301 Moved Permanently 234 B URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dada1b02be35bdbd4a673ebc91cb7f8e
b5f31d0fa6cfb68f334b7e86997c629414a8c851
82a2d2e76aead11c49169cc260a794f28ca290d82db716fb8fb95868738de0d5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 14 Nov 2023 01:01:26 GMT
Server: Apache
Location: https://www.nwafablab.com/
Content-Length: 234
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
200 OK 11 kB URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3274), with CRLF, LF line terminators
Hash b898d4f34a58470aacbdcceec4a44271
bbd30bb9641252efdb0d2cb5010fe8419999c10e
a71ed116d87fb1b5f677230ca1deed0552cdb16a75711a46d3a68ed61e4a37ab
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Nov 2023 01:01:26 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.nwafablab.com
language=en; expires=Tue, 28-Nov-2023 01:01:26 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"b898d4f34a58470aacbdcceec4a44271-gzip"
Content-Encoding: gzip
X-Host: grn74.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 10841
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/js/jquery-1.8.3.min.js
200 OK 34 kB URL GET HTTP/2 cdn2.editmysite.com/js/jquery-1.8.3.min.js
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (65483)
Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7
06e872300088b9ba8a08427d28ed0efcdf9c6ff5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 31 Oct 2023 21:03:55 GMT
etag: "65416bbb-16dc4"
expires: Tue, 14 Nov 2023 23:08:15 GMT
cache-control: max-age=1209600
x-host: grn114.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 1129992
x-served-by: cache-sjc10032-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 48, 8469
x-timer: S1699923687.368649,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1682090211
200 OK 1.2 kB URL GET HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (3910)
Hash 1dcebbb5a1eb8b028310ceeb72a339b3
e254b7a35ac189fd1ce9cf8bd78593bebfe27d7d
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
GET /css/old/fancybox.css?1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 31 Oct 2023 16:22:40 GMT
etag: "654129d0-f47"
expires: Tue, 14 Nov 2023 17:27:36 GMT
cache-control: max-age=1209600
x-host: grn52.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 1150431
x-served-by: cache-sjc1000101-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 469, 1
x-timer: S1699923687.368404,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1682090211&
200 OK 33 kB URL GET HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1682090211&
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (65024)
Hash 5925dea9d02b39d0e66e7ccc20371e80
79723f4fdf3c06cbc6a7b44fcc78cb1de7793be0
3b7805a3f0e4750ab90d4c40f0d1efdf11c5deb485ef9ed12b9c89b000f87f82
GET /js/lang/en/stl.js?buildTime=1682090211& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 06 Nov 2023 23:01:20 GMT
etag: "65497040-2c90e"
expires: Tue, 21 Nov 2023 09:38:51 GMT
cache-control: max-age=1209600
x-host: grn47.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 573756
x-served-by: cache-sjc10064-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 43, 1
x-timer: S1699923687.368632,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33107
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Montserrat/font.css?2
200 OK 276 B URL GET HTTP/2 cdn2.editmysite.com/fonts/Montserrat/font.css?2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
Hash 91b360ae11a20a31e6a9ca60c6f6c691
ec3c5c553a20655c54b0a5577a15abe576efa9b1
cf91769ae11889ad46b8090d0d4d58a4621f2bcea35d1d8d96ea5e38ba34ee73
GET /fonts/Montserrat/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 31 Oct 2023 21:00:12 GMT
etag: "65416adc-354"
expires: Wed, 15 Nov 2023 09:08:45 GMT
cache-control: max-age=1209600
x-host: blu99.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 1093963
x-served-by: cache-sjc1000108-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3335
x-timer: S1699923687.374404,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 276
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Oswald/font.css?2
200 OK 300 B URL GET HTTP/2 cdn2.editmysite.com/fonts/Oswald/font.css?2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
Hash 775b24a6bf448ef1741a248f4d0d1798
c744599bc3828d7cf61211f932a658893eb0ed19
3579bad82b0dbe568857f5550630f16e8b3cc434c0e4d3d04549033b7b8eb814
GET /fonts/Oswald/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 31 Oct 2023 21:00:12 GMT
etag: "65416adc-4f0"
expires: Wed, 15 Nov 2023 10:42:27 GMT
cache-control: max-age=1209600
x-host: blu129.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 1088340
x-served-by: cache-sjc1000114-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 42, 5
x-timer: S1699923687.377327,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 300
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/sites.css?buildTime=1682090211
200 OK 30 kB URL GET HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 251fe9dd065a30efd11ccab9a9613cda
9c8bec2886368f245985ae92222349ba92ac07f7
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07
GET /css/sites.css?buildTime=1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 30 Oct 2023 20:16:57 GMT
etag: W/"65400f39-337f6"
expires: Tue, 14 Nov 2023 13:59:47 GMT
cache-control: max-age=1209600
x-host: blu100.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 1162900
x-served-by: cache-sjc10029-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 1087, 1
x-timer: S1699923687.371804,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29663
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Raleway/font.css?2
200 OK 360 B URL GET HTTP/2 cdn2.editmysite.com/fonts/Raleway/font.css?2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
Hash 418811a280009065492fcad7569d9a9d
b0f8f8153bcf58c00ca2f6eca5117944cacc20e6
7e95fc140480ef50a60f97de91912908430f7199a662fb7d2e08132132ed2bb9
GET /fonts/Raleway/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 31 Oct 2023 21:00:12 GMT
etag: "65416adc-a10"
expires: Wed, 15 Nov 2023 10:46:41 GMT
cache-control: max-age=1209600
x-host: grn59.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 1088086
x-served-by: cache-sjc1000114-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 31, 144
x-timer: S1699923687.383222,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 360
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1682090211
200 OK 146 kB URL GET HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (32147)
Size 146 kB (146401 bytes)
Hash 0de029f7ed3fd4cbfdcef31b834138e3
224512b5c840e885cd0732822af53301681ec799
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0
GET /js/site/main.js?buildTime=1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 06 Nov 2023 23:02:13 GMT
etag: "65497075-74804"
expires: Tue, 21 Nov 2023 13:57:51 GMT
cache-control: max-age=1209600
x-host: grn106.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 558215
x-served-by: cache-sjc1000088-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 58, 1
x-timer: S1699923687.368795,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146401
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1682090211
200 OK 159 kB URL GET HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (32029)
Size 159 kB (159146 bytes)
Hash 32390570d469eb116a806a70834ca50c
255baa94254d44b6525248d3ab61513253c3c785
dd8581d4db21d53a79ddeb0cea5289108dbdc0d214a6391a959d93a30e5d04b7
GET /js/site/main-customer-accounts-site.js?buildTime=1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 06 Nov 2023 23:02:13 GMT
etag: "65497075-826d7"
expires: Tue, 21 Nov 2023 13:51:20 GMT
cache-control: max-age=1209600
x-host: grn103.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 558607
x-served-by: cache-sjc1000088-SJC, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 63, 1
x-timer: S1699923687.370242,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 159146
X-Firefox-Spdy: h2
www.nwafablab.com/files/main_style.css?1682095294
200 OK 7.4 kB URL GET HTTP/1.1 www.nwafablab.com/files/main_style.css?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type ASCII text, with very long lines (1061)
Hash 253e9dfc9dca89ae3c78be0674206821
a39afed459e95a78c8bab00876d4b1c30a35d3b3
62b30147abac3c52a6f988ef34f58abfe6c1fa47b1911e63c7bbc5e7392c7768
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/main_style.css?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn132.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/css/social-icons.css?buildtime=1682090211
200 OK 1.6 kB URL GET HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (13080)
Hash 7badb50463f8071aaec107085db23d73
bcc77aed5407effbd812b85b92743a9f03faf152
e60f2d95eb3ccfe6fed65e06dd50ce9214a2989a21f60ab163e2567e01b82c80
GET /css/social-icons.css?buildtime=1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 02 Nov 2023 20:25:14 GMT
etag: W/"654405aa-3319"
expires: Thu, 16 Nov 2023 21:05:41 GMT
cache-control: max-age=1209600
x-host: blu129.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:27 GMT
age: 964545
x-served-by: cache-sjc10050-SJC, cache-bma1678-BMA
x-cache: HIT, MISS
x-cache-hits: 465, 0
x-timer: S1699923687.372379,VS0,VE159
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1640
X-Firefox-Spdy: h2
www.nwafablab.com/files/theme/custom.js?1640209705
200 OK 1.8 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/custom.js?1640209705
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
Hash 48e887857aec23f184b0aa49c18d2445
9480776eb1666cd553a80f38316c6305943e5891
0567021bc3973d113c6b0b6e68d0e9a8b53f38a7f60716c83214a133cc00139a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/custom.js?1640209705 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Apr 2022 15:56:37 GMT
x-rgw-object-type: Normal
ETag: W/"48e887857aec23f184b0aa49c18d2445"
x-amz-request-id: tx000000000000001b145d5-0062847e3c-b9fbc77-sfo1
X-Storage-Bucket: z0567
X-Storage-Object: 0567021bc3973d113c6b0b6e68d0e9a8b53f38a7f60716c83214a133cc00139a
X-Host: blu70.sf2p.intern.weebly.net
Content-Encoding: gzip
www.nwafablab.com/files/templateArtifacts.js?1682095294
200 OK 1.6 kB URL GET HTTP/1.1 www.nwafablab.com/files/templateArtifacts.js?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type exported SGML document, ASCII text, with very long lines (1630)
Hash ae81ab7069097a055829fb9919258138
7dc529f16fb595bbbfc5937adfe1d0a5cf563f8a
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/templateArtifacts.js?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:27 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu49.sf2p.intern.weebly.net
Content-Encoding: gzip
www.nwafablab.com/files/theme/plugins.js?1640209705
200 OK 16 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/plugins.js?1640209705
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
Hash 2b8d85f1ea01d2c3e8b962eac8d76a5c
936987a7e08daa4a916c77d86937edee42d657da
b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/plugins.js?1640209705 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001ac621f-00628479bc-b9fbc77-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: blu78.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1682090211&
200 OK 33 kB URL GET HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1682090211&
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (65024)
Hash 5925dea9d02b39d0e66e7ccc20371e80
79723f4fdf3c06cbc6a7b44fcc78cb1de7793be0
3b7805a3f0e4750ab90d4c40f0d1efdf11c5deb485ef9ed12b9c89b000f87f82
GET /js/lang/en/stl.js?buildTime=1682090211& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 33107
server: nginx
content-type: application/javascript
last-modified: Mon, 06 Nov 2023 23:01:20 GMT
etag: "65497040-2c90e"
expires: Tue, 21 Nov 2023 09:38:51 GMT
cache-control: max-age=1209600
x-host: grn47.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:28 GMT
age: 573756
x-served-by: cache-sjc10064-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 43, 1
x-timer: S1699923688.086600,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
widgetic.com/wbl/js/sdk.js
200 OK 12 kB URL GET HTTP/2 widgetic.com/wbl/js/sdk.js
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (39843), with no line terminators
Hash 0eba3c75f456903982806b558c185f07
5caee48693960145a1ae4caddbb855dbbf7c6a7b
1cb008aaed1aabc56491ab1f185a8e9ef880be41c28c05971875febb211ad43d
GET /wbl/js/sdk.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Nov 2023 01:01:28 GMT
content-type: application/javascript
content-length: 12544
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=86400
last-modified: Thu, 25 Aug 2022 13:08:46 GMT
etag: W/"9ba3-206806219"
content-encoding: gzip
x-varnish: 546752708
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 74355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6vnndi422x%2F1v0iz2rSkL8kPF%2F%2Be67lms%2FBk4ke88hOsMxgb8%2BRpJoYgu5ScdyWHH6WWvBQQJ%2BiTDHMqVmshRHPFAdRYS%2BUtyLvPzgLvWTiydJUcYUCgM0Wx2FKCbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52cb7d2056c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Oswald/regular.woff2
200 OK 9.8 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Oswald/regular.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /fonts/Oswald/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 9840
server: nginx
content-type: font/woff2
last-modified: Mon, 06 Nov 2023 14:49:54 GMT
etag: "6548fd12-2670"
expires: Mon, 20 Nov 2023 16:11:07 GMT
cache-control: max-age=1209600
x-host: blu102.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:28 GMT
age: 636621
x-served-by: cache-sjc1000143-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 1531, 1
x-timer: S1699923688.294399,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Oswald/light.woff2
200 OK 10 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Oswald/light.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash f6a41f84ddc640654e6dc189ea56794a
395d2e505f014e4c8c21d1a97416b6122111451f
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
GET /fonts/Oswald/light.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 10104
server: nginx
content-type: font/woff2
last-modified: Tue, 07 Nov 2023 15:15:41 GMT
etag: "654a549d-2778"
expires: Tue, 21 Nov 2023 15:43:48 GMT
cache-control: max-age=1209600
x-host: grn121.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:28 GMT
age: 551860
x-served-by: cache-sjc10068-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 20, 1
x-timer: S1699923688.295131,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Raleway/bold.woff2
200 OK 21 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Raleway/bold.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 21440, version 1.0\012- data
Hash 94fafbcc94523bdae26461e70966bae3
2225772fffa5f225d427cbcf27348c5eed29dcd2
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
GET /fonts/Raleway/bold.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 21440
server: nginx
content-type: font/woff2
last-modified: Mon, 06 Nov 2023 14:49:54 GMT
etag: "6548fd12-53c0"
expires: Mon, 20 Nov 2023 17:17:07 GMT
cache-control: max-age=1209600
x-host: blu61.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:28 GMT
age: 632661
x-served-by: cache-sjc1000127-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 576, 12
x-timer: S1699923688.300016,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Raleway/regular.woff2
200 OK 21 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Raleway/regular.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data
Hash 16911581ab7ea10687a5aee74cbc5612
b0b24248345739209d753a4ac77ccfc1f627b219
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
GET /fonts/Raleway/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 21280
server: nginx
content-type: font/woff2
last-modified: Thu, 09 Nov 2023 20:53:46 GMT
etag: "654d46da-5320"
expires: Fri, 24 Nov 2023 10:18:54 GMT
cache-control: max-age=1209600
x-host: blu120.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:28 GMT
age: 312154
x-served-by: cache-sjc10072-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 1
x-timer: S1699923688.299459,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Montserrat/regular.woff2
200 OK 13 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Montserrat/regular.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /fonts/Montserrat/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 12708
server: nginx
content-type: font/woff2
last-modified: Mon, 06 Nov 2023 17:36:47 GMT
etag: "6549242f-31a4"
expires: Tue, 21 Nov 2023 12:24:23 GMT
cache-control: max-age=1209600
x-host: grn153.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:28 GMT
age: 563824
x-served-by: cache-sjc1000136-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 56, 1160
x-timer: S1699923688.300510,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Oswald/bold.woff2
200 OK 10 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Oswald/bold.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Hash 58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
GET /fonts/Oswald/bold.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 10172
server: nginx
content-type: font/woff2
last-modified: Tue, 31 Oct 2023 16:18:58 GMT
etag: "654128f2-27bc"
expires: Tue, 14 Nov 2023 16:46:51 GMT
cache-control: max-age=1209600
x-host: blu123.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:28 GMT
age: 1152877
x-served-by: cache-sjc1000113-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 246, 1
x-timer: S1699923688.301294,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Raleway/medium.woff2
200 OK 21 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Raleway/medium.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 20704, version 1.0\012- data
Hash bf05fdfc64ff2a262aa33b8b3a8e9bef
6000fd9fc8021257e32c3bbb9d31582beeb4e3a8
263105b83da311cd76db478c2d958dfded7cc73be6233045a3d3a2b57b86882f
GET /fonts/Raleway/medium.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 20704
server: nginx
content-type: font/woff2
last-modified: Tue, 07 Nov 2023 22:29:29 GMT
etag: "654aba49-50e0"
expires: Wed, 22 Nov 2023 15:13:18 GMT
cache-control: max-age=1209600
x-host: grn29.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:28 GMT
age: 467290
x-served-by: cache-sjc1000144-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 66
x-timer: S1699923688.306957,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/js/wsnbn/snowday262.js
200 OK 26 kB URL GET HTTP/3 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (2512)
Hash 99bbe560926e583b8e99036251deb783
8d81b73ae06f664f9d9e53dd5829a799bf434491
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 25752
server: nginx
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 00:38:34 GMT
etag: "654ad88a-124fe"
expires: Thu, 23 Nov 2023 08:49:33 GMT
cache-control: max-age=1209600
x-host: grn97.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:28 GMT
age: 403915
x-served-by: cache-sjc10061-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 40, 3512
x-timer: S1699923688.405859,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261013-s075.jpg?1640191249
200 OK 65 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261013-s075.jpg?1640191249
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 939x530, components 3\012- data
Hash 5fcc5c277aabf5c65e038d6d007d5cf3
2db6417ce8dfdeeebc7122eccf2e5d21018d341d
bcf864066b8f5b3d3ef490171f2315416c3922f3bfe2566f39ef00f2941e1a90
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/a043-08261013-s075.jpg?1640191249 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: image/jpeg
Content-Length: 65412
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:40:49 GMT
x-rgw-object-type: Normal
ETag: "5fcc5c277aabf5c65e038d6d007d5cf3"
x-amz-request-id: tx000009766a53eca3d680d-006550f04d-db1c716-sfo1
X-Storage-Bucket: zbcf8
X-Storage-Object: bcf864066b8f5b3d3ef490171f2315416c3922f3bfe2566f39ef00f2941e1a90
X-Host: grn156.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261017-s087.jpg?1640191133
200 OK 69 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261017-s087.jpg?1640191133
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1065x602, components 3\012- data
Hash 89279c8f2b7f7b6e09b65d4f92041082
ecf6233b0d66bd5cb23b60ccc39b70028ee448b9
fc9e88e8289584c28ae264e11b56c67289a63e82be4f31c009901ee066c74cb3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/a043-08261017-s087.jpg?1640191133 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: image/jpeg
Content-Length: 68916
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:38:53 GMT
x-rgw-object-type: Normal
ETag: "89279c8f2b7f7b6e09b65d4f92041082"
x-amz-request-id: tx00000d77489a8ea24b357-00654f09cf-db1a132-sfo1
X-Storage-Bucket: zfc9e
X-Storage-Object: fc9e88e8289584c28ae264e11b56c67289a63e82be4f31c009901ee066c74cb3
X-Host: blu154.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/editor/art-01.png?1633547854
200 OK 6.5 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/editor/art-01.png?1633547854
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type PNG image data, 139 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 14d2b1f744f0fde323338a2f1c06f6d6
53b1bfc838213ec3d58d44f8cd1c58d837eebc8f
8fdf7ff6496624029c34e3eb7e6c5b04a6b8221f3e9e048544a591ad21774f5f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/editor/art-01.png?1633547854 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: image/png
Content-Length: 6528
Connection: keep-alive
Last-Modified: Wed, 06 Oct 2021 19:17:34 GMT
x-rgw-object-type: Normal
ETag: "14d2b1f744f0fde323338a2f1c06f6d6"
x-amz-request-id: tx0000092e64f8fd14c11d9-0065524fa1-db1c67d-sfo1
X-Storage-Bucket: z8fdf
X-Storage-Object: 8fdf7ff6496624029c34e3eb7e6c5b04a6b8221f3e9e048544a591ad21774f5f
X-Host: blu49.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/published/fablab-cmyk.png?1630443210
200 OK 10 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/fablab-cmyk.png?1630443210
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type PNG image data, 106 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 27f8d0b8754be456dad797e26fc0cbf7
394d793ef5b93d9d5f548f2e979684b345d3433f
be0a201d3e350c091307131f7df8b0d9b7409eb16df1c64ce5611bc73687f220
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/fablab-cmyk.png?1630443210 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: image/png
Content-Length: 10385
Connection: keep-alive
Last-Modified: Tue, 31 Aug 2021 20:53:03 GMT
x-rgw-object-type: Normal
ETag: "27f8d0b8754be456dad797e26fc0cbf7"
x-amz-request-id: tx00000e39f3552c4525cf6-00654d2b17-db1a099-sfo1
X-Storage-Bucket: zbe0a
X-Storage-Object: be0a201d3e350c091307131f7df8b0d9b7409eb16df1c64ce5611bc73687f220
X-Host: grn25.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1682095294
200 OK 17 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 16560, version 2.6553\012- data
Hash 27958408325380d903e67d87768563b8
d728e699c79072f1c7b9602c771e241b8c04c8a4
83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: font/woff2
Content-Length: 16561
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:03 GMT
x-rgw-object-type: Normal
ETag: "27958408325380d903e67d87768563b8"
x-amz-request-id: tx0000000000000000b7006-00641742fe-d860bdd-sfo1
X-Storage-Bucket: z83f8
X-Storage-Object: 83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
X-Host: blu78.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261017-s094_orig.jpg
200 OK 149 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261017-s094_orig.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1066x800, components 3\012- data
Size 149 kB (148744 bytes)
Hash ecbc092a2c28a5877e567961a5a8adac
2c69f2d8c2cd59c32bb9196f57ca31f75d8b7263
3f2c62298c363e7f968f1e0a2caf390654ecfcadbc528caf541a757c407a7d9b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/a043-08261017-s094_orig.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: image/jpeg
Content-Length: 148744
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:39:18 GMT
x-rgw-object-type: Normal
ETag: "ecbc092a2c28a5877e567961a5a8adac"
x-amz-request-id: tx00000f25ec90e904c546f-006552c6e8-db1a099-sfo1
X-Storage-Bucket: z3f2c
X-Storage-Object: 3f2c62298c363e7f968f1e0a2caf390654ecfcadbc528caf541a757c407a7d9b
X-Host: grn80.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
200 OK 348 B URL POST HTTP/1.1 www.nwafablab.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Nov 2023 01:01:28 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu23.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=73
Connection: Keep-Alive
Content-Type: application/json
www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261011-s067_orig.jpg
200 OK 188 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261011-s067_orig.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1067x800, components 3\012- data
Size 188 kB (188240 bytes)
Hash a4dcc7050615cc88e2d463fbcc8041dc
c9048f6da34742e2e9b6e2c608ef84f923d61fa0
0839a36a88a0bc500c803d4037087eaf33e70d84c6d787a7145f9d20cb6553cb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/a043-08261011-s067_orig.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: image/jpeg
Content-Length: 188240
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:36:39 GMT
x-rgw-object-type: Normal
ETag: "a4dcc7050615cc88e2d463fbcc8041dc"
x-amz-request-id: tx00000eeacfc3e8318ac85-00655104e2-db1a051-sfo1
X-Storage-Bucket: z0839
X-Storage-Object: 0839a36a88a0bc500c803d4037087eaf33e70d84c6d787a7145f9d20cb6553cb
X-Host: grn78.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/files/theme/fonts/7377dbe6-f11a-4a05-b33c-bc8ce1f60f84.woff2?1682095294
200 OK 19 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/7377dbe6-f11a-4a05-b33c-bc8ce1f60f84.woff2?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 18964, version 2.6553\012- data
Hash 03eed84923bfc319da88de04298fa495
9b4e82ce10dc1ae528d53e22045df8610e5f3dcc
0f7cae04d4ab4ba9c1bceb2a59ab9dcd925103f186c6c430cf5d9ab032c18128
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/7377dbe6-f11a-4a05-b33c-bc8ce1f60f84.woff2?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: font/woff2
Content-Length: 18965
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:13 GMT
x-rgw-object-type: Normal
ETag: "03eed84923bfc319da88de04298fa495"
x-amz-request-id: tx000000000000001cc68b2-0062849200-b9fbc64-sfo1
X-Storage-Bucket: z0f7c
X-Storage-Object: 0f7cae04d4ab4ba9c1bceb2a59ab9dcd925103f186c6c430cf5d9ab032c18128
X-Host: blu155.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1682095294
200 OK 21 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format, TrueType, length 20709, version 1.0\012- data
Hash 9df5efadcd24b83511f3c339178210d8
74f67081083ebd94979f50e681df20bfbdc4cd8d
0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: font/woff
Content-Length: 20710
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "9df5efadcd24b83511f3c339178210d8"
x-amz-request-id: tx000000000000001b8df16-0062847d23-b9fbc63-sfo1
X-Storage-Bucket: z0d88
X-Storage-Object: 0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
X-Host: blu155.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1682095294
200 OK 19 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 18760, version 2.6553\012- data
Hash 88f6742055e6eecac07f296cbd45214b
621e90fee4799ffa9e7cd33f089bc8d79590ce28
663f4c799beff8f8dfa2ac950ce27ed4fcf8acc11ac5ec04f2bc6574a304730e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: font/woff2
Content-Length: 18761
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:04 GMT
x-rgw-object-type: Normal
ETag: "88f6742055e6eecac07f296cbd45214b"
x-amz-request-id: tx000000000000001baa628-006284808a-b9fbc64-sfo1
X-Storage-Bucket: z663f
X-Storage-Object: 663f4c799beff8f8dfa2ac950ce27ed4fcf8acc11ac5ec04f2bc6574a304730e
X-Host: blu49.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/editor/3d-printer-icon.png?1633547919
200 OK 2.9 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/editor/3d-printer-icon.png?1633547919
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type PNG image data, 128 x 116, 8-bit gray+alpha, non-interlaced\012- data
Hash 3824d64862bbc256f2301bafe65f3c61
2d68f6a44f86ddcd25488b9bf493fd88eef01a86
6c1ec9a8e2ed5d6b6fb60a3127c8213819c6ab75c52f364be4197f31c2da0bf4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/editor/3d-printer-icon.png?1633547919 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: image/png
Content-Length: 2882
Connection: keep-alive
Last-Modified: Wed, 06 Oct 2021 19:18:39 GMT
x-rgw-object-type: Normal
ETag: "3824d64862bbc256f2301bafe65f3c61"
x-amz-request-id: tx00000b664f09c60506b04-00654f8db9-db1c67d-sfo1
X-Storage-Bucket: z6c1e
X-Storage-Object: 6c1ec9a8e2ed5d6b6fb60a3127c8213819c6ab75c52f364be4197f31c2da0bf4
X-Host: grn25.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/published/workshop-01.png?1633547861
200 OK 5.9 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/workshop-01.png?1633547861
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type PNG image data, 119 x 119, 8-bit gray+alpha, non-interlaced\012- data
Hash 6ebba6af9695bdcf822d86215776ce7c
e1529db34a3b29aa59492627365fe89c16c04f60
2e180604f72026e7e04d480759675c2acfa2d9792355f726a9866059dceb9e18
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/workshop-01.png?1633547861 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: image/png
Content-Length: 5869
Connection: keep-alive
Last-Modified: Wed, 06 Oct 2021 19:17:41 GMT
x-rgw-object-type: Normal
ETag: "6ebba6af9695bdcf822d86215776ce7c"
x-amz-request-id: tx00000fc83b252e255da24-0065518e27-db1a051-sfo1
X-Storage-Bucket: z2e18
X-Storage-Object: 2e180604f72026e7e04d480759675c2acfa2d9792355f726a9866059dceb9e18
X-Host: blu62.sf2p.intern.weebly.net
Accept-Ranges: bytes
calendar.google.com/calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w
200 OK 5.2 kB URL GET HTTP/3 calendar.google.com/calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (21536), with no line terminators
Hash 474e2ee2e31d48909dde784f1d861281
2e1b857a6a1c146d8699cf664b4d6dc804fccba9
c35f53b17b601b918d0cf6256e47f85a12b5507ba507af2cee842f0285e9334e
GET /calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 5163
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Nov 2023 08:15:48 GMT
expires: Fri, 08 Nov 2024 08:15:48 GMT
cache-control: public, max-age=31536000
age: 405941
last-modified: Wed, 02 Aug 2023 09:00:56 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
calendar.google.com/calendar/_/web/calendar-static/_/js/k=calendar-web.embed.no.wARLsJy8W78.2020.O/am=CAM/d=1/rs=ABFko38FYQI9YVHlbq5QIOImmYL7loGmqw/m=embed
200 OK 79 kB URL GET HTTP/3 calendar.google.com/calendar/_/web/calendar-static/_/js/k=calendar-web.embed.no.wARLsJy8W78.2020.O/am=CAM/d=1/rs=ABFko38FYQI9YVHlbq5QIOImmYL7loGmqw/m=embed
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (2360)
Hash defc5916c805a9f5324003c9bb1b651d
9fd7a480f4823de6ba66515a2d1a67ff6b7e6e0a
7022c7cbacba1d2c1cc726e38702d6a7cbf1f8fe9932d20128a55bcb4c72abd8
GET /calendar/_/web/calendar-static/_/js/k=calendar-web.embed.no.wARLsJy8W78.2020.O/am=CAM/d=1/rs=ABFko38FYQI9YVHlbq5QIOImmYL7loGmqw/m=embed HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 78671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Nov 2023 16:23:42 GMT
expires: Fri, 08 Nov 2024 16:23:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Nov 2023 23:52:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 376667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/js/client.js?onload=clientLibraryLoaded
200 OK 7.1 kB URL GET HTTP/3 apis.google.com/js/client.js?onload=clientLibraryLoaded
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (2056)
Hash ae5cf43700c6d0049af967a7fd159c9c
71e327500845915949540f11d79abb5c73b74819
695b817d50088a8bc5b443aff5ed9a17c49e295472a395f53498068440312555
GET /js/client.js?onload=clientLibraryLoaded HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 7120
date: Tue, 14 Nov 2023 01:01:29 GMT
expires: Tue, 14 Nov 2023 01:01:29 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "b4ba011a4b830671"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=q1JrmZwkSprIQMJ_nnqtAYArzhUoeerCYgKGHauxgRN9_pFalcVVAP2BKNF7hgNmZmVhXeL8nklHa9YbNqM5VWM6JFE5ZY5mTF_K8ALdIoiHYhhhtjb2OwCQIlGSA2cRyoDwBk7JThWhhWVPlCeWk1ROadevgvgnWTUygArZSFk; expires=Wed, 15-May-2024 01:01:29 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widgetic.com/bundles/blogvioapp/js/editor/control.js
200 OK 3.9 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/control.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (11470), with no line terminators
Hash 88cfd1889cff461c77c571669dc79a7b
edf16bf792f4742f1f905f135a8ebeff443a3419
9f95e234907d6a21b8b3768caca177f7b4003689bdd974f1ec7c16ea96cee6c0
GET /bundles/blogvioapp/js/editor/control.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
content-length: 3870
last-modified: Thu, 27 Jan 2022 16:03:46 GMT
vary: Accept-Encoding
etag: W/"61f2c262-2cce"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 41598449
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 44013
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIyGUcgFhKYs3TjdZTjxA9DVzUDRcDFEjXTQPvE1GsJoJT%2BepE9YOHfXcNVyTJ%2BsCc4UqEZZ%2BRwx72tk4FNt%2BsIiGKtbU2Aa4sGQ%2F4fefE4UwmvJMW6TVPiahLAmxCI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d17e94b509-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/bundles/blogvioapp/js/editor/control.js
200 OK 3.9 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/control.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (11470), with no line terminators
Hash 88cfd1889cff461c77c571669dc79a7b
edf16bf792f4742f1f905f135a8ebeff443a3419
9f95e234907d6a21b8b3768caca177f7b4003689bdd974f1ec7c16ea96cee6c0
GET /bundles/blogvioapp/js/editor/control.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
content-length: 3870
last-modified: Thu, 27 Jan 2022 16:03:46 GMT
vary: Accept-Encoding
etag: W/"61f2c262-2cce"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 41598449
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 44013
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRr%2F6pBIcL9MtN1Yi48cah%2Bdi0ZVWYZvCjXQL8uoJ4XIYXuTONSsSqM4ro10WI%2BCOwHsyDfWXO3iGgmg6OzjtWiT3nIAyeLH1TkgW12m41J%2BRFYeihdi1%2B4DiNzgfNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d1dea9b509-OSL
alt-svc: h3=":443"; ma=86400
cdn.jsdelivr.net/npm/@widgetic/sdk/lib/sdk.js
200 OK 17 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/@widgetic/sdk/lib/sdk.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type ASCII text, with very long lines (50046), with no line terminators
Hash 2faa5a95a8b3de397801b714f56f2676
4347578cb4530c7c5515c4823f1c55de49ca3347
a8d94874a66894f07f2a9e37b4bf6b6ecf9b0632b637105030b32bcdc40285a7
GET /npm/@widgetic/sdk/lib/sdk.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.7.10
x-jsd-version-type: version
etag: W/"c37e-Q0dXjLRTDHxVFcSCPxxV3knKM0c"
content-encoding: br
accept-ranges: bytes
date: Tue, 14 Nov 2023 01:01:29 GMT
age: 38024
x-served-by: cache-fra-etou8220071-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16573
X-Firefox-Spdy: h2
widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
200 OK 33 kB URL GET HTTP/3 widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type gzip compressed data, from Unix\012- data
Hash a0069d941a36682876e47e2cfc0ed6c5
09ee3c49b60bcf78acc761acd4ea2b8fa4f363f9
a65c3cf96bbaed5b57f4d7312e514bd66ddb768a3771f99f380d721e806e1ec0
GET /api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nwafablab.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3600, public
xkey: composition:61c3942aecb2a1f3688b4567 widget:569a2f1cecb2a1be6a8b4568 user:5f3c4c5fecb2a180518b4567
x-varnish: 757570639
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
age: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUTZ87mvK1ZoPVghb%2Bi31sbpluOzpa9QfXpcQnXpMCEq5tvJpCue5NZ2YvOAaBhX5WGLpSaTmYwSrtxoI1bZZTFO731ePzpMgLQvTCI%2BwY%2FKbWa5LaNWEVsGRrPjn8w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52ceddadb509-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
200 OK 110 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (1505)
Size 110 kB (110396 bytes)
Hash 74e2ed30b18badb8e2821b62f0dc86db
a44add961324d8d399de79e45524ffa019ffcd73
3253ebd8d1a3c41f020b8e18e84bf61b96b0c1bba646b047fa90d87e72438371
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 110396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 04:06:01 GMT
expires: Tue, 12 Nov 2024 04:06:01 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 75328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.nwafablab.com/uploads/1/2/6/1/126161596/background-images/2027486465.jpg
200 OK 230 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/background-images/2027486465.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1125, components 3\012- data
Size 230 kB (230441 bytes)
Hash 949478c56325998fe97813ec7f01bbc4
ff36ff0636fc92bcd11e326c9c8aaf3c1501f506
f4e91d42970063e853863c9fe2e1b99ff1ef700d052ee1e7bb50f46519947e9b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/background-images/2027486465.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:28 GMT
Content-Type: image/jpeg
Content-Length: 230441
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:21:35 GMT
x-rgw-object-type: Normal
ETag: "949478c56325998fe97813ec7f01bbc4"
x-amz-request-id: tx00000ec8393d2b2b13715-00655102ec-db1eedd-sfo1
X-Storage-Bucket: zf4e9
X-Storage-Object: f4e91d42970063e853863c9fe2e1b99ff1ef700d052ee1e7bb50f46519947e9b
X-Host: grn23.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261012-s071-edit_orig.jpg
200 OK 66 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261012-s071-edit_orig.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x800, components 3\012- data
Hash ea98385d9fa7b36f069e66dc587aad53
d3b1d57b9f982beccde735922a602f8591953891
5e78494784ed76e0d29ad35036675500aeeb5c5da11d514f46193cc175b94738
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/a043-08261012-s071-edit_orig.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:29 GMT
Content-Type: image/jpeg
Content-Length: 65787
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:51:01 GMT
x-rgw-object-type: Normal
ETag: "ea98385d9fa7b36f069e66dc587aad53"
x-amz-request-id: tx000003f7da91127d797fb-0065506a31-db1a051-sfo1
X-Storage-Bucket: z5e78
X-Storage-Object: 5e78494784ed76e0d29ad35036675500aeeb5c5da11d514f46193cc175b94738
X-Host: grn139.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261012-s072-edit_orig.jpg
200 OK 51 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261012-s072-edit_orig.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3\012- data
Hash cd9daf41d8a8d4ffeae2bfc2836a9903
5f3585c2d1e6482af459be3f35a868875633e4f7
825c5e7868237cafb9da01417bee9aff5187ebb03694559f8eb11132fbbe03e8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/a043-08261012-s072-edit_orig.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:29 GMT
Content-Type: image/jpeg
Content-Length: 51204
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:35:55 GMT
x-rgw-object-type: Normal
ETag: "cd9daf41d8a8d4ffeae2bfc2836a9903"
x-amz-request-id: tx000007ce768e185917e0b-00654f9682-db1a051-sfo1
X-Storage-Bucket: z825c
X-Storage-Object: 825c5e7868237cafb9da01417bee9aff5187ebb03694559f8eb11132fbbe03e8
X-Host: grn156.sf2p.intern.weebly.net
Accept-Ranges: bytes
calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
200 OK 27 kB URL GET HTTP/2 calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type gzip compressed data, max compression\012- data
Hash e480e4f8beed45dc09f866a1da63954a
393a324f917e14b9da227b9cf7ea6142a3f641ff
b209d1e4074db2802515c8edc256df6c45c4da8bd94f8f6908fa95a385cca774
GET /calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 14 Nov 2023 01:01:28 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="calendar_coop_coep"
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/f44fc88452a55a38b73bfc72464aab5c/mr, script-src 'nonce-cFfTCSeEejZ9xJ7qOlKjCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /calendar/cspreport, require-trusted-types-for 'script';report-uri /calendar/cspreport
cross-origin-embedder-policy-report-only: require-corp; report-to="calendar_coop_coep"
report-to: {"group":"calendar_coop_coep","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=VqcOt0wvwWpDTndsyUaBy85bjRu8Yn9Byqj_BrMn5RzTjhOJ8UbY9UFeUP2LE2jWD4MiELgOth1YBgBh4eNJBHb8bwkS5WAf6zHz54nYwhS04bj2lBbqF37r-4LK1mqy8mzbkjNjibFaEsaHG9WCz-wmhppCpgV7rTQz2i5HygM; expires=Wed, 15-May-2024 01:01:28 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widgetic.com/bundles/blogvioapp/js/require.js
200 OK 759 B URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/require.js
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
Hash 37196e8f5be9697d075e1a9f165c10ac
0b054c96a334c0020126ce92a280a5712f04671f
a81551f948932bc38d1b9d329a865d6050adf2da9dae6ec60395c51c6af06054
GET /bundles/blogvioapp/js/require.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
content-length: 759
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
vary: Accept-Encoding
etag: W/"6172b498-825"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 127840763
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 64224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L49Ikqipz6sQdCsZkTCVZF0k5UH03%2FFYx7MsuGYkHxa5RihPjzicxd%2Foub8uIFExg1cgIwn%2F0Hs1qbKVf9apvS4%2F05K9VBAxdtbvIpb8UEy5w6AiJbDc70VYV61kOFU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d2ff02b509-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/bundles/blogvioapp/css/embed.css
200 OK 617 B URL GET HTTP/3 widgetic.com/bundles/blogvioapp/css/embed.css
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (470)
Hash a53aa581e78d48e6b64f8f9a04629e8d
0c17afea09da2ec5dbcc1ba2442fc374f39ee8fb
c420c2545efebcdcedd9fd7e48fe093a8c888f6726710197c0f1adff13b39cf0
GET /bundles/blogvioapp/css/embed.css HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: text/css
content-length: 617
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
vary: Accept-Encoding
etag: W/"6172b498-620"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 1047085770
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 78752
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5W3XTfT2Y8UhxDCVcVU%2FfzvQ6mwXB37G3R75VASHVaYGC0Y1CWsVl63gcrVmKGJS75oTm%2FQLFxpliqXVnF1yd4DQjID3NKFMWI66x0nfPTrnJyauqVN4A6RuCPl%2B%2FEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d2ff03b509-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.css
200 OK 2.7 kB URL GET HTTP/3 widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.css
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (13143), with no line terminators
Hash 947a4b12b3fca661afef3e44c7076ae1
7e30bffdf2ccf3ecee15c4787ea2a8994d4c85c7
d6de7adbfb28a25ee204443f6a29ef5406467fd5a2b4fd81291ee70e91a92fa6
GET /widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.css HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: text/css
content-length: 2740
last-modified: Tue, 15 Aug 2023 14:09:50 GMT
vary: Accept-Encoding
etag: W/"64db872e-3357"
cache-control: public, max-age=31536000
pragma: public
content-encoding: gzip
x-varnish: 159950931
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 1618844
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Yr6QTsAOSF%2BZxLhvR8jv3F1NsT%2B5GLbr%2FYZOikbORZz3Vro29JjltR669ifZjuQk4ggD5p5i5JSrrP8y91qgFvGKm1lkboPNu5ovJZowtbDFUU%2FodMx%2Be%2Bs7OhgmY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d2ff07b509-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js
200 OK 33 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (31994)
Hash 0f6b70d6ced22430d588d81deaebc4bf
992fecf8c240d1a135f33b0e1ac49d9e1062de2e
e7bff1121a3d4b7218c763e7703993e4f8f08ece2dcc82e86fe4a0aceb5fc55a
GET /bundles/blogvioapp/js/editor/core.vendor.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2019 12:56:55 GMT
vary: Accept-Encoding
etag: W/"5dfcc517-16a12"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 220267412
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 73118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkVnjVQzgmxQ10HCJAA5SBO%2FF5F4iSHWgnnodrUI7SZ5twFyRrmsCf1aR9HuazN4TmdSy9hauDDW3v0%2BgHppQ6V8zYHMupxcAV0XTi08papW0HxSGJr3jr1ZhEsbOCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d2ff01b509-OSL
alt-svc: h3=":443"; ma=86400
www.nwafablab.com/files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1682095294
200 OK 39 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 26 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 98f6dacde86ebbaac7cc62b34a6e54cf
d232a9249b6f39e7d35ce6a555e070987357acc9
65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:29 GMT
Content-Type: font/ttf
Content-Length: 39185
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:44 GMT
x-rgw-object-type: Normal
ETag: "98f6dacde86ebbaac7cc62b34a6e54cf"
x-amz-request-id: tx000000000000001c0ef26-0062848670-b9fbc64-sfo1
X-Storage-Bucket: z6503
X-Storage-Object: 65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
X-Host: blu62.sf2p.intern.weebly.net
Accept-Ranges: bytes
calendar.google.com/googlecalendar/images/icon_print.gif
200 OK 118 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/icon_print.gif
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type GIF image data, version 89a, 16 x 16\012- data
Hash 029f3aa4854b8c66db1f31dd62a57d04
eff5d66c01a2d155be2ab4b4517fc8c2bd809063
d104bb2b031ac4243de1598f349115f407ac44057a56619516faa259579e27f1
GET /googlecalendar/images/icon_print.gif HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 118
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Nov 2023 09:06:37 GMT
expires: Sun, 10 Nov 2024 09:06:37 GMT
cache-control: public, max-age=31536000
age: 230092
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
calendar.google.com/googlecalendar/images/menu_arrow_open.gif
200 OK 60 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/menu_arrow_open.gif
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type GIF image data, version 89a, 9 x 9\012- data
Hash e917d93dd863553a3226afd51b4353e6
54d9537a8ea70eb087d7ee7f8b1793b57ea86984
4c6f81132971a9402921578bb989be686920c2e6e725738641f8edd352086a57
GET /googlecalendar/images/menu_arrow_open.gif HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 60
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 03:55:58 GMT
expires: Tue, 12 Nov 2024 03:55:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/gif
age: 75931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
calendar.google.com/googlecalendar/images/blank.gif
200 OK 43 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/blank.gif
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /googlecalendar/images/blank.gif HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 43
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Nov 2023 23:01:50 GMT
expires: Wed, 06 Nov 2024 23:01:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/gif
age: 525579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
calendar.google.com/googlecalendar/images/btn_menu6.gif
200 OK 84 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/btn_menu6.gif
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type GIF image data, version 89a, 15 x 14\012- data
Hash b771dbcc3798d2b77e8f1413f6d06cfe
82b9fe6114481fee01452c671cbef7397e435a5d
9a57b05e8842cbec0a4a757360dd1994fa3f754e925d6f1c4b643a4a0bb75f89
GET /googlecalendar/images/btn_menu6.gif HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 84
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Nov 2023 09:06:59 GMT
expires: Sun, 10 Nov 2024 09:06:59 GMT
cache-control: public, max-age=31536000
age: 230070
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
calendar.google.com/googlecalendar/images/logo-plus.png
200 OK 90 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/logo-plus.png
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 7d59ced973004e150b6f6740d0e031de
930cf1dc938155e7bb7d4953c3fd81cb7854650f
175599178339326734b6c9c9a443754febda1da2ae01b57c2a4636a7118c3d33
GET /googlecalendar/images/logo-plus.png HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 90
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 04:06:10 GMT
expires: Tue, 12 Nov 2024 04:06:10 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
age: 75319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
calendar.google.com/googlecalendar/images/combined_v22.png
200 OK 5.7 kB URL GET HTTP/3 calendar.google.com/googlecalendar/images/combined_v22.png
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type PNG image data, 588 x 180, 8-bit colormap, non-interlaced\012- data
Hash 4d99e214f536b5953c5fc980d6ab1cff
bd7382a44b3ea17ff85dcc4b9fae62a71440ce52
1e0e6addaa9626ff28f1274db498b9733d6665f11706fa4a17c22ed5e9f0b4c2
GET /googlecalendar/images/combined_v22.png HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 5674
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 04:06:10 GMT
expires: Tue, 12 Nov 2024 04:06:10 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
age: 75319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261011-s069.jpg?1640191220
200 OK 91 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261011-s069.jpg?1640191220
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1065x602, components 3\012- data
Hash 40ccb13dfa7fdf2a5eb97a7cca1a5928
d9830ac34c4bc3f0d111e65f6f0e8f3077989114
66fd90807522633cbfbfb28c4b7057d4beee14979dab6bf99c718713ea9b07eb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/a043-08261011-s069.jpg?1640191220 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:29 GMT
Content-Type: image/jpeg
Content-Length: 91398
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:40:20 GMT
x-rgw-object-type: Normal
ETag: "40ccb13dfa7fdf2a5eb97a7cca1a5928"
x-amz-request-id: tx00000ba94a4c2ff4a35f0-006550f04c-db1a099-sfo1
X-Storage-Bucket: z66fd
X-Storage-Object: 66fd90807522633cbfbfb28c4b7057d4beee14979dab6bf99c718713ea9b07eb
X-Host: blu135.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1682095294
200 OK 25 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format, TrueType, length 24865, version 1.0\012- data
Hash 0f12c575e08f164252dbddaf87f03c35
46c9ee5775217080e1e40f2b8aae84157ef44d47
e0bc8743cf211c699ebb439c59780abf7b40b543b28bd198f6f355bb109a7424
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:29 GMT
Content-Type: font/woff
Content-Length: 24866
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "0f12c575e08f164252dbddaf87f03c35"
x-amz-request-id: tx000000000000001af0098-0062847c15-b9fbc77-sfo1
X-Storage-Bucket: ze0bc
X-Storage-Object: e0bc8743cf211c699ebb439c59780abf7b40b543b28bd198f6f355bb109a7424
X-Host: grn49.sf2p.intern.weebly.net
Accept-Ranges: bytes
clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
275 B URL clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2da70af11c762ebc09bb039ed62333bb
5341ebdf27cc8083c5c563797307622083350923
a19d68089eaafd73f76d03ceae9211e1fe4cf7e7e4862192b13d997df7ab9f2c
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__ HTTP/1.1
Host: clients6.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-wxo8Q6d32SNQKLiEFFH06g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 275
date: Tue, 14 Nov 2023 01:01:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 07 Nov 2023 06:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_46x16dp.png
200 OK 1.1 kB URL GET HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_46x16dp.png
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT
File type PNG image data, 46 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash dd45d75f398654ac976fe7e0924732cf
e17f4d34cad5997a42daacc4301747f6deb1aa43
281a4afa0686c5e3b70f560d07fe1e786ca76b3f08fdff69841564ab229e2ab9
GET /images/branding/googlelogo/1x/googlelogo_color_46x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1053
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Nov 2023 21:20:24 GMT
expires: Fri, 08 Nov 2024 21:20:24 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
vary: Origin
age: 358865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widgetic.com/bundles/blogvioapp/js/spine.js
200 OK 8.5 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/spine.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (32011)
Hash 92044c43ac304e3d9f7e335d238a0a65
074c7e2f5396e19b3456c0b757bc1fbc7bb76276
ec55a4bf94cf9d4245ea503b57dc7fdd599f25cb0031d0387d4bc44117138c6d
GET /bundles/blogvioapp/js/spine.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
content-length: 8487
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
vary: Accept-Encoding
etag: W/"6172b498-8108"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 217211619
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 73117
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBqxYY0YExNhLwnoVb8XP0cV0JPTtSa%2FGMATwoHEIyMmqLDyN1wyEp1u4qd6V67vruw9yWSbEWwTl%2BNofeeoGy8hzo%2FGNbwRV4zcKFbtK4xHCy2HT9e1uUFrOIejkfs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d58fb6b509-OSL
alt-svc: h3=":443"; ma=86400
files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
200 OK 36 kB URL GET HTTP/3 files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type Unicode text, UTF-8 text, with very long lines (31999), with LF, NEL line terminators
Hash 03a83a0296d3e114019d229f27ae7a57
09bc4a5a76a8e0ebba914554642e39ea455d74eb
aa2bc066558f6a41f4472d3b5e51de7f1286ce5afe302acc7bbbae4c228a7f34
GET /file/widgetic-uploads/assets/js/core-js.shim.min.js HTTP/1.1
Host: files.widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
x-bz-file-name: assets/js/core-js.shim.min.js
x-bz-file-id: 4_zcab80af2fd0cc5bd57300e14_f104b15177b277c8c_d20180312_m070149_c001_v0001008_t0005
x-bz-content-sha1: ad24cc060a78fcdd30b3924615d701fb54480463
x-bz-upload-timestamp: 1520838109000
x-bz-info-src_last_modified_millis: 1520838005031
cache-control: public, max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 14 Nov 2023 00:47:47 GMT
cf-cache-status: HIT
age: 533
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z%2BOFRs0fykJzZ5yI3M2AlGrMqXXO1DilOkgPbinhv%2B3uEldnA8w3vqsNGsUSWjqAErV02Sj8QDlYgKoIcOyanYpSNQFD6k3MqV95k%2FKxwPGOU6dGHL2KRPHSwYzgWwbJbjkEN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 825b52d32f12b509-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
apis.google.com/js/googleapis.proxy.js?onload=startup
200 OK 7.1 kB URL GET HTTP/3 apis.google.com/js/googleapis.proxy.js?onload=startup
IP
Requested by https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__#parent=https%3A%2F%2Fcalendar.google.com&rpctoken=530103984
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (2056)
Hash a652c99342a60e6c01af3b070abca897
bfb2432d813541b35134b63606efd3d32c715224
f92e7baf6054ada951110842b4751571b3b16b43e826ff46eb36520f0294f59d
GET /js/googleapis.proxy.js?onload=startup HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clients6.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 7117
date: Tue, 14 Nov 2023 01:01:29 GMT
expires: Tue, 14 Nov 2023 01:01:29 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5f95998ecb7c0577"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=YhHQE4yy0oDxWI1p9vK7ryyjgZJ_KpIt2N1eaxKSn3GWIhqYkL-Pg-bKEvpz-oNGKo3o3XQDISxkh8LXBqxGSzcuZ_yAI3P1uPxJA9u6O1kwn30t-KVBWHPJKkvelZeotXTvgr2Yu9a0chY0kFtTnmPL_xOCR0yzty15OW3Ss2c; expires=Wed, 15-May-2024 01:01:29 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
200 OK 80 kB URL GET HTTP/3 files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type gzip compressed data, from Unix\012- data
Hash b85aa5d46b7eef4354616ab8a9ec775b
dcd29e9f386acdafea02dc3a92d9466af45442e4
0aa088356235449130dd61afc51649b018558e94ac155b8f61e285962cb90b7a
GET /file/widgetic-uploads/assets/js/core-js.shim.min.js HTTP/1.1
Host: files.widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
x-bz-file-name: assets/js/core-js.shim.min.js
x-bz-file-id: 4_zcab80af2fd0cc5bd57300e14_f104b15177b277c8c_d20180312_m070149_c001_v0001008_t0005
x-bz-content-sha1: ad24cc060a78fcdd30b3924615d701fb54480463
x-bz-upload-timestamp: 1520838109000
x-bz-info-src_last_modified_millis: 1520838005031
cache-control: public, max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 14 Nov 2023 00:47:47 GMT
cf-cache-status: HIT
age: 533
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4b6%2BYCWm1hzfVSJjAq6MHVOdQVMxg8pNmZYo80Xn0h5oo2w0YJclgc0zqEURNAQT5qFGGOuI7xy1H%2Fl%2FjRBi32ZGMLYJkxqaP6qFpG572a%2FKMiycfS4MYtDpxk0tZOPDYlDs%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 825b52d2ff06b509-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
widgetic.com/bundles/blogvioapp/js/editor/core.js
200 OK 6.0 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/core.js
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (21604), with no line terminators
Hash ce01d14505f17d6f0c83e0ee7e648d56
f2bc9e0ea4c8ee8051ca55303d57ed3149bcb993
320242e458ff727cf119b25be7eed579317dad053ffe30beb9ca473f9c2eaf8f
GET /bundles/blogvioapp/js/editor/core.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
content-length: 5959
last-modified: Thu, 27 May 2021 10:10:28 GMT
vary: Accept-Encoding
etag: W/"60af7014-5464"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 700912254
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 36117
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BrU5JB7b%2FVnyBxsWKXzT%2BA9yyeE5LguCrHvSRmPjlBzTluZKmeZAT%2FY%2Fa0jnypUeK1ASKU0qCMkBxizTINNG6bTHCunvkd0d7aOpOTbjPV1ZgbyrWOtAds80RtsO7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d5dfcfb509-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/bundles/blogvioapp/js/editor/core.js
200 OK 6.0 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/core.js
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (21604), with no line terminators
Hash ce01d14505f17d6f0c83e0ee7e648d56
f2bc9e0ea4c8ee8051ca55303d57ed3149bcb993
320242e458ff727cf119b25be7eed579317dad053ffe30beb9ca473f9c2eaf8f
GET /bundles/blogvioapp/js/editor/core.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
content-length: 5959
last-modified: Thu, 27 May 2021 10:10:28 GMT
vary: Accept-Encoding
etag: W/"60af7014-5464"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 700912254
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 36117
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIsO51JHJI%2BEPpO%2BMuOiDR6PiGmcmf1Q%2BWW5r9w4j6b43%2F9sOKvoP%2Bbl1YeUgA5wN9QljdbaR7V8xWI64%2FFWeZ6AUqZSbVd2c1Xz%2BK9B59dLs3pKB738%2FlLKTqlxocw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d5dfd1b509-OSL
alt-svc: h3=":443"; ma=86400
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
200 OK 28 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
IP
Requested by https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__#parent=https%3A%2F%2Fcalendar.google.com&rpctoken=530103984
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type ASCII text, with very long lines (2488)
Hash 60180c173e50ce443166055d3df2dee7
300b49ba9dd3ebd6654a3b9567cb673a1cc0e8a4
84b4d9bd7d1de7f01972743862afa12b6899d2015e89eebfb7cac12232611e5f
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clients6.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 27742
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 17:10:30 GMT
expires: Tue, 12 Nov 2024 17:10:30 GMT
cache-control: public, max-age=31536000
age: 28259
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
200 OK 5.5 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
File type ASCII text, with very long lines (2220)
Hash 316f3557abf074f917ff1f83d776338d
8fdfb015a94c6ee5a4276e2577665a27ccc8c1f3
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
GET /ajax/libs/webfont/1.6.16/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 03:55:39 GMT
expires: Tue, 12 Nov 2024 03:55:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 75950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
200 OK 5.5 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
File type ASCII text, with very long lines (2220)
Hash 316f3557abf074f917ff1f83d776338d
8fdfb015a94c6ee5a4276e2577665a27ccc8c1f3
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
GET /ajax/libs/webfont/1.6.16/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 03:55:39 GMT
expires: Tue, 12 Nov 2024 03:55:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 75950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.nwafablab.com/favicon.ico
200 OK 4.3 kB URL GET HTTP/1.1 www.nwafablab.com/favicon.ico
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:30 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000001b53b91-00628478b7-b9fbc29-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: grn143.sf2p.intern.weebly.net
Accept-Ranges: bytes
widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.js
200 OK 100 kB URL GET HTTP/3 widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 100 kB (100288 bytes)
Hash c9d16c571e32e6761e4739b33a043145
ea17c7b170789dbc2e27a80d7e1cf5a96b85dda9
47cbf1633930bcee1ffd77a5f68d9ecd42eb4600e08ba035a0b17091f72656fc
GET /widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:29 GMT
content-type: application/javascript
last-modified: Tue, 15 Aug 2023 14:09:50 GMT
vary: Accept-Encoding
etag: W/"64db872e-44bad"
cache-control: public, max-age=31536000
pragma: public
content-encoding: gzip
x-varnish: 159950937
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 1448143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBzPhOHE6fCIuFVJ3tU9gQncsIAyeDi026oUQ83hxQAV9GLnMIVYgBmOSbgXW3PU%2FWASJB%2FjDfXCcb8%2F2zleOdRuyCvDTpsILDC5j0tvxayxszckwpzj5kZYG%2BKXMls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d64ff0b509-OSL
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Roboto
200 OK 52 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
File type gzip compressed data, max compression\012- data
Hash f1acefd579f44c3e7a0a57382e55ba62
4f08a5b92d72d9fbc690be74693575f7d185223a
7ee85efe930ed03ba76ea00122475f971c763f97a7cf839dcb460c0cac4d38cc
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 14 Nov 2023 01:01:29 GMT
date: Tue, 14 Nov 2023 01:01:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed/data
200 OK 2.7 kB URL GET HTTP/3 widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed/data
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type JSON data\012- , ASCII text, with very long lines (12240), with no line terminators
Hash 91ed842c29940024f133ee9caef3fa49
e9ab5ee3466d7965ac254a2f02ed57ff24ff35c4
4d9ab64e416c25de7a1d0b3b8187144484e1b7d6dc7e34ed41145f8dbd9bd01c
GET /api/v2/compositions/615dd851ecb2a1d2378b4567/embed/data HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgEPUVFVGwEAV1FWAwUH
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:30 GMT
content-type: application/json
content-length: 2723
vary: Accept-Encoding
cache-control: no-cache
xkey: composition:615dd851ecb2a1d2378b4567 widget:569a2f1cecb2a1be6a8b4568 skin:615dd851ecb2a128388b4567 user:5f3c4c5fecb2a180518b4567
x-newrelic-app-data: PxQFVl5TDwUTVlFRBwUDUlQTGhE1AwE2QgNWEVlbQFtcC2VOcAJHCwtYa04HE1FsRlY+BVJFaAULXEZcEQ8XC18MZwdVWlFWbAFYFVBDH1JKBgdRVlMUAx5UV1IOARtLVR0UBFAEUwNVBgtTWw0MVgdUDUMdB1IOF1Nq
content-encoding: gzip
x-varnish: 757570657
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
age: 0
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXwypb3c21Tu7BU514WJqEfNF%2BoEjND%2BamVmmzd5AwPbxXMLSWn1zTrtlmccOsP8y5CIZBhoZCRmbR2RerLLX0Wpa%2FJeDzaVTsv9ERgquSe4ON0L3yWAW0skmqpNuOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d64ff4b509-OSL
alt-svc: h3=":443"; ma=86400
www.nwafablab.com/files/theme/fonts/18839597-afa8-4f0b-9abb-4a30262d0da8.ttf?1682095294
200 OK 52 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/18839597-afa8-4f0b-9abb-4a30262d0da8.ttf?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 30 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 0e7e6446b2256e0cab1eda85655b253e
db15e8b7df5ee737e4960e0190af1ceaed74d5ac
a4e7a777a8d0e1a06feffaff42f025b9d8d890ca1df6f46d84f5da810109f5c0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/18839597-afa8-4f0b-9abb-4a30262d0da8.ttf?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:29 GMT
Content-Type: font/ttf
Content-Length: 52433
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "0e7e6446b2256e0cab1eda85655b253e"
x-amz-request-id: tx000000000000001b2a07a-006284793b-b9fbc64-sfo1
X-Storage-Bucket: za4e7
X-Storage-Object: a4e7a777a8d0e1a06feffaff42f025b9d8d890ca1df6f46d84f5da810109f5c0
X-Host: blu17.sf2p.intern.weebly.net
Accept-Ranges: bytes
widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
200 OK 49 kB URL GET HTTP/3 widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nwafablab.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3600, public
xkey: composition:615dd851ecb2a1d2378b4567 widget:569a2f1cecb2a1be6a8b4568 user:5f3c4c5fecb2a180518b4567
x-varnish: 760781730
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
age: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FswfrRc9l4sSaeSmNPdi7gTOPSswCeKZdzhsachhTkKf1LLMH%2BEfPBrT8EN5SFrW1UCAhehp%2FXLnLo9fgHYPHhHIwUBu4YUQ5zjZv7%2BV38CI7lwC9PElpghqOTwf%2Fa4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52ccacc7b509-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed/data
200 OK 12 kB URL GET HTTP/3 widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed/data
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type JSON data\012- , ASCII text, with very long lines (12250), with no line terminators
Hash c15b85b68f9073670cac4be21e23fd77
5c6d8a52e3005bb8d7410c862d416d8ffc269ba2
cf4a5683417d4a28d9708972b5ee73feef479fbdaf7b262d389652b1fb9ca532
GET /api/v2/compositions/61c3942aecb2a1f3688b4567/embed/data HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgEPUVFVGwEAV1FWAwUH
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 14 Nov 2023 01:01:30 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache
xkey: composition:61c3942aecb2a1f3688b4567 widget:569a2f1cecb2a1be6a8b4568 skin:61c3949becb2a156698b4567 user:5f3c4c5fecb2a180518b4567
x-newrelic-app-data: PxQFVl5TDwUTVlFRBwUDUlQTGhE1AwE2QgNWEVlbQFtcC2VOcAJHCwtYa04HE1FsRlY+BVJFaAULXEZcEQ8XC18MZwdVWlFWbAFYFVBDH1JKBgdRVlMUAx5UWFEDBRtLVR0UClFRV1ZSVFpVC1lVBAMAWkMdB1IOF1Nq
content-encoding: gzip
x-varnish: 758698543
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
age: 0
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdIo90WjGppwNAhM6cMMjeQPeP4XYFipNfJQ6cG8uUDujdZYg4FggLWuG0kTnf7ZSNO6%2Bh34CyQ71AwZ3HZFkt20yHSq4ZO0kx4ZdY6572T%2FU8BBsx%2BpFuCMA%2F1K7%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52d64feeb509-OSL
alt-svc: h3=":443"; ma=86400
www.nwafablab.com/files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1682095294
200 OK 52 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 30 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 53427fd099b7a52f111705d7c7558f14
c2da00f48ed2d059802433cad18062cbe1a9f0d1
56e2dd12548082d7acc7cc3762be313b6d43809588e973cf9338f513159904b5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:29 GMT
Content-Type: font/ttf
Content-Length: 51501
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "53427fd099b7a52f111705d7c7558f14"
x-amz-request-id: tx000000000000001b96edf-0062847f61-b9fbc64-sfo1
X-Storage-Bucket: z56e2
X-Storage-Object: 56e2dd12548082d7acc7cc3762be313b6d43809588e973cf9338f513159904b5
X-Host: grn27.sf2p.intern.weebly.net
Accept-Ranges: bytes
clients6.google.com/calendar/v3/calendars/15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09@group.calendar.google.com/events?calendarId=15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09%40group.calendar.google.com&singleEvents=true&timeZone=America%2FChicago&maxAttendees=1&maxResults=250&sanitizeHtml=true&timeMin=2023-10-29T00%3A00%3A00-06%3A00&timeMax=2023-12-03T00%3A00%3A00-06%3A00&key=AIzaSyBNlYH01_9Hc5S1J9vuFmu2nUqBZJNAXxs
200 OK 31 kB URL GET HTTP/3 clients6.google.com/calendar/v3/calendars/15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09@group.calendar.google.com/events?calendarId=15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09%40group.calendar.google.com&singleEvents=true&timeZone=America%2FChicago&maxAttendees=1&maxResults=250&sanitizeHtml=true&timeMin=2023-10-29T00%3A00%3A00-06%3A00&timeMax=2023-12-03T00%3A00%3A00-06%3A00&key=AIzaSyBNlYH01_9Hc5S1J9vuFmu2nUqBZJNAXxs
IP
Requested by https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__#parent=https%3A%2F%2Fcalendar.google.com&rpctoken=530103984
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type JSON data\012- , ASCII text
Hash d35f4493161fe6121f9e925096322bd8
560d657cd39c5336efe7e579c169c08004835073
6a09b8b4baf5e7eede9acd593c34644b6157cdbc6fd8473c56dcf3505f3df352
GET /calendar/v3/calendars/15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09@group.calendar.google.com/events?calendarId=15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09%40group.calendar.google.com&singleEvents=true&timeZone=America%2FChicago&maxAttendees=1&maxResults=250&sanitizeHtml=true&timeMin=2023-10-29T00%3A00%3A00-06%3A00&timeMax=2023-12-03T00%3A00%3A00-06%3A00&key=AIzaSyBNlYH01_9Hc5S1J9vuFmu2nUqBZJNAXxs HTTP/1.1
Host: clients6.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Origin: https://calendar.google.com
X-Referer: https://calendar.google.com
X-Goog-Encode-Response-If-Executable: base64
DNT: 1
Connection: keep-alive
Referer: https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
date: Tue, 14 Nov 2023 01:01:30 GMT
expires: Tue, 14 Nov 2023 01:01:30 GMT
content-length: 1427
cache-control: private, max-age=0, must-revalidate, no-transform
vary: Origin, X-Origin, Referer
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widgetic.com/wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=4ced53d0-d501-4013-9d6e-2c0ff986c2ea&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale=
301 Moved Permanently 49 kB URL GET HTTP/2 widgetic.com/wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=4ced53d0-d501-4013-9d6e-2c0ff986c2ea&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale=
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=4ced53d0-d501-4013-9d6e-2c0ff986c2ea&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale= HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 14 Nov 2023 01:01:28 GMT
content-type: text/html; charset=utf-8
location: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
x-powered-by: Express
cache-control: private, no-cache
vary: Accept
x-varnish: 760781720
age: 0
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uktkvNpk84dWDCQgS7Bic%2FR2dTY4%2FsfBfyzQFlyZ5Hid3l%2F1SwcKc97Csc58i370fSf1fvXf9dRDgbcfnlFYzf%2BMNjBFf2djQyPadSyBT2ecxAzO20Na8POyaC0rA1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52cb7d1e56c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
200 OK 382 B URL GET HTTP/2 clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (407), with no line terminators
Hash 3e797e0b08968b957b7750584904268d
411858105c3004952e4650eadbcb2bafe2e1684b
33778439eb2fe632ef569f08d4707275c27026027e6565cc60572f23d93b17c7
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__ HTTP/1.1
Host: clients6.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-wxo8Q6d32SNQKLiEFFH06g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 275
date: Tue, 14 Nov 2023 01:01:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 07 Nov 2023 06:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.nwafablab.com/files/theme/fonts/92b66dbd-4201-4ac2-a605-4d4ffc8705cc.woff?1682095294
200 OK 25 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/92b66dbd-4201-4ac2-a605-4d4ffc8705cc.woff?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format, TrueType, length 25168, version 1.0\012- data
Hash 2f4c2c07910a4f4c70e95bbb7859f28e
1e95b73f1e87373b532928dd4a298a904ee440e9
f78c119c0807a2140e669a0e114ae2addcd782c948c91c25639e6eccfa6d08af
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/92b66dbd-4201-4ac2-a605-4d4ffc8705cc.woff?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Nov 2023 01:01:29 GMT
Content-Type: font/woff
Content-Length: 25169
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:44 GMT
x-rgw-object-type: Normal
ETag: "2f4c2c07910a4f4c70e95bbb7859f28e"
x-amz-request-id: tx000000000000001b2a08f-006284793b-b9fbc64-sfo1
X-Storage-Bucket: zf78c
X-Storage-Object: f78c119c0807a2140e669a0e114ae2addcd782c948c91c25639e6eccfa6d08af
X-Host: blu49.sf2p.intern.weebly.net
Accept-Ranges: bytes
widgetic.com/wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=d027bcc5-b7f0-494f-8739-f4a5abfe09ec&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale=
301 Moved Permanently 49 kB URL GET HTTP/2 widgetic.com/wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=d027bcc5-b7f0-494f-8739-f4a5abfe09ec&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale=
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=d027bcc5-b7f0-494f-8739-f4a5abfe09ec&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale= HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 14 Nov 2023 01:01:28 GMT
content-type: text/html; charset=utf-8
location: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
x-powered-by: Express
cache-control: private, no-cache
vary: Accept
x-varnish: 751832117
age: 0
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYjmlp%2BF9%2BlcrKTaKjjhmTA7Coa6wjEWZfOpyW0UHPwSwSiM0jk47Nax7nWnbsh2cBfifWHMMQ06%2FWTwfwsl5YvL2sYSznGTzFYOSELUywG%2BLiSzdCrqs2KPGTcJiu0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 825b52cbcd3256c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
199.34.228.77
0.0.0.0