302 Found 1 B URL User Request GET HTTP/2 IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type very short file (no magic)
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /teum/ HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
x-powered-by: PHP/8.1.25
cache-control: no-store
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
location: /
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 06:37:59 GMT
server: Apache
X-Firefox-Spdy: h2
200 OK 12 kB URL User Request GET HTTP/2 IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55342)
Hash 471a66a82ac18f4f771e956b5a0fee3f
635d480d72fdb0317be8ed37c9020f15bf605fcf
9e61dbe329ac08c26020ca22c943be90b26d17473e5228f22ba1ff2e09dabe1e
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/8.1.25
link: <https://nestegglabs.com/wp-json/>; rel="https://api.w.org/", <https://nestegglabs.com/wp-json/wp/v2/pages/716>; rel="alternate"; type="application/json", <https://nestegglabs.com/>; rel=shortlink
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: br
content-length: 11663
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 06:37:59 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/cache/autoptimize/css/autoptimize_ce7aff9af5c85e2642b2ff2c3f643832.css
200 OK 5.9 kB URL GET HTTP/2 nestegglabs.com/wp-content/cache/autoptimize/css/autoptimize_ce7aff9af5c85e2642b2ff2c3f643832.css
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type ASCII text, with very long lines (22872), with CRLF, LF line terminators
Hash 7bd3efcb32a9df950619d4c6661e6601
819df56faf1ceb4298058b1d8cfe134dc938a386
7cc381f50df135d979e5a200d3df250789fe14f3384989a7852a271162621479
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/cache/autoptimize/css/autoptimize_ce7aff9af5c85e2642b2ff2c3f643832.css HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:53:09 GMT
etag: "2b602cf-81ec-60ad8dc8bd9d2-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Wed, 27 Nov 2024 06:38:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5942
content-type: text/css
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/2021/11/logoNL2021.png
200 OK 4.3 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/2021/11/logoNL2021.png
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type PNG image data, 202 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 71dae6a68f4327ecef24db254e3eb6a4
01544ff4f4b98452a13d65956ea65e7cf79c57f1
9c354bfa4175b0cabaa334e3a0075e0093d37332784bd19bf0bd79aa3bd275b9
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/11/logoNL2021.png HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 11:45:56 GMT
etag: "2b6170c-10e8-604eba2ddafcc"
accept-ranges: bytes
content-length: 4328
content-type: image/png
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg
200 OK 1.0 kB URL GET HTTP/2 nestegglabs.com/wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 14e20d4517f51deeea04db311cd027ce
c50aac2f5123a7f16b71b3c286c1eca39514b9dc
fab005de52ce54d75f373c5a020e7ddd194caea5b4bf6e87886196e5d4451adc
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/cookie-law-info/legacy/public/images/logo-cookieyes.svg HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:47:43 GMT
etag: "3160081-a15-60ad8c919dc27-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1031
content-type: image/svg+xml
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
200 OK 30 kB URL GET HTTP/2 nestegglabs.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type ASCII text, with very long lines (65447)
Hash 9d69fb080054a3c5026582456c676b5c
8c291fb96e46ceb3e89576d5cf4cd32cac848ebe
9d66463d888133eecc0b7d849c606e3173f1b86061485367e6bd777b28254799
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Fri, 01 Dec 2023 00:29:59 GMT
etag: "29403b0-15603-60b67de4921b1-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 29771
content-type: application/javascript
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/2016/11/CTA_background.jpg
200 OK 26 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/2016/11/CTA_background.jpg
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1950x1200, components 3\012- data
Hash 1055507c6a507b85e530f7bbde4b02d8
3f153e098ac9d403b3d6f481725c0147891e62d8
3f679e039b8e1e00cf8f316546da6acf6d11e439dc83c09e7c941992d04f3051
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2016/11/CTA_background.jpg HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 11:45:31 GMT
etag: "2b616bf-63b4-604eba159864e"
accept-ranges: bytes
content-length: 25524
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/fusion-gfonts/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/fusion-gfonts/S6uyw4BMUTPHjx4wXg.woff2
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/fusion-gfonts/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:51:33 GMT
etag: "2c00280-5c1c-60ad8d6d060fe"
accept-ranges: bytes
content-length: 23580
vary: Accept-Encoding
content-type: font/woff2
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/fusion-gfonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2
200 OK 23 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/fusion-gfonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/fusion-gfonts/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:51:33 GMT
etag: "2c00282-5a00-60ad8d6d75261"
accept-ranges: bytes
content-length: 23040
vary: Accept-Encoding
content-type: font/woff2
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/fusion-gfonts/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
200 OK 34 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/fusion-gfonts/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 34328, version 1.0\012- data
Hash 6581ab53c220b5828e37162349375431
1922912ca5ab6eb5a55db138b183b38d066e85c8
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/fusion-gfonts/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:51:28 GMT
etag: "2c0021e-8618-60ad8d685c2fc"
accept-ranges: bytes
content-length: 34328
vary: Accept-Encoding
content-type: font/woff2
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/fusion-gfonts/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
200 OK 34 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/fusion-gfonts/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 34328, version 1.0\012- data
Hash 6581ab53c220b5828e37162349375431
1922912ca5ab6eb5a55db138b183b38d066e85c8
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/fusion-gfonts/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:51:28 GMT
etag: "2c0021e-8618-60ad8d685c2fc"
accept-ranges: bytes
content-length: 34328
vary: Accept-Encoding
content-type: font/woff2
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/fusion-icons/science-v1.0/fonts/science.ttf?gct0rv
200 OK 2.1 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/fusion-icons/science-v1.0/fonts/science.ttf?gct0rv
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, science \012- data
Hash 5851da92f310fe68174e9c52e80ed88a
74ded63ceb59b993d6cc4595f509f8a83bea45cc
49510859712a8710c41005bf50cecdcafdb3b8ac53b0125c0ed215a9a1756eff
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/fusion-icons/science-v1.0/fonts/science.ttf?gct0rv HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 11:46:22 GMT
etag: "2c84227-d38-604eba4675791-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2134
content-type: font/ttf
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
200 OK 21 kB URL GET HTTP/2 nestegglabs.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type Web Open Font Format, TrueType, length 20884, version 1.0\012- data
Hash 5821df88dcca2bf1e15ca638dc910050
c244e12cabe2a72f1d20f340d3da6ab4f1374c2d
fb47dc68f6a457c14c33d2ed6eb1e8a635d007f8868ed7e90e39a6feae9141a6
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:48:37 GMT
etag: "31612a7-5194-60ad8cc54c4af"
accept-ranges: bytes
content-length: 20884
vary: Accept-Encoding
content-type: font/woff
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/cache/autoptimize/js/autoptimize_9f39d04491745a38016c283e10248dda.js
200 OK 113 kB URL GET HTTP/2 nestegglabs.com/wp-content/cache/autoptimize/js/autoptimize_9f39d04491745a38016c283e10248dda.js
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type Unicode text, UTF-8 text, with very long lines (13182)
Size 113 kB (112593 bytes)
Hash e00d71160b5dd42fd97eb03ce9dba1d9
399019c8707e76b726c41bd6395431dfc262b92e
84f9332b23522bd9df2b8f8b8d70155b23a5b0f64eb4fe6e65a18d233482698d
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/cache/autoptimize/js/autoptimize_9f39d04491745a38016c283e10248dda.js HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:59:13 GMT
etag: "2b602e7-6b05e-60ad8f23e9f40-gzip"
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Wed, 27 Nov 2024 06:38:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/2016/10/avada-section1.jpg
200 OK 39 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/2016/10/avada-section1.jpg
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1551x1200, components 3\012- data
Hash a4c0338adcfa3fe498901b66e686fb13
820fc610e1364690c63f008750c321f5079f374e
0ef16bedb61cab21641d20f0c5bcbd226262721e7b1f95eb776793cf11fdea26
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2016/10/avada-section1.jpg HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 11:45:26 GMT
etag: "2b616db-9963-604eba115647f"
accept-ranges: bytes
content-length: 39267
content-type: image/jpeg
date: Fri, 08 Dec 2023 06:38:01 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/fusion-gfonts/S6u9w4BMUTPHh7USSwiPGQ.woff2
200 OK 23 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/fusion-gfonts/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/fusion-gfonts/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
DNT: 1
Connection: keep-alive
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:51:33 GMT
etag: "2c0027e-5ac4-60ad8d6c96bb4"
accept-ranges: bytes
content-length: 23236
vary: Accept-Encoding
content-type: font/woff2
date: Fri, 08 Dec 2023 06:38:01 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-json/contact-form-7/v1/contact-forms/821/feedback/schema
200 OK 173 B URL GET HTTP/2 nestegglabs.com/wp-json/contact-form-7/v1/contact-forms/821/feedback/schema
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type JSON data\012- , ASCII text, with very long lines (611), with no line terminators
Hash a880f897bf6f6789891867805351d0df
a7f216c8e3664911847d173a2cd04b3a781fdc1a
89c2ffd6cfeb0da29485ea83a5cf122189097f2043aa592dc90721a3657b49fe
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-json/contact-form-7/v1/contact-forms/821/feedback/schema HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/8.1.25
x-robots-tag: noindex
link: <https://nestegglabs.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-encoding: br
content-length: 173
content-type: application/json; charset=UTF-8
date: Fri, 08 Dec 2023 06:38:01 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/2021/11/cropped-icon-192x192.png
200 OK 9.2 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/2021/11/cropped-icon-192x192.png
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 64a028f60349cd254bd4eb91758319d5
529ec029f119bacb154e33f8c7f9263178d587ce
23655d9b149300c092485f272c41a0141f952b059f664165b5d0b4522ab5575b
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/11/cropped-icon-192x192.png HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 11:45:52 GMT
etag: "2b616f7-23fc-604eba2a4a9cd"
accept-ranges: bytes
content-length: 9212
content-type: image/png
date: Fri, 08 Dec 2023 06:38:01 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/2021/11/cropped-icon-32x32.png
200 OK 558 B URL GET HTTP/2 nestegglabs.com/wp-content/uploads/2021/11/cropped-icon-32x32.png
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 304d49ba0d244e61256db647515d152e
dbff59295df92123e69b2cbc538fabc2b2181c5d
e38d384fd01001cdbf1c3e1580651cf9a2432a1de6d7a0cdade493ba17f56271
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/11/cropped-icon-32x32.png HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 11:46:00 GMT
etag: "2b617a3-22e-604eba318349c"
accept-ranges: bytes
content-length: 558
content-type: image/png
date: Fri, 08 Dec 2023 06:38:01 GMT
server: Apache
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it®ion=it&callback=onApiLoad
200 OK 63 kB URL GET HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it®ion=it&callback=onApiLoad
IP
Requested by https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2469)
Hash 38e48e4ce8f478e394000d1ad9d3b0a0
17295ea4bba75bfbbbab5da8e6a56b28924ac466
6c2454e29f14975e890386a5367bfadcfb8c998a5ea3bb2afd9b321ac4e7fcb9
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=it®ion=it&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 08 Dec 2023 06:38:01 GMT
server: scaffolding on HTTPServer2
content-length: 63251
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
200 OK 23 B URL GET HTTP/3 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
Requested by https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type JSON data\012- , ASCII text
Hash 8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 08 Dec 2023 06:38:01 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.google.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.gstatic.com/maps-api-v3/embed/js/55/4/intl/it_ALL/init_embed.js
200 OK 61 kB URL GET HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/55/4/intl/it_ALL/init_embed.js
IP
Requested by https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (3246)
Hash 56e990c20545a7b36d575e2a08e355ac
d52cab713eb16dd4a41d7d307bf59628b191465e
4309b2d6ef3e4f258f0b5e45605ebb9c3f487debbc3dd9bbb43a2e876c4e47c4
GET /maps-api-v3/embed/js/55/4/intl/it_ALL/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 61378
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:59:51 GMT
expires: Fri, 06 Dec 2024 15:59:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:19 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 52690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/common.js
200 OK 58 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/common.js
IP
Requested by https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (6638)
Hash 18277b54541d823125d567a0b12498c3
a9be924e78c0856f7e50c23f485acc1e59c36a0e
d7592662c81389fc544c36f97307e944e6ca645c060d1659a9a4d99a5cfc3cea
GET /maps-api-v3/api/js/55/4/intl/it_ALL/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 57583
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 19:31:42 GMT
expires: Thu, 05 Dec 2024 19:31:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 126379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/util.js
200 OK 55 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/util.js
IP
Requested by https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (562)
Hash d8e0badda113b9f4646f711e48d2acc7
35a2754ff186cda1f14b4133dad9082a1458d14c
c603c3ddc94c9a94c44937bbf540778cf3602aabfb2c9ac57fc5822f4f3eb018
GET /maps-api-v3/api/js/55/4/intl/it_ALL/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 55268
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:43:20 GMT
expires: Fri, 06 Dec 2024 15:43:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 53681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/map.js
200 OK 24 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/map.js
IP
Requested by https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2347)
Hash 62967e8d877c5b83496eeb5e6c890ca4
51baf1d250f6e0c2848bf538e0594882fd2953b8
5e1c8655bb05c4d66e37de93c0485ca8b7625d77777084151f3145e28ca89572
GET /maps-api-v3/api/js/55/4/intl/it_ALL/map.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 23985
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:45 GMT
expires: Fri, 06 Dec 2024 15:40:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 53836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/overlay.js
200 OK 1.3 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/overlay.js
IP
Requested by https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (1152)
Hash 1df91c1f6d8aa50f28fcb69be2e87fb7
9eac01009e6880f1f620e8feb5d7bb13d229d7bc
a1519b8403301122e84803656e3e66ba9cc3590df61b39923d5ca6cd58c43835
GET /maps-api-v3/api/js/55/4/intl/it_ALL/overlay.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1271
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:41:01 GMT
expires: Fri, 06 Dec 2024 15:41:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 53820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/onion.js
200 OK 8.9 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/onion.js
IP
Requested by https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2559)
Hash 15d88e9adb4c7a891edb0e309382a80f
240fcca89a5fe543eb2ebbb342f7c114b5de56cf
2894853fa500531fd20df5aa7fc7dbe60c16bdba80fd37a64afc53d21b2ffaf4
GET /maps-api-v3/api/js/55/4/intl/it_ALL/onion.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 8884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:58:14 GMT
expires: Fri, 06 Dec 2024 15:58:14 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 52788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/search_impl.js
200 OK 1.3 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/4/intl/it_ALL/search_impl.js
IP
Requested by https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (1470)
Hash d2aebe7e45384981bcfbce950c8e3486
50b96beed8f55b43de15a5b1d900d21d3645faa2
97663b40faef05680d251e9e847d31fc6647cd4e4f7d5134dbec6d19bcaf800c
GET /maps-api-v3/api/js/55/4/intl/it_ALL/search_impl.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 1250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:56:01 GMT
expires: Fri, 06 Dec 2024 16:56:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 49321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
nestegglabs.com/wp-content/uploads/2021/11/logoNL.png
200 OK 8.2 kB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/2021/11/logoNL.png
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
File type PNG image data, 404 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f5e00fc5036038cf85202ba73bf4f5d
33cbd7b1f2edb44a1481a8b4be863e344fdc0e68
93a5545b4f8180b62ed7de39a7849b732ac56dd9572f68626662c15144810141
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2021/11/logoNL.png HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 11:45:52 GMT
etag: "2b61767-2002-604eba2a10817"
accept-ranges: bytes
content-length: 8194
content-type: image/png
date: Fri, 08 Dec 2023 06:38:02 GMT
server: Apache
X-Firefox-Spdy: h2
nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
200 OK 1.2 MB URL GET HTTP/2 nestegglabs.com/wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3
IP
ASN #21499 Host Europe GmbH
Certificate IssuerLet's Encrypt
Subjectnestegglabs.com
Fingerprint1A:1B:64:0D:BD:38:EA:59:18:DC:BF:13:28:26:A5:CB:B1:C8:BF:B4
ValiditySat, 09 Sep 2023 10:25:52 GMT - Fri, 08 Dec 2023 10:25:51 GMT
Size 1.2 MB (1232496 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/fusion-styles/2b120c01848493942bd98e423ee79b4d.min.css?ver=3.11.3 HTTP/1.1
Host: nestegglabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nestegglabs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Thu, 23 Nov 2023 21:51:29 GMT
etag: "2c00271-12ce70-60ad8d691157e-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/css
date: Fri, 08 Dec 2023 06:38:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
200 OK 2.2 kB URL GET HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2304), with no line terminators
Hash 54ac86ce2b652364e62b5b33fcde0309
076cf742a4f1051be85a2d3b3aaa0821dfcb1a63
975e10ba84effc3bbeb33c16887cbffea786c365baec21bab9b719a7fa5f6fa8
GET /maps/embed?pb=!1m18!1m12!1m3!1d2518.3935759904243!2d5.658110915746276!3d50.86091307953406!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x47c0e83beccfdcc9%3A0x2c454bb898ca317d!2sFlorijnruwe%2011114%2C%206218%20CA%20Maastricht%2C%20Paesi%20Bassi!5e0!3m2!1sit!2sit!4v1637950860773!5m2!1sit!2sit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nestegglabs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-LSvGA3n6MbXfYt3K2ulsTg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-type: text/html; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 08 Dec 2023 06:38:01 GMT
server: scaffolding on HTTPServer2
content-length: 976
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
92.205.1.120
172.217.21.170