301 Moved Permanently 234 B URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dada1b02be35bdbd4a673ebc91cb7f8e
b5f31d0fa6cfb68f334b7e86997c629414a8c851
82a2d2e76aead11c49169cc260a794f28ca290d82db716fb8fb95868738de0d5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 24 Nov 2023 04:23:28 GMT
Server: Apache
Location: https://www.nwafablab.com/
Content-Length: 234
Keep-Alive: timeout=10, max=49
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
200 OK 11 kB URL User Request GET HTTP/1.1 IP
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3274), with CRLF, LF line terminators
Hash b898d4f34a58470aacbdcceec4a44271
bbd30bb9641252efdb0d2cb5010fe8419999c10e
a71ed116d87fb1b5f677230ca1deed0552cdb16a75711a46d3a68ed61e4a37ab
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Nov 2023 04:23:29 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.nwafablab.com
language=en; expires=Fri, 08-Dec-2023 04:23:29 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"b898d4f34a58470aacbdcceec4a44271-gzip"
Content-Encoding: gzip
X-Host: grn154.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 10841
Keep-Alive: timeout=10, max=43
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/js/jquery-1.8.3.min.js
200 OK 34 kB URL GET HTTP/2 cdn2.editmysite.com/js/jquery-1.8.3.min.js
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (65483)
Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7
06e872300088b9ba8a08427d28ed0efcdf9c6ff5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
GET /js/jquery-1.8.3.min.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 14 Nov 2023 16:10:11 GMT
etag: "65539be3-16dc4"
expires: Tue, 28 Nov 2023 23:08:15 GMT
cache-control: max-age=1209600
x-host: blu51.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:29 GMT
age: 796515
x-served-by: cache-sjc10032-SJC, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 17, 7335
x-timer: S1700799810.862129,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/social-icons.css?buildtime=1682090211
200 OK 1.6 kB URL GET HTTP/2 cdn2.editmysite.com/css/social-icons.css?buildtime=1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (13080)
Hash d2e62592756efee9c3bc09762db38f17
67172bdb809989130ac91a907031982f923283fe
6ccd87dcd84708e925a85e89dcb94b90786afe174dc308ff5be3f3a117f92d85
GET /css/social-icons.css?buildtime=1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Thu, 16 Nov 2023 19:45:13 GMT
etag: W/"65567149-3319"
expires: Thu, 30 Nov 2023 21:06:35 GMT
cache-control: max-age=1209600
x-host: blu54.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:29 GMT
age: 631014
x-served-by: cache-sjc10050-SJC, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 77, 1
x-timer: S1700799810.865830,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1639
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Montserrat/font.css?2
200 OK 276 B URL GET HTTP/2 cdn2.editmysite.com/fonts/Montserrat/font.css?2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
Hash 91b360ae11a20a31e6a9ca60c6f6c691
ec3c5c553a20655c54b0a5577a15abe576efa9b1
cf91769ae11889ad46b8090d0d4d58a4621f2bcea35d1d8d96ea5e38ba34ee73
GET /fonts/Montserrat/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 14 Nov 2023 16:06:39 GMT
etag: "65539b0f-354"
expires: Wed, 29 Nov 2023 09:08:45 GMT
cache-control: max-age=1209600
x-host: blu99.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:29 GMT
age: 760484
x-served-by: cache-sjc1000108-SJC, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 41, 2502
x-timer: S1700799810.866963,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 276
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Oswald/font.css?2
200 OK 300 B URL GET HTTP/2 cdn2.editmysite.com/fonts/Oswald/font.css?2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
Hash 775b24a6bf448ef1741a248f4d0d1798
c744599bc3828d7cf61211f932a658893eb0ed19
3579bad82b0dbe568857f5550630f16e8b3cc434c0e4d3d04549033b7b8eb814
GET /fonts/Oswald/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 13 Nov 2023 22:41:08 GMT
etag: "6552a604-4f0"
expires: Tue, 28 Nov 2023 15:06:18 GMT
cache-control: max-age=1209600
x-host: grn38.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:29 GMT
age: 825431
x-served-by: cache-sjc1000114-SJC, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 640, 12
x-timer: S1700799810.867181,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 300
X-Firefox-Spdy: h2
cdn2.editmysite.com/fonts/Raleway/font.css?2
200 OK 360 B URL GET HTTP/2 cdn2.editmysite.com/fonts/Raleway/font.css?2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
Hash 418811a280009065492fcad7569d9a9d
b0f8f8153bcf58c00ca2f6eca5117944cacc20e6
7e95fc140480ef50a60f97de91912908430f7199a662fb7d2e08132132ed2bb9
GET /fonts/Raleway/font.css?2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 13 Nov 2023 22:41:08 GMT
etag: "6552a604-a10"
expires: Tue, 28 Nov 2023 15:06:15 GMT
cache-control: max-age=1209600
x-host: grn38.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:29 GMT
age: 825435
x-served-by: cache-sjc1000114-SJC, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 291, 702
x-timer: S1700799810.867910,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 360
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1682090211
200 OK 146 kB URL GET HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (32147)
Size 146 kB (146401 bytes)
Hash 0de029f7ed3fd4cbfdcef31b834138e3
224512b5c840e885cd0732822af53301681ec799
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0
GET /js/site/main.js?buildTime=1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Nov 2023 23:10:56 GMT
etag: "6557f300-74804"
expires: Tue, 05 Dec 2023 13:57:56 GMT
cache-control: max-age=1209600
x-host: grn73.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:29 GMT
age: 224733
x-served-by: cache-sjc1000088-SJC, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 1
x-timer: S1700799810.862319,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146401
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/sites.css?buildTime=1682090211
200 OK 30 kB URL GET HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 251fe9dd065a30efd11ccab9a9613cda
9c8bec2886368f245985ae92222349ba92ac07f7
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07
GET /css/sites.css?buildTime=1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Mon, 13 Nov 2023 22:44:43 GMT
etag: W/"6552a6db-337f6"
expires: Tue, 28 Nov 2023 13:59:57 GMT
cache-control: max-age=1209600
x-host: grn83.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:29 GMT
age: 829412
x-served-by: cache-sjc10029-SJC, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 73, 1
x-timer: S1700799810.864367,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29663
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1682090211&
200 OK 33 kB URL GET HTTP/3 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1682090211&
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (65024)
Hash 5925dea9d02b39d0e66e7ccc20371e80
79723f4fdf3c06cbc6a7b44fcc78cb1de7793be0
3b7805a3f0e4750ab90d4c40f0d1efdf11c5deb485ef9ed12b9c89b000f87f82
GET /js/lang/en/stl.js?buildTime=1682090211& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Nov 2023 23:09:20 GMT
etag: "6557f2a0-2c90e"
expires: Sun, 03 Dec 2023 11:30:28 GMT
cache-control: max-age=1209600
x-host: blu92.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:29 GMT
age: 406381
x-served-by: cache-sjc10064-SJC, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 311, 1
x-timer: S1700799810.862125,VS0,VE4
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33107
X-Firefox-Spdy: h2
www.nwafablab.com/files/main_style.css?1682095294
200 OK 7.4 kB URL GET HTTP/1.1 www.nwafablab.com/files/main_style.css?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type ASCII text, with very long lines (1061)
Hash 253e9dfc9dca89ae3c78be0674206821
a39afed459e95a78c8bab00876d4b1c30a35d3b3
62b30147abac3c52a6f988ef34f58abfe6c1fa47b1911e63c7bbc5e7392c7768
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/main_style.css?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:29 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu125.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1682090211
200 OK 159 kB URL GET HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (32029)
Size 159 kB (159104 bytes)
Hash 477945f3201c7b0c701a23b373cadb2a
ac7582e7ab946ce51cb94431cb026ebe6dbce9c2
207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6
GET /js/site/main-customer-accounts-site.js?buildTime=1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Nov 2023 23:10:56 GMT
etag: "6557f300-826d7"
expires: Tue, 05 Dec 2023 13:51:23 GMT
cache-control: max-age=1209600
x-host: grn73.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:29 GMT
age: 225127
x-served-by: cache-sjc1000088-SJC, cache-bma1670-BMA
x-cache: HIT, HIT
x-cache-hits: 39, 1
x-timer: S1700799810.864122,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 159104
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/fancybox.css?1682090211
200 OK 1.2 kB URL GET HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1682090211
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (3910)
Hash 1dcebbb5a1eb8b028310ceeb72a339b3
e254b7a35ac189fd1ce9cf8bd78593bebfe27d7d
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
GET /css/old/fancybox.css?1682090211 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 14 Nov 2023 16:10:28 GMT
etag: "65539bf4-f47"
expires: Tue, 28 Nov 2023 17:27:42 GMT
cache-control: max-age=1209600
x-host: blu52.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 816947
x-served-by: cache-sjc1000101-SJC, cache-bma1670-BMA
x-cache: HIT, MISS
x-cache-hits: 437, 0
x-timer: S1700799810.861778,VS0,VE161
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2
www.nwafablab.com/files/templateArtifacts.js?1682095294
200 OK 1.6 kB URL GET HTTP/1.1 www.nwafablab.com/files/templateArtifacts.js?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type exported SGML document, ASCII text, with very long lines (1630)
Hash ae81ab7069097a055829fb9919258138
7dc529f16fb595bbbfc5937adfe1d0a5cf563f8a
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/templateArtifacts.js?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn80.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1682090211&
200 OK 33 kB URL GET HTTP/3 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1682090211&
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (65024)
Hash 5925dea9d02b39d0e66e7ccc20371e80
79723f4fdf3c06cbc6a7b44fcc78cb1de7793be0
3b7805a3f0e4750ab90d4c40f0d1efdf11c5deb485ef9ed12b9c89b000f87f82
GET /js/lang/en/stl.js?buildTime=1682090211& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 33107
server: nginx
content-type: application/javascript
last-modified: Fri, 17 Nov 2023 23:09:20 GMT
etag: "6557f2a0-2c90e"
expires: Sun, 03 Dec 2023 11:30:28 GMT
cache-control: max-age=1209600
x-host: blu92.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 406382
x-served-by: cache-sjc10064-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 311, 1
x-timer: S1700799810.402596,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Raleway/regular.woff2
200 OK 21 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Raleway/regular.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data
Hash 16911581ab7ea10687a5aee74cbc5612
b0b24248345739209d753a4ac77ccfc1f627b219
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
GET /fonts/Raleway/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 21280
server: nginx
content-type: font/woff2
last-modified: Thu, 09 Nov 2023 20:53:46 GMT
etag: "654d46da-5320"
expires: Fri, 24 Nov 2023 10:18:54 GMT
cache-control: max-age=1209600
x-host: blu120.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 1188276
x-served-by: cache-sjc10072-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 2
x-timer: S1700799811.504357,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Raleway/bold.woff2
200 OK 21 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Raleway/bold.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 21440, version 1.0\012- data
Hash 94fafbcc94523bdae26461e70966bae3
2225772fffa5f225d427cbcf27348c5eed29dcd2
80f4e592fb822c98ea06e6553fbb20d8c6161644a39de94baaa9c448c6aba20a
GET /fonts/Raleway/bold.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 21440
server: nginx
content-type: font/woff2
last-modified: Fri, 17 Nov 2023 16:01:16 GMT
etag: "65578e4c-53c0"
expires: Mon, 04 Dec 2023 17:17:07 GMT
cache-control: max-age=1209600
x-host: blu79.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 299182
x-served-by: cache-sjc1000127-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 5
x-timer: S1700799811.504342,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Montserrat/regular.woff2
200 OK 13 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Montserrat/regular.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /fonts/Montserrat/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 12708
server: nginx
content-type: font/woff2
last-modified: Fri, 17 Nov 2023 16:01:16 GMT
etag: "65578e4c-31a4"
expires: Tue, 05 Dec 2023 12:24:24 GMT
cache-control: max-age=1209600
x-host: blu157.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 230347
x-served-by: cache-sjc1000136-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 33, 511
x-timer: S1700799811.504329,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Oswald/light.woff2
200 OK 10 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Oswald/light.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 10104, version 1.0\012- data
Hash f6a41f84ddc640654e6dc189ea56794a
395d2e505f014e4c8c21d1a97416b6122111451f
d47bc9a324b78a4aa8324b7bdeb72515cc2ce942d5a1f8a8fcc0962a2c8fc605
GET /fonts/Oswald/light.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 10104
server: nginx
content-type: font/woff2
last-modified: Fri, 17 Nov 2023 16:01:16 GMT
etag: "65578e4c-2778"
expires: Tue, 05 Dec 2023 15:43:50 GMT
cache-control: max-age=1209600
x-host: blu73.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 218380
x-served-by: cache-sjc10068-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 95, 1
x-timer: S1700799811.504376,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Oswald/bold.woff2
200 OK 10 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Oswald/bold.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Hash 58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
GET /fonts/Oswald/bold.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 10172
server: nginx
content-type: font/woff2
last-modified: Tue, 14 Nov 2023 16:06:39 GMT
etag: "65539b0f-27bc"
expires: Tue, 28 Nov 2023 16:46:51 GMT
cache-control: max-age=1209600
x-host: blu26.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 819399
x-served-by: cache-sjc1000113-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 67, 1
x-timer: S1700799811.504317,VS0,VE1
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.nwafablab.com/files/theme/plugins.js?1640209705
200 OK 16 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/plugins.js?1640209705
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
Hash 2b8d85f1ea01d2c3e8b962eac8d76a5c
936987a7e08daa4a916c77d86937edee42d657da
b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/plugins.js?1640209705 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 24 Apr 2022 01:56:38 GMT
x-rgw-object-type: Normal
ETag: W/"2b8d85f1ea01d2c3e8b962eac8d76a5c"
x-amz-request-id: tx000000000000001b40535-0062847a75-b9fbc64-sfo1
X-Storage-Bucket: zb635
X-Storage-Object: b6353ca52760aba4e7547ae9861db68158dc2af0f4febece55e5c775ee4449f5
X-Host: grn80.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/fonts/Oswald/regular.woff2
200 OK 9.8 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Oswald/regular.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /fonts/Oswald/regular.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 9840
server: nginx
content-type: font/woff2
last-modified: Fri, 17 Nov 2023 16:01:16 GMT
etag: "65578e4c-2670"
expires: Mon, 04 Dec 2023 16:11:07 GMT
cache-control: max-age=1209600
x-host: blu86.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 303143
x-served-by: cache-sjc1000143-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 39, 1
x-timer: S1700799811.504408,VS0,VE3
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn2.editmysite.com/fonts/Raleway/medium.woff2
200 OK 21 kB URL GET HTTP/3 cdn2.editmysite.com/fonts/Raleway/medium.woff2
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type Web Open Font Format (Version 2), TrueType, length 20704, version 1.0\012- data
Hash bf05fdfc64ff2a262aa33b8b3a8e9bef
6000fd9fc8021257e32c3bbb9d31582beeb4e3a8
263105b83da311cd76db478c2d958dfded7cc73be6233045a3d3a2b57b86882f
GET /fonts/Raleway/medium.woff2 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://cdn2.editmysite.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 20704
server: nginx
content-type: font/woff2
last-modified: Fri, 17 Nov 2023 16:01:16 GMT
etag: "65578e4c-50e0"
expires: Wed, 06 Dec 2023 15:13:18 GMT
cache-control: max-age=1209600
x-host: grn64.sf2p.intern.weebly.net
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 133811
x-served-by: cache-sjc1000144-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 82, 2
x-timer: S1700799811.506690,VS0,VE0
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.nwafablab.com/files/theme/custom.js?1640209705
200 OK 1.8 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/custom.js?1640209705
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
Hash 48e887857aec23f184b0aa49c18d2445
9480776eb1666cd553a80f38316c6305943e5891
0567021bc3973d113c6b0b6e68d0e9a8b53f38a7f60716c83214a133cc00139a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/custom.js?1640209705 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 19 Apr 2022 15:56:37 GMT
x-rgw-object-type: Normal
ETag: W/"48e887857aec23f184b0aa49c18d2445"
x-amz-request-id: tx000000000000001b96ed8-0062847f61-b9fbc64-sfo1
X-Storage-Bucket: z0567
X-Storage-Object: 0567021bc3973d113c6b0b6e68d0e9a8b53f38a7f60716c83214a133cc00139a
X-Host: blu49.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/js/wsnbn/snowday262.js
200 OK 26 kB URL GET HTTP/3 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGlobalSign nv-sa
Subject*.editmysite.com
Fingerprint8D:09:E9:00:22:07:DC:77:D7:9F:B9:55:7D:0A:C1:8A:58:67:20:18
ValidityMon, 12 Jun 2023 23:15:31 GMT - Sat, 13 Jul 2024 23:15:30 GMT
File type ASCII text, with very long lines (2512)
Hash 99bbe560926e583b8e99036251deb783
8d81b73ae06f664f9d9e53dd5829a799bf434491
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 25752
server: nginx
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 22:54:01 GMT
etag: "655e8689-124fe"
expires: Thu, 07 Dec 2023 08:49:33 GMT
cache-control: max-age=1209600
x-host: blu145.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 70436
x-served-by: cache-sjc10061-SJC, cache-bma1666-BMA
x-cache: HIT, HIT
x-cache-hits: 52, 644
x-timer: S1700799811.636977,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.nwafablab.com/files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1682095294
200 OK 17 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 16560, version 2.6553\012- data
Hash 27958408325380d903e67d87768563b8
d728e699c79072f1c7b9602c771e241b8c04c8a4
83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: font/woff2
Content-Length: 16561
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:03 GMT
x-rgw-object-type: Normal
ETag: "27958408325380d903e67d87768563b8"
x-amz-request-id: tx000000000000001b02168-0062847d23-b9fbc77-sfo1
X-Storage-Bucket: z83f8
X-Storage-Object: 83f8b8932766826c1dd3a228b48f4072586ca09f781d64e2950d9f0e235c00a0
X-Host: grn23.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261011-s067_orig.jpg
200 OK 188 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261011-s067_orig.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1067x800, components 3\012- data
Size 188 kB (188240 bytes)
Hash a4dcc7050615cc88e2d463fbcc8041dc
c9048f6da34742e2e9b6e2c608ef84f923d61fa0
0839a36a88a0bc500c803d4037087eaf33e70d84c6d787a7145f9d20cb6553cb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/a043-08261011-s067_orig.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 188240
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:36:39 GMT
x-rgw-object-type: Normal
ETag: "a4dcc7050615cc88e2d463fbcc8041dc"
x-amz-request-id: tx0000008e663b1779cf096-00655dea15-db1eedd-sfo1
X-Storage-Bucket: z0839
X-Storage-Object: 0839a36a88a0bc500c803d4037087eaf33e70d84c6d787a7145f9d20cb6553cb
X-Host: blu78.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/files/theme/fonts/7377dbe6-f11a-4a05-b33c-bc8ce1f60f84.woff2?1682095294
200 OK 19 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/7377dbe6-f11a-4a05-b33c-bc8ce1f60f84.woff2?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 18964, version 2.6553\012- data
Hash 03eed84923bfc319da88de04298fa495
9b4e82ce10dc1ae528d53e22045df8610e5f3dcc
0f7cae04d4ab4ba9c1bceb2a59ab9dcd925103f186c6c430cf5d9ab032c18128
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/7377dbe6-f11a-4a05-b33c-bc8ce1f60f84.woff2?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: font/woff2
Content-Length: 18965
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:13 GMT
x-rgw-object-type: Normal
ETag: "03eed84923bfc319da88de04298fa495"
x-amz-request-id: tx000000000000001ac6203-00628479bb-b9fbc77-sfo1
X-Storage-Bucket: z0f7c
X-Storage-Object: 0f7cae04d4ab4ba9c1bceb2a59ab9dcd925103f186c6c430cf5d9ab032c18128
X-Host: blu62.sf2p.intern.weebly.net
Accept-Ranges: bytes
widgetic.com/wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=d027bcc5-b7f0-494f-8739-f4a5abfe09ec&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale=
301 Moved Permanently 4.3 kB URL GET HTTP/2 widgetic.com/wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=d027bcc5-b7f0-494f-8739-f4a5abfe09ec&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale=
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
Hash 9b432a743ede25627655bff84cec6863
fae557aff106f7baa138f4812d69ba549c930afd
06792e6c00a9f350d36e589786baf823bf6eb9bcd9c8deeaebaf07a0278b2614
GET /wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=d027bcc5-b7f0-494f-8739-f4a5abfe09ec&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale= HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 24 Nov 2023 04:23:30 GMT
content-type: text/html; charset=utf-8
location: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
x-powered-by: Express
cache-control: private, no-cache
vary: Accept
x-varnish: 842237892
age: 0
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9aXlMs4MV3%2BOFSBv1WytnrbPIW52yEWaYzreTsxkOtXhfGFMjx1v5egz%2BZH7LTsVkdVEycvKAwenJEwSiXgUUk82EKBkQzZX4JyQZLYtMRQuDA4zfMa6bebXKxtwWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee07fda40712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
widgetic.com/wbl/js/sdk.js
200 OK 29 kB URL GET HTTP/2 widgetic.com/wbl/js/sdk.js
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type gzip compressed data, from Unix\012- data
Hash 0cb706523546a7b8c755117d8933ee39
c21fb6f208aec130307c5f02d547207085a2ff71
26a881e0b5ec7e201250cc9967aed32341ac5f556dcecd889da887f5c07d4983
GET /wbl/js/sdk.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 24 Nov 2023 04:23:30 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: Express
cache-control: public, max-age=86400
last-modified: Thu, 25 Aug 2022 13:08:46 GMT
etag: W/"9ba3-206806219"
content-encoding: gzip
x-varnish: 777258457
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 4512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV7E6aCOYZgmgAgVcQY7PRIlqiSsYDtKGk%2FJypgslXNASm0aAB%2FiwxjSVPCahriocSzcWZ6n0BoPLJeRcyL75dFYo0UY02uUajPYO1oJo2yJpcBdvpAsSBEbzKdEV%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee07faa2e712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
widgetic.com/wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=4ced53d0-d501-4013-9d6e-2c0ff986c2ea&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale=
301 Moved Permanently 19 kB URL GET HTTP/2 widgetic.com/wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=4ced53d0-d501-4013-9d6e-2c0ff986c2ea&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale=
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
Hash 79d722a44581c2a1a4d2759e8a36e567
417551dfd5253f77ff8bd2ec56ebd58354f6b2e3
df8eb759341d96aa428d988fae2ecf505bf2463d37ee57f74084aa00b083058a
GET /wbl/app/569a2f1cecb2a1be6a8b4568?wbl[wid]=4ced53d0-d501-4013-9d6e-2c0ff986c2ea&wbl[uid]=126161596&wbl[sid]=350605246384824091&prod&autoscale= HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 24 Nov 2023 04:23:30 GMT
content-type: text/html; charset=utf-8
location: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
x-powered-by: Express
cache-control: private, no-cache
vary: Accept
x-varnish: 842204713
age: 0
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIJj6a65RJirmzNM40DnfV4mNGZaCeZOkmwfKe4OfCHHopqdrz9SLX7SVEJD9hvCSIeSnIAd8C1b1Xclh4Nx%2F0ndY2Zp2IBEGgOT86oBwEardU31RDD5fOGvI2Y2BN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee07fba36712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
widgetic.com/bundles/blogvioapp/js/editor/control.js
200 OK 3.9 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/control.js
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (11470), with no line terminators
Hash 88cfd1889cff461c77c571669dc79a7b
edf16bf792f4742f1f905f135a8ebeff443a3419
9f95e234907d6a21b8b3768caca177f7b4003689bdd974f1ec7c16ea96cee6c0
GET /bundles/blogvioapp/js/editor/control.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:30 GMT
content-type: application/javascript
content-length: 3870
last-modified: Thu, 27 Jan 2022 16:03:46 GMT
vary: Accept-Encoding
etag: W/"61f2c262-2cce"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 41598449
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 55966
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUMcUUfAgD5Iu868rCsktgU8NbfXMHqZB5AP2BsHqr8pzqpG8vdla4ZYeYie6SwNrXdTGeC4HGrpDljIlUDt%2FrpWLdHw1eReics9kHHxln9prfjICXCwCtgjUS%2FxC1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee0826f285688-OSL
alt-svc: h3=":443"; ma=86400
cdn.jsdelivr.net/npm/@widgetic/sdk/lib/sdk.js
200 OK 17 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/@widgetic/sdk/lib/sdk.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type ASCII text, with very long lines (50046), with no line terminators
Hash 2faa5a95a8b3de397801b714f56f2676
4347578cb4530c7c5515c4823f1c55de49ca3347
a8d94874a66894f07f2a9e37b4bf6b6ecf9b0632b637105030b32bcdc40285a7
GET /npm/@widgetic/sdk/lib/sdk.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.7.10
x-jsd-version-type: version
etag: W/"c37e-Q0dXjLRTDHxVFcSCPxxV3knKM0c"
content-encoding: br
accept-ranges: bytes
date: Fri, 24 Nov 2023 04:23:30 GMT
age: 6903
x-served-by: cache-fra-etou8220071-FRA, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16573
X-Firefox-Spdy: h2
widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
200 OK 18 kB URL GET HTTP/3 widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (48300)
Hash 379ea60c27b2d8a0f17c3758b2d3966c
1e68a3744fbb940efe7c180314d40fec7ae85043
13f04ec1dd7fb4c9dfde5ca75099841920cb10bd8bd453bb5c4051087f187099
GET /api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nwafablab.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3600, public
xkey: composition:61c3942aecb2a1f3688b4567 widget:569a2f1cecb2a1be6a8b4568 user:5f3c4c5fecb2a180518b4567
x-varnish: 842204718 841942405
via: 1.1 varnish-v4
x-cache: HIT
x-cache-hits: 5
age: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aV40ZP8d%2Fnz%2BCKx%2FP2oW87M62lvF1KbEkU5WDMHzpHlRhVNM2ZYmNBExUlpmGow5pCl%2BS1q%2FcUvdYS3qs38B75Nhe5HZKYxhxvUG%2FiDKbOnQoQFCK00FwG4AxR%2BhkHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee080aeb15688-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
widgetic.com/bundles/blogvioapp/css/embed.css
200 OK 617 B URL GET HTTP/3 widgetic.com/bundles/blogvioapp/css/embed.css
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (470)
Hash a53aa581e78d48e6b64f8f9a04629e8d
0c17afea09da2ec5dbcc1ba2442fc374f39ee8fb
c420c2545efebcdcedd9fd7e48fe093a8c888f6726710197c0f1adff13b39cf0
GET /bundles/blogvioapp/css/embed.css HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: text/css
content-length: 617
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
vary: Accept-Encoding
etag: W/"6172b498-620"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 551295169
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 75369
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PF4OJ%2BfwNd%2BvsHQvMd7zll3ojnzyZrmtNORMfDWNPn5vP6st6Br7UIuOTJMp4JFOhynYN1dk9%2FgARtGce%2BhCD5gTFikTPf8l8C6pmxdm%2BIWUHJEkXWOx%2BSKTSFm48U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee082bf415688-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.css
200 OK 2.7 kB URL GET HTTP/3 widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.css
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (13143), with no line terminators
Hash 947a4b12b3fca661afef3e44c7076ae1
7e30bffdf2ccf3ecee15c4787ea2a8994d4c85c7
d6de7adbfb28a25ee204443f6a29ef5406467fd5a2b4fd81291ee70e91a92fa6
GET /widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.css HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: text/css
content-length: 2740
last-modified: Tue, 15 Aug 2023 14:09:50 GMT
vary: Accept-Encoding
etag: W/"64db872e-3357"
cache-control: public, max-age=31536000
pragma: public
content-encoding: gzip
x-varnish: 703732948
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 73340
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v%2BTH032PUprlAa8eSURWHHh2SYhVuYUIys96P%2F0uIB5K5wtjqahy6VJi55IZSoDN6bYBjUgU2MSUciirVL6N7nTifHMSumSzFbGJoQU4ag2vqiD5UvzT4ORZ%2BFd3LQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee082bf425688-OSL
alt-svc: h3=":443"; ma=86400
www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261017-s087.jpg?1640191133
200 OK 69 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261017-s087.jpg?1640191133
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1065x602, components 3\012- data
Hash 89279c8f2b7f7b6e09b65d4f92041082
ecf6233b0d66bd5cb23b60ccc39b70028ee448b9
fc9e88e8289584c28ae264e11b56c67289a63e82be4f31c009901ee066c74cb3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/a043-08261017-s087.jpg?1640191133 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 68916
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:38:53 GMT
x-rgw-object-type: Normal
ETag: "89279c8f2b7f7b6e09b65d4f92041082"
x-amz-request-id: tx000001ec64a6add66a525-00655affa3-db1eedd-sfo1
X-Storage-Bucket: zfc9e
X-Storage-Object: fc9e88e8289584c28ae264e11b56c67289a63e82be4f31c009901ee066c74cb3
X-Host: grn143.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1682095294
200 OK 19 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format (Version 2), TrueType, length 18760, version 2.6553\012- data
Hash 88f6742055e6eecac07f296cbd45214b
621e90fee4799ffa9e7cd33f089bc8d79590ce28
663f4c799beff8f8dfa2ac950ce27ed4fcf8acc11ac5ec04f2bc6574a304730e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/627fbb5a-3bae-4cd9-b617-2f923e29d55e.woff2?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: font/woff2
Content-Length: 18761
Connection: keep-alive
Last-Modified: Fri, 30 Aug 2019 08:25:04 GMT
x-rgw-object-type: Normal
ETag: "88f6742055e6eecac07f296cbd45214b"
x-amz-request-id: tx000000000000001ba4695-0062847e79-b9fbc63-sfo1
X-Storage-Bucket: z663f
X-Storage-Object: 663f4c799beff8f8dfa2ac950ce27ed4fcf8acc11ac5ec04f2bc6574a304730e
X-Host: blu70.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261017-s094_orig.jpg
200 OK 149 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261017-s094_orig.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1066x800, components 3\012- data
Size 149 kB (148744 bytes)
Hash ecbc092a2c28a5877e567961a5a8adac
2c69f2d8c2cd59c32bb9196f57ca31f75d8b7263
3f2c62298c363e7f968f1e0a2caf390654ecfcadbc528caf541a757c407a7d9b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/a043-08261017-s094_orig.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 148744
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:39:18 GMT
x-rgw-object-type: Normal
ETag: "ecbc092a2c28a5877e567961a5a8adac"
x-amz-request-id: tx00000156a17d67addff1e-0065602542-db1c67d-sfo1
X-Storage-Bucket: z3f2c
X-Storage-Object: 3f2c62298c363e7f968f1e0a2caf390654ecfcadbc528caf541a757c407a7d9b
X-Host: grn132.sf2p.intern.weebly.net
Accept-Ranges: bytes
widgetic.com/bundles/blogvioapp/js/require.js
200 OK 759 B URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/require.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
Hash 37196e8f5be9697d075e1a9f165c10ac
0b054c96a334c0020126ce92a280a5712f04671f
a81551f948932bc38d1b9d329a865d6050adf2da9dae6ec60395c51c6af06054
GET /bundles/blogvioapp/js/require.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
content-length: 759
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
vary: Accept-Encoding
etag: W/"6172b498-825"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 548580752
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 78248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1BWi8aTt0CEvNoeX33kp05iCVuuYbt8YRUuvdceErQhE3pcAU%2Fj0ABXcOUKmYmOeBXUPrFtScipbvG29AuywZ97Mh3AFUI5CT7ynskEb0LnLSTxdXivPK37hZU%2BJwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee082ff5d5688-OSL
alt-svc: h3=":443"; ma=86400
www.nwafablab.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
200 OK 348 B URL POST HTTP/1.1 www.nwafablab.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.nwafablab.com
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 24 Nov 2023 04:23:30 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn75.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261013-s075.jpg?1640191249
200 OK 65 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261013-s075.jpg?1640191249
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 939x530, components 3\012- data
Hash 5fcc5c277aabf5c65e038d6d007d5cf3
2db6417ce8dfdeeebc7122eccf2e5d21018d341d
bcf864066b8f5b3d3ef490171f2315416c3922f3bfe2566f39ef00f2941e1a90
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/a043-08261013-s075.jpg?1640191249 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: image/jpeg
Content-Length: 65412
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:40:49 GMT
x-rgw-object-type: Normal
ETag: "5fcc5c277aabf5c65e038d6d007d5cf3"
x-amz-request-id: tx00000200a10cd6982666a-00655df229-db1a132-sfo1
X-Storage-Bucket: zbcf8
X-Storage-Object: bcf864066b8f5b3d3ef490171f2315416c3922f3bfe2566f39ef00f2941e1a90
X-Host: blu82.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1682095294
200 OK 21 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format, TrueType, length 20709, version 1.0\012- data
Hash 9df5efadcd24b83511f3c339178210d8
74f67081083ebd94979f50e681df20bfbdc4cd8d
0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/1e9892c0-6927-4412-9874-1b82801ba47a.woff?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:30 GMT
Content-Type: font/woff
Content-Length: 20710
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "9df5efadcd24b83511f3c339178210d8"
x-amz-request-id: tx000000000000001cd47f1-0062849ad1-b9fbc77-sfo1
X-Storage-Bucket: z0d88
X-Storage-Object: 0d887fc553f2b9a6488c8bbdeb38d0e70e2da58d5bb34161d32f683af096fdb8
X-Host: blu70.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/published/fablab-cmyk.png?1630443210
200 OK 10 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/fablab-cmyk.png?1630443210
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type PNG image data, 106 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 27f8d0b8754be456dad797e26fc0cbf7
394d793ef5b93d9d5f548f2e979684b345d3433f
be0a201d3e350c091307131f7df8b0d9b7409eb16df1c64ce5611bc73687f220
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/fablab-cmyk.png?1630443210 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: image/png
Content-Length: 10385
Connection: keep-alive
Last-Modified: Tue, 31 Aug 2021 20:53:03 GMT
x-rgw-object-type: Normal
ETag: "27f8d0b8754be456dad797e26fc0cbf7"
x-amz-request-id: tx00000995339346856cf7d-0065571ca7-db1a132-sfo1
X-Storage-Bucket: zbe0a
X-Storage-Object: be0a201d3e350c091307131f7df8b0d9b7409eb16df1c64ce5611bc73687f220
X-Host: blu152.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/editor/3d-printer-icon.png?1633547919
200 OK 2.9 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/editor/3d-printer-icon.png?1633547919
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type PNG image data, 128 x 116, 8-bit gray+alpha, non-interlaced\012- data
Hash 3824d64862bbc256f2301bafe65f3c61
2d68f6a44f86ddcd25488b9bf493fd88eef01a86
6c1ec9a8e2ed5d6b6fb60a3127c8213819c6ab75c52f364be4197f31c2da0bf4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/editor/3d-printer-icon.png?1633547919 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: image/png
Content-Length: 2882
Connection: keep-alive
Last-Modified: Wed, 06 Oct 2021 19:18:39 GMT
x-rgw-object-type: Normal
ETag: "3824d64862bbc256f2301bafe65f3c61"
x-amz-request-id: tx00000ff74fdd235b7ee84-00655df229-db1c716-sfo1
X-Storage-Bucket: z6c1e
X-Storage-Object: 6c1ec9a8e2ed5d6b6fb60a3127c8213819c6ab75c52f364be4197f31c2da0bf4
X-Host: grn139.sf2p.intern.weebly.net
Accept-Ranges: bytes
calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
200 OK 2.1 kB URL GET HTTP/2 calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
IP
Requested by https://www.nwafablab.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type gzip compressed data, max compression\012- data
Hash 524bc8df6dce6d0dd38dd3570d80a2d0
fb63d1c3d70665b360d142b8f193046ec675fa33
3806b3287b375a87660dcad210470bc29f843cd0bd11165d929d505ab4aebf2e
GET /calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Nov 2023 04:23:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="calendar_coop_coep"
report-to: {"group":"calendar_coop_coep","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar"}]}
content-security-policy: script-src 'nonce-GZ8rBge5vaS6337B-Q1bQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /calendar/cspreport, require-trusted-types-for 'script';report-uri /calendar/cspreport, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/f44fc88452a55a38b73bfc72464aab5c/mr
cross-origin-embedder-policy-report-only: require-corp; report-to="calendar_coop_coep"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=KjddDT1naohJZdtUZD9jgGjBx8JuBlQTAslMsLypUs03zT9cSQzzoTl82IH4tHXr_BvnFmhWSXXeRxeleYqenbXliz1w0MlD8UIkXfSQBkD8Tz80HQme7wmtWriK5_dki1WWXKYOUUxRYQyaTDm7KSStQopqoCzin7H68RFtfv0; expires=Sat, 25-May-2024 04:23:30 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
calendar.google.com/calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w
200 OK 5.2 kB URL GET HTTP/3 calendar.google.com/calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (21536), with no line terminators
Hash 474e2ee2e31d48909dde784f1d861281
2e1b857a6a1c146d8699cf664b4d6dc804fccba9
c35f53b17b601b918d0cf6256e47f85a12b5507ba507af2cee842f0285e9334e
GET /calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 5163
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:36:52 GMT
expires: Fri, 22 Nov 2024 23:36:52 GMT
cache-control: public, max-age=31536000
age: 17199
last-modified: Wed, 02 Aug 2023 09:00:56 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
calendar.google.com/calendar/_/web/calendar-static/_/js/k=calendar-web.embed.no.2xhGu8hrrks.2020.O/am=CAM/d=1/rs=ABFko3_RqK7gXmpUymPem5JRntGfG1Lm2A/m=embed
200 OK 79 kB URL GET HTTP/3 calendar.google.com/calendar/_/web/calendar-static/_/js/k=calendar-web.embed.no.2xhGu8hrrks.2020.O/am=CAM/d=1/rs=ABFko3_RqK7gXmpUymPem5JRntGfG1Lm2A/m=embed
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (2360)
Hash 8719b55e2c0c2dba096a95fdf3aeeaee
8dd28132ac8fd0ca2de1f92f9128ae93eda6e8ff
61771fdae60d7daa8a4567bf91c2fb30b189ce9468fad6dcab2ce1a06e212f8c
GET /calendar/_/web/calendar-static/_/js/k=calendar-web.embed.no.2xhGu8hrrks.2020.O/am=CAM/d=1/rs=ABFko3_RqK7gXmpUymPem5JRntGfG1Lm2A/m=embed HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 78553
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Nov 2023 08:56:59 GMT
expires: Sat, 16 Nov 2024 08:56:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 15 Nov 2023 22:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 588392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widgetic.com/bundles/blogvioapp/js/spine.js
200 OK 8.5 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/spine.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (32011)
Hash 92044c43ac304e3d9f7e335d238a0a65
074c7e2f5396e19b3456c0b757bc1fbc7bb76276
ec55a4bf94cf9d4245ea503b57dc7fdd599f25cb0031d0387d4bc44117138c6d
GET /bundles/blogvioapp/js/spine.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
content-length: 8487
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
vary: Accept-Encoding
etag: W/"6172b498-8108"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 549069545
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 1194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzJt497qC3%2BFvj4tFl%2Bxll4sUmjYrpD9t9SAUC%2Bg%2F9OIrGqX5V8OKuEjMaWwbGLiBX3bAJCtpZqBTa7v5ahuSwSaMv0iU4Poaxal3haAUqhzVem86oTn3rqvM9%2FBM%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee084afd85688-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/bundles/blogvioapp/js/spine.js
200 OK 8.5 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/spine.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (32011)
Hash 92044c43ac304e3d9f7e335d238a0a65
074c7e2f5396e19b3456c0b757bc1fbc7bb76276
ec55a4bf94cf9d4245ea503b57dc7fdd599f25cb0031d0387d4bc44117138c6d
GET /bundles/blogvioapp/js/spine.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
content-length: 8487
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
vary: Accept-Encoding
etag: W/"6172b498-8108"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 549069545
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 1194
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJytSkVIQSoN%2Fj4u%2FVdclJCyxv1e0kXXeUdxFL1MaWvR37wfZ1%2BWHlUpfEYNX8VAJdJpMQ7ELaDekGw9xTuXUWVNSK9Gh8U12TpPtJEdF74GpXdd37KOp2T0P2bFat8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee084afd95688-OSL
alt-svc: h3=":443"; ma=86400
apis.google.com/js/client.js?onload=clientLibraryLoaded
200 OK 7.1 kB URL GET HTTP/2 apis.google.com/js/client.js?onload=clientLibraryLoaded
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint06:87:C0:63:02:21:98:02:BD:FC:A0:11:93:E9:3A:9F:51:21:06:D8
ValidityMon, 23 Oct 2023 11:25:10 GMT - Mon, 15 Jan 2024 11:25:09 GMT
File type ASCII text, with very long lines (2056)
Hash ae5cf43700c6d0049af967a7fd159c9c
71e327500845915949540f11d79abb5c73b74819
695b817d50088a8bc5b443aff5ed9a17c49e295472a395f53498068440312555
GET /js/client.js?onload=clientLibraryLoaded HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 7120
date: Fri, 24 Nov 2023 04:23:31 GMT
expires: Fri, 24 Nov 2023 04:23:31 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "b4ba011a4b830671"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=mGA_gq85bmNXvwVi2_qR7VHggfcb5_Jk83muQZEydJ8emSu7hUJlYXob3l-esFhxfTY_r5XP7ZvSyz3pNMR8TcL1RbGi7G9Eq9zkmrNlkUDSYzks5Cek0vXhfK2UE0eHaXz8NXC_FrN21jozmgykJFtK7QF2wWPnt6T9W2SPJPw; expires=Sat, 25-May-2024 04:23:31 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.nwafablab.com/files/theme/fonts/92b66dbd-4201-4ac2-a605-4d4ffc8705cc.woff?1682095294
200 OK 25 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/92b66dbd-4201-4ac2-a605-4d4ffc8705cc.woff?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format, TrueType, length 25168, version 1.0\012- data
Hash 2f4c2c07910a4f4c70e95bbb7859f28e
1e95b73f1e87373b532928dd4a298a904ee440e9
f78c119c0807a2140e669a0e114ae2addcd782c948c91c25639e6eccfa6d08af
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/92b66dbd-4201-4ac2-a605-4d4ffc8705cc.woff?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: font/woff
Content-Length: 25169
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:44 GMT
x-rgw-object-type: Normal
ETag: "2f4c2c07910a4f4c70e95bbb7859f28e"
x-amz-request-id: tx000000000000000107325-0064174759-d860bdd-sfo1
X-Storage-Bucket: zf78c
X-Storage-Object: f78c119c0807a2140e669a0e114ae2addcd782c948c91c25639e6eccfa6d08af
X-Host: grn142.sf2p.intern.weebly.net
Accept-Ranges: bytes
widgetic.com/bundles/blogvioapp/js/editor/core.js
200 OK 6.0 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/core.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (21604), with no line terminators
Hash ce01d14505f17d6f0c83e0ee7e648d56
f2bc9e0ea4c8ee8051ca55303d57ed3149bcb993
320242e458ff727cf119b25be7eed579317dad053ffe30beb9ca473f9c2eaf8f
GET /bundles/blogvioapp/js/editor/core.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
content-length: 5959
last-modified: Thu, 27 May 2021 10:10:28 GMT
vary: Accept-Encoding
etag: W/"60af7014-5464"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 700912254
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 48090
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NgQSclsrNYC15dheBUNR4owsjqiYqecCNRXGn4h43npIrrY%2Fmdggwc5JBUnwa9esA1b5TOkNMVrqsk2E1NQQrQtQFpI3nqCBxxtq4fdQ6jRwbkhxfThtsGW840qt5E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee084eff35688-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/bundles/blogvioapp/js/editor/core.js
200 OK 6.0 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/core.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (21604), with no line terminators
Hash ce01d14505f17d6f0c83e0ee7e648d56
f2bc9e0ea4c8ee8051ca55303d57ed3149bcb993
320242e458ff727cf119b25be7eed579317dad053ffe30beb9ca473f9c2eaf8f
GET /bundles/blogvioapp/js/editor/core.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
content-length: 5959
last-modified: Thu, 27 May 2021 10:10:28 GMT
vary: Accept-Encoding
etag: W/"60af7014-5464"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 700912254
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 48090
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LBIsf9saQVAXMb0ZilvTwOW8TntxQScFAiCPVFEzphdK63BGlKI6%2BOCi5wEoJXKwyOH87pwc28PHbmwIvEnH%2BSWIW03uUE3FLZR3%2BNtKzpwyIgIScXrggM1t5kphZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee084eff85688-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js
200 OK 57 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type gzip compressed data, from Unix\012- data
Hash dbd80b7273892a3ba7e41965c614058f
0c8cddeb9d46c25e4487d82a39b7eeb183b1531c
241dab21f704ea2b5c30672f71cda28ce932729eacba6de847c6b5cad574861a
GET /bundles/blogvioapp/js/editor/core.vendor.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2019 12:56:55 GMT
vary: Accept-Encoding
etag: W/"5dfcc517-16a12"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 548464458
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 9091
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePPxsdg0NoLfNpwOWd%2BFI63Wwm0FGEfR%2B%2BkllQBIuOb5ZwS%2FjXsbRacmQiCzo9%2BY8CLhR5r82R106A9dJZyZRdloa3qV5qjhXOSgUZYHH6xi96sot2pV%2FoR28ujJsW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee082bf3e5688-OSL
alt-svc: h3=":443"; ma=86400
www.nwafablab.com/uploads/1/2/6/1/126161596/published/workshop-01.png?1633547861
200 OK 5.9 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/workshop-01.png?1633547861
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type PNG image data, 119 x 119, 8-bit gray+alpha, non-interlaced\012- data
Hash 6ebba6af9695bdcf822d86215776ce7c
e1529db34a3b29aa59492627365fe89c16c04f60
2e180604f72026e7e04d480759675c2acfa2d9792355f726a9866059dceb9e18
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/workshop-01.png?1633547861 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: image/png
Content-Length: 5869
Connection: keep-alive
Last-Modified: Wed, 06 Oct 2021 19:17:41 GMT
x-rgw-object-type: Normal
ETag: "6ebba6af9695bdcf822d86215776ce7c"
x-amz-request-id: tx000005abcd173d9c44b33-00655c25f6-db1c67d-sfo1
X-Storage-Bucket: z2e18
X-Storage-Object: 2e180604f72026e7e04d480759675c2acfa2d9792355f726a9866059dceb9e18
X-Host: blu17.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/editor/art-01.png?1633547854
200 OK 6.5 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/editor/art-01.png?1633547854
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type PNG image data, 139 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 14d2b1f744f0fde323338a2f1c06f6d6
53b1bfc838213ec3d58d44f8cd1c58d837eebc8f
8fdf7ff6496624029c34e3eb7e6c5b04a6b8221f3e9e048544a591ad21774f5f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/editor/art-01.png?1633547854 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: image/png
Content-Length: 6528
Connection: keep-alive
Last-Modified: Wed, 06 Oct 2021 19:17:34 GMT
x-rgw-object-type: Normal
ETag: "14d2b1f744f0fde323338a2f1c06f6d6"
x-amz-request-id: tx00000bb689b4433b3bcb9-00655de442-db1eedd-sfo1
X-Storage-Bucket: z8fdf
X-Storage-Object: 8fdf7ff6496624029c34e3eb7e6c5b04a6b8221f3e9e048544a591ad21774f5f
X-Host: grn156.sf2p.intern.weebly.net
Accept-Ranges: bytes
files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
200 OK 138 kB URL GET HTTP/3 files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type Unicode text, UTF-8 text, with very long lines (31999), with LF, NEL line terminators
Size 138 kB (138361 bytes)
Hash b6bb5a0c5410548f8d7c808e070b749c
ceca860a39bac72daa951f019a3f041ad975daab
27703f579dd5e45a3c7a01430b2dd2b59793fa08f6ad70ceb053c2be8f427a3f
GET /file/widgetic-uploads/assets/js/core-js.shim.min.js HTTP/1.1
Host: files.widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
x-bz-file-name: assets/js/core-js.shim.min.js
x-bz-file-id: 4_zcab80af2fd0cc5bd57300e14_f104b15177b277c8c_d20180312_m070149_c001_v0001008_t0005
x-bz-content-sha1: ad24cc060a78fcdd30b3924615d701fb54480463
x-bz-upload-timestamp: 1520838109000
x-bz-info-src_last_modified_millis: 1520838005031
cache-control: public, max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Fri, 24 Nov 2023 01:19:43 GMT
cf-cache-status: HIT
age: 6189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Nt579P2dDeb2uRC%2F7RGqJRJdOP7hU6wB%2FQ7%2BqGnLAYNkDzNuPuDDsw4STgL6z7pdMQDLS%2FKwVP%2FWPDuMjus9QlcGZA0sc7%2BbCwfT7HZ4xz11WGibTcYQ8m71kNl%2FAqlfMiZ0is%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82aee082ff5b5688-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
200 OK 5.5 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2220)
Hash 316f3557abf074f917ff1f83d776338d
8fdfb015a94c6ee5a4276e2577665a27ccc8c1f3
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
GET /ajax/libs/webfont/1.6.16/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:54 GMT
expires: Fri, 22 Nov 2024 23:21:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 18097
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
200 OK 5.5 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2220)
Hash 316f3557abf074f917ff1f83d776338d
8fdfb015a94c6ee5a4276e2577665a27ccc8c1f3
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
GET /ajax/libs/webfont/1.6.16/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:54 GMT
expires: Fri, 22 Nov 2024 23:21:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 18097
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js
200 OK 35 kB URL GET HTTP/3 widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (31994)
Hash 05245e11987e5341681e2744b66dee77
858f34a5353198078b25923d64c04eb07ec7e330
bc5dccefeb1a2b58b9a15bc942a6250a465c4c121335f24c91888b28ebbae610
GET /bundles/blogvioapp/js/editor/core.vendor.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2019 12:56:55 GMT
vary: Accept-Encoding
etag: W/"5dfcc517-16a12"
content-encoding: gzip
cache-control: public, max-age=86400
x-varnish: 548464458
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 9092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FR2PSub83Wa9MuKL1Rrus46zE%2BxyUtIv2oy%2F67YqzCiaws4Gi8iUMRj%2B3RUqqREK5Kn%2BRA9KwlwfjlGonVrrcwHrO%2F58mB6YmHhebO%2B%2FwfpnWbbvQxlMC9ep8gmUG8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee082ff5c5688-OSL
alt-svc: h3=":443"; ma=86400
files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
200 OK 28 kB URL GET HTTP/3 files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type gzip compressed data, from Unix\012- data
Hash 4eb0dd1c4fc975368e0e7e5f21fab05d
08230516175695b7e59e0fd0c0eec7a01444e375
824c98c79141e6f2cf423d6e704c527f808fcb23e368775fd1996aa30703dab3
GET /file/widgetic-uploads/assets/js/core-js.shim.min.js HTTP/1.1
Host: files.widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
x-bz-file-name: assets/js/core-js.shim.min.js
x-bz-file-id: 4_zcab80af2fd0cc5bd57300e14_f104b15177b277c8c_d20180312_m070149_c001_v0001008_t0005
x-bz-content-sha1: ad24cc060a78fcdd30b3924615d701fb54480463
x-bz-upload-timestamp: 1520838109000
x-bz-info-src_last_modified_millis: 1520838005031
cache-control: public, max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Fri, 24 Nov 2023 01:19:43 GMT
cf-cache-status: HIT
age: 6189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X3UOFMjjFPfbQsQhjTeBjRZBnVFdyVVyZF3KzeBMe5%2Fj9HNVrm%2BOmQ3PgxAWaRoxW2A%2FM0BUmUULtV1Pnk%2BMdVWYAjPBrZcgS%2Bnol7XpNUAhmo81nb%2FSvu2JCie%2F0sq6jCvHC4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82aee082bf445688-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
calendar.google.com/googlecalendar/images/btn_menu6.gif
200 OK 84 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/btn_menu6.gif
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type GIF image data, version 89a, 15 x 14\012- data
Hash b771dbcc3798d2b77e8f1413f6d06cfe
82b9fe6114481fee01452c671cbef7397e435a5d
9a57b05e8842cbec0a4a757360dd1994fa3f754e925d6f1c4b643a4a0bb75f89
GET /googlecalendar/images/btn_menu6.gif HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 84
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:54:54 GMT
expires: Fri, 22 Nov 2024 04:54:54 GMT
cache-control: public, max-age=31536000
age: 84517
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
calendar.google.com/googlecalendar/images/icon_print.gif
200 OK 118 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/icon_print.gif
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type GIF image data, version 89a, 16 x 16\012- data
Hash 029f3aa4854b8c66db1f31dd62a57d04
eff5d66c01a2d155be2ab4b4517fc8c2bd809063
d104bb2b031ac4243de1598f349115f407ac44057a56619516faa259579e27f1
GET /googlecalendar/images/icon_print.gif HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 118
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:54:12 GMT
expires: Fri, 22 Nov 2024 04:54:12 GMT
cache-control: public, max-age=31536000
age: 84559
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.js
200 OK 99 kB URL GET HTTP/3 widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type gzip compressed data, from Unix\012- data
Hash 0f6ddf1d931147225717566ee2e74087
f2cc806a50df4798d9608e5d133de336115225f5
18dbec6f8613f6ca7750b3021e4231e38e9daed111a904d74b9b82f36414b13e
GET /widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
last-modified: Tue, 15 Aug 2023 14:09:50 GMT
vary: Accept-Encoding
etag: W/"64db872e-44bad"
cache-control: public, max-age=31536000
pragma: public
content-encoding: gzip
x-varnish: 159950937
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 2324265
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TW5mmm58RjaFfL92MiHx2AfiuLy%2Bjqpl1VmA%2FbxDwJubzj5OPOrSEGABMeLgoZDvuvJwFbdotxIPozDsOYysKKKCYRc5n1PXkP9bQ6jJKuAaHWVBGR3OpvrzWXxEQ7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee085983a5688-OSL
alt-svc: h3=":443"; ma=86400
widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed/data
200 OK 2.7 kB URL GET HTTP/3 widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed/data
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type JSON data\012- , ASCII text, with very long lines (12240), with no line terminators
Hash 8a3a90b1977b0cb49721b87c6682dcef
b8de224b23cba1726ec982cbbfbea19ea68d762c
40ef520abb53ef795b5a33b2b0a1aaa7ce0d1b25b7b74f6b072aaaaed420743d
GET /api/v2/compositions/615dd851ecb2a1d2378b4567/embed/data HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgEPUVFVGwEAV1FWAwUH
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/json
content-length: 2727
vary: Accept-Encoding
cache-control: no-cache
xkey: composition:615dd851ecb2a1d2378b4567 widget:569a2f1cecb2a1be6a8b4568 skin:615dd851ecb2a128388b4567 user:5f3c4c5fecb2a180518b4567
x-newrelic-app-data: PxQFVl5TDwUTVlFRBwUDUlQTGhE1AwE2QgNWEVlbQFtcC2VOcAJHCwtYa04HE1FsRlY+BVJFaAULXEZcEQ8XC18MZwdVWlFWbAFYFVBDH1JKBgdRVlMUAx5WUVEFBxtLVR0UAQFQVlMFAQlTDwxRU1BQDUMdB1IOF1Nq
content-encoding: gzip
x-varnish: 841784282 839443464
via: 1.1 varnish-v4
x-cache: HIT
x-cache-hits: 3
age: 0
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlwWbdtkfmC6CHWlMHhatPn4X8as7NJMHqIOxxQF3f%2FStavEhLPXFcWReJuonBSfx%2F5j399fdvK9og%2FpQnCqt%2FpSbUXtusnvMjjO0bBb8e5W7Dr5E%2B3fcKS932POIug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee08598355688-OSL
alt-svc: h3=":443"; ma=86400
calendar.google.com/googlecalendar/images/logo-plus.png
200 OK 90 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/logo-plus.png
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 18 x 18, 8-bit/color RGB, non-interlaced\012- data
Hash 7d59ced973004e150b6f6740d0e031de
930cf1dc938155e7bb7d4953c3fd81cb7854650f
175599178339326734b6c9c9a443754febda1da2ae01b57c2a4636a7118c3d33
GET /googlecalendar/images/logo-plus.png HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 90
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:37:10 GMT
expires: Thu, 21 Nov 2024 21:37:10 GMT
cache-control: public, max-age=31536000
age: 110781
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
calendar.google.com/googlecalendar/images/combined_v22.png
200 OK 5.7 kB URL GET HTTP/3 calendar.google.com/googlecalendar/images/combined_v22.png
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 588 x 180, 8-bit colormap, non-interlaced\012- data
Hash 4d99e214f536b5953c5fc980d6ab1cff
bd7382a44b3ea17ff85dcc4b9fae62a71440ce52
1e0e6addaa9626ff28f1274db498b9733d6665f11706fa4a17c22ed5e9f0b4c2
GET /googlecalendar/images/combined_v22.png HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/_/web/calendar-static/_/ss/k=calendar-web.embed.KRIIAp_bvRE.L.F4.O/am=CAM/d=0/rs=ABFko3-F_G11ucM6QdMHrAckeVU1MXlp0w
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 5674
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:51:13 GMT
expires: Fri, 22 Nov 2024 04:51:13 GMT
cache-control: public, max-age=31536000
age: 84738
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.nwafablab.com/files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1682095294
200 OK 39 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 26 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 98f6dacde86ebbaac7cc62b34a6e54cf
d232a9249b6f39e7d35ce6a555e070987357acc9
65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: font/ttf
Content-Length: 39185
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:44 GMT
x-rgw-object-type: Normal
ETag: "98f6dacde86ebbaac7cc62b34a6e54cf"
x-amz-request-id: tx000000000000001c88022-00628495cd-b9fbc77-sfo1
X-Storage-Bucket: z6503
X-Storage-Object: 65032d5699bf3d4deb4313aa4d1bb8375053ac7e93dfb4bf631ce9261da20c2b
X-Host: blu82.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_46x16dp.png
200 OK 1.1 kB URL GET HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_46x16dp.png
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 46 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash dd45d75f398654ac976fe7e0924732cf
e17f4d34cad5997a42daacc4301747f6deb1aa43
281a4afa0686c5e3b70f560d07fe1e786ca76b3f08fdff69841564ab229e2ab9
GET /images/branding/googlelogo/1x/googlelogo_color_46x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1053
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:52:25 GMT
expires: Thu, 21 Nov 2024 21:52:25 GMT
cache-control: public, max-age=31536000
age: 109866
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.nwafablab.com/uploads/1/2/6/1/126161596/background-images/2027486465.jpg
200 OK 230 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/background-images/2027486465.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1125, components 3\012- data
Size 230 kB (230441 bytes)
Hash 949478c56325998fe97813ec7f01bbc4
ff36ff0636fc92bcd11e326c9c8aaf3c1501f506
f4e91d42970063e853863c9fe2e1b99ff1ef700d052ee1e7bb50f46519947e9b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/background-images/2027486465.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 230441
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:21:35 GMT
x-rgw-object-type: Normal
ETag: "949478c56325998fe97813ec7f01bbc4"
x-amz-request-id: tx00000ec412cc3a4c2bf7b-00655b73a5-db1a132-sfo1
X-Storage-Bucket: zf4e9
X-Storage-Object: f4e91d42970063e853863c9fe2e1b99ff1ef700d052ee1e7bb50f46519947e9b
X-Host: grn49.sf2p.intern.weebly.net
Accept-Ranges: bytes
widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.js
200 OK 99 kB URL GET HTTP/3 widgetic.com/widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.js
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8665944fcf55f5b1a82720e53da099ea
ef417aa4358a51cc0f0e9847395f3e8738fa4a93
9b65df1977f3accbb280daaab5ee17f2b7bdb021d1c2b69342a27dc94030f51c
GET /widgets/569a2f1cecb2a1be6a8b4568/6624188/widget.js HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/javascript
last-modified: Tue, 15 Aug 2023 14:09:50 GMT
vary: Accept-Encoding
etag: W/"64db872e-44bad"
cache-control: public, max-age=31536000
pragma: public
content-encoding: gzip
x-varnish: 159950937
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 2324265
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mzKfafZq5t7LPc8dabzO8sOBR1dP%2BMygX2h8LRXENPe1Rj232nse5bax2EXVAp3XBDOKVErbUkEdiWLwooZcoarfMLaBD1QaulPfw59VlaoY9HXEe99hDQrADXAZy0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee085782f5688-OSL
alt-svc: h3=":443"; ma=86400
apis.google.com/js/googleapis.proxy.js?onload=startup
200 OK 7.1 kB URL GET HTTP/3 apis.google.com/js/googleapis.proxy.js?onload=startup
IP
Requested by https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__#parent=https%3A%2F%2Fcalendar.google.com&rpctoken=667957207
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (2056)
Hash a652c99342a60e6c01af3b070abca897
bfb2432d813541b35134b63606efd3d32c715224
f92e7baf6054ada951110842b4751571b3b16b43e826ff46eb36520f0294f59d
GET /js/googleapis.proxy.js?onload=startup HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clients6.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 7117
date: Fri, 24 Nov 2023 04:23:31 GMT
expires: Fri, 24 Nov 2023 04:23:31 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5f95998ecb7c0577"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=eVOCFL-HtkeSqddOQ_NfAgBBv_936gUWR72pVnGuAKhkp5GFGJ47qqxuNJupaJ6v_NCYR7o9sWvRZs_d7nMrBKdt6aOqdF-LC3SVjgEIGsr4rbosRtokjI2uWIZcFs5LUXRtJIYHtRnKZ_9QYDvux_lppktPw0tk3ukalOtHilI; expires=Sat, 25-May-2024 04:23:31 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.nwafablab.com/files/theme/fonts/18839597-afa8-4f0b-9abb-4a30262d0da8.ttf?1682095294
200 OK 52 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/18839597-afa8-4f0b-9abb-4a30262d0da8.ttf?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 30 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 0e7e6446b2256e0cab1eda85655b253e
db15e8b7df5ee737e4960e0190af1ceaed74d5ac
a4e7a777a8d0e1a06feffaff42f025b9d8d890ca1df6f46d84f5da810109f5c0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/18839597-afa8-4f0b-9abb-4a30262d0da8.ttf?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: font/ttf
Content-Length: 52433
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "0e7e6446b2256e0cab1eda85655b253e"
x-amz-request-id: tx000000000000001b2a07a-006284793b-b9fbc64-sfo1
X-Storage-Bucket: za4e7
X-Storage-Object: a4e7a777a8d0e1a06feffaff42f025b9d8d890ca1df6f46d84f5da810109f5c0
X-Host: blu62.sf2p.intern.weebly.net
Accept-Ranges: bytes
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
200 OK 28 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
IP
Requested by https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__#parent=https%3A%2F%2Fcalendar.google.com&rpctoken=667957207
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with very long lines (2488)
Hash 60180c173e50ce443166055d3df2dee7
300b49ba9dd3ebd6654a3b9567cb673a1cc0e8a4
84b4d9bd7d1de7f01972743862afa12b6899d2015e89eebfb7cac12232611e5f
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clients6.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 27742
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:48:47 GMT
expires: Thu, 21 Nov 2024 21:48:47 GMT
cache-control: public, max-age=31536000
age: 110084
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.nwafablab.com/files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1682095294
200 OK 52 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 30 names, Macintosh, Copyright \251 2004 - 2007 Linotype GmbH, www.linotype.com. All rights reserved. This font softw\012- data
Hash 53427fd099b7a52f111705d7c7558f14
c2da00f48ed2d059802433cad18062cbe1a9f0d1
56e2dd12548082d7acc7cc3762be313b6d43809588e973cf9338f513159904b5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: font/ttf
Content-Length: 51501
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "53427fd099b7a52f111705d7c7558f14"
x-amz-request-id: tx000000000000001b9c3bd-0062847cb7-b9fbc29-sfo1
X-Storage-Bucket: z56e2
X-Storage-Object: 56e2dd12548082d7acc7cc3762be313b6d43809588e973cf9338f513159904b5
X-Host: blu155.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261012-s071-edit_orig.jpg
200 OK 66 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261012-s071-edit_orig.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x800, components 3\012- data
Hash ea98385d9fa7b36f069e66dc587aad53
d3b1d57b9f982beccde735922a602f8591953891
5e78494784ed76e0d29ad35036675500aeeb5c5da11d514f46193cc175b94738
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/a043-08261012-s071-edit_orig.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 65787
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:51:01 GMT
x-rgw-object-type: Normal
ETag: "ea98385d9fa7b36f069e66dc587aad53"
x-amz-request-id: tx000001696996518075f03-00655dea36-db1eedd-sfo1
X-Storage-Bucket: z5e78
X-Storage-Object: 5e78494784ed76e0d29ad35036675500aeeb5c5da11d514f46193cc175b94738
X-Host: grn139.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261011-s069.jpg?1640191220
200 OK 91 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/published/a043-08261011-s069.jpg?1640191220
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1065x602, components 3\012- data
Hash 40ccb13dfa7fdf2a5eb97a7cca1a5928
d9830ac34c4bc3f0d111e65f6f0e8f3077989114
66fd90807522633cbfbfb28c4b7057d4beee14979dab6bf99c718713ea9b07eb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/published/a043-08261011-s069.jpg?1640191220 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 91398
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:40:20 GMT
x-rgw-object-type: Normal
ETag: "40ccb13dfa7fdf2a5eb97a7cca1a5928"
x-amz-request-id: tx00000425f121a55bfd430-0065601b5a-db1a051-sfo1
X-Storage-Bucket: z66fd
X-Storage-Object: 66fd90807522633cbfbfb28c4b7057d4beee14979dab6bf99c718713ea9b07eb
X-Host: grn143.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261012-s072-edit_orig.jpg
200 OK 51 kB URL GET HTTP/1.1 www.nwafablab.com/uploads/1/2/6/1/126161596/a043-08261012-s072-edit_orig.jpg
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3\012- data
Hash cd9daf41d8a8d4ffeae2bfc2836a9903
5f3585c2d1e6482af459be3f35a868875633e4f7
825c5e7868237cafb9da01417bee9aff5187ebb03694559f8eb11132fbbe03e8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /uploads/1/2/6/1/126161596/a043-08261012-s072-edit_orig.jpg HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: image/jpeg
Content-Length: 51204
Connection: keep-alive
Last-Modified: Wed, 22 Dec 2021 16:35:55 GMT
x-rgw-object-type: Normal
ETag: "cd9daf41d8a8d4ffeae2bfc2836a9903"
x-amz-request-id: tx000007fa58b7d1c3d55f4-00655dea16-db1a132-sfo1
X-Storage-Bucket: z825c
X-Storage-Object: 825c5e7868237cafb9da01417bee9aff5187ebb03694559f8eb11132fbbe03e8
X-Host: grn78.sf2p.intern.weebly.net
Accept-Ranges: bytes
clients6.google.com/calendar/v3/calendars/15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09@group.calendar.google.com/events?calendarId=15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09%40group.calendar.google.com&singleEvents=true&timeZone=America%2FChicago&maxAttendees=1&maxResults=250&sanitizeHtml=true&timeMin=2023-10-29T00%3A00%3A00-06%3A00&timeMax=2023-12-03T00%3A00%3A00-06%3A00&key=AIzaSyBNlYH01_9Hc5S1J9vuFmu2nUqBZJNAXxs
200 OK 1.4 kB URL GET HTTP/3 clients6.google.com/calendar/v3/calendars/15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09@group.calendar.google.com/events?calendarId=15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09%40group.calendar.google.com&singleEvents=true&timeZone=America%2FChicago&maxAttendees=1&maxResults=250&sanitizeHtml=true&timeMin=2023-10-29T00%3A00%3A00-06%3A00&timeMax=2023-12-03T00%3A00%3A00-06%3A00&key=AIzaSyBNlYH01_9Hc5S1J9vuFmu2nUqBZJNAXxs
IP
Requested by https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__#parent=https%3A%2F%2Fcalendar.google.com&rpctoken=667957207
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JSON data\012- , ASCII text
Hash 1eeeaa9d818bb9a5385c13697f82229c
163f9fb9a7fc25ac709991b028d0721606ac2f30
51aa3a89c75607ffcdb8957d3d5178316d43369ec169e7191fd5bd3da84dff35
GET /calendar/v3/calendars/15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09@group.calendar.google.com/events?calendarId=15dfa5d7fca09992f053a55b9a3cdbac0c6dd682057c6f380f20a069fffd0f09%40group.calendar.google.com&singleEvents=true&timeZone=America%2FChicago&maxAttendees=1&maxResults=250&sanitizeHtml=true&timeMin=2023-10-29T00%3A00%3A00-06%3A00&timeMax=2023-12-03T00%3A00%3A00-06%3A00&key=AIzaSyBNlYH01_9Hc5S1J9vuFmu2nUqBZJNAXxs HTTP/1.1
Host: clients6.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-ClientDetails: appVersion=5.0%20(X11)&platform=Linux%20x86_64&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0
X-Requested-With: XMLHttpRequest
X-JavaScript-User-Agent: google-api-javascript-client/1.1.0
X-Origin: https://calendar.google.com
X-Referer: https://calendar.google.com
X-Goog-Encode-Response-If-Executable: base64
DNT: 1
Connection: keep-alive
Referer: https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
cache-control: private, max-age=0, must-revalidate, no-transform
content-length: 1427
date: Fri, 24 Nov 2023 04:23:32 GMT
expires: Fri, 24 Nov 2023 04:23:32 GMT
vary: Origin, X-Origin, Referer
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.nwafablab.com/favicon.ico
200 OK 4.3 kB URL GET HTTP/1.1 www.nwafablab.com/favicon.ico
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:32 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000001ac862e-0062847767-b9fbc20-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: grn156.sf2p.intern.weebly.net
Accept-Ranges: bytes
calendar.google.com/googlecalendar/images/blank.gif
200 OK 43 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/blank.gif
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /googlecalendar/images/blank.gif HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 43
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:01:36 GMT
expires: Fri, 22 Nov 2024 05:01:36 GMT
cache-control: public, max-age=31536000
age: 84115
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
200 OK 382 B URL GET HTTP/2 clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (407), with no line terminators
Hash 26fc8a14bae020e68f88850a0ffc0df8
55f82c645a3179ec364735a00924b980db3f2647
6ecb51b525d4cad3890bde784bbe35a15883081180088691b07c62eb9a791c31
GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AOzoyjtjrhQ.O%2Fd%3D1%2Frs%3DAHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA%2Fm%3D__features__ HTTP/1.1
Host: clients6.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy: script-src 'nonce-qZaUVWSgpMiLnmHmgLYE1g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/apiserving; base-uri 'none', require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apiserving
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apiserving"
report-to: {"group":"apiserving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apiserving"}]}
content-length: 272
date: Fri, 24 Nov 2023 04:23:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp; report-to="apiserving"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
calendar.google.com/googlecalendar/images/menu_arrow_open.gif
200 OK 60 B URL GET HTTP/3 calendar.google.com/googlecalendar/images/menu_arrow_open.gif
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type GIF image data, version 89a, 9 x 9\012- data
Hash e917d93dd863553a3226afd51b4353e6
54d9537a8ea70eb087d7ee7f8b1793b57ea86984
4c6f81132971a9402921578bb989be686920c2e6e725738641f8edd352086a57
GET /googlecalendar/images/menu_arrow_open.gif HTTP/1.1
Host: calendar.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/calendar-dev
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="calendar-dev"
report-to: {"group":"calendar-dev","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/calendar-dev"}]}
content-length: 60
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:05:34 GMT
expires: Fri, 22 Nov 2024 05:05:34 GMT
cache-control: public, max-age=31536000
age: 83877
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.nwafablab.com/files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1682095294
200 OK 25 kB URL GET HTTP/1.1 www.nwafablab.com/files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1682095294
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwww.nwafablab.com
Fingerprint1E:40:FD:CE:52:00:0D:0C:8D:7D:11:AB:B3:C2:8A:CC:1A:A0:73:5A
ValiditySat, 28 Oct 2023 15:11:23 GMT - Fri, 26 Jan 2024 15:11:22 GMT
File type Web Open Font Format, TrueType, length 24865, version 1.0\012- data
Hash 0f12c575e08f164252dbddaf87f03c35
46c9ee5775217080e1e40f2b8aae84157ef44d47
e0bc8743cf211c699ebb439c59780abf7b40b543b28bd198f6f355bb109a7424
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /files/theme/fonts/f26faddb-86cc-4477-a253-1e1287684336.woff?1682095294 HTTP/1.1
Host: www.nwafablab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.nwafablab.com/files/main_style.css?1682095294
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 24 Nov 2023 04:23:31 GMT
Content-Type: font/woff
Content-Length: 24866
Connection: keep-alive
Last-Modified: Wed, 11 Dec 2019 02:22:43 GMT
x-rgw-object-type: Normal
ETag: "0f12c575e08f164252dbddaf87f03c35"
x-amz-request-id: tx000000000000001af0098-0062847c15-b9fbc77-sfo1
X-Storage-Bucket: ze0bc
X-Storage-Object: e0bc8743cf211c699ebb439c59780abf7b40b543b28bd198f6f355bb109a7424
X-Host: blu62.sf2p.intern.weebly.net
Accept-Ranges: bytes
widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
200 OK 51 kB URL GET HTTP/3 widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
IP
Requested by https://www.nwafablab.com/
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nwafablab.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3600, public
xkey: composition:615dd851ecb2a1d2378b4567 widget:569a2f1cecb2a1be6a8b4568 user:5f3c4c5fecb2a180518b4567
x-varnish: 841784271 840777458
via: 1.1 varnish-v4
x-cache: HIT
x-cache-hits: 3
age: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCGBFXFr%2BTjmz2EoW7Lip2cKak3Rs9rovRJc01QPMZoZodVBGXHmBjlxIB1KwiyLScWy18WlGVRhY23mvICTCI9q5ip%2FZz10nHj%2Bhi1aFyZ0XJMnBM%2BU%2Fy3Ni%2BH1w5A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee080aeae5688-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Roboto
200 OK 2.1 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto
IP
Requested by https://widgetic.com/api/v2/compositions/615dd851ecb2a1d2378b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2158), with no line terminators
Hash 7fad5e7e182f10e7ece237afa8caae03
3e446dd2d5f5a34d3e6a55063ef740fe292a42a1
5b353f7d4f4359ff0b19d42c322ddf1e4cb8b350644d3c7daefc39739ba114f0
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 24 Nov 2023 04:23:31 GMT
date: Fri, 24 Nov 2023 04:23:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed/data
200 OK 12 kB URL GET HTTP/3 widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed/data
IP
Requested by https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Certificate IssuerLet's Encrypt
Subjectwidgetic.com
FingerprintF2:82:89:55:B3:E7:2A:B2:B3:01:68:C7:41:25:DC:99:C2:2F:DF:05
ValidityFri, 10 Nov 2023 02:21:34 GMT - Thu, 08 Feb 2024 02:21:33 GMT
File type JSON data\012- , ASCII text, with very long lines (12250), with no line terminators
Hash 196a25e3fbb94f6a9cfacb36411e6c50
b9b70718597fd18e5bdd59961481c64dad92c99b
27311453811ce11726fc10e1bc8c03abfd34dda1783f647ee5b8cb2f805761d1
GET /api/v2/compositions/61c3942aecb2a1f3688b4567/embed/data HTTP/1.1
Host: widgetic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VgEPUVFVGwEAV1FWAwUH
DNT: 1
Connection: keep-alive
Referer: https://widgetic.com/api/v2/compositions/61c3942aecb2a1f3688b4567/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Fwww.nwafablab.com&branding
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 24 Nov 2023 04:23:31 GMT
content-type: application/json
content-length: 2728
vary: Accept-Encoding
cache-control: no-cache
xkey: composition:61c3942aecb2a1f3688b4567 widget:569a2f1cecb2a1be6a8b4568 skin:61c3949becb2a156698b4567 user:5f3c4c5fecb2a180518b4567
x-newrelic-app-data: PxQFVl5TDwUTVlFRBwUDUlQTGhE1AwE2QgNWEVlbQFtcC2VOcAJHCwtYa04HE1FsRlY+BVJFaAULXEZcEQ8XC18MZwdVWlFWbAFYFVBDH1JKBgdRVlMUAx5WUVcPARtLVR0UUlBQUlJSBllbDQpWAlBVAUMdB1IOF1Nq
content-encoding: gzip
x-varnish: 841784280 839749844
via: 1.1 varnish-v4
x-cache: HIT
x-cache-hits: 5
age: 0
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjEavfcEcHY7Eyo6ZZHQLIlklxEJ5HwYRRXNSPa4lUROqgScxtV3Pd0xposd8Dmw99cPV51nZkhzLas%2B1mkBQgfvPI7FkWs3tI424CkO7hRkKQtHcJc%2BZN53FJPShFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82aee085782d5688-OSL
alt-svc: h3=":443"; ma=86400
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
200 OK 323 kB URL GET HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs
IP
Requested by https://calendar.google.com/calendar/embed?height=750&wkst=1&bgcolor=%23ffffff&ctz=America%2FChicago&showNav=1&showTz=0&showCalendars=1&showTabs=0&showTitle=0&src=MTVkZmE1ZDdmY2EwOTk5MmYwNTNhNTViOWEzY2RiYWMwYzZkZDY4MjA1N2M2ZjM4MGYyMGEwNjlmZmZkMGYwOUBncm91cC5jYWxlbmRhci5nb29nbGUuY29t&color=%23F4511E
Certificate IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint06:87:C0:63:02:21:98:02:BD:FC:A0:11:93:E9:3A:9F:51:21:06:D8
ValidityMon, 23 Oct 2023 11:25:10 GMT - Mon, 15 Jan 2024 11:25:09 GMT
File type ASCII text, with very long lines (1505)
Size 323 kB (323424 bytes)
Hash 74e2ed30b18badb8e2821b62f0dc86db
a44add961324d8d399de79e45524ffa019ffcd73
3253ebd8d1a3c41f020b8e18e84bf61b96b0c1bba646b047fa90d87e72438371
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://calendar.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 110396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Nov 2023 21:36:54 GMT
expires: Wed, 20 Nov 2024 21:36:54 GMT
cache-control: public, max-age=31536000
age: 197197
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
199.34.228.77
0.0.0.0