Report - nastyspice.com/

Report Overview

Submitted URL
nastyspice.com/
IP
66.96.147.160
ASN
#29873 BIZLAND-SD
Submitted
2022-09-14 06:27:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	957 B	59 kB	142.250.74.163
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	441 B	158 kB	142.250.74.163
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	95.101.11.115
cdn2.editmysite.com	11564	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	376 kB	151.101.85.46
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	833 B	2.5 kB	142.250.74.10
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	76 kB	34.120.237.76
nastyspice.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.3 kB	437 kB	66.96.147.160
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.208.31.97
www.weebly.com	21455	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	4.0 kB	74.115.50.110
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-14	medium	nastyspice.com/	Malware
2022-09-14	medium	nastyspice.com/index.html	Malware
2022-09-14	medium	nastyspice.com/index.html	Malware
2022-09-14	medium	nastyspice.com/files/theme/plugins.js?1492801628	Malware
2022-09-14	medium	nastyspice.com/files/theme/custom.js?1492801628	Malware
2022-09-14	medium	nastyspice.com/files/theme/mobile.js?1492801628	Malware
2022-09-14	medium	nastyspice.com/uploads/7/7/8/4/77849150/editor/fheo350.png?1498332580	Malware
2022-09-14	medium	nastyspice.com/uploads/7/7/8/4/77849150/editor/realtor-mls-logo.png?1498332716	Malware
2022-09-14	medium	nastyspice.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 13:57:05 Times Seen37092673 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1498169384&	181 kB	2023-03-07	2023-03-17
Pretty URL cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1498169384& IP 151.101.85.46 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:46:21 Times Seen1 Hash 6d0e19ea5a149c71990a9f7e6ef153dc 0479103bf6dddcec668738f203d69441345e0c3d 9bfb6266418837cf775c1d459a95843d075262619e2c5b2654caaa7773ad3bdc Loading...

	nastyspice.com/files/theme/custom.js?1492801628	7.1 kB	2023-03-07	2023-05-29
Pretty URL nastyspice.com/files/theme/custom.js?1492801628 IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:54 Last Seen2023-05-29 17:48:01 Times Seen5 Hash 5da53b567e46be3a2bd71096fb2995bc da54df2158a778807f91c6d899229d515a489dc6 5feb822d8698f127f0f85d3edf620c63ff5189509fb85992c1d74abbd25d83ee Loading...

	nastyspice.com/index.html	265 B	2023-03-07	2023-03-08
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:23 Last Seen2023-03-08 09:30:29 Times Seen1 Hash 578468c5d8e6ac9074b2f759ae9dfb74 31a2022c68f9593bba6dd4e83223d9be762826ad 9e77ec1e1244b0113ffbe9b291dfc08ba17eecca2010b3fac8deaf2f9bfe5da0 Loading...

	nastyspice.com/index.html	62 B	2023-03-07	2024-04-26
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 08:17:53 Times Seen2952 Hash 461bd236ddeca3b8b6e3cca8599ccb43 73c74d3281452e483c11f944d798738afc7f5b89 aebd4ac1ead5b4987d8b975cafa889ca1a6831175bc206ca9552863e390bc0f1 Loading...

	nastyspice.com/files/theme/plugins.js?1492801628	85 kB	2023-03-07	2024-04-20
Pretty URL nastyspice.com/files/theme/plugins.js?1492801628 IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:29 Last Seen2024-04-20 18:01:05 Times Seen167 Hash a8bf2ebe41b28e96d5d8deb2b83e0ee3 279d33ee5dc06585c349301b852848489ae8ca10 2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8 Loading...

	nastyspice.com/files/theme/mobile.js?1492801628	16 kB	2023-03-07	2023-05-29
Pretty URL nastyspice.com/files/theme/mobile.js?1492801628 IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:54 Last Seen2023-05-29 17:48:01 Times Seen6 Hash 07e9e6c62f36b3d745591589ed2c0103 fe95eba44fe0df02f49aadb5bdd620fcc39e6689 e35cdae965132932644d580706fba96e1b54e9affbe3abab406e54e95d17a0cd Loading...

	nastyspice.com/index.html	35 B	2023-03-07	2024-04-26
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-26 08:17:53 Times Seen2957 Hash 13385ea3f3e6184de3bfa80f08fe938b 6f859a2fd4b7e15ed74990516d97a52e7b4eeb20 5e87d85ec57af5d97b6c0d4c6e766afd2b53d077102827d19625a37d8cd11c2d Loading...

	nastyspice.com/index.html	32 B	2023-03-07	2024-04-26
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-26 08:17:53 Times Seen2966 Hash 1bca01edca83d94091a2bb38d7ef8183 d05117e4ab3b3461be3855e95813a5c607e3ca95 fcf1cbf5cfad6d605868f42d38a0a937f5e6eaa91b05dcfbbbc95e4c3e23e528 Loading...

	www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js	397 kB	2023-03-07	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:14:20 Last Seen2023-03-17 11:41:52 Times Seen1 Hash 09705f2d215ade77e21cd6743f3d2c0c b4838ce510bc55c3a5bd5dca82e29f4de4536e81 52995c7482cb8361e6abfee05a9ec892a3d85679cdcf995e7f2fe711c6ba0150 Loading...

	nastyspice.com/gdpr/gdprscript.js?buildTime=1637163223&hasRemindMe=true&stealth=false	227 B	2023-03-07	2024-03-30
Pretty URL nastyspice.com/gdpr/gdprscript.js?buildTime=1637163223&hasRemindMe=true&stealth=false IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:37 Last Seen2024-03-30 17:48:54 Times Seen16 Hash 2339588fa78adf3430430caa9216110e 54993c13ac2d139c871fd1bc1125c61dccb1ffda 6cc73aa4822bdc024366ba999d93b6a62c18b3ef40814f8f253dfc557075c22b Loading...

	nastyspice.com/index.html	117 B	2023-03-07	2024-04-26
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 08:17:53 Times Seen2943 Hash ef142665f07ac27f698aa34d471c4439 b9e0d81f97054a9a0a68f57096d992ba58f33184 fbfd3b11452dce82b76e405100aece37dcfe12df4c71fb8f2bc2fe2166e9f07f Loading...

	nastyspice.com/index.html	23 B	2023-03-07	2024-04-18
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:41 Last Seen2024-04-18 10:55:16 Times Seen177 Hash 9c38874ff03199b732e554ac5d16e57e 21f73581cb04ef4d2261a25326d62f3a26dd6aa5 19661648f5429fc450334613db4baadec338413076878891d57053b6e3638d62 Loading...

	nastyspice.com/index.html	22 B	2023-03-07	2024-04-26
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-26 08:17:53 Times Seen2287 Hash 9a33cbad7c996ea8903a3eb3332a125c 8efed109b301f8aa0f3768dcd824d669d0129741 5d3b8f4578ca89904a46d014a8433346ca2773e8691f6cc9d09b2b30f0802dbc Loading...

	www.google.com/recaptcha/api.js?_=1663136819185	850 B	2023-03-07	2023-06-01
Pretty URL www.google.com/recaptcha/api.js?_=1663136819185 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:14:35 Last Seen2023-06-01 18:53:29 Times Seen3 Hash e4a27b80af74574723492ba0e07dca3e 0f63076c868d36e4a513a6510f7dae886c771d71 62873763c68dae3a2e2d5426b0bea772aa615eab4b31e48f8d35709dd49e84b8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js	94 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-04-26 10:43:34 Times Seen16318 Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7 06e872300088b9ba8a08427d28ed0efcdf9c6ff5 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Loading...

	nastyspice.com/index.html	1.8 kB	2023-03-07	2024-04-26
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2024-04-26 08:17:53 Times Seen2940 Hash 563cec0ace2baea4e867b491f66cd6b0 fc4451f8fa76c5d1e3714e9008510633cffaa4f7 e4538493fc4f43f93806d0239acac9b38b0453c8440dc5ba4fcb47eae6ab2556 Loading...

	nastyspice.com/index.html	55 B	2023-03-07	2024-02-12
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:37 Last Seen2024-02-12 22:25:00 Times Seen29 Hash 817a69af191bb378894d925d5266115d c49eff2c4a7fee6e34fe1ace5daa2429f7487d29 1d271904adb81cd9bc0843975ecfc080a202f0194a935a97ee122b174e4ed3dd Loading...

	nastyspice.com/index.html	2.3 kB	2023-03-07	2023-03-08
Pretty URL nastyspice.com/index.html IP 66.96.147.160 ASN #29873 BIZLAND-SD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:54:23 Last Seen2023-03-08 09:30:29 Times Seen1 Hash b170ed756a17fb05ab698ea23a167d54 7ab2505f38c6bc1c3929b11b562d74afa042c2c6 97347dffccd5627bf656e9671ceea3266217bb77a7bf1e1f5562fefb4cef690a Loading...

HTTP Transactions (59)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 05:36:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uOB6I5ysVj2u67bhwL74ueGbQh80gZjge98UCKdMqunGYYtoIBoTHA==
Age: 3041

nastyspice.com/

66.96.147.160

301 Moved Permanently

240 B

URL HTTP/1.1
nastyspice.com/
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
240 B (240 bytes)
Hash
64ad32f10451334b50cb158708ecc2fa
4b8a264e79644e672cf36fdf9df4fa746777f9fe
a24d8d2bdea00735b294913e139caba6b472a78c5a0d8740a649ccec11245dc4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 14 Sep 2022 06:27:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 240
Connection: keep-alive
Server: Apache/2
Location: http://nastyspice.com/index.html
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 07:27:10 GMT
Age: 1

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6163
Expires: Wed, 14 Sep 2022 08:09:54 GMT
Date: Wed, 14 Sep 2022 06:27:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Xai6ObbFWMVJxVoMhaw-pLAnMHtS81d9YfxTlurDJotHUhgPe6ZJtg==
age: 6716
X-Firefox-Spdy: h2

nastyspice.com/index.html

66.96.147.160

302 Found

217 B

URL HTTP/1.1
nastyspice.com/index.html
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
217 B (217 bytes)
Hash
58f042b13aa332285f10fe46e7cad08a
bcf833e99cbb8f43e2a62415bbfd9cc4ab8af392
2f396dc486b2bb74481605dfffc4d3d5768966b4a1ae51a1f99faaa9e0954fe7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /index.html HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 14 Sep 2022 06:27:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 217
Connection: keep-alive
Server: Apache/2
Location: https://nastyspice.com/index.html
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 07:27:10 GMT
Age: 1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 06:27:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 14 Sep 2022 06:03:22 GMT
Expires: Wed, 14 Sep 2022 06:59:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QihvpKuFyxzX8VhHMygvq3b4DxHla_3SXZT8GZbTzOkJiQu44uHdeQ==
Age: 1429

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0a4af5007a505bbd9bfbb1e2faaa8bdc
912b7f081ce260d30bc6d6838288b413274d5ec0
b554d42d2b6880dc8f2a6b1b5fe10f72daee62e29adbeb3adc8626d40da117e1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B554D42D2B6880DC8F2A6B1B5FE10F72DAEE62E29ADBEB3ADC8626D40DA117E1"
Last-Modified: Mon, 12 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 14 Sep 2022 12:27:11 GMT
Date: Wed, 14 Sep 2022 06:27:11 GMT
Connection: keep-alive

nastyspice.com/index.html

66.96.147.160

200 OK

25 kB

URL HTTP/1.1
nastyspice.com/index.html
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1350), with CRLF, LF line terminators
Size
25 kB (24804 bytes)
Hash
a3fc1be8dc662fb30b23de0cd85d8dc4
7b08f4c8b5e086c826ef577b0297a03764bba7ff
26b374a6dc9fa3c6b165a0a06fee04f015768dbf77def562423c48716633ea96

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /index.html HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 24804
Connection: keep-alive
Server: Apache/2
Last-Modified: Thu, 18 Nov 2021 07:53:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Etag: "60e4-5d10b760283ba"
Expires: Wed, 14 Sep 2022 07:27:07 GMT
Age: 4

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2004
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Last-Modified: Wed, 14 Sep 2022 05:53:48 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn2.editmysite.com/css/old/fancybox.css?1498169384

151.101.85.46

200 OK

1.2 kB

URL HTTP/2
cdn2.editmysite.com/css/old/fancybox.css?1498169384
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (3910)
Size
1.2 kB (1218 bytes)
Hash
b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907

HTTP Headers

GET /css/old/fancybox.css?1498169384 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 02 Sep 2022 18:13:22 GMT
etag: "631247c2-f47"
expires: Tue, 20 Sep 2022 12:42:47 GMT
cache-control: max-age=1209600
x-host: grn112.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 06:27:12 GMT
age: 668665
x-served-by: cache-sjc10076-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663136832.199663,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1218
X-Firefox-Spdy: h2

cdn2.editmysite.com/css/social-icons.css?buildtime=1498169384

151.101.85.46

200 OK

1.6 kB

URL HTTP/2
cdn2.editmysite.com/css/social-icons.css?buildtime=1498169384
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (13080)
Size
1.6 kB (1639 bytes)
Hash
7178c54e4ef735bdf6404ed4e2f4cedd
ec83fe8f55f1f6f82d3dc73370cea7bf71f3eadf
a1dbe57f50fe21267a98d94c4aae0e649ecbd49882a6f448409d91930aab1a33

HTTP Headers

GET /css/social-icons.css?buildtime=1498169384 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 30 Aug 2022 19:50:18 GMT
etag: W/"630e69fa-3319"
expires: Wed, 14 Sep 2022 09:38:43 GMT
cache-control: max-age=1209600
x-host: grn61.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 06:27:12 GMT
age: 1198108
x-served-by: cache-sjc10027-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663136832.199457,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1639
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/main.js?buildTime=1637163223

151.101.85.46

200 OK

146 kB

URL HTTP/2
cdn2.editmysite.com/js/site/main.js?buildTime=1637163223
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32147)
Size
146 kB (146400 bytes)
Hash
81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40

HTTP Headers

GET /js/site/main.js?buildTime=1637163223 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 20:49:09 GMT
etag: "631a5545-74804"
expires: Mon, 26 Sep 2022 12:14:32 GMT
cache-control: max-age=1209600
x-host: blu83.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 06:27:12 GMT
age: 151959
x-served-by: cache-sjc10047-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1663136832.194942,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 146400
X-Firefox-Spdy: h2

cdn2.editmysite.com/css/sites.css?buildTime=1637163223

151.101.85.46

200 OK

30 kB

URL HTTP/2
cdn2.editmysite.com/css/sites.css?buildTime=1637163223
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29746 bytes)
Hash
d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e

HTTP Headers

GET /css/sites.css?buildTime=1637163223 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 08 Sep 2022 20:48:41 GMT
etag: W/"631a5529-347ac"
expires: Mon, 26 Sep 2022 13:16:40 GMT
cache-control: max-age=1209600
x-host: blu114.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 06:27:12 GMT
age: 148231
x-served-by: cache-sjc10036-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663136832.201919,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 29746
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1498169384&

151.101.85.46

200 OK

33 kB

URL HTTP/2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1498169384&
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
HTML document, Unicode text, UTF-8 text, with very long lines (64997)
Size
33 kB (32802 bytes)
Hash
40ee71f2f2de93b9561845efa9a0cbbc
13451e3fb165d1ad524d9863d8344eab4a2fe353
41a33daf28fc89ce06f3c6a6029d078c20a0f42f07d6ec3dc7127d206dcec5fe

HTTP Headers

GET /js/lang/en/stl.js?buildTime=1498169384& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 20:47:36 GMT
etag: "631a54e8-2c44e"
expires: Tue, 27 Sep 2022 08:40:31 GMT
cache-control: max-age=1209600
x-host: blu72.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 06:27:12 GMT
age: 78400
x-served-by: cache-sjc10059-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663136832.196178,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2

cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1637163223

151.101.85.46

200 OK

159 kB

URL HTTP/2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1637163223
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32007)
Size
159 kB (159023 bytes)
Hash
6e8429d43e97b3e6068e2bc14358e4ae
c0dfe0c8359869c30fe3e4136b7ddb135dd60813
a9db5e1410459ab4c06b3aed065c6bc8c2cc47f791cb3ad7ed28b67dc4590fd7

HTTP Headers

GET /js/site/main-customer-accounts-site.js?buildTime=1637163223 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 18:13:42 GMT
etag: "631247d6-82592"
expires: Tue, 20 Sep 2022 09:26:28 GMT
cache-control: max-age=1209600
x-host: blu46.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 06:27:12 GMT
age: 680444
x-served-by: cache-sjc10039-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663136832.195294,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 159023
X-Firefox-Spdy: h2

nastyspice.com/gdpr/gdprscript.js?buildTime=1637163223&hasRemindMe=true&stealth=false

66.96.147.160

200 OK

227 B

URL HTTP/1.1
nastyspice.com/gdpr/gdprscript.js?buildTime=1637163223&hasRemindMe=true&stealth=false
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
ASCII text
Size
227 B (227 bytes)
Hash
2339588fa78adf3430430caa9216110e
54993c13ac2d139c871fd1bc1125c61dccb1ffda
6cc73aa4822bdc024366ba999d93b6a62c18b3ef40814f8f253dfc557075c22b

HTTP Headers

GET /gdpr/gdprscript.js?buildTime=1637163223&hasRemindMe=true&stealth=false HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: application/x-javascript
Content-Length: 227
Connection: keep-alive
Server: Apache/2
Last-Modified: Sun, 23 Sep 2018 13:24:02 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "e3-57689c944759c"
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

34.208.31.97

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.31.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 70T6CLffaBEJNSBsk/Y75w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ebvqBkOZxuWnvN6DTrifVwGN70k=

nastyspice.com/files/theme/plugins.js?1492801628

66.96.147.160

200 OK

85 kB

URL HTTP/1.1
nastyspice.com/files/theme/plugins.js?1492801628
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
ASCII text
Size
85 kB (84796 bytes)
Hash
a8bf2ebe41b28e96d5d8deb2b83e0ee3
279d33ee5dc06585c349301b852848489ae8ca10
2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /files/theme/plugins.js?1492801628 HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: application/x-javascript
Content-Length: 84796
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 11 Apr 2016 00:04:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "14b3c-5302a4b59d77b"
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

nastyspice.com/files/theme/custom.js?1492801628

66.96.147.160

200 OK

7.1 kB

URL HTTP/1.1
nastyspice.com/files/theme/custom.js?1492801628
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
ASCII text
Size
7.1 kB (7090 bytes)
Hash
5da53b567e46be3a2bd71096fb2995bc
da54df2158a778807f91c6d899229d515a489dc6
5feb822d8698f127f0f85d3edf620c63ff5189509fb85992c1d74abbd25d83ee

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /files/theme/custom.js?1492801628 HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: application/x-javascript
Content-Length: 7090
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 19:35:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "1bb2-552b9d370bee8"
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

nastyspice.com/files/theme/mobile.js?1492801628

66.96.147.160

200 OK

16 kB

URL HTTP/1.1
nastyspice.com/files/theme/mobile.js?1492801628
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
ASCII text
Size
16 kB (16132 bytes)
Hash
07e9e6c62f36b3d745591589ed2c0103
fe95eba44fe0df02f49aadb5bdd620fcc39e6689
e35cdae965132932644d580706fba96e1b54e9affbe3abab406e54e95d17a0cd

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /files/theme/mobile.js?1492801628 HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: application/x-javascript
Content-Length: 16132
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 19:35:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=14400
Etag: "3f04-552b9d37542d8"
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

nastyspice.com/files/main_style.css?1498340581

66.96.147.160

200 OK

53 kB

URL HTTP/1.1
nastyspice.com/files/main_style.css?1498340581
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
ASCII text, with very long lines (636)
Size
53 kB (52691 bytes)
Hash
249888dad34367cd218b4adee1686b78
451511531d2f611151bb181bf71ed4260ec30657
54bd1505631d473277078e60e8fd06441ddf2110aea41a06c77576133a8dc1cf

HTTP Headers

GET /files/main_style.css?1498340581 HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: text/css
Content-Length: 52691
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 21:43:09 GMT
ETag: "cdd3-552bb9a98771a"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

nastyspice.com/uploads/7/7/8/4/77849150/editor/fheo350.png?1498332580

66.96.147.160

200 OK

906 B

URL HTTP/1.1
nastyspice.com/uploads/7/7/8/4/77849150/editor/fheo350.png?1498332580
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 32 x 35, 8-bit gray+alpha, non-interlaced\012- data
Size
906 B (906 bytes)
Hash
9740cdcebcfc1493e9df1424537778ef
6bce42281285cf44fb0efa09435984c5502c28b9
cec8c9dbd6bd4bbf7d8e1944e6674a8b9d1ace56eed43c45fd794543e02accb4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /uploads/7/7/8/4/77849150/editor/fheo350.png?1498332580 HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: image/png
Content-Length: 906
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 20:25:45 GMT
ETag: "38a-552ba85cf1375"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

nastyspice.com/uploads/7/7/8/4/77849150/5824791.png

66.96.147.160

200 OK

5.3 kB

URL HTTP/1.1
nastyspice.com/uploads/7/7/8/4/77849150/5824791.png
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 123 x 100, 8-bit gray+alpha, non-interlaced\012- data
Size
5.3 kB (5251 bytes)
Hash
3857e03b18749f7432fd1d84110033b1
15d56f8730644049b5225fe9bbb7568430abb1a3
d5b70063dd2a8e5e4315ba6af6102dc70c3352945192ad941c901e9e5529393c

HTTP Headers

GET /uploads/7/7/8/4/77849150/5824791.png HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: image/png
Content-Length: 5251
Connection: keep-alive
Server: Apache/2
Last-Modified: Mon, 11 Apr 2016 00:31:19 GMT
ETag: "1483-5302aa9d92291"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

nastyspice.com/uploads/7/7/8/4/77849150/published/srr-logo.png?1498332787

66.96.147.160

200 OK

10 kB

URL HTTP/1.1
nastyspice.com/uploads/7/7/8/4/77849150/published/srr-logo.png?1498332787
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 277 x 67, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10025 bytes)
Hash
e7292458c6790da37088022886b20d14
9dc965485cfd5c8e3353162c1ae768032f8eda86
e3a7ab52c98290b1e2ab9510778893bceb9fa81e7fc0a6e748e2adfdb01904de

HTTP Headers

GET /uploads/7/7/8/4/77849150/published/srr-logo.png?1498332787 HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: image/png
Content-Length: 10025
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 20:24:02 GMT
ETag: "2729-552ba7fa42ba8"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

nastyspice.com/uploads/7/7/8/4/77849150/editor/realtor-mls-logo.png?1498332716

66.96.147.160

200 OK

1.3 kB

URL HTTP/1.1
nastyspice.com/uploads/7/7/8/4/77849150/editor/realtor-mls-logo.png?1498332716
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 67 x 30, 8-bit gray+alpha, non-interlaced\012- data
Size
1.3 kB (1260 bytes)
Hash
342d5dbbbcd2f71ecfb3531d527b9e81
f905d01a71738a2b85501f9a242b02c3a0590477
86e5e86c778c1fec7cbf08fe41591f3f7596f80e257c70e7a12423d1530657c2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /uploads/7/7/8/4/77849150/editor/realtor-mls-logo.png?1498332716 HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: image/png
Content-Length: 1260
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 20:24:02 GMT
ETag: "4ec-552ba7f9fbaf4"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext

142.250.74.10

200 OK

992 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
992 B (992 bytes)
Hash
7e9e06530706363487457428c0e96327
806c0f2c03f4d84034f9e54afb4e46764ad2874d
b16f194961fa756c8e1b0350b38f34338b2c4ef00c5ea75f25600c466f6b2cc7

HTTP Headers

GET /css?family=Montserrat:400,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 06:27:12 GMT
date: Wed, 14 Sep 2022 06:27:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nastyspice.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 16:40:18 GMT
expires: Fri, 08 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 481614
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

142.250.74.163

200 OK

26 kB

URL HTTP/2
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Size
26 kB (26100 bytes)
Hash
312bcfa92b0b0a09c3f404b2c662a0b6
5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

HTTP Headers

GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nastyspice.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 18:22:38 GMT
expires: Thu, 07 Sep 2023 18:22:38 GMT
cache-control: public, max-age=31536000
age: 561874
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78f8bae58862d8be3437cfe9e927011d
fb01a9cfd346f2c9b7694276c72a76e213887b06
389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

nastyspice.com/files/theme/images/scroll.png?1498340581

66.96.147.160

200 OK

1.8 kB

URL HTTP/1.1
nastyspice.com/files/theme/images/scroll.png?1498340581
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1837 bytes)
Hash
339a7f37eb8527f719df1ba12d2cefb1
d73b5156e2f6ac0a8c82e235be758cb9d105b18c
3a8fc37ed708c8e7d7dbd4d86f5b68a8b1df9ba0b651dc97d74ac7d26d307df1

HTTP Headers

GET /files/theme/images/scroll.png?1498340581 HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/files/main_style.css?1498340581
Cookie: gdpr-kb=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: image/png
Content-Length: 1837
Connection: keep-alive
Server: Apache/2
Last-Modified: Sun, 10 Apr 2016 23:54:48 GMT
ETag: "72d-5302a2735f90b"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

nastyspice.com/uploads/7/7/8/4/77849150/background-images/1070233398.jpg

66.96.147.160

200 OK

226 kB

URL HTTP/1.1
nastyspice.com/uploads/7/7/8/4/77849150/background-images/1070233398.jpg
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1072x712, components 3\012- data
Size
226 kB (226046 bytes)
Hash
d50002f6733005f76f0aa524a81c82e0
2d332747f5fed1f019477945d76aa51de9fbbdc7
03edadeff7d67b6fd84861f917a18c28e4078f178e515315743190329068bff4

HTTP Headers

GET /uploads/7/7/8/4/77849150/background-images/1070233398.jpg HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Cookie: gdpr-kb=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:12 GMT
Content-Type: image/jpeg
Content-Length: 226046
Connection: keep-alive
Server: Apache/2
Last-Modified: Sat, 24 Jun 2017 20:24:02 GMT
ETag: "372fe-552ba7facce8a"
Accept-Ranges: bytes
Cache-Control: max-age=14400
Expires: Wed, 14 Sep 2022 10:27:12 GMT
Age: 0

cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1637163223&

151.101.85.46

200 OK

557 B

URL HTTP/2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1637163223&
IP
151.101.85.46:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (850), with no line terminators
Size
557 B (557 bytes)
Hash
2ccc89f867610ca13b2456db03928f05
d9816baef3ded701d95b61e184d8b7fe2f473c09
fb834adb29f4d3ba0653177176a82a136a06fd8cf8c55583372eabf7212eb25b

HTTP Headers

GET /js/lang/en/stl.js?buildTime=1637163223& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 18:12:14 GMT
etag: "6312477e-2c44e"
expires: Tue, 20 Sep 2022 12:41:57 GMT
cache-control: max-age=1209600
x-host: grn112.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 14 Sep 2022 06:27:12 GMT
age: 668715
x-served-by: cache-sjc10062-SJC, cache-bma1668-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663136832.202408,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 32802
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js

142.250.74.163

200 OK

157 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (539)
Size
157 kB (157166 bytes)
Hash
026df0dfed2314af108e700900288961
51c2a55bca7d65c549ef138d1294cac2aa98dd96
24eefc59f5d298ce40bdd33c8157ad14631984159fca8e5980037366c44c2b34

HTTP Headers

GET /recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nastyspice.com
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157166
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:23:20 GMT
expires: Wed, 13 Sep 2023 17:23:20 GMT
cache-control: public, max-age=31536000
age: 47033
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
795447cce97ca52033cf69f67158df26
8e395d72e91f47d42b0f298cb1d980cb05300119
71570f0ecb98ffadf2e28a83f60d40f8d7679896caff8336dc3eb68e95d31073

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3129
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 06:27:13 GMT
Last-Modified: Wed, 14 Sep 2022 05:35:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

nastyspice.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]

66.96.147.160

200 OK

348 B

URL HTTP/1.1
nastyspice.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
66.96.147.160:0
ASN
#29873 BIZLAND-SD

File type
JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Size
348 B (348 bytes)
Hash
a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: nastyspice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://nastyspice.com
Connection: keep-alive
Referer: https://nastyspice.com/index.html
Cookie: gdpr-kb=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 06:27:13 GMT
Content-Type: application/json
Content-Length: 348
Connection: keep-alive
Server: Apache/2
X-Powered-By: PHP/7.4.10
Vary: X-W-SSL,User-Agent
X-Host: blu82.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
X-DS-Version: 1498340583
Age: 0

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14935
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 06:27:13 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14935
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 06:27:13 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14935
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 06:27:13 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14935
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 06:27:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14151 bytes)
Hash
fef8234ab83f6f8f8b29665f592cbc9f
a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:48:11 GMT
age: 31142
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5988 bytes)
Hash
f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1X79jBMZa4UQmWsLdg_QIg5MQeersp1O3iSgpKd6R2f8Kl7PAJh0hQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:49:32 GMT
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
age: 31061
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F660a99ba-8fb8-48d5-9b57-24bf119b1397.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8164 bytes)
Hash
d4d699a7d242c123b1f4912f4c534b87
42a6d9d5b99f94166f6ffbcfe510d19da97f3105
5b631de5a0c94dcd5a943a5be7f990ba7e9174449a9f732ef2448fb590e1b3d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F660a99ba-8fb8-48d5-9b57-24bf119b1397.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8164
x-amzn-requestid: 1c9b16e9-7ba7-45a9-842d-151e70aaf48f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YauxUG3XIAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f808-0c82bf512f8464187a9994fa;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: m2Wi-Ma_XppIdxDZcottTKm0wb7Y9kpvE3dMnQaesiQ-024MTIClKw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:45:11 GMT
age: 31322
etag: "42a6d9d5b99f94166f6ffbcfe510d19da97f3105"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6078 bytes)
Hash
f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:51:32 GMT
age: 30941
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c86775f-a6ef-49b2-85ad-4272db5b9f42.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9467 bytes)
Hash
80786e640acccfa61ef2aaa27a2a95fa
94663318844e6567f2d160d620eb9ed777fba2a3
686348c1aa038c5109c39c3491524a98bcfc5b1559568391ba7fb240a285a064

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c86775f-a6ef-49b2-85ad-4272db5b9f42.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9467
x-amzn-requestid: d14b460e-2aa5-41c8-9a8b-4da671156014
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv3HJJoAMFWgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7fe-0643dea6458034ab51d840d5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rVAqQoiN5d1Ph-lVvB7luXmG0zQJuvLi8I_B-xGbJjLkyyAid6rktw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:45:09 GMT
age: 31324
etag: "94663318844e6567f2d160d620eb9ed777fba2a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

17 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
17 kB (16980 bytes)
Hash
d7be52d818b206e064541ef4f4b0786b
7674123112859fd79ee9214c5308ad6a5e4ed015
bb011cf1e3c97c42f22c0553b64c23f120fa52d4bc7b56b5bde5678226aff0ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16980
x-amzn-requestid: f6211d45-1e26-49a6-8c46-412d8714501c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIvUHPwoAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87fb-00d053687671af6214ea6ba9;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:02:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1ZhWlfWQgEMpTF4Nrnc3RTN71UZICYJTNpVNUvEsurjMDp2e8mta4Q==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 00:10:59 GMT
age: 22574
etag: "7674123112859fd79ee9214c5308ad6a5e4ed015"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.weebly.com/uploads/reseller/assets/1001-favicon.ico

74.115.50.110

404 Not Found

3.7 kB

URL HTTP/1.1
www.weebly.com/uploads/reseller/assets/1001-favicon.ico
IP
74.115.50.110:0
ASN
#27647 WEEBLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Size
3.7 kB (3739 bytes)
Hash
2eeb3e560ca8f369be20ceb5858a4701
6c53e6b66c1bc6d0b93116e14fb79c30424bf36c
ac2d9485acf7e9c29d94d31f19d3aedda958cd4f6119ddc888fbbde52d6078dd

HTTP Headers

GET /uploads/reseller/assets/1001-favicon.ico HTTP/1.1
Host: www.weebly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 14 Sep 2022 06:27:13 GMT
Content-Type: text/html
Content-Length: 3739
Connection: keep-alive
ETag: "61c39c46-e9b"
X-Host: grn29.sf2p.intern.weebly.net
X-W-DC: SFO

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26eefe41-9675-409e-9a6b-8c39594eb7de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7543 bytes)
Hash
967db8594cfbc60139ea4bccfe259742
be8239300d4abfb14466655eedb6b277543ad8b2
eb6585e04cd275e2bf02c2cf8d8693e43f0c0a3e7fec0092fc2ff18025b45dde

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26eefe41-9675-409e-9a6b-8c39594eb7de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7543
x-amzn-requestid: a8a09d68-971d-4d84-bf6b-ca78644927b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yau8DHQ4IAMFzFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f84c-54803f1d5f1777f334c7a4d5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MdjZuif30Qf14NHbkELd3X2FqrPy5gGIJCnyjKrL2v5TY9DRD0VHiA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:13:11 GMT
age: 29649
etag: "be8239300d4abfb14466655eedb6b277543ad8b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Cabin:400,700,400italic,700italic&subset=latin,latin-ext

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Cabin:400,700,400italic,700italic&subset=latin,latin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Cabin:400,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nastyspice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 06:27:12 GMT
date: Wed, 14 Sep 2022 06:27:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP