
Magic:  ASCII text, with very long lines (636)
Size:   52691
Md5:    249888dad34367cd218b4adee1686b78
Sha1:   451511531d2f611151bb181bf71ed4260ec30657
Sha256: 54bd1505631d473277078e60e8fd06441ddf2110aea41a06c77576133a8dc1cf
                                        
                                            GET /uploads/7/7/8/4/77849150/editor/fheo350.png?1498332580 HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 906
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 20:25:45 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "38a-552ba85cf1375"
Expires: Wed, 21 Sep 2022 09:27:14 GMT
Age: 0


--- Additional Info ---
Magic:  PNG image data, 32 x 35, 8-bit gray+alpha, non-interlaced\012- data
Size:   906
Md5:    9740cdcebcfc1493e9df1424537778ef
Sha1:   6bce42281285cf44fb0efa09435984c5502c28b9
Sha256: cec8c9dbd6bd4bbf7d8e1944e6674a8b9d1ace56eed43c45fd794543e02accb4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /uploads/7/7/8/4/77849150/published/srr-logo.png?1498332787 HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 10025
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 20:24:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "2729-552ba7fa42ba8"
Expires: Wed, 21 Sep 2022 09:27:14 GMT
Age: 0


--- Additional Info ---
Magic:  PNG image data, 277 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size:   10025
Md5:    e7292458c6790da37088022886b20d14
Sha1:   9dc965485cfd5c8e3353162c1ae768032f8eda86
Sha256: e3a7ab52c98290b1e2ab9510778893bceb9fa81e7fc0a6e748e2adfdb01904de
                                        
                                            GET /uploads/7/7/8/4/77849150/editor/realtor-mls-logo.png?1498332716 HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 1260
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 20:24:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "4ec-552ba7f9fbaf4"
Expires: Wed, 21 Sep 2022 09:27:14 GMT
Age: 0


--- Additional Info ---
Magic:  PNG image data, 67 x 30, 8-bit gray+alpha, non-interlaced\012- data
Size:   1260
Md5:    342d5dbbbcd2f71ecfb3531d527b9e81
Sha1:   f905d01a71738a2b85501f9a242b02c3a0590477
Sha256: 86e5e86c778c1fec7cbf08fe41591f3f7596f80e257c70e7a12423d1530657c2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /uploads/7/7/8/4/77849150/5824791.png HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 5251
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 11 Apr 2016 00:31:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "1483-5302aa9d92291"
Expires: Wed, 21 Sep 2022 09:27:14 GMT
Age: 0


--- Additional Info ---
Magic:  PNG image data, 123 x 100, 8-bit gray+alpha, non-interlaced\012- data
Size:   5251
Md5:    3857e03b18749f7432fd1d84110033b1
Sha1:   15d56f8730644049b5225fe9bbb7568430abb1a3
Sha256: d5b70063dd2a8e5e4315ba6af6102dc70c3352945192ad941c901e9e5529393c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nastyspice.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 478017
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nastyspice.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 18:22:39 GMT
expires: Thu, 14 Sep 2023 18:22:39 GMT
cache-control: public, max-age=31536000
age: 558276
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Size:   26100
Md5:    312bcfa92b0b0a09c3f404b2c662a0b6
Sha1:   5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
Sha256: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/theme/images/scroll.png?1498340581 HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/files/main_style.css?1498340581
Cookie: gdpr-kb=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 21 Sep 2022 05:27:15 GMT
Content-Length: 1837
Connection: keep-alive
Server: Apache/2
Last-Modified: Sun, 10 Apr 2016 23:54:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "72d-5302a2735f90b"
Expires: Wed, 21 Sep 2022 09:27:15 GMT
Age: 0


--- Additional Info ---
Magic:  PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   1837
Md5:    339a7f37eb8527f719df1ba12d2cefb1
Sha1:   d73b5156e2f6ac0a8c82e235be758cb9d105b18c
Sha256: 3a8fc37ed708c8e7d7dbd4d86f5b68a8b1df9ba0b651dc97d74ac7d26d307df1
                                        
                                            GET /recaptcha/api.js?_=1663738035031 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Wed, 21 Sep 2022 05:27:15 GMT
date: Wed, 21 Sep 2022 05:27:15 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (850), with no line terminators
Size:   556
Md5:    27b68162c75bebb4dacf518c46e974d5
Sha1:   99abc7e3e02891bec5de3dda3cb18a6f865f82bc
Sha256: 93415a1ed398b656767f092c53ca274ad9ae9c8cb0672831fa3c4ab275f994d1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 05:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nastyspice.com
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
age: 604186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (581)
Size:   157726
Md5:    6519c7c04cf32a57b1c5ee45a73c233e
Sha1:   4939bb921988e9eb13780cc2244f3099776e9bfb
Sha256: 8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
                                        
                                            GET /uploads/7/7/8/4/77849150/background-images/1070233398.jpg HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Cookie: gdpr-kb=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 21 Sep 2022 05:27:14 GMT
Content-Length: 226046
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 20:24:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "372fe-552ba7facce8a"
Expires: Wed, 21 Sep 2022 09:27:15 GMT
Age: 1


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1072x712, components 3\012- data
Size:   226046
Md5:    d50002f6733005f76f0aa524a81c82e0
Sha1:   2d332747f5fed1f019477945d76aa51de9fbbdc7
Sha256: 03edadeff7d67b6fd84861f917a18c28e4078f178e515315743190329068bff4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10634
Expires: Wed, 21 Sep 2022 08:24:29 GMT
Date: Wed, 21 Sep 2022 05:27:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10634
Expires: Wed, 21 Sep 2022 08:24:29 GMT
Date: Wed, 21 Sep 2022 05:27:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10634
Expires: Wed, 21 Sep 2022 08:24:29 GMT
Date: Wed, 21 Sep 2022 05:27:15 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 25521
etag: "09bd3300d710c3212483159f8398b84cde09da26"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7507
Md5:    4d98acc059a69d51165fb5e0c7430ea3
Sha1:   09bd3300d710c3212483159f8398b84cde09da26
Sha256: 6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4296
x-amzn-requestid: c85bf15a-42ec-48d0-a8c6-72be1c66f0af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VTGWMoAMF3fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-0396631418a153b5719363f6;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GpNFRpRcL5wLzPbd0GwW7BWYBDH9q-tEuECtoxDAD4RJmphpia8S5g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:41:42 GMT
age: 24333
etag: "0d93de1e5f6a5c64116accbd61d003c349664483"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   4816
Md5:    ffac2a2cae9eba89724de57bfd899a79
Sha1:   9d17ff92fc104da39a44d3f69c500c3ab1e6103b
Sha256: ad9aae7c5e8bcbbf0ab11b11b5ed638f127bb7dd41acf2db06ffa7701faa86f3

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273857c4-a36e-4755-b3c4-1ff5fcd3d260.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11440
x-amzn-requestid: eda42fc3-bfca-4c15-856f-fae709e79c4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvZ5EcDIAMF9lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c3f-3ae1bd425e29e23c2ee71933;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Y5QhJH7dOsTpV4mdGHuK_xaJJRUvV8JzDgcmBoqtvnTiLlTp38Nbug==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:34 GMT
age: 27581
etag: "5dfdf9835782ef3825a45bfcc7f38dfe3a754df0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11440
Md5:    a4a275a6a20ad8a21f49b3ed73098126
Sha1:   5dfdf9835782ef3825a45bfcc7f38dfe3a754df0
Sha256: 933a6d502e92d7320ad9f3204c768b0d7d757f136d4c9c130e418e74a36dde06
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 53334
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10244
Md5:    14e6ddceb639a5f4875aecb796f95c79
Sha1:   b1cd04a66852694284eeef16a1cde38896e33c03
Sha256: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
                                        
                                            GET /css?family=Montserrat:400,700&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 05:27:14 GMT
date: Wed, 21 Sep 2022 05:27:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5695
Md5:    3bca099d1e77cddf6ab57b14ca6ae95f
Sha1:   74a0d8e2277d7e0900f5427f4f8b48e359ba3e73
Sha256: 5ddefdd6fffa68f557682dc234d4b11405808219a2093acc0163453afdeb9858
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6904
x-amzn-requestid: 1c4e2685-d06f-45fc-ab93-8678905f3804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwcI5HuLoAMFoRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329a705-099ce127249e148456270c11;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:41:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sRlJblY5obOlucutG9WQ_WPl5QGdA-0XsxIkHGkShaHvezNeqwGrkw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:37:39 GMT
age: 28176
etag: "443706b089783f7a16d4b001948a141a83ace053"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6904
Md5:    2cb692de2fcf108bf060af0b9599869f
Sha1:   443706b089783f7a16d4b001948a141a83ace053
Sha256: 06bedf63121d961420176535071c3a98d39e1d4586acb734d00ad80ce2b291ce
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1128
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 05:27:15 GMT
Last-Modified: Wed, 21 Sep 2022 05:08:28 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /uploads/reseller/assets/1001-favicon.ico HTTP/1.1 
Host: www.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         74.115.50.110
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Wed, 21 Sep 2022 05:27:15 GMT
Content-Length: 3739
Connection: keep-alive
ETag: "61c39c46-e9b"
X-Host: grn62.sf2p.intern.weebly.net
X-W-DC: SFO


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Size:   3739
Md5:    2eeb3e560ca8f369be20ceb5858a4701
Sha1:   6c53e6b66c1bc6d0b93116e14fb79c30424bf36c
Sha256: ac2d9485acf7e9c29d94d31f19d3aedda958cd4f6119ddc888fbbde52d6078dd
                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: nastyspice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://nastyspice.com
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Cookie: gdpr-kb=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         66.96.147.160
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Wed, 21 Sep 2022 05:27:15 GMT
Content-Length: 348
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.4.10
Vary: X-W-SSL,User-Agent
X-Host: grn95.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
X-DS-Version: 1498340583
Age: 0


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size:   348
Md5:    a944dd688c99d2901d6719be713271c0
Sha1:   4f5454d5d434829baf46671638610791758725d9
Sha256: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8fb4f53-c4a2-4769-939e-c2f7ff562e36.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7383
x-amzn-requestid: 32b97df0-b979-4e80-a54f-cae77affc915
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy2sHJ_oAMF0bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31c4-2c6db6e21fa1db233a4c1f49;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bmxUC0kur2YyFURbaNuBfgoyC3_l6XVfmKAyA-41jFdjBN2bY60GkQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
etag: "96048f054243b5a13f14ab3dd9f4a0f3f2e0feae"
age: 27978
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7383
Md5:    681b3e236c8b9bc524d935af247ec72b
Sha1:   96048f054243b5a13f14ab3dd9f4a0f3f2e0feae
Sha256: aaa2f649fd336f89b3c0fc1d9226f8763f5a8cd850826a7f0819ebe7414fbf2a
                                        
                                            GET /js/lang/en/stl.js?buildTime=1637163223& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.46
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Mon, 19 Sep 2022 20:19:49 GMT
etag: "6328cee5-2c4a6"
expires: Tue, 04 Oct 2022 12:42:41 GMT
cache-control: max-age=1209600
x-host: grn123.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:27:14 GMT
age: 60272
x-served-by: cache-sjc10048-SJC, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663738034.216396,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32828
X-Firefox-Spdy: h2


--- Additional Info ---