nsw2u.com/
200 OK 0 B IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Mon, 20 Nov 2023 03:52:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 20 Nov 2023 04:52:32 GMT
Location: https://nsw2u.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMoVpxRFRGchgcNtn5vTftxU%2FRFDYPL2Dws4IOghXwo0vdqLTn3fOZ2kKTBqyNt0D2iuqmrtUZRTVTpZr0LoI%2F9bUGNjtkJleMKi02WBD%2F8gZqthoD4rOgCsMoo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 828dbda40a4f56b4-OSL
alt-svc: h2=":443"; ma=60
nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
200 OK 16 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash 134fce13c189ed0e483a1bddb6406204
eed559ac52e9731c56a1fb03eb94fc82e551bb66
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
GET /wp-content/plugins/chp-ads-block-detector/assets/img/icon.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: image/png
content-length: 15671
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:29:33 GMT
cf-cache-status: HIT
age: 29998
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA4W%2BiQggxtj4wa9qNmvnLTrLeYDKR41wbKz12WTEd02JUbrxgVJOHI3x8e6PtZ76aX2o8Yns8Gg1gB7VbTTKNKdhtAlWsb6NooJL4USdlvTi0S0TQzEJmeeyHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdbdf92fb4ff-OSL
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
200 OK 95 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /wp-content/plugins/ad-inserter/images/ads.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: image/png
content-length: 95
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:19 GMT
cf-cache-status: HIT
age: 29998
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIxvj0ej6a5k%2FZ8Us4xswld9GvAet%2FBYqo4JOeoUclynqlLaPOqTjfntgFW4cih%2Ba%2FMohLPMITRKdANrf1jJOeJHyfFfpAVljEUzeadi%2BZ1fwDMCSRTJFKTDLSA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdbdf933b4ff-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1
200 OK 2.8 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 948c6dc3d3c1e2e9d315418f6eabe2bf
ed06ff1f0994f3be033f22d808241d3fcca9d1e8
3a2e29960ba6130c22ce96089a7592ae91b6a0d6a11595a10daaa9662522ad0b
GET /nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: image/webp
content-length: 2836
last-modified: Sat, 24 Sep 2022 18:25:42 GMT
expires: Tue, 24 Sep 2024 06:25:42 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/nsw2u.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0101732b85ce3bdc"
vary: Accept
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
200 OK 32 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3dde27351094fd110611b7099df7612d
1f8633afc647ab96114d9cd7b87b2e1bd9d73fae
f7118208621987432e4309b2429b3ca26191166ec2b5b4dfab15204958f9de33
GET /images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: image/webp
content-length: 31608
last-modified: Sat, 25 Mar 2023 13:28:37 GMT
expires: Tue, 25 Mar 2025 01:28:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5948b74d64865dea"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/10/Peaks-of-Yore-TENOKE-PC.jpg?ssl=1
200 OK 8.6 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/10/Peaks-of-Yore-TENOKE-PC.jpg?ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69a956ceba287a83f95b165776ad7170
d0400e374dd5ebc6e49a7a098b0cb2d5665f45f6
1e3408080d55bc995d8e5a8deb61ee72fe0570f512cc85ae3f2d5fa0de323c75
GET /game-2u.com/wp-content/uploads/2023/10/Peaks-of-Yore-TENOKE-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: image/webp
content-length: 8594
last-modified: Sun, 19 Nov 2023 02:49:43 GMT
expires: Tue, 18 Nov 2025 14:49:43 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/10/Peaks-of-Yore-TENOKE-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0212a3825c6c3576"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/09/Remnant-II-Ultimate-Edition-v386954-P2P-PC.jpg?ssl=1
200 OK 16 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/09/Remnant-II-Ultimate-Edition-v386954-P2P-PC.jpg?ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cef28aaf5b2ad4117b608481a8b4e0c9
adc4dda0237e57ef7221d2a75449db6e3dd4be55
50d3eabc1b6d73f56e3fb9db8ce5309da03b014fcda7bb507b452457d5a9c173
GET /game-2u.com/wp-content/uploads/2023/09/Remnant-II-Ultimate-Edition-v386954-P2P-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: image/webp
content-length: 16474
last-modified: Sun, 19 Nov 2023 02:59:20 GMT
expires: Tue, 18 Nov 2025 14:59:20 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/09/Remnant-II-Ultimate-Edition-v386954-P2P-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "735238cfb2180ee2"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/11/Backpack-Hero-GoldBerg-PC.jpg?ssl=1
200 OK 23 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/11/Backpack-Hero-GoldBerg-PC.jpg?ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 388dbf9e15807f727b48ac83423fe20c
c7684ef10f96fd9f75e65c49e0d5af0232aa2d08
4ea5a515c4b693f1ecc6075c3f1d7c2bee593aebc5867315ec00f6fd10c5f559
GET /game-2u.com/wp-content/uploads/2023/11/Backpack-Hero-GoldBerg-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: image/webp
content-length: 22904
last-modified: Sun, 19 Nov 2023 02:49:43 GMT
expires: Tue, 18 Nov 2025 14:49:43 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/11/Backpack-Hero-GoldBerg-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "10177c3fbc663adc"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1
200 OK 42 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4928f7b25fded3f8d8a950e9d163f32
d3c246313c0b85eb96b9bea998baeb1c8da5a7c5
6590cb89e20fcfe488bf87db73a0a86d040513f68b0711e6456c0a0da091bce4
GET /images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: image/webp
content-length: 42380
last-modified: Tue, 10 Oct 2023 09:05:01 GMT
expires: Thu, 09 Oct 2025 21:05:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1f81867bb8a4a38b"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/
200 OK 48 kB IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6356), with no line terminators
Hash 11035fb087d0c9d3d9c7cbdae15efaf2
f2dfcc6b013fac904a5a5fb23c0ebb7123009e50
0ba97040634902ac84b6f0c115ead97bd0dcbf8cd61fce2a4fcd08f0b3c67ba6
GET / HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Mon, 20 Nov 2023 03:52:32 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hgsd6XnFzotZZW%2BlpQtqkBYe%2Ft%2BRZed4RqFe84VnTMhJ18PfJJpmPRGXscfB5IazpxYLJ0Ohqwi%2FUSWeh9oF0NrWJUABmPQTfnggUrZFN0MG4rpDMZ7q5GbS7ec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbda2ef350b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.32
200 OK 23 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.32
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash e509c98a0bcad0ce8e6248ac8eb31de1
ec5fe203df631088270b5f2b0b7a85498a2aeb8b
352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63
GET /wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.32 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
content-length: 23
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=25
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:20 GMT
cf-cache-status: HIT
age: 29998
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mnoB5GnVhXvrehmozEwZZ5qoI23ypxBk89Z%2FzM49trH2CsOcMuMcDkhY0mI7nWqYKuyY9%2F%2FbqiqUzRYyMjAY5Ti%2FCv6aWlmoInttBpVAQ9lNAUWVJIsuPHqYNE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdc17a1db4ff-OSL
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.32
200 OK 22 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.32
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash 41bd53fe0ee631d5cfd895e18a53291d
9d9d3c42c53ad7f906cb083a0d2d37afb4537764
dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40
GET /wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.32 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
content-length: 22
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=24
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:20 GMT
cf-cache-status: HIT
age: 29998
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F6%2B81KQBw%2BOg%2BoVI1q0thuLCXN0xJ6lPPeEWS%2B5HDqlejvqqgfeVRpJXuKIeZzehmo3W9NqIw3N40DehbLrg2t6VlOLY%2FFlZLCM7W5X6YWP09tG4OGPVm1DmaI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdc17a1fb4ff-OSL
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.32
200 OK 21 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.32
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash 169a5dd1261e0d434162d1af68acbbcd
c18d59ed069049b012a61a8e6b958bfb25bc1b71
82b3dabc6615507ef352f36aa08a805d409e883f8024fd01fda43175b6b67b38
GET /wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.32 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
content-length: 21
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:22 GMT
cf-cache-status: HIT
age: 29998
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cpy8GflkR91UmnqGV5xQfbVCau6RzzsnFqX7idD1h2Ls4D2pdHEautVkM8gtyl7BoNZJeuDJJrHWlOWQAHJ6mS4S3p4mo%2BwaUeAp763GsXfAkugUWvBlJtBEO%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdc17a20b4ff-OSL
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.4.1
200 OK 78 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.4.1
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 0417d8d5475b847fb09a3d3306aa0516
81c254cdefbbd83661940fab4bb3f51bfbd4efb1
ca28d67206fc5acc2ea86ddc6308f17ede51f9199b770f770eb438a03554a917
GET /css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.4.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Nov 2023 03:52:36 GMT
date: Mon, 20 Nov 2023 03:52:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.4.1
200 OK 3.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.4.1
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (7862)
Hash 45bacd312d5098b4b59f563d8756c15d
fa55e2cff078381e5365d95782a95a787d0b7192
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
GET /ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.4.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-1ed1"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1083398
expires: Sat, 09 Nov 2024 03:52:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bN%2FPSUXJDN%2FQ5YZGOjOPksv4VC6Mta1vzeM8c%2FmHKGa62hj9HmJIspADoX14RzJlCTzMoq3fqTFBNJFkL9UUDNvE%2Bp03apGL%2F3UCEhJxfT%2BRxAhgvIQabPiFA1inWTSO%2BkH1icCj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 828dbdc25d69b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.4.1
200 OK 677 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.4.1
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (1845)
Hash f6a3dd4ecbf227acbafcff33d68dc71d
7421115ddcd5d436b89a1fd27e0cdce5a01978e6
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
GET /ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.4.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 677
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-750"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2252393
expires: Sat, 09 Nov 2024 03:52:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dtqlxao%2FkNU%2BYi6LgadAoE623yH6kuMe8tUCGK41tx9e1WupoKwOEuwpZoXKIUBO23oURq9ySgJlF%2BVo7khDpNmyvynI9vfn1c3Q05yzniiZ2%2BdeyKpWUWR9v5b32239dK%2BBtQac"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 828dbdc25d6bb505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.4.1
200 OK 1.1 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.4.1
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (3036)
Hash 94279a9a0c4060a96efcf1da47716f86
ea88b3fd8b01a8b86edfd0f4120cc9a834893018
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a
GET /ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.4.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1101
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-bf7"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1987982
expires: Sat, 09 Nov 2024 03:52:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tO%2BCYXDN54nHwUBDcxlBiGmPjfbktne7FKs3vlyM1OTDmEKAK61fsDEJQyn34Zj2S%2FM59opxZYbkd5PDak8sJLTBRqRWuY8lGaWqi0c%2B3p7jnZ7lnXhQw7a6YbvCQKpep7dP3aEt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 828dbdc25d6cb505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=c4973b0b0a57b1114aa1
200 OK 11 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=c4973b0b0a57b1114aa1
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (7553), with no line terminators
Hash 6fae6f2a9476c3b2addf82a753cac0a8
2f4b62230bba341dc0230cb82dfdf0487d70e72e
325fb795937a9db601996005e162fca12089e234bec9574c8b1581437a5b5321
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=c4973b0b0a57b1114aa1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Tue, 14 Nov 2023 03:58:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwJeJEVUgp50uyz5%2B2quqAWEbWWM6m5tb92suAlFkNianncXUcIeE17Eye7eYQBaoZIIgTUOPFXNob5HI8YDzww1IrLl%2BcI8ZoEDV%2FVy0AuzqQT%2Bc%2Bo8Ru8PE7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc1aa34b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
83 kB URL challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
IP
File type ASCII text, with very long lines (34253)
Hash 6142a5f5c66e2c1be52ee9506a565962
c3b39e8352efd1e0619b6dd62af8b2a917622868
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
GET /turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 03:52:33 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbda78d22b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 21 kB URL GET HTTP/2 www.google-analytics.com/analytics.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (2343)
Hash 575b5480531da4d14e7453e2016fe0bc
e5c5f3134fe29e60b591c87ea85951f0aea36ee1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20994
date: Mon, 20 Nov 2023 03:23:22 GMT
expires: Mon, 20 Nov 2023 05:23:22 GMT
cache-control: public, max-age=7200
age: 1755
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.4
200 OK 24 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.4
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type Unicode text, UTF-8 text, with very long lines (65506), with no line terminators
Hash 51480f0afb0a30743ae59a3455633c75
2b46f094cb87015fa342da2bf1767413ec5c92b5
108cd01e5eaa34e9942ca8af9f8fe70271d3a3a5028fa085c628c162c3706d2d
GET /wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.4 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 08:22:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG3PpZ0VB4NOxD4kOhnSnYVKKFK%2Brkm8cLOI3BlLo2mxYcJZaji6iXr7EPfiXsUNNMMXVkjLHP6UMw0u5KEBL4pLLcDJSDNLYEN7s5yjUjpPbCWs341ybg1NmpA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc17a23b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1
200 OK 374 B URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 43df8a9873aa31bb000672a677ac1640
4c1bcd8c3a797217d375df16b4bcab2d6a2763a3
d865b1c06cbff014e7c47cf5afb4332de4c95a537f86074e001b577c50aef07d
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: image/webp
content-length: 374
last-modified: Sat, 24 Sep 2022 18:25:44 GMT
expires: Tue, 24 Sep 2024 06:25:44 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "9a9a255d155ea6c0"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115
200 OK 81 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (416)
Hash 19133a01c05f0c08dba58762e981932e
b44e5153c6cb4e9e83a2559a5d6cf6c7327b5017
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
GET /wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=880
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OM4ZBIh6zhDWYnYQ8Py3R4M9rz31JfEBpa1sXqkb4cMGmLxlUdhGRRYFgE8zClc7mBp4jkXWIFr%2BYjzGDSdT9Pcz9ec38JFU71BDJWvfWgb9GMsy38y2yMxVz6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc1aa30b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/dmlqt.css
200 OK 80 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/dmlqt.css
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (8143), with no line terminators
Hash d352c04bd92b5bb831a449a2b43096d9
a4f2932465c8134444702efefe05210f0c77d9b8
316868f97d2f29e79b0fa3501b5e72f84f3f4076a47a024936553dcc49e1aeb1
GET /wp-content/cache/wpfc-minified/q8eepl4d/dmlqt.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: text/css
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Sun, 03 Sep 2023 08:56:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FAQRUe15T7ccVHD6roeREl%2FMcFA4VShZ5vOBlHkILc%2FKAxW7zsa0XGdanLWeTzxfISh9ie1I3uVMJE2bxIOHzQ9TGsE%2B4NhzgLMewvLGh8vI5NXFG7dAOJpFbY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdbdf932b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js
200 OK 13 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (814)
Hash df624c8da81dfe8e2f2f558d9139d1d0
90c0e4b670c1a0ee9b772255ac970a43c30df77e
d70382f3bf05e5893b55e8cd88979ca435c34e1fcadf16a14cf0c2fd56e35791
GET /wp-content/themes/posterpro/foundation/js/foundation.core.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=13696
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYbnZVchnQ88iC9c9wTSlQfxrUiF4vNQG4YMpWjFIUu1JvPZBZVusakRFuJkW%2BK5IUuB8CCPqIBgpROervtUDyuRD2O810xJG30smqtsXJlnhh3z6d5QDqIKUKo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc1aa2fb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
200 OK 34 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a98016751e498c06d434cc022ca1a44
6aa9af5fe436eab9c313de9f0bea072c04637624
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
GET /c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:37 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
200 OK 2.4 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11256), with no line terminators
Hash 2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
GET /c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:36 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/
200 OK 0 B IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0; _ga_V5K7GYT3S4=GS1.1.1700452360.1.0.1700452360.0.0.0; _ga=GA1.1.467205635.1700452360; _ga_HS5Y0K7QPG=GS1.1.1700452360.1.0.1700452360.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: text/html
last-modified: Sun, 19 Nov 2023 19:30:03 GMT
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EokGEzrwfFPXTp9C02Z9s02d%2BGTUFhmALtMe2pUmlRfE%2BFJ4GB4TAOquCw0hV%2Fxgu5cqeVrR5AWdj3Ra4th3SoCaJQK4cGlGPBMJtD0kHlRFgCoDyuXMgBZdAY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdcd3ccdb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
pixel.wp.com/g.gif?v=ext&blog=221113798&post=0&tz=1&srv=nsw2u.com&j=1%3A12.8.1&host=nsw2u.com&ref=https%3A%2F%2Fnsw2u.com%2F%3F__cf_chl_tk%3DLWFF7cZiLHQN2NqdKMqKuetjV43mkEXT0nWMT6vXtt4-1700452352-0-gaNycGzNCqU&rand=0.40498202099382263
200 OK 50 B URL GET HTTP/2 pixel.wp.com/g.gif?v=ext&blog=221113798&post=0&tz=1&srv=nsw2u.com&j=1%3A12.8.1&host=nsw2u.com&ref=https%3A%2F%2Fnsw2u.com%2F%3F__cf_chl_tk%3DLWFF7cZiLHQN2NqdKMqKuetjV43mkEXT0nWMT6vXtt4-1700452352-0-gaNycGzNCqU&rand=0.40498202099382263
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=221113798&post=0&tz=1&srv=nsw2u.com&j=1%3A12.8.1&host=nsw2u.com&ref=https%3A%2F%2Fnsw2u.com%2F%3F__cf_chl_tk%3DLWFF7cZiLHQN2NqdKMqKuetjV43mkEXT0nWMT6vXtt4-1700452352-0-gaNycGzNCqU&rand=0.40498202099382263 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
200 OK 16 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (4186), with no line terminators
Hash ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
GET /c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:36 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1692466255/57cf98f7/38995518.jpg?resize=200%2C200&ssl=1
200 OK 9.1 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1692466255/57cf98f7/38995518.jpg?resize=200%2C200&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d6e56aafe5753deab7dc9c18a0a9bba
108ad32fa05e6400dc64ac7a81a313ca99496221
2808223bab3a02d2ef86a340b559330e3fcb4669b55346901a39775cddb21ca7
GET /images.vfl.ru/ii/1692466255/57cf98f7/38995518.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 9136
last-modified: Sun, 12 Nov 2023 13:53:21 GMT
expires: Wed, 12 Nov 2025 01:53:21 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1692466255/57cf98f7/38995518.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8ec84d040f8c59a8"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/ehn7s3j8/dmlqt.css
200 OK 9.2 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/ehn7s3j8/dmlqt.css
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (14141), with no line terminators
Hash 65fb08df3bb278ed8613fa9bdad50bf2
8f0b42e330ca544a2a046d972f9a603f87d71c89
2e5d0b37a4b8e9997b565c721ea4a0f1984279d685b7cd0fda6b7cd510c854f0
GET /wp-content/cache/wpfc-minified/ehn7s3j8/dmlqt.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: text/css
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=15333
expires: max-age=A10368000, public
last-modified: Sun, 03 Sep 2023 08:56:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBfHzHeQJvqhNaoP2JbUNsUX14XRo6oDVOdAHenlOK9VgUJisAhd0DOT1aJZ3pveGUKRfIiHaFGHTLG20kRw2CBowUAZD2vHzDr%2Fdhd%2FdQ8RTeo6dBcZn5LRG50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdbdb921b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css
200 OK 58 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 865c509006061cc0d5d684333bdebd80
af315ff1417a78638620c80a8d1f39631370432a
dd239763e9b6d218c461695cd3e642b41e56194bd14146801296db00d5e05052
GET /wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: text/css
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=147784
expires: max-age=A10368000, public
last-modified: Tue, 29 Aug 2023 11:06:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Yke8Zl44ty%2Fbh3vOxIvBMMRKn8tqiTWeLZCvkA8o8WNlP46W%2BgXQviHVOsakWJ%2BO%2FFWQwijN52j%2Fw1JVfsePV2AX%2FsgxQz%2BgBF2OyByhf9WccXCeXh5p1JPHyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdbdc923b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1
200 OK 9.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1bb636cbc4bf45105ea09f678ec75095
95ab741b213cdf879782c361d4b305eaa169627d
bab239986bea594efd10c82ca1bb36dab2fd45a75c18448c6ba963cc59ab41a6
GET /images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 9702
last-modified: Thu, 09 Nov 2023 23:35:52 GMT
expires: Sun, 09 Nov 2025 11:35:52 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "269498792b13b891"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1700158791/256cc76b/39060220.jpg?resize=200%2C200&ssl=1
200 OK 12 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1700158791/256cc76b/39060220.jpg?resize=200%2C200&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a89dbf8145302a9e46ee80c8fce72fd6
7df40d2b6db5e1ed07417297a006f0b96f219ee8
93e53888b68b91d0d17dbc0e1bfb9225249ef8ba50c770cb0e05d33584d4527f
GET /images.vfl.ru/ii/1700158791/256cc76b/39060220.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 12384
last-modified: Thu, 16 Nov 2023 23:01:42 GMT
expires: Sun, 16 Nov 2025 11:01:42 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1700158791/256cc76b/39060220.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "78b4792eedd17c9b"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1700136758/9aae4340/39060093.jpg?resize=200%2C200&ssl=1
200 OK 9.6 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1700136758/9aae4340/39060093.jpg?resize=200%2C200&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6dc7c533dc7d7ad1c538f8b4c7f1ffe1
df24082bb420198a7615b97137059ae7fb441f57
3bd1fe286e60a7b9068436cefc4dd1eeb726134759e22996ad0987529b3916f4
GET /images.vfl.ru/ii/1700136758/9aae4340/39060093.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 9550
last-modified: Thu, 16 Nov 2023 20:13:55 GMT
expires: Sun, 16 Nov 2025 08:13:55 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1700136758/9aae4340/39060093.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "134f2ac95d43b606"
vary: Accept
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1
200 OK 25 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (833)
Hash 005842a52d3a52acfb2023564a25dd05
e1b64022ea15ca6d596e40c3ab04c0e83cf161d5
67c17a1fb58ba2d741009974197106d04f566ff647857d4f638bd82ec7b23079
GET /wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=8005
expires: max-age=A10368000, public
last-modified: Fri, 20 Oct 2023 08:20:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s75p2UCSSX6shXXvBTSncsApTbIFFXJllfuLNMBOtvDcVwCIRLM9%2B5V5F953ykc7zOqGVgZ78%2FbxJIlgSKE9aXfuPTmq0kt4Okxafg1omwJmfOkkA6iYpteMjbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc18a26b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1619056148/a9bc0660/34174222.jpg?resize=200%2C200&ssl=1
200 OK 10 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1619056148/a9bc0660/34174222.jpg?resize=200%2C200&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a6e6e749b7237c0d265d8aedba43165
97fe946503b26aeac5e75e9f39a1683a48d88337
33ebbcc923b621b9fd74f0c163026f506381fe9bf9b96f9fb164bd88733a9207
GET /images.vfl.ru/ii/1619056148/a9bc0660/34174222.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 10384
last-modified: Sat, 18 Nov 2023 23:04:07 GMT
expires: Tue, 18 Nov 2025 11:04:07 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1619056148/a9bc0660/34174222.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "24655d358335b031"
vary: Accept
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1&resize=200%2C200
200 OK 2.7 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1&resize=200%2C200
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash ae58f5f8d93958f30ee4edffe1e3c6bb
7957b10b6f0faabd5ffc655a9698ca0bbc6bd708
dd21bb2f24c912107f1df2b4f6adc9ac747047e1c911a4f5319aa8966e532f1c
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1&resize=200%2C200 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 2734
last-modified: Sun, 12 Nov 2023 16:29:32 GMT
expires: Wed, 12 Nov 2025 04:29:32 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "3702322264174c55"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=828dbda43b09b4ff
66 kB URL nsw2u.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=828dbda43b09b4ff
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash e31243108b800dfbbcbd2764cb33f691
3f8541f5a75e46c3ded6d565c8ba89fd35d8f837
b8cf6052163ae63296ecbd87a8ec1e250cdb7ece18d985946bf34cb9f6e79d22
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=828dbda43b09b4ff HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/?__cf_chl_rt_tk=LWFF7cZiLHQN2NqdKMqKuetjV43mkEXT0nWMT6vXtt4-1700452352-0-gaNycGzNCqU
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:33 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVYmIIlfxN59Jr4PQLtjOotu9EoZpcVlvTNK9KMc416qXVQ9uJbGKTr6KJvAqxIgiNoL0TT7K5GlqSfF2TyfEy2YUunA4I%2FlzfL8iImiS2a%2FO71R8AiIoCpk3Gk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbda67b8db4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1
200 OK 7.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1f2664d6059193e6c1a59ee7ef14d1a0
46542860abd849426ea23d66c601ff0888d735db
f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621
GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 7712
last-modified: Sun, 19 Feb 2023 09:06:57 GMT
expires: Tue, 18 Feb 2025 21:06:57 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "95d72d4081ab31e0"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js
200 OK 55 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (6042), with no line terminators
Hash 9fb1dba6cc608c4310104f103db8b0e4
96f8726ec376189982a98185f38f48f480b2c8e3
236fb88931feead5473c70f542473d5dc064578ffb45ea743414720e2aea3929
GET /wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=6206
expires: max-age=A10368000, public
last-modified: Tue, 29 Aug 2023 11:06:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abTphbnD9qSYw51dKhJxpgMzP746ShGbnHoiqlsqFfwhYeirkk4qGsZH5SLA2iVDXRcmEP%2B9EgAoK33hztsRLRHQV101oKvKyyTEloQryEDV0ADeXJggwrAlsbE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc1ca3bb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
januarydeliverywarfare.com/watch.389024093762.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=0277983f-199f-4d79-9fb3-826bbf035ab2%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 januarydeliverywarfare.com/watch.389024093762.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=0277983f-199f-4d79-9fb3-826bbf035ab2%3A1%3A1
IP
Certificate IssuerLet's Encrypt
Subjectjanuarydeliverywarfare.com
Fingerprint59:4C:33:F5:8F:85:E1:32:64:18:C5:69:D5:75:74:19:8C:59:31:CB
ValidityMon, 09 Oct 2023 12:27:34 GMT - Sun, 07 Jan 2024 12:27:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.389024093762.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=0277983f-199f-4d79-9fb3-826bbf035ab2%3A1%3A1 HTTP/1.1
Host: januarydeliverywarfare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Location: https://januarydeliverywarfare.com/watch.389024093762.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=0277983f-199f-4d79-9fb3-826bbf035ab2%3A1%3A1&shu=2bc09b859b37720c2303234e1ce4d0358c5e5a2fc029429faa6fa212d4ebb6a3da9ca30843fa46091e6039ec468124ea2740015ce5408ccb9765525b540bb0525a474a97d35638edd9e640459428acafdc11889f8e2f0995876d9f80a08e&pst=1700452419&rmtc=t
Set-Cookie: u_pl=19067264; expires=Tue, 21 Nov 2023 03:52:39 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjgiOiJlZDZjYTVlYjhhYmM5YTg2NGZmYTM5MTE1Nzk5YjY0MSIsIjI5IjoiM2EyMjZhNjY0MGE2NDQ2ZGJjN2NkYzk2ZWNjNmIzZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vIn19.whvp_sQpIdUSm4SK7_ZQxkz-uJBivC_dFSr-vXd5VZ4; expires=Mon, 20 Nov 2023 03:53:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac57b915cb0ee2837baac109f7e6b167
Strict-Transport-Security: max-age=0; includeSubdomains
atservineor.com/tag.min.js
200 OK 26 kB URL GET HTTP/2 atservineor.com/tag.min.js
IP
Certificate IssuerLet's Encrypt
Subjectatservineor.com
Fingerprint7F:A6:D8:C6:07:B2:43:13:77:39:5A:91:57:E3:4C:1C:7A:E3:EF:51
ValidityWed, 11 Oct 2023 05:20:30 GMT - Tue, 09 Jan 2024 05:20:29 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash f2e2bbac9956f90deb8bb8620b4e6a34
92e196a6e8b21e835aeb47d0123fbad2c9c1bc2c
785e6fa651312a3f819529c5fa32cd529e74c771f73929ed85cdf424a462144f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tag.min.js HTTP/1.1
Host: atservineor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 25542
content-encoding: br
x-trace-id: fe19b68e09b73d61edd77ee90fa4e424
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Wed, 15 Nov 2023 11:44:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
images.vfl.ru/ii/1694960270/cf20ce03/39012107.jpg
200 OK 86 kB URL GET HTTP/1.1 images.vfl.ru/ii/1694960270/cf20ce03/39012107.jpg
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Hash 7ee39790629b51d1b30ba4f54cf95cee
94baf59afb69a43bc9bb3a173bb5b78ce6346fa0
f762a48a01e02747531031350cbcae423838d54d836d8f4b9b86878d40303f7a
GET /ii/1694960270/cf20ce03/39012107.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: image/jpeg
Content-Length: 86440
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sun, 17 Sep 2023 14:17:50 GMT
ETag: "65070a8e-151a8"
Expires: Wed, 20 Dec 2023 03:52:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
images.vfl.ru/ii/1699089846/04828902/39051605.jpg
200 OK 34 kB URL GET HTTP/1.1 images.vfl.ru/ii/1699089846/04828902/39051605.jpg
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.11], baseline, precision 8, 432x700, components 3\012- data
Hash 03b1aa311beffeff7ed59a35cfdcad2d
0b390ac9337bf262e964dc7b0dead67de3c39622
bc96bdb736f0d25945f302eb0ee2f2d68127aaf2c574d380b82f1eb4acca5d52
GET /ii/1699089846/04828902/39051605.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: image/jpeg
Content-Length: 34514
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 04 Nov 2023 09:24:06 GMT
ETag: "65460db6-86d2"
Expires: Wed, 20 Dec 2023 03:52:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
images.vfl.ru/ii/1694604934/0d07e435/39009949.jpg
200 OK 57 kB URL GET HTTP/1.1 images.vfl.ru/ii/1694604934/0d07e435/39009949.jpg
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Hash 1b3e32337bbde3922e0e9f72aa72002d
100b45332c71a4eb2e6c66d6de40bcc83f29c989
e67f85bbe57ff956ee312dda7de903700030b79bb4ef76d09c192a5da9a33751
GET /ii/1694604934/0d07e435/39009949.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: image/jpeg
Content-Length: 56936
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 13 Sep 2023 11:35:34 GMT
ETag: "65019e86-de68"
Expires: Wed, 20 Dec 2023 03:52:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
images.vfl.ru/ii/1692466255/57cf98f7/38995518.jpg
200 OK 59 kB URL GET HTTP/1.1 images.vfl.ru/ii/1692466255/57cf98f7/38995518.jpg
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Hash 12ba85007158d18cb82d4d92e6c092b5
bfb0950675b1735cfaff82515e749592ecfb092b
1adc9c82489e7765286dc03a55a74c4c808dd6c0e8d693440fb98d5a03d7d7e4
GET /ii/1692466255/57cf98f7/38995518.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: image/jpeg
Content-Length: 59268
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 19 Aug 2023 17:30:55 GMT
ETag: "64e0fc4f-e784"
Expires: Wed, 20 Dec 2023 03:52:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
images.vfl.ru/ii/1700043076/23b77719/39059137.jpg
200 OK 57 kB URL GET HTTP/1.1 images.vfl.ru/ii/1700043076/23b77719/39059137.jpg
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.11], baseline, precision 8, 432x700, components 3\012- data
Hash fb698ed002a1a0bc1f9ce1c3e5de0f83
de556d3b67002d4cd63634446582a12d19bbde1f
793a635ce4f667b5d49e5d654e10af3cf9ff9f997e769c53fa8758e8a253a718
GET /ii/1700043076/23b77719/39059137.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: image/jpeg
Content-Length: 56744
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 15 Nov 2023 10:11:16 GMT
ETag: "65549944-dda8"
Expires: Wed, 20 Dec 2023 03:52:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
images.vfl.ru/ii/1698919345/2d8fa781/39049372.jpg
200 OK 63 kB URL GET HTTP/1.1 images.vfl.ru/ii/1698919345/2d8fa781/39049372.jpg
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.11], baseline, precision 8, 432x700, components 3\012- data
Hash 190ce5d40a81c4638e17636db00bc9b1
d2c44b881ecdaaf7e93f6c9384dd25f6b8c55f43
19b903c61693e75aeddca05cf5de2e528d74afd07febc3b1ce52ddcf842fe5d7
GET /ii/1698919345/2d8fa781/39049372.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: image/jpeg
Content-Length: 62580
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 02 Nov 2023 10:02:25 GMT
ETag: "654373b1-f474"
Expires: Wed, 20 Dec 2023 03:52:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
images.vfl.ru/ii/1699037993/cdf8ab14/39051530.jpg
200 OK 54 kB URL GET HTTP/1.1 images.vfl.ru/ii/1699037993/cdf8ab14/39051530.jpg
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.11], baseline, precision 8, 432x700, components 3\012- data
Hash 2228b4fce28f6e78aa79436c9877360f
1deb82326b6990b844609c76eca08d84bee1a295
7115c06bd0c6a804a13e663f6b3398aa9dd24c7807321884f59f66a954dce62f
GET /ii/1699037993/cdf8ab14/39051530.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: image/jpeg
Content-Length: 53879
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 03 Nov 2023 18:59:53 GMT
ETag: "65454329-d277"
Expires: Wed, 20 Dec 2023 03:52:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.5.1
200 OK 6.4 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.5.1
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash 2b1417b2c8b1f76a0616ff553bf38296
d84080cdc7bd11cf7c56c306c42476c1d53e0554
0b94682b8ee56671ee8d7cd5c49de744ec21d7d5d036ce9d4007a8899037f418
GET /wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: text/css
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=399
expires: max-age=A10368000, public
last-modified: Fri, 20 Oct 2023 08:20:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDN7scD6S9C30g1HNUG2lNRjPHFoE4vrAJC30LTgmoSiz0SuX00ZQYWGEOpy%2BqY8b5GuFqKkIjoocDu2%2FtE%2FxcjEiJK13Xk7HD0%2FKkMPjT5cZNr%2BOs2TtVZwyDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdbdf931b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
images.vfl.ru/ii/1699780830/50744581/39055802.jpg
200 OK 43 kB URL GET HTTP/1.1 images.vfl.ru/ii/1699780830/50744581/39055802.jpg
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.11], baseline, precision 8, 432x700, components 3\012- data
Hash 0f9769d74d6b7eeb03f2621f89a68bb0
2bc5b21ecb7c80983a0b2ebc2886f9622bf80108
b24e4d0236bd0e1930b871b96fa6a4dbd7bac7df11fb391697bdd34423744892
GET /ii/1699780830/50744581/39055802.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: image/jpeg
Content-Length: 43282
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sun, 12 Nov 2023 09:20:30 GMT
ETag: "655098de-a912"
Expires: Wed, 20 Dec 2023 03:52:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1
200 OK 7.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1f2664d6059193e6c1a59ee7ef14d1a0
46542860abd849426ea23d66c601ff0888d735db
f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621
GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:40 GMT
content-type: image/webp
content-length: 7712
last-modified: Sun, 19 Feb 2023 09:06:19 GMT
expires: Tue, 18 Feb 2025 21:06:19 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6b02d3dbdaa697a7"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg
200 OK 67 kB URL GET HTTP/1.1 images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Hash 81eb51e7c3a0df2a962b5b00d61669ff
42c531b818a0bc7e01c602c8668f21065d8cd67d
9ee994cfc66772056b1ae42f4012412d4a9f49fc8250c2c22153e54caed7b965
GET /ii/1692466089/24d36bc8/38995517.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: image/jpeg
Content-Length: 66636
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 19 Aug 2023 17:28:09 GMT
ETag: "64e0fba9-1044c"
Expires: Wed, 20 Dec 2023 03:52:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
majordistinguishedguide.com/pixel/purst?dl=0&th=0&sc=0&rs=3262&rd=3262&fd=568&bv=23.11.v.1&tmpl=70
200 OK 0 B URL GET HTTP/1.1 majordistinguishedguide.com/pixel/purst?dl=0&th=0&sc=0&rs=3262&rd=3262&fd=568&bv=23.11.v.1&tmpl=70
IP
Certificate IssuerLet's Encrypt
Subjectmajordistinguishedguide.com
Fingerprint6F:10:5E:58:E2:E9:B6:12:9D:50:8E:F2:66:9B:72:CE:5A:61:46:59
ValidityMon, 09 Oct 2023 12:21:15 GMT - Sun, 07 Jan 2024 12:21:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3262&rd=3262&fd=568&bv=23.11.v.1&tmpl=70 HTTP/1.1
Host: majordistinguishedguide.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 20 Nov 2023 03:52:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL GET HTTP/2 banquetunarmedgrater.com/advertisers.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 03:52:40 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: bb58df49762152465880856b295e6e9d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 20 Nov 2023 03:52:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2qmwns%2B9mc5NbhngN90FIPu5U0JjXpmH85JuiWJ%2BaGyHYsLRhJWoVamxnmWyhhltRWm59YkBt9bbsCpLboqamV%2BqDBrNg3aMHCCPAXRHpFGYv7pg2G8pxARZipqiY0zo2aRpgMAQyppSXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdd1cff456b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=b59e609b040f4d41ae6124e793d96bc2
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=b59e609b040f4d41ae6124e793d96bc2
IP
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT
File type JSON data\012- , ASCII text
Hash 7afe2e3feb96f7cadd52a3f07b08faf2
2700666b321f8fdf63d6552ae120878f646d149f
9355bf89cd953e65e99cdd40afd0b2fe8e393b9ecc868b3098b8dd3d1de9ca69
GET /gid.js?userId=b59e609b040f4d41ae6124e793d96bc2 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nsw2u.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b59e609b040f4d41ae6124e793d96bc2; expires=Tue, 19 Nov 2024 03:52:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
200 OK 25 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type JPEG image data, baseline, precision 8, 320x50, components 3\012- data
Hash d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 03:52:40 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Wed, 22 Nov 2023 03:52:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
200 OK 701 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (727), with no line terminators
Hash e8b1dbb3b1a9bc1b59010bd6f7035465
c9d0ec84d9184c72ea6335c67193d25a90e003af
18c991e1cdc15a5c427215cf20569d60a7aa9bc32f1f7a2382640782a6e5bfe7
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Tue, 14 Nov 2023 03:58:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIH5MSlQBxttb%2BigYF1iJG4dce1VeNSbkM2Qsf2PNilF%2FpOe3Br9ziMogJGTL6v0pDhREZLebeKFWyg9FFyVEV8eJxCxZm%2FCQ%2FX32tMyDv%2BmIYEUHsqJMWPDBcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc1aa35b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg?resize=200%2C200&ssl=1
200 OK 9.6 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg?resize=200%2C200&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6bb6b1c02ea1cb9a4a4c74619c128eb0
336be32487f51e2561d2a3e14fc0accaac2e7ad8
dfc2f048571b25e928ad2967410a951bac6c9c5df466f1800ea4db005e36442e
GET /images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 9636
last-modified: Sun, 12 Nov 2023 14:43:48 GMT
expires: Wed, 12 Nov 2025 02:43:48 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c9cf56e5874d4c26"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206
200 OK 1.4 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (1413), with no line terminators
Hash fb7fedcbc4898509446641bf9fd08189
374a4aa4443cc7d7fe9cdc45c1c7d723cd259f64
61ee64c9534a923b25e7faa8542df84482423ee82601c3c6fca192063f975e47
GET /wp-content/themes/posterpro/js/navigation.js?ver=20120206 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=2279
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1FCznl6rNb1Q4nPpeXt9Rooy%2BV6JRJaCtCtoFflKRce9HbxoRJ3CgbGRzGd7f%2BpDmv8ReLVj8hWnEyVIX8IhjJiwR%2BFM6rIz6HqfdTY%2FdP6pYvLyJ1JuvK%2FQtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc1aa33b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
stats.wp.com/w.js?ver=202346
200 OK 11 kB URL GET HTTP/2 stats.wp.com/w.js?ver=202346
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11119), with no line terminators
Hash 1ac0848d5bceb8555feaf98f8fb860cb
117dcc305a16fbf0f0ef2d173c3c52adfa816047
585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28
GET /w.js?ver=202346 HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/11154-1698845932750.503
content-encoding: br
expires: Mon, 11 Nov 2024 18:17:48 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-262573192-2
200 OK 190 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-262573192-2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Size 190 kB (190055 bytes)
Hash e8fd042b01c6e6f8c4ce7b44e7a01ed0
ef3a6785bbb8974837fbe1eab310278f1d152349
8177c226b377573e3428e301eed8dd3a60c33d248e926907e2add3b599b7d25c
GET /gtag/js?id=UA-262573192-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Nov 2023 03:52:37 GMT
expires: Mon, 20 Nov 2023 03:52:37 GMT
cache-control: private, max-age=900
last-modified: Mon, 20 Nov 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
200 OK 30 kB URL GET HTTP/1.1 definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
IP
Certificate IssuerLet's Encrypt
Subjectdefinedbootnervous.com
FingerprintBE:D4:61:7E:D3:F5:58:74:B4:39:61:F1:4C:BE:1B:44:00:B3:30:87
ValiditySat, 18 Nov 2023 06:38:59 GMT - Fri, 16 Feb 2024 06:38:58 GMT
File type exported SGML document, ASCII text, with very long lines (29691), with no line terminators
Hash 94ca3509f0dafda208f0c32fabddd634
aa87be1fb97c5b0f528888b547160dea843db07b
b2ec14a672e4cb55c9dcb63549cf7d774630105cd9e2c1bb497ec6539e074b41
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /a45922fa4966955cecdffbdde5347ae5/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 20 Nov 2023 03:52:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e21c156081d25859f1d7ec08464bd8a2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery.min.js
200 OK 88 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery.min.js
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /c/6.4.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:37 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/6zu0bqmr/5qz0r.js
200 OK 2.7 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/6zu0bqmr/5qz0r.js
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2883), with no line terminators
Hash 192dc990f772721ea75e1c0ccc9032a4
60e0e0bef73be3f726656e21c7f2d32e7f921b12
fb624dd9bcadd9025b413f814918ec1a9146e7c7c257b2209bda3a709e8cc1d7
GET /wp-content/cache/wpfc-minified/6zu0bqmr/5qz0r.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=2817
expires: max-age=A10368000, public
last-modified: Tue, 29 Aug 2023 11:06:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7KgDbeX3fqGBr5iCMtQC8A0SGnrXyGzw8lXqIBEd0DNORruOVL8OVs9YMNMph0ew%2BcWjv6mbO1%2BKXR2uEu5xmMdDjY8vania4Yx34NkO6qamxa%2BDbvTDnE2Pn0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc1ca3ab4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
c0.wp.com/c/6.4.1/wp-includes/js/dist/i18n.min.js
200 OK 9.4 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/i18n.min.js
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (9729), with no line terminators
Hash 3597d2da73a2e3de74981fcc5ecbfce4
94f7e899ca4635c129e8285579b3f0e38cf19730
080a50955b97dc50d39c296cc22e8d02f07a3cfcc58d3127d93466e281514637
GET /c/6.4.1/wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:37 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
200 OK 6.6 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (6799), with no line terminators
Hash ccaa7ba23a1f74bc12d091b65b515c4f
26b795b942f321ee8237178a1fcc16f1cee5a99e
daceae61a869247d42436998814874e2698dc5f4789c65cd9bad98da52276db1
GET /c/6.4.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:37 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/font-woff2
content-length: 77160
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
cf-cache-status: HIT
age: 29995
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4OjpFgwnkfb96I1wS23UpBFxOUo7rHFbvS0tCT7P3g6UOyA8lB0K4cFAR%2BCYVO4bn63IXbbFl%2FTbucNpHpDXpCE5Bcf05ZXaETMd4FaqGM%2FaUdRDHmeVa3ZVl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdc1da3eb4ff-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1
200 OK 7.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1f2664d6059193e6c1a59ee7ef14d1a0
46542860abd849426ea23d66c601ff0888d735db
f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621
GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: image/webp
content-length: 7712
last-modified: Sat, 11 Jun 2022 22:08:00 GMT
expires: Tue, 11 Jun 2024 10:08:00 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "416c01d7e07bbbbf"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.7441030576480661
200 OK 50 B URL GET HTTP/2 pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.7441030576480661
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.7441030576480661 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.4.1/wp-includes/js/dist/hooks.min.js
200 OK 4.6 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/hooks.min.js
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (4704), with no line terminators
Hash 414c8462f6209b4905f767c8ba5c787d
a80b8b79908e6cdf11648f810e707a75c859cda3
007c3734a3f7737d74061ab5b96905dcb14ba1f88e7a6df55364b9d9573e3ce1
GET /c/6.4.1/wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:37 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c
200 OK 229 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Size 229 kB (228864 bytes)
Hash b575a23667eb758c95c48c0c564d0846
51f8a0a7af4851e3598eba8dd73a957e8bc3eb9d
f285dcdf6f0f475e8d89ade75fd3a391e08bff232155345f124b787bc8adfe1e
GET /gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Nov 2023 03:52:38 GMT
expires: Mon, 20 Nov 2023 03:52:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1
200 OK 2.6 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 513677192f138c2aba3a3847c320f723
7ce5b67d80a2c2dedf8685b08547bcc8bf012f99
d60495bc835271423ec6445708aceb3a068ed6f2ebfd796a86c9f9e134ca1788
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: image/webp
content-length: 2568
last-modified: Sat, 24 Sep 2022 18:28:57 GMT
expires: Tue, 24 Sep 2024 06:28:57 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "deb437b05941c6de"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 80aba86be10295d7102960ea4c44543d
77a051d7ee4bb12f53b03a9c875b2401c183bc93
3aac102ddcf3cf3f66c316a2ca2d970467a2a36c460b188627b52726ade3b3ec
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nsw2u.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=0277983f-199f-4d79-9fb3-826bbf035ab2:1:1; expires=Thu, 17 Nov 2033 03:52:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.8.1/css/jetpack.css
200 OK 101 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.8.1/css/jetpack.css
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Size 101 kB (100696 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/jetpack/12.8.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 13 Nov 2023 18:14:20 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:36 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.32
200 OK 110 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.32
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash 70cd599fb1a952f67216cc82829f9ada
74cfae7f053f69abf2dce9cb74c962a83b8ba8bf
1fa8347df53b4287898f910b10e189b287e5610aa9d6cd322fb53d487b37a56d
GET /wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.32 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=112
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:20 GMT
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHhPcA0bbfKsNjtow9xoBt1UojYnps75bqd%2FkeEW8PEXxwfl4qlGhCU5TGVDDXB0N2f2Yd3kjUFg68JIY3HJwYMlpvg5wJpqFeJNKl3fLTFxrl0lDfBY4K0hACE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdc17a22b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
c0.wp.com/c/6.4.1/wp-includes/js/dist/url.min.js
200 OK 9.6 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/url.min.js
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (11016), with no line terminators
Hash 1182019e3541cbb1ae0c57a02c77e3c2
03fce017e1ba2a5c745e57ab4a021af36c68a60a
93e8a741e2ef129ebe45332d38120ba5d425d50386c9c5e6df73e60d768756db
GET /c/6.4.1/wp-includes/js/dist/url.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:37 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=51faa0beb0a072f9ab2c
200 OK 37 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=51faa0beb0a072f9ab2c
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=51faa0beb0a072f9ab2c HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0; _ga_V5K7GYT3S4=GS1.1.1700452360.1.0.1700452360.0.0.0; _ga=GA1.1.467205635.1700452360; _ga_HS5Y0K7QPG=GS1.1.1700452360.1.0.1700452360.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: text/css
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=36682
expires: max-age=A10368000, public
last-modified: Tue, 14 Nov 2023 03:58:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 30000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2Bkd5oOZdFovW0UeBSvY%2BNTYi%2Br8MUy8o1CWbtUTylFg3zp3u7wgOh5t109AWcu51rlL2A2p8XySP8ge0ncsfcw%2FxbOtn1ZJW2x2mFPE2oLHXImgLfQDnLfdxNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdce2d07b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1694719019/48f3ed4a/39011098.jpg?resize=200%2C200&ssl=1
200 OK 6.6 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1694719019/48f3ed4a/39011098.jpg?resize=200%2C200&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 725cc039f8a245a2e06babebe0fdbe86
05dacfc5c8d71269e6ad9732cd4319fbcb5ae224
05bd41b9379bc1f8cccf5b711d732eca5ec971e5eaf45659a7e4532c643d0080
GET /images.vfl.ru/ii/1694719019/48f3ed4a/39011098.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 6640
last-modified: Sat, 18 Nov 2023 22:23:06 GMT
expires: Tue, 18 Nov 2025 10:23:06 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1694719019/48f3ed4a/39011098.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8917261fa519867c"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
atservineor.com/?rb=X0-dxkHWFSyJQ3yOvfSjN1lbClNHiROy9fEoMCtnFueopnShhACJZxmCCm9onNn4JvVQ_a-JVsUnOntJOO1OkT6i_nAYPD84mxYyrg3JxDJ0fElIeGnG58Y2yAW6F2c_V5wJKvrFgXm98ZAOvSvhOI03WPXnXYDQy_Vqh-Xz95H_JixSQgIavyf29Fx2OVxJjrCnr9UPrmaoAyYR5i3Jfg%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-1.629.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fnsw2u.com%2F&drf=https%3A%2F%2Fnsw2u.com%2F%3F__cf_chl_tk%3DLWFF7cZiLHQN2NqdKMqKuetjV43mkEXT0nWMT6vXtt4-1700452352-0-gaNycGzNCqU&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-1.629.0&bs=b483e199-2487-4c8d-a7f9-b5c476470251&userId=b59e609b040f4d41ae6124e793d96bc2&m=link
200 OK 2.4 kB URL GET HTTP/2 atservineor.com/?rb=X0-dxkHWFSyJQ3yOvfSjN1lbClNHiROy9fEoMCtnFueopnShhACJZxmCCm9onNn4JvVQ_a-JVsUnOntJOO1OkT6i_nAYPD84mxYyrg3JxDJ0fElIeGnG58Y2yAW6F2c_V5wJKvrFgXm98ZAOvSvhOI03WPXnXYDQy_Vqh-Xz95H_JixSQgIavyf29Fx2OVxJjrCnr9UPrmaoAyYR5i3Jfg%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-1.629.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fnsw2u.com%2F&drf=https%3A%2F%2Fnsw2u.com%2F%3F__cf_chl_tk%3DLWFF7cZiLHQN2NqdKMqKuetjV43mkEXT0nWMT6vXtt4-1700452352-0-gaNycGzNCqU&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-1.629.0&bs=b483e199-2487-4c8d-a7f9-b5c476470251&userId=b59e609b040f4d41ae6124e793d96bc2&m=link
IP
Certificate IssuerLet's Encrypt
Subjectatservineor.com
Fingerprint7F:A6:D8:C6:07:B2:43:13:77:39:5A:91:57:E3:4C:1C:7A:E3:EF:51
ValidityWed, 11 Oct 2023 05:20:30 GMT - Tue, 09 Jan 2024 05:20:29 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2390), with no line terminators
Hash 89f14507ffb599adc7b01cd9726fb67a
1dfb11f63765ca6a6ed355f68e452f61a3b2c192
e0ec066b2a08833efc9bdb95fdeef93194c0d705c68382e0fba8a2caa930a623
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?rb=X0-dxkHWFSyJQ3yOvfSjN1lbClNHiROy9fEoMCtnFueopnShhACJZxmCCm9onNn4JvVQ_a-JVsUnOntJOO1OkT6i_nAYPD84mxYyrg3JxDJ0fElIeGnG58Y2yAW6F2c_V5wJKvrFgXm98ZAOvSvhOI03WPXnXYDQy_Vqh-Xz95H_JixSQgIavyf29Fx2OVxJjrCnr9UPrmaoAyYR5i3Jfg%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-1.629.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fnsw2u.com%2F&drf=https%3A%2F%2Fnsw2u.com%2F%3F__cf_chl_tk%3DLWFF7cZiLHQN2NqdKMqKuetjV43mkEXT0nWMT6vXtt4-1700452352-0-gaNycGzNCqU&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-1.629.0&bs=b483e199-2487-4c8d-a7f9-b5c476470251&userId=b59e609b040f4d41ae6124e793d96bc2&m=link HTTP/1.1
Host: atservineor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Cookie: OAID=b59e609b040f4d41ae6124e793d96bc2; oaidts=1700452359
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:40 GMT
content-type: application/json
x-trace-id: 91da6eb775e70b328aa40f2accb397d8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b59e609b040f4d41ae6124e793d96bc2; expires=Tue, 19 Nov 2024 03:52:40 GMT; path=/; secure; SameSite=None
oaidts=1700452360; expires=Tue, 19 Nov 2024 03:52:40 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 27 Nov 2023 03:52:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js
200 OK 8.2 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (8365), with no line terminators
Hash 08e6714eaf3cfe8f3c7839f22d90ba4e
94fdad68854d0d3482b877aef7ba7c2eb265c621
e424039d5a737a1bda8a5ded60919e5067085729310762eebb09c20e07d249c8
GET /c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:37 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 12 kB URL GET HTTP/3 nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
etag: W/"65568fe4-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUsfIUEbURwHH4zw%2BZzQhUS%2FJyYFAITScnNngHobZtV5en%2BAZaaLHSvrK1vqI4Vssz%2F6LU98h8l3VvqiXKfvp2ARRnos9lVhvGUqE5WSiPbWEo6QF7yTg%2FCtcXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdbdf934b4ff-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 22 Nov 2023 03:52:36 GMT
cache-control: max-age=172800, public
content-encoding: gzip
www.googletagmanager.com/gtag/js?id=GT-WBTNX6Q&l=dataLayer&cx=c
200 OK 214 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=GT-WBTNX6Q&l=dataLayer&cx=c
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Size 214 kB (214395 bytes)
Hash 308aa81164d211f016558f34bfc948e0
d2ac649bdf7a8684df3fbf4313365dcdb5ced740
37d033a85a37370770030b5083abbe1047f3368091f5cca3afd6ed0ce7932aa2
GET /gtag/js?id=GT-WBTNX6Q&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Nov 2023 03:52:38 GMT
expires: Mon, 20 Nov 2023 03:52:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77043
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 14 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery-migrate.min.js
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (13479)
Hash 9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /c/6.4.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
content-encoding: br
expires: Tue, 19 Nov 2024 03:52:37 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1694960270/cf20ce03/39012107.jpg?resize=200%2C200&ssl=1
200 OK 13 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1694960270/cf20ce03/39012107.jpg?resize=200%2C200&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f3ddef1682830f6083fcd050f26403dc
20143a30d87fed79c7da2fcdf9e2378b1c014edc
eb3c4d0a100647f4135d320c00617a60778fa46840330277030397a4cde94e19
GET /images.vfl.ru/ii/1694960270/cf20ce03/39012107.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 12872
last-modified: Thu, 16 Nov 2023 08:44:55 GMT
expires: Sat, 15 Nov 2025 20:44:55 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1694960270/cf20ce03/39012107.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "39b2359a0e22750f"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1
200 OK 2.6 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (2617), with no line terminators
Hash f1dbbc04fc7cc3564cebdb3c8a06ab4a
b4521e6e27f0ea529fc896c2a5625b383c47cc4f
95197305d43fcb59a122f0784d8e33768e59552b3db38edc4ea0f7e796c9bcd1
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=3949
expires: max-age=A10368000, public
last-modified: Fri, 20 Oct 2023 08:20:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoJvg784wpHr%2FKjxX%2FTS8gh8KTBYlWx%2Bu316O1MD0rMgll19eZtqfOstVHdklLU5U1Toq2Gs7MIY99%2B3hgmx%2BT%2F1jxE5sEmAX0yXVt2xTpWHMdHsHZ0q47DHu2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc18a25b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.4
200 OK 4.6 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.4
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (4844), with no line terminators
Hash 0c25d30efd4aa460ab9922a3bcfb8c42
6522ee0dc866d20cd8d11109932d9d80a48a3db7
36de60ec7c408ce665901d0e775647c744c39969c0bada78d156819eeeedf103
GET /wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.4 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 08:22:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTXVIIYsQyuvtvYSbONRT2yo24o38LuDcIbz4%2F3vThpJdVFzF7Vmod7zARjWeOo7m5u9WdcMuOfBeO3x3YWIgVTADkh%2FLrVxVV0pMYC%2BqCIZHvGWOTEJ3hTbx24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc19a2ab4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1
200 OK 44 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75c6cf85f705a0e0864e59824ab2c735
cab75b114fd4bfefe79a88008824f651801bd557
8e2a80cbd5c939e48360b46716bf1cd7598ad513f525a34ae9b2a3f549c0d18e
GET /images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:36 GMT
content-type: image/webp
content-length: 44016
last-modified: Mon, 02 Oct 2023 12:52:59 GMT
expires: Thu, 02 Oct 2025 00:52:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "88dd70ee97fb240b"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 154 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3968)
Size 154 kB (153664 bytes)
Hash 71a5042bf7a89208144c85a0bd4c6e9b
10898aa184146de3060aad32b28125b404a3c104
0af969d7d9eceb46cb45c004ed963e871659cd8a5f8f60f1ddf472037832db9b
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Mon, 20 Nov 2023 03:52:39 GMT
expires: Mon, 20 Nov 2023 03:52:39 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14453209721151079651
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
januarydeliverywarfare.com/watch.389024093762.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=0277983f-199f-4d79-9fb3-826bbf035ab2%3A1%3A1&shu=2bc09b859b37720c2303234e1ce4d0358c5e5a2fc029429faa6fa212d4ebb6a3da9ca30843fa46091e6039ec468124ea2740015ce5408ccb9765525b540bb0525a474a97d35638edd9e640459428acafdc11889f8e2f0995876d9f80a08e&pst=1700452419&rmtc=t
200 OK 3.5 kB URL GET HTTP/1.1 januarydeliverywarfare.com/watch.389024093762.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=0277983f-199f-4d79-9fb3-826bbf035ab2%3A1%3A1&shu=2bc09b859b37720c2303234e1ce4d0358c5e5a2fc029429faa6fa212d4ebb6a3da9ca30843fa46091e6039ec468124ea2740015ce5408ccb9765525b540bb0525a474a97d35638edd9e640459428acafdc11889f8e2f0995876d9f80a08e&pst=1700452419&rmtc=t
IP
Certificate IssuerLet's Encrypt
Subjectjanuarydeliverywarfare.com
Fingerprint59:4C:33:F5:8F:85:E1:32:64:18:C5:69:D5:75:74:19:8C:59:31:CB
ValidityMon, 09 Oct 2023 12:27:34 GMT - Sun, 07 Jan 2024 12:27:33 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (3533), with no line terminators
Hash 65d2a05093b49b410783df1e9ff97546
f392d62052149b60cb09b7791d4021f4e9d26681
9727e4737b817051f6c860571e9f7eec3da696f6c524c490bf1260714f34f9b1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.389024093762.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=0277983f-199f-4d79-9fb3-826bbf035ab2%3A1%3A1&shu=2bc09b859b37720c2303234e1ce4d0358c5e5a2fc029429faa6fa212d4ebb6a3da9ca30843fa46091e6039ec468124ea2740015ce5408ccb9765525b540bb0525a474a97d35638edd9e640459428acafdc11889f8e2f0995876d9f80a08e&pst=1700452419&rmtc=t HTTP/1.1
Host: januarydeliverywarfare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19067264; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjgiOiJlZDZjYTVlYjhhYmM5YTg2NGZmYTM5MTE1Nzk5YjY0MSIsIjI5IjoiM2EyMjZhNjY0MGE2NDQ2ZGJjN2NkYzk2ZWNjNmIzZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vIn19.whvp_sQpIdUSm4SK7_ZQxkz-uJBivC_dFSr-vXd5VZ4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0277983f-199f-4d79-9fb3-826bbf035ab2:1:1; expires=Mon, 27 Nov 2023 03:52:39 GMT; secure; SameSite=None
iprc02ba0cb87662b8019e9bbf02e27b4419=3570421; expires=Mon, 20 Nov 2023 07:52:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 21 Nov 2023 03:52:39 GMT; secure; SameSite=None
uncs=1; expires=Tue, 21 Nov 2023 03:52:39 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 21 Nov 2023 03:52:39 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 21 Nov 2023 03:52:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e02a20ad7162f2baf0c805230aa6510d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
stats.wp.com/e-202346.js
200 OK 6.9 kB IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (7100), with no line terminators
Hash 530c085c7457919e6f6a76c67b3419ad
4c4929f20e73b6f41fe3474669bfea17b36fe49d
5db8b724469197930b66337c5a9ff7301c4ad5a52e7fc3134b4a568f45199aed
GET /e-202346.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/13576-1684460848292.3706
content-encoding: br
expires: Mon, 11 Nov 2024 16:22:44 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
atservineor.com/5/3812660/?oo=1&aab=1
200 OK 2.8 kB URL GET HTTP/2 atservineor.com/5/3812660/?oo=1&aab=1
IP
Certificate IssuerLet's Encrypt
Subjectatservineor.com
Fingerprint7F:A6:D8:C6:07:B2:43:13:77:39:5A:91:57:E3:4C:1C:7A:E3:EF:51
ValidityWed, 11 Oct 2023 05:20:30 GMT - Tue, 09 Jan 2024 05:20:29 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2995), with no line terminators
Hash e4d6b575f6f83a9fd101e539b9d9eb40
f33272075be6bb9ffd3ad9f16a853ed5a6abcc96
38bd5e939c6e21168351ccc19cb25c17a9bfcf57bb178e858281cab85f0c1622
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /5/3812660/?oo=1&aab=1 HTTP/1.1
Host: atservineor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: application/json
x-trace-id: 51adc111b49ebce3341f825247917ce0
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=b59e609b040f4d41ae6124e793d96bc2; expires=Tue, 19 Nov 2024 03:52:39 GMT; path=/; secure; SameSite=None
oaidts=1700452359; expires=Tue, 19 Nov 2024 03:52:39 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f
200 OK 77 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0; _ga_V5K7GYT3S4=GS1.1.1700452360.1.0.1700452360.0.0.0; _ga=GA1.1.467205635.1700452360; _ga_HS5Y0K7QPG=GS1.1.1700452360.1.0.1700452360.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=77230
expires: max-age=A10368000, public
last-modified: Tue, 14 Nov 2023 03:58:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 30000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug1G%2BLJUQYlRyLDs3%2FPPY8uUAid2a%2FFaFSaZY9sO%2BS2ZmTceU2uSkiWuLfTPAuUFvBHjXlzAvo%2FMgLcvg%2B7Kj968zVlYljI646nfn0yZ1kDktz1I30H8FPsoeCg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdce1d06b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js
200 OK 124 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (32024)
Size 124 kB (123510 bytes)
Hash 7ed39eb42c8c450b59a24bab9cfa7fae
7fdd3fee90709f703fac533b6061864fcd7ec206
35ddb1ce73a4ac4f4792b00c8b8c56cbf857910ada5e2a0183d898b01adc16bb
GET /wp-content/themes/posterpro/foundation/js/foundation.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:37 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 29998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzjZE2hvpVNpxlxJPyTmsIX0Im4%2B3INkuIFdi%2FZ6bGM%2BCHKX5z5a%2B2QI49v7bh7pan3JCHmymjlB3U9V73TUYfkc3lez2gbuVMb4rNpz6SCQRcGAF%2FHy4iZAM3Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdc1aa2eb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=cd1953e27d96b3ba0ce2
200 OK 78 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=cd1953e27d96b3ba0ce2
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=cd1953e27d96b3ba0ce2 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: cf_clearance=sHOHcrjk3MFeORgo9hMLV_7WLQwFlpbOfl409b4BEy8-1700452352-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0; _ga_V5K7GYT3S4=GS1.1.1700452360.1.0.1700452360.0.0.0; _ga=GA1.1.467205635.1700452360; _ga_HS5Y0K7QPG=GS1.1.1700452360.1.0.1700452360.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=78804
expires: max-age=A10368000, public
last-modified: Tue, 14 Nov 2023 03:58:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 30000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3B9JoFlE65RVVyuHoGIbTnjyV01zCckhvZZ4ucdbWK39QpFvUn7TPOdL2pEWEVMhtQOOwK2iEj3prMzKLFAQOpveg3Efx9amjwAHQpgiMRdFQfNBqiwvWl0WH0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 828dbdce2d09b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
januarydeliverywarfare.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js
200 OK 59 kB URL GET HTTP/1.1 januarydeliverywarfare.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js
IP
Certificate IssuerLet's Encrypt
Subjectjanuarydeliverywarfare.com
Fingerprint59:4C:33:F5:8F:85:E1:32:64:18:C5:69:D5:75:74:19:8C:59:31:CB
ValidityMon, 09 Oct 2023 12:27:34 GMT - Sun, 07 Jan 2024 12:27:33 GMT
File type ASCII text, with very long lines (59066), with no line terminators
Hash 0519bd76c155abc55b1fb0871d171cbf
23997370a39af174f9dd06c5b0a9281f201b565c
57f5f414257f675a93de9506ca4e098daeecd3ba1118abd9847dda545d5849d2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js HTTP/1.1
Host: januarydeliverywarfare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 20 Nov 2023 03:52:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f20a7a180598228f4286bf6f3cb4d0fe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 067e0edb5131054d88888bde080d6e97
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 20 Nov 2023 03:52:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SPpj3jarSMftdgBVtVjCEe8Jc5JFn7zXJde5f7Q5H1SNjNS9fBh3cagxE%2Bs%2FnEgxpUBMyKSsVntFU3SqfCZ78ShMrm2yqMSH7LjivZ0WCvAPgSZVm%2BOLjqrmkrjaLqjy63HNrc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 828dbdd0fe2060db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1699089846/04828902/39051605.jpg?resize=200%2C200&ssl=1
200 OK 3.9 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1699089846/04828902/39051605.jpg?resize=200%2C200&ssl=1
IP
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 31706d2479959c21fde3a26c06a18b13
b66c5c791d21122c2f9ea2e0fef9397694339981
c6d62e430663d3b018737b0b3ce6776ed43049f1ecef2bd3a6c41dd839a43526
GET /images.vfl.ru/ii/1699089846/04828902/39051605.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 03:52:39 GMT
content-type: image/webp
content-length: 3902
last-modified: Sun, 12 Nov 2023 13:53:21 GMT
expires: Wed, 12 Nov 2025 01:53:21 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1699089846/04828902/39051605.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5fafced9f230c9fe"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
188.114.96.1
104.17.3.184
192.0.77.37
212.47.236.38
52.59.122.145
139.45.195.8
0.0.0.0