Report - nsw2u.com

Report Overview

Visited public
2023-10-24 02:13:20
Tags
URL
nsw2u.com
Finishing URL
nsw2u.com/
IP / ASN
172.67.150.79
#13335 CLOUDFLARENET
Title
nsw2u.com | Download Switch Roms eShop NSP XCI NSZ

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google-analytics.com	40	2005-07-18	2012-10-03 03:04:21	2023-10-23 13:17:47	408 B	22 kB	142.250.74.78
c0.wp.com	6988	1997-03-28	2018-09-24 17:59:05	2023-10-23 18:24:21	5.3 kB	454 kB	192.0.77.37
mimicdisperse.com	unknown	2023-10-10	2023-10-10 15:41:52	2023-10-23 21:01:53	3.0 kB	29 kB	192.243.59.20
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-23 18:12:02	1.3 kB	2.8 kB	142.250.74.131
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2023-10-24 02:18:31	447 B	52 kB	142.250.74.130
images.vfl.ru	275945	2001-02-13	2012-10-04 04:24:47	2023-10-21 14:33:16	4.9 kB	653 kB	212.47.236.38
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-10-23 10:47:02	395 B	28 kB	172.64.162.2
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-10-23 05:26:05	443 B	25 kB	45.133.44.9
thaudray.com	44646	2021-04-01	2021-04-01 19:13:08	2023-10-22 08:40:35	1.9 kB	89 kB	139.45.197.237
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-10-23 05:03:43	455 B	740 B	139.45.195.8
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-10-23 19:06:24	1.4 kB	8.0 kB	104.17.24.14
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-10-24 01:22:57	1.3 kB	511 kB	142.250.74.168
definedbootnervous.com	unknown	2023-05-22	2023-05-22 04:09:17	2023-10-21 14:23:44	435 B	12 kB	173.233.137.52
pixel.wp.com	2545	1997-03-28	2017-01-30 06:31:40	2023-10-23 18:22:31	496 B	239 B	192.0.76.3
professionalswebcheck.com	unknown	2022-04-01	2022-04-02 00:47:29	2023-10-23 05:15:34	424 B	416 B	35.157.63.144
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-10-23 12:08:26	409 B	845 B	172.67.196.166
stats.wp.com	2711	1997-03-28	2017-01-30 06:06:59	2023-10-23 18:22:30	400 B	11 kB	192.0.76.3
nsw2u.com	unknown	2020-12-05	2020-12-20 03:30:48	2023-10-21 09:03:05	14 kB	1.2 MB	172.67.150.79
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-10-24 02:15:27	340 B	941 B	143.204.53.97
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-24 02:02:39	459 B	58 kB	142.250.74.106
incurableyankmarshal.com	unknown	2023-10-17	2023-10-17 15:48:45	2023-10-17 15:48:45	486 B	467 B	192.243.59.13
i0.wp.com	3021	1997-03-28	2013-09-17 08:14:42	2023-10-23 19:37:36	5.8 kB	189 kB	192.0.77.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-24	medium	definedbootnervous.com	Sinkholed
2023-10-24	medium	mimicdisperse.com	Sinkholed
2023-10-23	medium	incurableyankmarshal.com	Sinkholed
2023-10-24	medium	mimicdisperse.com	Sinkholed
2023-10-24	medium	mimicdisperse.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (64)

	URL	From	Size	First Seen	Last Seen
	definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js	ScriptElement	30 kB	2023-10-24	2023-10-24
Pretty URL definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 04:13 Last Seen2023-10-24 04:13 Times Seen1 Hash ceff659dc75fc271093fb8d30a13036f 32dc8ea01d8bb0c043c1f41062fa71b067dd2bf6 82a61524d6d479da2b12ca1edc7b457c35ed8fb1092951fcb9f8df8e4d586e71 Loading...

	unknown	ScriptElement	59 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash f27e97f037634b8c80562a9d92371302 7ed5f009a89b84c5fec33d9405708a9c1977c350 5962c5e864dc6e8ea06d242f969383144dae83c42329de1a22166584fa87b5ee Loading...

	unknown	ScriptElement	53 B	2023-03-12	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:01 Last Seen2024-08-21 08:54 Times Seen22 Hash d3ead7e34b8fbb76cb63a9a39943859e 63fd3f10bd402ea5cc976e7bb1a45094edc3c9b7 9e66e7b215400aaa09d635b39effef5986bfb2e86a789c6fd4b8b36ffa52ba09 Loading...

	nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1	ScriptElement	8.0 kB	2023-03-29	2024-08-21
Pretty URL nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:25 Last Seen2024-08-21 08:58 Times Seen45 Hash e65cb4d4cd399c1b09798edfcea1b41e 49a2a4a502ac7e2c15727c3b7fd6e3d9d5960ff2 d2e0e4ea817ec2075d8ad25c70e9c8e124df393088286cfe1e75dd56069abc2b Loading...

	unknown	ScriptElement	244 B	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash e2fa1bab5b69fe10d1dde31f43751835 ba6865727bfb912cdf48c1f54acbd1e3efdd60a9 0460def8632475e25fc1a46390b7442605bae477974c95e2794d117cf5498a27 Loading...

	unknown	ScriptElement	83 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash f05ec8759170fa1768676a3014b5702f 81350f532928c8aa7e1766ebd1e712ccdbcf8ae9 8668372cb219c090f6985372fd608756b5dcc4dbeeede9242b4396aff93015c6 Loading...

	unknown	ScriptElement	3.4 kB	2023-08-13	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-13 04:23 Last Seen2024-08-21 08:54 Times Seen12 Hash 56707025a82573f275588f90b350d3ad f13b7c18e940908856144a8a4783f01984c5c4a7 163e5c7829763a6443786bf0b88bdf7756c6500d6394ecd344a02dd9ba947d27 Loading...

	nsw2u.com/wp-content/cache/wpfc-minified/6zu0bqmr/5qz0r.js	ScriptElement	2.8 kB	2023-06-26	2024-08-21
Pretty URL nsw2u.com/wp-content/cache/wpfc-minified/6zu0bqmr/5qz0r.js IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 20:11 Last Seen2024-08-21 05:56 Times Seen8 Hash 351390b839bf683126e78afb44004636 5631ca683d75c60eb3dba2bed734716accbe5426 f9a6294ee0f29b05710d50c6f338bbf5465c1aa22a5d0a7a73e99bbe0845d4b0 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 09:38 Times Seen340606 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js	ScriptElement	14 kB	2023-03-08	2025-05-06
Pretty URL nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:39 Last Seen2025-05-06 00:28 Times Seen45 Hash 0e78b1db7d662e95ae8c3506146b080a 9f1675c87a306e4dd45f84d0b7ac484ae506245e 6e79424f448b401656e2384514c9332a4baa6ab4d458ba048655e01f4b1c60f2 Loading...

	cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.3.2	ScriptElement	7.9 kB	2023-03-07	2025-05-09
Pretty URL cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.3.2 IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-09 08:24 Times Seen5253 Hash 45bacd312d5098b4b59f563d8756c15d fa55e2cff078381e5365d95782a95a787d0b7192 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b Loading...

	unknown	ScriptElement	134 B	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash 7d67ecd1c9164f512dd9a316fee85136 4f38dffd62e55c7748f8db75090410153e25802e 078d40931eeac22c64d5f696148ebf902db864de08165a15ab3485a1bea7a772 Loading...

	nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.31	ScriptElement	110 B	2023-03-08	2024-10-12
Pretty URL nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.31 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:02 Last Seen2024-10-12 13:50 Times Seen32 Hash b7d8aab20ec0137a23e4ff03411bd06c bd7e901bbf5968d13abb3dee762244715541bdfe 651cbb53c3e67a452582c597784a988f2ad5db132c709c279a23ad74b9917448 Loading...

	nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f	ScriptElement	77 kB	2023-09-22	2024-08-21
Pretty URL nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-22 00:36 Last Seen2024-08-21 06:08 Times Seen48 Hash 3c7e73dd02f57abb6fec8fadea6e35b0 dfec9a1a86ae00e26c0067bd8c8b7ea4860239c8 d4e76d642b11df90fe1e33c420b70c975a23eebc7aea1416a272439ea9903019 Loading...

	nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-09
Pretty URL nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:20 Times Seen31212 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js	ScriptElement	8.2 kB	2023-03-13	2025-05-09
Pretty URL c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:32 Last Seen2025-05-09 08:19 Times Seen29734 Hash dda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4 Loading...

	unknown	ScriptElement	327 B	2023-06-05	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 20:48 Last Seen2024-08-21 08:54 Times Seen22 Hash 0a55a8928cbca5bfac5a66c1723452e6 9f786632275f60fbb585193fa762b0dc5e711a51 7528db72a98a32805f731cc62e8a47bf9218f6e7d02183d9c77e73868e8884a0 Loading...

	nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.2	ScriptElement	68 kB	2023-03-13	2025-05-05
Pretty URL nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.2 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:31 Last Seen2025-05-05 15:56 Times Seen197 Hash 51480f0afb0a30743ae59a3455633c75 2b46f094cb87015fa342da2bf1767413ec5c92b5 108cd01e5eaa34e9942ca8af9f8fe70271d3a3a5028fa085c628c162c3706d2d Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL banquetunarmedgrater.com/advertisers.js IP 172.67.196.166 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 09:43 Times Seen4635142 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js	ScriptElement	14 kB	2023-05-09	2025-05-09
Pretty URL c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-09 09:38 Times Seen105645 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	unknown	ScriptElement	1.4 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash 72e20b1140650ee059fa8b9c0bc6c949 99c55a68b556f0da8f8ecd3df74d42b09f5b6f28 f44cd855373330ac2dd056ae8dfb3329d40d2d92692bd7b630289dc9fd5a5794 Loading...

	nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.2	ScriptElement	4.6 kB	2023-03-07	2025-04-14
Pretty URL nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.2 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-04-14 01:00 Times Seen304 Hash 3940eede2b6841663dddd9e946dec11e ccb59e18338a06a5f0168be0bd1677710f6d7bd4 b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935 Loading...

	stats.wp.com/w.js?ver=202343	ScriptElement	11 kB	2023-05-15	2024-08-21
Pretty URL stats.wp.com/w.js?ver=202343 IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 15:42 Last Seen2024-08-21 09:42 Times Seen1419 Hash f6c87bc49e7646c7ccda489b9defc829 9003fc52b4c4014b4bd9fe2f4506440b299478b2 e97d12898ebf1039197a2a1c2f87bfe3b56f93eca2bfe60a46a1053fab7ad860 Loading...

	nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=be4054ef01b79af42428	ScriptElement	79 kB	2023-09-22	2023-11-28
Pretty URL nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=be4054ef01b79af42428 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-22 00:36 Last Seen2023-11-28 22:45 Times Seen25 Hash 492b6d5195d2fbd9e612a20a9bd1a009 abd6a079460dc394397df83a9ea641ee03884c58 937ba827d294056f81fcab0e37e5769ca968072be205dcd7125fb61e5a7cdac9 Loading...

	c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery.min.js	ScriptElement	88 kB	2023-06-13	2025-05-07
Pretty URL c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-13 23:41 Last Seen2025-05-07 14:22 Times Seen26125 Hash ff04dd1ef5c67998d8652330c0441689 5e6ff5bd5240181a8bdea983837f39ac231dac4d 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164 Loading...

	c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill.min.js	ScriptElement	16 kB	2023-07-22	2025-05-07
Pretty URL c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-22 18:30 Last Seen2025-05-07 14:22 Times Seen9381 Hash 94dfdbe80f36b3be63ce74ff1135b996 5e05077d99e736af42b2da70e428e7f7df556dd4 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032 Loading...

	cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.3.2	ScriptElement	3.1 kB	2023-03-07	2025-05-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.3.2 IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06 Last Seen2025-05-04 15:48 Times Seen326 Hash 94279a9a0c4060a96efcf1da47716f86 ea88b3fd8b01a8b86edfd0f4120cc9a834893018 d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a Loading...

	unknown	ScriptElement	116 B	2023-03-12	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:01 Last Seen2024-08-21 08:54 Times Seen22 Hash 4733472fadbcf993b031e917e8c1a8bb 25a0a1bbaaefc39004ab2d28cfa0291c2920c8d3 2d901063b6ea17df1dac8e5cdcdecd6359fe0c8613a456bfc1f3b15b03dd5143 Loading...

	unknown	ScriptElement	187 B	2023-10-15	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-15 00:59 Last Seen2024-08-21 04:41 Times Seen10 Hash 91f51021b7facfc276086d27fa65c473 26171fc83df06a093b5760bb0ea2b78f9aacefee e67e7ca5672b9d50d3020a0ea25054f83a552dc00c9377e164bcc9bf34463fdf Loading...

	c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js	ScriptElement	6.6 kB	2023-03-14	2025-05-07
Pretty URL c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:30 Last Seen2025-05-07 14:22 Times Seen12765 Hash 9a4f28a615173df36cb84be2b345816e f709263841708d9e40268f24a0072ff4fe811b35 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6 Loading...

	c0.wp.com/c/6.3.2/wp-includes/js/dist/hooks.min.js	ScriptElement	4.6 kB	2023-08-08	2025-05-09
Pretty URL c0.wp.com/c/6.3.2/wp-includes/js/dist/hooks.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 23:25 Last Seen2025-05-09 05:45 Times Seen14830 Hash 7bd48eb3bd568033e96caf0fb62e6690 b38066999294b99d92d95db5f38bc15707eb1f22 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596 Loading...

	www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c	ScriptElement	228 kB	2023-10-24	2023-10-24
Pretty URL www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 04:13 Last Seen2023-10-24 04:13 Times Seen1 Hash aea24f93e9c536b9010acfa8090e28de 3116875d0d1a2efa5609ff3faecbac558d89db6b d2690449c587bbf07b134eb1422b30e922accbbd883a56b863ec878ade8bb8d2 Loading...

	unknown	EventHandler	90 B	2023-05-25	2025-05-04
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-05-25 07:37 Last Seen2025-05-04 05:46 Times Seen49 Hash 08fde8ea209fc5fc4fdb2a9c614edaf8 7b54ed7f80a3c3187c406e0c3d9ad247516a05fa ec939e7c2a87ddbb495dbe67a38c2291826a37c7c00e03f22ba7fb05d290349a Loading...

	c0.wp.com/c/6.3.2/wp-includes/js/dist/i18n.min.js	ScriptElement	9.4 kB	2023-08-08	2025-05-09
Pretty URL c0.wp.com/c/6.3.2/wp-includes/js/dist/i18n.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 23:25 Last Seen2025-05-09 05:45 Times Seen13722 Hash c2c4e2a562e06e1cb22293a5b920aca6 a7b5a369ac4883f1ee7fa701b238d20238b675ca 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f Loading...

	www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c	ScriptElement	213 kB	2023-10-24	2023-10-24
Pretty URL www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 04:13 Last Seen2023-10-24 04:13 Times Seen1 Hash a916433cea8d7f2eb5010e9607043493 860f51a83b897b5148c7f767d824ba2631c2b932 5cfe36054d4995994b78cae4523b84549e359f8eb23c0cc5ec0e5ef803de2b7a Loading...

	nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115	ScriptElement	880 B	2023-03-07	2025-05-06
Pretty URL nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25 Last Seen2025-05-06 00:28 Times Seen96 Hash 88744222f59f4700c6bc9212e12a653c df0bf43d60bed605eabbcb2776e0fbb46f1d1c05 4b179f8204186f3aa954f47cd81dbe86bf89c08edb8d5341b8e0697d99e35073 Loading...

	unknown	ScriptElement	70 B	2023-03-08	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:05 Last Seen2024-08-21 08:58 Times Seen63 Hash dab1184244d47ac25667c940eff90dfc 6cd473b92e1956bd305f0056a46f18b6a4dfd80f 071ab71aea40b26ed6bb74deeb4fb203bd381f3e418588089f4a46d36b3daa07 Loading...

	nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.31	ScriptElement	22 B	2023-03-08	2024-10-06
Pretty URL nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.31 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:02 Last Seen2024-10-06 09:26 Times Seen26 Hash 41bd53fe0ee631d5cfd895e18a53291d 9d9d3c42c53ad7f906cb083a0d2d37afb4537764 dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40 Loading...

	nsw2u.com/wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js	ScriptElement	6.2 kB	2023-09-23	2024-08-21
Pretty URL nsw2u.com/wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 16:46 Last Seen2024-08-21 05:56 Times Seen8 Hash 38fca9e0ca205130e3dddbdcda3b4a85 2c0ac19235a88fb361aff39bc0922e4b946c2c5e 43c8d614ba6e97fd9ee9dcf0ae49334ed5d601403ffe8551a74e1a9faf70efaa Loading...

	unknown	ScriptElement	447 B	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash 8b6b363099541fe84da2326200b0c51c c74dabbb0dba8119c34521ede580d0d0a388b267 be0beb4b8c249ea9d48a99280a2a8d11fd338ce7a24ce5844dc191a824b2e976 Loading...

	nsw2u.com/sandbox%20eval%20code		128 B	2023-05-06	2025-05-09
Pretty URL nsw2u.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-09 08:24 Times Seen24342 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-08-25	2023-11-23
Pretty URL friendshipmale.com/sfp.js IP 172.64.162.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 12:30 Last Seen2023-11-23 01:47 Times Seen6642 Hash 2d0450888479d4ddda305bd96206b240 5b4595aab1cd3f854718e05db9be0c65a12ab2f6 44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6 Loading...

	nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js	ScriptElement	124 kB	2023-03-07	2025-05-06
Pretty URL nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57 Last Seen2025-05-06 00:28 Times Seen69 Hash 7ed39eb42c8c450b59a24bab9cfa7fae 7fdd3fee90709f703fac533b6061864fcd7ec206 35ddb1ce73a4ac4f4792b00c8b8c56cbf857910ada5e2a0183d898b01adc16bb Loading...

	nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.31	ScriptElement	21 B	2023-08-13	2024-08-21
Pretty URL nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.31 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-13 04:23 Last Seen2024-08-21 08:54 Times Seen24 Hash 169a5dd1261e0d434162d1af68acbbcd c18d59ed069049b012a61a8e6b958bfb25bc1b71 82b3dabc6615507ef352f36aa08a805d409e883f8024fd01fda43175b6b67b38 Loading...

	unknown	ScriptElement	145 B	2023-05-11	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 18:42 Last Seen2024-08-21 08:54 Times Seen22 Hash a23ba5b3c2d71c61ef5b40a4b5d84a17 8732a5e5f3d3bd88ddedb1cd24c2d17363e019d0 c2ec440a15201b83bbb8914f9e52de7f4455e44a992f6ab761b5bd62f3a1045b Loading...

	www.googletagmanager.com/gtag/js?id=UA-262573192-2	ScriptElement	190 kB	2023-10-24	2023-10-24
Pretty URL www.googletagmanager.com/gtag/js?id=UA-262573192-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 04:13 Last Seen2023-10-24 04:13 Times Seen1 Hash bc0d1f4538a5588d43ace44dde5e7c9b 1b3d9e3b4c20329c43c6c3e6b85d5af6dabea4cb 22a8cda86b5099e5d09e9feeb39f87978285b06773375dfbd64abc75ee540a6c Loading...

	unknown	ScriptElement	26 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash 3f6375f576064587f70a4b18184e8319 f544e930d71bd634f1f842be37310bf36b66e426 f672c09d4da43b93ad9efda910d4e0cee9c37bec6d14c782e4b9c83d5c950767 Loading...

	nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188	ScriptElement	701 B	2023-05-10	2025-05-06
Pretty URL nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 12:45 Last Seen2025-05-06 09:54 Times Seen3090 Hash 328b8123661abdd5f4a0c695e7aa9dcc 4164f78bb52e9f2bfbb7ae5fd519b4638063c1f0 27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2 Loading...

	unknown	ScriptElement	79 B	2023-03-07	2025-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-07 12:03 Times Seen635 Hash ab1b0ef42311479d7559bffd29ef8d7d ba1509057a5f82563a2b55a7379f4825fe35bcab 37bf8b4db5288941c20c28fd7c0b201d2270201a94739d64462744ffe6b52f79 Loading...

	nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.31	ScriptElement	23 B	2023-03-08	2024-10-06
Pretty URL nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.31 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:02 Last Seen2024-10-06 09:26 Times Seen26 Hash e509c98a0bcad0ce8e6248ac8eb31de1 ec5fe203df631088270b5f2b0b7a85498a2aeb8b 352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63 Loading...

	unknown	ScriptElement	68 B	2023-03-07	2025-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:22 Times Seen24186 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=0aa4f53ecbe8911b5307	ScriptElement	7.6 kB	2023-09-23	2023-11-28
Pretty URL nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=0aa4f53ecbe8911b5307 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 16:46 Last Seen2023-11-28 22:45 Times Seen29 Hash 70c183398322d73b50b8b4abece239a9 e79dec738456aa7882ffbaf481eb13849da7c227 969eb11be3a2271857373fe0e1424232f62f24ebc4cac8cd532c35d43634c046 Loading...

	nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206	ScriptElement	2.3 kB	2023-03-07	2025-05-06
Pretty URL nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39 Last Seen2025-05-06 00:28 Times Seen181 Hash c3a5b08af3e63049707797efe65eab86 f66ed251ef8c24614ff24376d472f2f394f7b93f d79752e33e156b5cb219ab45103fe0ed7d80f111533dd8eec42c57546b4da500 Loading...

	nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1	ScriptElement	3.9 kB	2023-03-29	2025-01-30
Pretty URL nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1 IP 172.67.150.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:02 Last Seen2025-01-30 22:02 Times Seen58 Hash 87015559c535c9314bb1a8d6ed05597e b9e3b22a2bd7457d044551d5126a29bae25489a9 e5903bfc201247ffb215a9c8ca6b66cf2b77d63dc7c7953937619535dd394a7e Loading...

	thaudray.com/tag.min.js	ScriptElement	81 kB	2023-10-24	2023-10-24
Pretty URL thaudray.com/tag.min.js IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 03:41 Last Seen2023-10-24 11:53 Times Seen8 Hash 3aff9b102c2b7a13131a37fb39c5bab1 e44f8bab6b8dcf76d901feea9db835ea61d23bad 80c13663cdfe2c858074bbd47982d95bab258ee8140bf9189a105900c3574d46 Loading...

	nsw2u.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL nsw2u.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 09:38 Times Seen341407 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.3.2	ScriptElement	1.9 kB	2023-03-07	2025-05-06
Pretty URL cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.3.2 IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32 Last Seen2025-05-06 05:05 Times Seen982 Hash f6a3dd4ecbf227acbafcff33d68dc71d 7421115ddcd5d436b89a1fd27e0cdce5a01978e6 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421 Loading...

	mimicdisperse.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js	ScriptElement	43 kB	2023-10-24	2023-10-24
Pretty URL mimicdisperse.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 04:13 Last Seen2023-10-24 04:13 Times Seen1 Hash 8dd4c97af4d176adf6500430e7cdc5e5 0c2073496d3f32fcebc203097450eda9f2ac9e11 8a53249c2d4ef9660cd5e3356e498cc3bf5cc503c825776040bdd91db3b5c56b Loading...

	unknown	ScriptElement	294 B	2023-05-11	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 18:42 Last Seen2024-08-21 08:54 Times Seen12 Hash f73754c10536a2e729f6d06f9e7f191f f69f394a68fcebecbce2ada0f6f8a91ffc077790 06dc51e59503bfca6c59b6050f0dba624b14358f3644d81a3f6605f6586151f6 Loading...

	c0.wp.com/c/6.3.2/wp-includes/js/dist/url.min.js	ScriptElement	9.1 kB	2023-08-08	2025-04-25
Pretty URL c0.wp.com/c/6.3.2/wp-includes/js/dist/url.min.js IP 192.0.77.37 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 23:54 Last Seen2025-04-25 07:15 Times Seen680 Hash 16e2e46b37590d0f0b095e0dc1aaaf87 11fd26f35df888a81534699194516b5178c217a4 68355abe687cffeeefe36bc69855523ab4745d0e753f7417138f9a41259cce71 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-05-09
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-09 08:24 Times Seen24133 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	unknown	ScriptElement	3.3 kB	2024-08-21	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash 511222e2653ce01da348f2e4f259738f 7a09994875de8b629525390493540a0d52601eac ab52fdb5f771c3c3e92c047644a8a5c11845b89906b0858ad79ba8b78837a2aa Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5ecff3658f5b74fa08c1e20837c5b42b	2.1 kB	2024-08-21 03:40	2024-08-21 03:40
Pretty Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash 5ecff3658f5b74fa08c1e20837c5b42b 3ee569763103033bf6f9ca448967365de766a06e 129547118f6b32c03d33d6fa25e7dd9358ceebeb4df682829e45594886daaa26 Loading...

	#2 Eval - fc5fd8faf055f12bd2a376e7c81c768e	6.3 kB	2024-08-21 03:40	2024-08-21 03:40
Pretty Observations First Seen2024-08-21 03:40 Last Seen2024-08-21 03:40 Times Seen1 Hash fc5fd8faf055f12bd2a376e7c81c768e 046b7d59ff06732910d269cf59994b8a7f4c2cd1 6ad51c213dbb43f5632f788ade80e576f643f832ace0dbce8d06e0957b7d2755 Loading...

HTTP Transactions (93)

URL IP Response Size

nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png

172.67.150.79

200 OK

16 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Size
16 kB (15671 bytes)
Hash
134fce13c189ed0e483a1bddb6406204
eed559ac52e9731c56a1fb03eb94fc82e551bb66
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791

HTTP Headers

GET /wp-content/plugins/chp-ads-block-detector/assets/img/icon.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/png
content-length: 15671
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:29:33 GMT
cf-cache-status: HIT
age: 18952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fQE4IuvddOAl0nYeh3lPMHStcceRTDVucu64RS0k3H9RuFxQc4JhXZ1rSFSwLB3RyHfScFB%2FcXse1Oo7w0OxW07aukE4h2GmYlXsR0mitwaF1kms3l9Cx%2BDwmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2b35e85569b-OSL
alt-svc: h3=":443"; ma=86400

nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png

172.67.150.79

200 OK

95 B

URL GET HTTP/3
nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

HTTP Headers

GET /wp-content/plugins/ad-inserter/images/ads.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/png
content-length: 95
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:12 GMT
cf-cache-status: HIT
age: 18952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhfGtar9efe4%2BIdqOLJCXrWxafsliIcEd9jTbI9wz7o4zV6BmGgvemHWyT%2BmrTQu8O5dCHmKbTAiL6i%2BpDOg2Q94dgt4fD%2BhIrmIJmTDJ5nPvEeE3p0%2B9YvkmnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2b35e88569b-OSL
alt-svc: h3=":443"; ma=86400

nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.5.1

172.67.150.79

200 OK

671 B

URL GET HTTP/3
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.5.1
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text
Size
671 B (671 bytes)
Hash
759cfb7982cccb42ee4c689e1528c381
2f6efd7722027ca9f8e838e953e079057bbc0553
875509c014bdd1c5fc1c0b8e46bcd760ef78a590f3bc91b86280a996640f5066

HTTP Headers

GET /wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Fri, 20 Oct 2023 08:20:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zk%2BMv8tNDiIuiAyT1yZ2USv6hMJ%2FquIu7Nm1eqs%2FwytFuc0ExW3aZ2sjLqVeKFzb8aUKmQOjsbQekVzoZYIXpd2tQ2yKEreTcwvvubSYImkgW%2BYtIFmeAly96UU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b35e86569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i0.wp.com/images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1

192.0.77.2

200 OK

42 kB

URL GET HTTP/2
i0.wp.com/images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
42 kB (42380 bytes)
Hash
d4928f7b25fded3f8d8a950e9d163f32
d3c246313c0b85eb96b9bea998baeb1c8da5a7c5
6590cb89e20fcfe488bf87db73a0a86d040513f68b0711e6456c0a0da091bce4

HTTP Headers

GET /images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/webp
content-length: 42380
last-modified: Tue, 10 Oct 2023 09:05:01 GMT
expires: Thu, 09 Oct 2025 21:05:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1f81867bb8a4a38b"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/game-2u.com/wp-content/uploads/2023/10/Nomad-Survival-Build-12453970-PC.jpg?ssl=1

192.0.77.2

200 OK

13 kB

URL GET HTTP/2
i0.wp.com/game-2u.com/wp-content/uploads/2023/10/Nomad-Survival-Build-12453970-PC.jpg?ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
13 kB (13324 bytes)
Hash
518a42734de4847b8e8afced91bc3690
92e38ccff041bf4d778d6bd7498794e31e397e28
fd61b63ed6182c7e773a661db675eb589eb5c857b52065ff00da50346fe2a7ae

HTTP Headers

GET /game-2u.com/wp-content/uploads/2023/10/Nomad-Survival-Build-12453970-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/webp
content-length: 13324
last-modified: Wed, 18 Oct 2023 11:59:51 GMT
expires: Fri, 17 Oct 2025 23:59:51 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/10/Nomad-Survival-Build-12453970-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e9a47ef70678dc8d"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1

192.0.77.2

200 OK

32 kB

URL GET HTTP/2
i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
32 kB (31608 bytes)
Hash
3dde27351094fd110611b7099df7612d
1f8633afc647ab96114d9cd7b87b2e1bd9d73fae
f7118208621987432e4309b2429b3ca26191166ec2b5b4dfab15204958f9de33

HTTP Headers

GET /images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/webp
content-length: 31608
last-modified: Sat, 25 Mar 2023 13:28:37 GMT
expires: Tue, 25 Mar 2025 01:28:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5948b74d64865dea"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1

192.0.77.2

200 OK

44 kB

URL GET HTTP/2
i0.wp.com/images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
44 kB (44016 bytes)
Hash
75c6cf85f705a0e0864e59824ab2c735
cab75b114fd4bfefe79a88008824f651801bd557
8e2a80cbd5c939e48360b46716bf1cd7598ad513f525a34ae9b2a3f549c0d18e

HTTP Headers

GET /images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/webp
content-length: 44016
last-modified: Mon, 02 Oct 2023 12:52:59 GMT
expires: Thu, 02 Oct 2025 00:52:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "88dd70ee97fb240b"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/game-2u.com/wp-content/uploads/2023/09/An-Ankou-v0222d-PC.jpg?ssl=1

192.0.77.2

200 OK

10 kB

URL GET HTTP/2
i0.wp.com/game-2u.com/wp-content/uploads/2023/09/An-Ankou-v0222d-PC.jpg?ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10288 bytes)
Hash
4194598bae0dc0733e8732ad557525c1
6c5be826efc0485a36d2e704bd55ca3356235c37
98b5857fef17bdee14fee745c166eff60e57d68b5419421f3e729a88701b29d5

HTTP Headers

GET /game-2u.com/wp-content/uploads/2023/09/An-Ankou-v0222d-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/webp
content-length: 10288
last-modified: Wed, 18 Oct 2023 11:59:51 GMT
expires: Fri, 17 Oct 2025 23:59:51 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/09/An-Ankou-v0222d-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f7ff9dbe7ff441fb"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/game-2u.com/wp-content/uploads/2023/10/Block-Story-v1320-PC.jpg?ssl=1

192.0.77.2

200 OK

12 kB

URL GET HTTP/2
i0.wp.com/game-2u.com/wp-content/uploads/2023/10/Block-Story-v1320-PC.jpg?ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (11816 bytes)
Hash
be4a35999a33329ce02169058d41f5c1
580f63153a5937d92680337f3e1bac5ff8e02251
bf3bcbce1e4cdcb640b3bd5444e8fcb71e61bb4d54470bc8d0d2b10cd54ed939

HTTP Headers

GET /game-2u.com/wp-content/uploads/2023/10/Block-Story-v1320-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/webp
content-length: 11816
last-modified: Wed, 18 Oct 2023 11:59:51 GMT
expires: Fri, 17 Oct 2025 23:59:51 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/10/Block-Story-v1320-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6567df7edcc776bd"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1

192.0.77.2

200 OK

2.8 kB

URL GET HTTP/2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.8 kB (2836 bytes)
Hash
948c6dc3d3c1e2e9d315418f6eabe2bf
ed06ff1f0994f3be033f22d808241d3fcca9d1e8
3a2e29960ba6130c22ce96089a7592ae91b6a0d6a11595a10daaa9662522ad0b

HTTP Headers

GET /nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/webp
content-length: 2836
last-modified: Sat, 24 Sep 2022 18:25:42 GMT
expires: Tue, 24 Sep 2024 06:25:42 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/nsw2u.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0101732b85ce3bdc"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6fc9448d5878282732fb2678d7a73bfe
a4b02c28a589d32902e36e7940a5a7ace9e1a9b8
5939492c9cf5a2356c62e9689a9a51faf11a1a44cbfe9cfc2231244f3a0d79b5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 02:13:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.31

172.67.150.79

200 OK

23 B

URL GET HTTP/3
nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.31
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with no line terminators
Size
23 B (23 bytes)
Hash
e509c98a0bcad0ce8e6248ac8eb31de1
ec5fe203df631088270b5f2b0b7a85498a2aeb8b
352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63

HTTP Headers

GET /wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.31 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
content-length: 23
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=25
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:13 GMT
cf-cache-status: HIT
age: 18952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeRhZTUv08iQo5ZA1doB9kKFmnYEMcAz7KUHc4FszKxPvC3oozCwyInButM7Py3KeLHkw%2BmT6itR%2F26DFETZkRhqqXSZnR8afuggeraeOKT8p8k9MXJYrZ5uFJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2b66fd9569b-OSL
alt-svc: h3=":443"; ma=86400

nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.31

172.67.150.79

200 OK

22 B

URL GET HTTP/3
nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.31
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
41bd53fe0ee631d5cfd895e18a53291d
9d9d3c42c53ad7f906cb083a0d2d37afb4537764
dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40

HTTP Headers

GET /wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.31 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
content-length: 22
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=24
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:13 GMT
cf-cache-status: HIT
age: 18952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HF5x4kaqfNpKj8uPW%2BVvOfg%2BI5j1micJLhkf%2F%2Fqd9fxDfqpYEDkbhp%2FXObvmyInoaqkahPn2492Ebsl034NVjl3Tp6BdvPYJrGqcVQDOqHTICmCbwuzz1%2B8Ak7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2b66fda569b-OSL
alt-svc: h3=":443"; ma=86400

nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.31

172.67.150.79

200 OK

21 B

URL GET HTTP/3
nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.31
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
169a5dd1261e0d434162d1af68acbbcd
c18d59ed069049b012a61a8e6b958bfb25bc1b71
82b3dabc6615507ef352f36aa08a805d409e883f8024fd01fda43175b6b67b38

HTTP Headers

GET /wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.31 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
content-length: 21
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:14 GMT
cf-cache-status: HIT
age: 18952
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfKpy1tH0LICDCTW%2FXBujwEq7MwjDdLmoN7lOc4tqdiSI1g%2FYgz8SuWnsgBCv81EPvo0j89aa8gSIl%2BgCqLzALQm%2BDMpIAxKE4VYzmA1e1jsLnf7BZG9Uhzi4o4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2b66fdb569b-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.3.2

104.17.24.14

200 OK

677 B

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.3.2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1845)
Size
677 B (677 bytes)
Hash
f6a3dd4ecbf227acbafcff33d68dc71d
7421115ddcd5d436b89a1fd27e0cdce5a01978e6
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

HTTP Headers

GET /ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.3.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 677
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-750"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 900513
expires: Sun, 13 Oct 2024 02:13:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w92FRqLRHUHxy5BYfqTKV2wdyf39T%2BWpFarWqsvTRHd%2BN3M%2F2fdwjnG6Z8lv3MjHO073pTNc2%2F94ezHnrwzT48JALItfpiOImCM8mlKqCNEQRqC7W2gP5b1ivHhHOIlN5JvK%2BQRq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81aeb2b6eff90b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.3.2

104.17.24.14

200 OK

1.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.3.2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3036)
Size
1.1 kB (1101 bytes)
Hash
94279a9a0c4060a96efcf1da47716f86
ea88b3fd8b01a8b86edfd0f4120cc9a834893018
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a

HTTP Headers

GET /ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.3.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 1101
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-bf7"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 12635195
expires: Sun, 13 Oct 2024 02:13:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jp3RkULjX1w1%2FrhFtBUgQv15OMIQ9fknD9URGRlVgLG2aDA53VDVi3py0NY1qiMvQtVHd4yo1MI0vvB7rSi6O30HJ%2BVgJLaQfxUkKBgwvNElmDEFuP%2BhW3XKvDpVNoUKqdnUgJpl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81aeb2b6fffb0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.3.2

104.17.24.14

200 OK

3.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.3.2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7862)
Size
3.2 kB (3150 bytes)
Hash
45bacd312d5098b4b59f563d8756c15d
fa55e2cff078381e5365d95782a95a787d0b7192
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

HTTP Headers

GET /ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.3.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942b38-c4e"
last-modified: Thu, 22 Jun 2023 11:06:32 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4628810
expires: Sun, 13 Oct 2024 02:13:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tj3PFnPlMobigqsDiJU6g8DRL8CZCykkf4sII8%2BFy1unKGM%2BRKGCdL512s%2FzvkWHBKsURjMEMqOL5276a2CsqMkpI9y%2B724%2B54EqZ0mOrrtPZjQe%2BY6%2FwkRWx1qgLWCrMl4J8MUj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81aeb2b6fffa0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

172.67.150.79

200 OK

77 kB

URL GET HTTP/3
nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/font-woff2
content-length: 77160
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
cf-cache-status: HIT
age: 18668
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lj9bTEkrNVBtXkMay17kRQ5U8hT6uIimCDdoYL%2FZ3l5qsdV3EFA%2Fh11TcvPEV8pGuRv%2B%2F600TEGP%2FTXTZtkmil1huCyRl13Q97UHpVB5zNtWoHO1U%2BmpjGnf1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2b75827569b-OSL
alt-svc: h3=":443"; ma=86400

nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1

172.67.150.79

200 OK

3.0 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text
Size
3.0 kB (2999 bytes)
Hash
87015559c535c9314bb1a8d6ed05597e
b9e3b22a2bd7457d044551d5126a29bae25489a9
e5903bfc201247ffb215a9c8ca6b66cf2b77d63dc7c7953937619535dd394a7e

HTTP Headers

GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Fri, 20 Oct 2023 08:20:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeSTJAfrovUoNbjFhg1cmTc%2BnJkbTlhy3rPlXAa5ikRXzC75EQ%2FV%2BojQaZvKbuthCv2yvmYlnArpsafxNKGf%2FXsQc9i5eO34dQIKAaKNGuFnyptqEVDHctYukv8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b67fdf569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.31

172.67.150.79

200 OK

7.8 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.31
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with no line terminators
Size
7.8 kB (7778 bytes)
Hash
b7d8aab20ec0137a23e4ff03411bd06c
bd7e901bbf5968d13abb3dee762244715541bdfe
651cbb53c3e67a452582c597784a988f2ad5db132c709c279a23ad74b9917448

HTTP Headers

GET /wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.31 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=112
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:13 GMT
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKBoqvretz2x0NLlph74XdFR7OztsH%2B8YSbDKiLXPWhQppd66ZUMcl9iIefn7aK4aAJOhwJ0t0k0dudnXgixQvGbW3JhxX6w2SkdicUIldNwxbyg9nzaf49v7eY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2b66fdc569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-262573192-2

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-262573192-2
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89
ValidityThu, 28 Sep 2023 05:26:20 GMT - Thu, 21 Dec 2023 05:26:19 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (68657 bytes)
Hash
bc0d1f4538a5588d43ace44dde5e7c9b
1b3d9e3b4c20329c43c6c3e6b85d5af6dabea4cb
22a8cda86b5099e5d09e9feeb39f87978285b06773375dfbd64abc75ee540a6c

HTTP Headers

GET /gtag/js?id=UA-262573192-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 24 Oct 2023 02:13:00 GMT
expires: Tue, 24 Oct 2023 02:13:00 GMT
cache-control: private, max-age=900
last-modified: Tue, 24 Oct 2023 00:08:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
57f4d85ba07739f3ee499b522b32f8eb
8d65a4709be8e43c310fb0519f2d1e016835122f
ccb12b856d4aaa5d410bfdd983cf9281e3ec5131fec50aafd7d1109da9d57cb3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 02:13:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115

172.67.150.79

200 OK

3.0 kB

URL GET HTTP/3
nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text
Size
3.0 kB (2997 bytes)
Hash
88744222f59f4700c6bc9212e12a653c
df0bf43d60bed605eabbcb2776e0fbb46f1d1c05
4b179f8204186f3aa954f47cd81dbe86bf89c08edb8d5341b8e0697d99e35073

HTTP Headers

GET /wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCc4i07aKYFnargR4sPGwZJKM4OpsB5l2o%2Fh0Xt71tMtwkOLjff09S3ZaSyK9ZeVufCGsrAs1vjdoAwk99IgfHJIJvolQZxsVVyOMgzN%2BE9HcmRdJhIagG8LdzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b68fe9569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.2

172.67.150.79

200 OK

1.6 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.2
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with very long lines (4591), with no line terminators
Size
1.6 kB (1552 bytes)
Hash
3940eede2b6841663dddd9e946dec11e
ccb59e18338a06a5f0168be0bd1677710f6d7bd4
b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935

HTTP Headers

GET /wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.2 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:31:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQykQHVLCyLZ3X206aDKMvaJe8E7rQn6hsq6UCQZ8SXXtjkkHqYDyQJlPmBFyqau3bn94Ynrw2Z8vtAs%2BcAisYhyO4BLNL0QdJQPHnkZ%2Fx4ziM0CjVq%2BkH59w7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b68fe6569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google-analytics.com/analytics.js

142.250.74.78

200 OK

21 kB

URL GET HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89
ValidityThu, 28 Sep 2023 05:26:20 GMT - Thu, 21 Dec 2023 05:26:19 GMT

File type
ASCII text, with very long lines (2343)
Size
21 kB (20994 bytes)
Hash
575b5480531da4d14e7453e2016fe0bc
e5c5f3134fe29e60b591c87ea85951f0aea36ee1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20994
date: Tue, 24 Oct 2023 01:14:19 GMT
expires: Tue, 24 Oct 2023 03:14:19 GMT
cache-control: public, max-age=7200
age: 3522
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js

172.67.150.79

200 OK

85 kB

URL GET HTTP/3
nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text
Size
85 kB (85061 bytes)
Hash
0e78b1db7d662e95ae8c3506146b080a
9f1675c87a306e4dd45f84d0b7ac484ae506245e
6e79424f448b401656e2384514c9332a4baa6ab4d458ba048655e01f4b1c60f2

HTTP Headers

GET /wp-content/themes/posterpro/foundation/js/foundation.core.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVcSq3bCC1yojsYcMNQKRPMkn4rJ08USxjpQacGp9DImRa%2FfiYjbVyA1i%2FolaQOk%2B9MK21s0TSDANGLqYRvuVexEOvKyFUwB7IIDKH7BnaidcpTK%2FBfOVe3ihsc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b68fe8569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.150.79

200 OK

110 kB

URL GET HTTP/3
nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
gzip compressed data, from Unix\012- data
Size
110 kB (109566 bytes)
Hash
faaba39bfcee50b1d30dcaa5e85165b5
be607a2a464c9a12069cbb309c87ea16cfaed753
7e00903db98abf51024f7b59ef0b689dd64329abd65e9c38de7fddec748e1128

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
last-modified: Mon, 16 Oct 2023 11:32:23 GMT
etag: W/"652d1f47-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18i%2BOszJJyRNpndUei2eNKOCZlIu%2BwGY1kMTGrfDR1kQdNO1LS8wPTU54DYXzHiwwRwOe05RcFis7GruyCCUc0EyjdthCWC2GV2zrXgt3Y8MCsBGyuCpNf3VfTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2b35e8a569b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 26 Oct 2023 02:13:00 GMT
cache-control: max-age=172800, public
content-encoding: gzip

nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206

172.67.150.79

200 OK

1.3 kB

URL GET HTTP/3
nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text
Size
1.3 kB (1303 bytes)
Hash
c3a5b08af3e63049707797efe65eab86
f66ed251ef8c24614ff24376d472f2f394f7b93f
d79752e33e156b5cb219ab45103fe0ed7d80f111533dd8eec42c57546b4da500

HTTP Headers

GET /wp-content/themes/posterpro/js/navigation.js?ver=20120206 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfuMwsebqGzpfvftthrJoobk3f7UjCoAp1pQmJxC1IwtIrwFQnRBR3aYiGmWM2y%2BRwzcpdvrTSS5Gg4QyoS5BDWEMNg9iLAEnBMJFsD1eqSZwif1ZQWmo%2BBS69s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b68fea569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js

173.233.137.52

200 OK

11 kB

URL GET HTTP/1.1
definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectdefinedbootnervous.com
FingerprintFE:CF:3A:96:3E:47:C4:AA:55:62:56:91:23:16:FC:0A:94:CC:D9:DC
ValidityTue, 19 Sep 2023 06:24:07 GMT - Mon, 18 Dec 2023 06:24:06 GMT

File type
exported SGML document, ASCII text, with very long lines (29664), with no line terminators
Size
11 kB (10965 bytes)
Hash
ceff659dc75fc271093fb8d30a13036f
32dc8ea01d8bb0c043c1f41062fa71b067dd2bf6
82a61524d6d479da2b12ca1edc7b457c35ed8fb1092951fcb9f8df8e4d586e71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a45922fa4966955cecdffbdde5347ae5/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 24 Oct 2023 02:13:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a606ad6c61e7c0ed05d4832705e40f3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0873934edbe6f4bf9af8f22fd3811c9d
828317e024abf1042ec76bbfcbbff7d9a71f1d12
ed16f67f4d3b225a99fdab5a9721ada7d6613d8c4d34ad136b8a4f6a4d7154ce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 24 Oct 2023 02:13:02 GMT
Last-Modified: Tue, 24 Oct 2023 02:09:27 GMT
Server: ECAcc (ska/F7A3)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cxPVqOhOyuQUkgBk0M0ji2bQ-uD-jcXyW2ziT4LHXf2VO-Rww_HX7Q==
Age: 215

pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.3527913021153124

192.0.76.3

200 OK

50 B

URL GET HTTP/2
pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.3527913021153124
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.3527913021153124 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:02 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

professionalswebcheck.com/stats

35.157.63.144

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
35.157.63.144:443
ASN
#16509 AMAZON-02

Requested by
https://nsw2u.com/
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
d850242b5b0fb50bab546151eb54d562
bd95884df37b2c8194ac2c56b92f14eb8c058ab8
b10965f8bb812c381dc3d00fd3bd854aef5288c6b24c62b9ddef21dbbf7d3517

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 02:13:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nsw2u.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ca904766-6beb-4200-8975-bc9284b2f230:1:1; expires=Fri, 21 Oct 2033 02:13:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css

172.67.150.79

200 OK

30 kB

URL GET HTTP/3
nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (34393)
Size
30 kB (29614 bytes)
Hash
d7b3559e5a5b93a95b6de98541911a3c
fc4bbbe7374a33a2af492895014b8a73db4c81f0
414c7164bb91e068a1b3dd4f7465890fbe58a85895654f7212386cf36f54056d

HTTP Headers

GET /wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Tue, 29 Aug 2023 11:06:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCvUvmytzPArYjfZGeKXwz9psLzFLdJejNbYFIeesEj8LjvCGraxP5UwYOiUJ90opqkhE12RrmXrkyN2QTn95LJy9snudp0lRCAbvSvxHQ%2BWod0FoW%2B%2FWQTx6yU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b2fe5f569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

470 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
470 B (470 bytes)
Hash
8a6c921cef6ea03db1bf7cecdeb1666d
c1083a5ed542b26a9a61dd77c30282fafb1e1b02
e8653908973b2e8ad8939ae168a30f9a1b3a95df9fa6fb8293c2bd59dd9a4dc3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 82
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 02:13:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 470
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c0.wp.com/c/6.3.2/wp-includes/js/dist/i18n.min.js

192.0.77.37

200 OK

29 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/dist/i18n.min.js
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
data
Size
29 kB (29069 bytes)
Hash
c2c4e2a562e06e1cb22293a5b920aca6
a7b5a369ac4883f1ee7fa701b238d20238b675ca
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

HTTP Headers

GET /c/6.3.2/wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 28 Jun 2023 20:08:46 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.130

200 OK

51 kB

URL GET HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.130:443
ASN
#15169 GOOGLE

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
FingerprintA4:04:A4:CD:74:4A:5D:D5:E5:B7:37:26:D7:25:FC:00:CC:C5:4A:4F
ValidityThu, 28 Sep 2023 05:26:19 GMT - Thu, 21 Dec 2023 05:26:18 GMT

File type
ASCII text, with very long lines (3968)
Size
51 kB (51061 bytes)
Hash
fa08db73275e9b9b5665165898d5c7fc
ebe80d3441bb005f778d43624cce481d3aefd6f8
65617ce9551a5918f9b680c873d391ae45235c212d8a2566cce50c3368701813

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 24 Oct 2023 02:13:02 GMT
expires: Tue, 24 Oct 2023 02:13:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3693642735718582085
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

470 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
470 B (470 bytes)
Hash
8a6c921cef6ea03db1bf7cecdeb1666d
c1083a5ed542b26a9a61dd77c30282fafb1e1b02
e8653908973b2e8ad8939ae168a30f9a1b3a95df9fa6fb8293c2bd59dd9a4dc3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 82
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 02:13:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 470
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1

192.0.77.2

200 OK

7.7 kB

URL GET HTTP/2
i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.7 kB (7712 bytes)
Hash
1f2664d6059193e6c1a59ee7ef14d1a0
46542860abd849426ea23d66c601ff0888d735db
f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621

HTTP Headers

GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:02 GMT
content-type: image/webp
content-length: 7712
last-modified: Sun, 19 Feb 2023 09:06:57 GMT
expires: Tue, 18 Feb 2025 21:06:57 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "95d72d4081ab31e0"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery.min.js

192.0.77.37

200 OK

30 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery.min.js
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
30 kB (30244 bytes)
Hash
ff04dd1ef5c67998d8652330c0441689
5e6ff5bd5240181a8bdea983837f39ac231dac4d
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

HTTP Headers

GET /c/6.3.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 26 May 2023 11:33:35 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

192.0.77.37

200 OK

3.4 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (4186), with no line terminators
Size
3.4 kB (3369 bytes)
Hash
ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

HTTP Headers

GET /c/6.3.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

nsw2u.com/wp-content/cache/wpfc-minified/6zu0bqmr/5qz0r.js

172.67.150.79

200 OK

1.0 kB

URL GET HTTP/3
nsw2u.com/wp-content/cache/wpfc-minified/6zu0bqmr/5qz0r.js
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2729)
Size
1.0 kB (1012 bytes)
Hash
351390b839bf683126e78afb44004636
5631ca683d75c60eb3dba2bed734716accbe5426
f9a6294ee0f29b05710d50c6f338bbf5465c1aa22a5d0a7a73e99bbe0845d4b0

HTTP Headers

GET /wp-content/cache/wpfc-minified/6zu0bqmr/5qz0r.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Tue, 29 Aug 2023 11:06:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LbASKb8NRA%2BrNEraIMbQgBVtAkDZTTu2adjW8jfWzeRXA2DwwHCBlbMak2ey9iK9L0IVIAlOB%2BWKnpHwgm7WOlf32ZtWG8%2FmjmtTKJ0qNnVl2IqgVOcbVOiDNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b6cffc569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.3.2

142.250.74.106

200 OK

58 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.3.2
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:23:2B:8B:2D:09:6C:BB:06:7A:35:80:95:BB:F8:03:41:C8:99:2C
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
gzip compressed data, max compression\012- data
Size
58 kB (57653 bytes)
Hash
ca69741cf8d1e49a70b5e38b98aa2dd5
5ac7805b22f72a9f1b5339fb182e19a19e2f52a6
defe493240ec0ace6ded18cd8418c627e59b577c09678b93a273bab066cb9789

HTTP Headers

GET /css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.3.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Oct 2023 02:13:00 GMT
date: Tue, 24 Oct 2023 02:13:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg

212.47.236.38

200 OK

67 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Size
67 kB (66636 bytes)
Hash
81eb51e7c3a0df2a962b5b00d61669ff
42c531b818a0bc7e01c602c8668f21065d8cd67d
9ee994cfc66772056b1ae42f4012412d4a9f49fc8250c2c22153e54caed7b965

HTTP Headers

GET /ii/1692466089/24d36bc8/38995517.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 66636
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 19 Aug 2023 17:28:09 GMT
ETag: "64e0fba9-1044c"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

images.vfl.ru/ii/1696499345/2d834ce4/39025715.jpg

212.47.236.38

200 OK

46 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1696499345/2d834ce4/39025715.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data
Size
46 kB (45689 bytes)
Hash
d54f3e961e843224381b52420787300b
b24ff4dd6ff0b3c210ac80ccec30d1612bfb2c70
230c8719f7ff0cd67d89b8c5052dcc864b6c7ebbb62bf2ec21228af727652049

HTTP Headers

GET /ii/1696499345/2d834ce4/39025715.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 45689
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 05 Oct 2023 09:49:05 GMT
ETag: "651e8691-b279"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

nsw2u.com/wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js

172.67.150.79

200 OK

74 kB

URL GET HTTP/3
nsw2u.com/wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with very long lines (6042)
Size
74 kB (74513 bytes)
Hash
38fca9e0ca205130e3dddbdcda3b4a85
2c0ac19235a88fb361aff39bc0922e4b946c2c5e
43c8d614ba6e97fd9ee9dcf0ae49334ed5d601403ffe8551a74e1a9faf70efaa

HTTP Headers

GET /wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Tue, 29 Aug 2023 11:06:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lzd6xMsscHm9UxVi3Cu7CgFF04vRCdHL3padbgBca5p95Rw4aqk%2Fq7shh5hoaOSEd5WuHTVfPbR4Ani2IaNL8jSggC5heYPz%2BAi8ZDSbBJd%2Fcm1mYo8jX7xeRUY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b6cffd569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js

192.0.77.37

200 OK

88 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (6607), with no line terminators
Size
88 kB (87924 bytes)
Hash
9a4f28a615173df36cb84be2b345816e
f709263841708d9e40268f24a0072ff4fe811b35
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

HTTP Headers

GET /c/6.3.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2023 15:56:37 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=ae1ab3cfcf7670b1d705

172.67.150.79

200 OK

67 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=ae1ab3cfcf7670b1d705
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (36455), with no line terminators
Size
67 kB (66610 bytes)
Hash
c0713c042de1fba5070b2d961eda1a64
f230674857db1c62b5454ff5764d977b1fb37eae
e786eb9e515a17f19f327f2bc1b168f4f01a8bda82ca580266db3db775f571ec

HTTP Headers

GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=ae1ab3cfcf7670b1d705 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: _ga_V5K7GYT3S4=GS1.1.1698113582.1.0.1698113582.0.0.0; _ga=GA1.1.1204719104.1698113582; _ga_HS5Y0K7QPG=GS1.1.1698113582.1.0.1698113582.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:02 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 23 Oct 2023 20:17:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOu1ujble01dlxUn%2FTiqUaRi3eRwuubrVoJoDnjyqoelTbWw4wpOMlQzysfT1M1SxbWIElxPdfUBgelIMnMzagQLxmy%2FMwJKiivfHDyAJPj0JoWvYd07YZHdOAU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2c2eb65569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mimicdisperse.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js

192.243.59.20

200 OK

18 kB

URL GET HTTP/1.1
mimicdisperse.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectmimicdisperse.com
Fingerprint21:15:39:6E:77:1A:59:CB:E3:78:13:44:CF:D6:93:24:75:BF:26:78
ValidityTue, 10 Oct 2023 08:32:24 GMT - Mon, 08 Jan 2024 08:32:23 GMT

File type
ASCII text, with very long lines (43183)
Size
18 kB (17586 bytes)
Hash
8dd4c97af4d176adf6500430e7cdc5e5
0c2073496d3f32fcebc203097450eda9f2ac9e11
8a53249c2d4ef9660cd5e3356e498cc3bf5cc503c825776040bdd91db3b5c56b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js HTTP/1.1
Host: mimicdisperse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 24 Oct 2023 02:13:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_AN-1105=1; expires=Wed, 25 Oct 2023 04:13:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7320bfeba0d31fcb05afc36b94a4903
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

c0.wp.com/c/6.3.2/wp-includes/css/dist/block-library/style.min.css

192.0.77.37

200 OK

87 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/css/dist/block-library/style.min.css
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (53449)
Size
87 kB (86769 bytes)
Hash
03c0f2128c8dd615b1691c168f1d4456
defa44bed1f35ec899cfd358ca911390bca53e67
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

HTTP Headers

GET /c/6.3.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

images.vfl.ru/ii/1694605692/1e092d18/39009974.jpg

212.47.236.38

200 OK

57 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1694605692/1e092d18/39009974.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Size
57 kB (57339 bytes)
Hash
f1faaeb62c57c96c5f5702a2a0fe5e90
93b8d04f2fc23ac0ab3c9c8e1d9a73b443085b58
61be42c0b0dbadf5f906f472510afb5121aee2164b9a3da27b0dd335704ca2e7

HTTP Headers

GET /ii/1694605692/1e092d18/39009974.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 57339
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 13 Sep 2023 11:48:12 GMT
ETag: "6501a17c-dffb"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

192.0.77.37

200 OK

59 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (11256), with no line terminators
Size
59 kB (58694 bytes)
Hash
2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

HTTP Headers

GET /c/6.3.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1

192.0.77.2

200 OK

7.7 kB

URL GET HTTP/2
i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.7 kB (7712 bytes)
Hash
1f2664d6059193e6c1a59ee7ef14d1a0
46542860abd849426ea23d66c601ff0888d735db
f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621

HTTP Headers

GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:03 GMT
content-type: image/webp
content-length: 7712
last-modified: Sun, 19 Feb 2023 09:06:19 GMT
expires: Tue, 18 Feb 2025 21:06:19 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6b02d3dbdaa697a7"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

images.vfl.ru/ii/1696713535/648489ee/39029634.jpg

212.47.236.38

200 OK

31 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1696713535/648489ee/39029634.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 412x667, components 3\012- data
Size
31 kB (31191 bytes)
Hash
a415bdab5e6150241178552746fe5d71
3cb9afec132f0cf1a88e83abc0b77614ee20f5b6
8155cd0c598eeeb3df53fc23087d819333a91d25521f7f8401241b279e13bf35

HTTP Headers

GET /ii/1696713535/648489ee/39029634.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 31191
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 07 Oct 2023 21:18:55 GMT
ETag: "6521cb3f-79d7"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

images.vfl.ru/ii/1696938502/6630da8c/39033149.jpg

212.47.236.38

200 OK

64 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1696938502/6630da8c/39033149.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data
Size
64 kB (64143 bytes)
Hash
678b073888932457fc6af1b7490e99c4
42c5084ad33404584ae89f68ed16a79221ac5f2a
eec4af9d31077baac8553f80e0087b211fcaea24435bc4b1efbd9763344f1736

HTTP Headers

GET /ii/1696938502/6630da8c/39033149.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 64143
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Tue, 10 Oct 2023 11:48:22 GMT
ETag: "65253a06-fa8f"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188

172.67.150.79

200 OK

2.4 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with very long lines (701), with no line terminators
Size
2.4 kB (2446 bytes)
Hash
328b8123661abdd5f4a0c695e7aa9dcc
4164f78bb52e9f2bfbb7ae5fd519b4638063c1f0
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

HTTP Headers

GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 23 Oct 2023 20:17:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWkVfNiSRwHeyI1UXR9pSJH%2FkLeaSnTMRQ2HD1yNqNNIW2ZfIDMxMl%2F9RDsdBj%2FqwG2wVXpx0EfN8b41jm%2BKrNHI0VE6uTmeqQ%2FVxpl9ysACU0OMXK%2FrQea2Vgc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b6cffb569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

friendshipmale.com/sfp.js

172.64.162.2

200 OK

28 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.162.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27589 bytes)
Hash
2d0450888479d4ddda305bd96206b240
5b4595aab1cd3f854718e05db9be0c65a12ab2f6
44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 02:13:03 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 978aca12fd47a9b7d644bdfa22e1dddd
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 24 Oct 2023 02:13:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWBvY4vWVsMTuV7%2FUMlG2wHwxclPlaVjstpAkHEcpSUU19DkGtDRV1FTO3AxOBnmQMV9Wo57rwV3uyIRkg%2Ft0yRnsVqGIjjn7o7q4m7ZscSNV2XQyd2aM6%2BP%2FNOtB0YiL8mZq%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2c8ba0871a2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg

45.133.44.9

200 OK

25 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT

File type
JPEG image data, baseline, precision 8, 320x50, components 3\012- data
Size
25 kB (24714 bytes)
Hash
d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd

HTTP Headers

GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 02:13:03 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Thu, 26 Oct 2023 02:13:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

172.67.196.166

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
172.67.196.166:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint77:2B:76:51:D0:51:70:02:2E:BF:B7:9B:02:8B:5A:A4:91:FA:0B:9E
ValidityMon, 11 Sep 2023 08:34:11 GMT - Sun, 10 Dec 2023 08:34:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 02:13:03 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 55f0931f060c195054144f59d9b27955
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 24 Oct 2023 02:13:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2%2FKMb0DAN7ZhsfgwfvJpZWHQbwrer8%2FRE1umXfBzFeH%2BQimpxalnUN4QlgK29J%2FT4EQ%2BiTggHSntFuzZWri9YJQ0YKBjnf5zj7GpgpwUNaYOMo6g4cdKJe6f2wT7%2Fgnrb5plaarImdkr2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81aeb2c90e2a568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

incurableyankmarshal.com/pixel/purst?dl=0&th=0&sc=0&rs=3874&rd=3874&fd=899&bv=23.10.v.3&tmpl=70

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
incurableyankmarshal.com/pixel/purst?dl=0&th=0&sc=0&rs=3874&rd=3874&fd=899&bv=23.10.v.3&tmpl=70
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectincurableyankmarshal.com
Fingerprint27:8D:20:90:2C:CE:6C:5B:CA:85:05:4D:BF:55:1E:B2:FB:AF:60:B3
ValidityTue, 17 Oct 2023 12:46:41 GMT - Mon, 15 Jan 2024 12:46:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=3874&rd=3874&fd=899&bv=23.10.v.3&tmpl=70 HTTP/1.1
Host: incurableyankmarshal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js

192.0.77.37

200 OK

8.2 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (8365), with no line terminators
Size
8.2 kB (8171 bytes)
Hash
08e6714eaf3cfe8f3c7839f22d90ba4e
94fdad68854d0d3482b877aef7ba7c2eb265c621
e424039d5a737a1bda8a5ded60919e5067085729310762eebb09c20e07d249c8

HTTP Headers

GET /c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.2

172.67.150.79

200 OK

68 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.2
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type

Size
68 kB (67604 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.2 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:31:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTfweS4LejFTzRrd0z4VwEKRfLW0KKYISbaUaOAMnwInHbe7d5zoS9sFkSLnuulTYQFyHVnCIHROqS9SxR0YzZQCw03PKcx7pCR7ht6ZJxcHRdRTzFu5HFENUyM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b67fde569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

thaudray.com/tag.min.js

139.45.197.237

200 OK

81 kB

URL GET HTTP/2
thaudray.com/tag.min.js
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectthaudray.com
FingerprintC4:04:E7:56:23:4B:40:FA:A0:BE:32:61:EB:A9:B1:07:74:55:C5:B1
ValidityTue, 29 Aug 2023 05:32:07 GMT - Mon, 27 Nov 2023 05:32:06 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
81 kB (80800 bytes)
Hash
3aff9b102c2b7a13131a37fb39c5bab1
e44f8bab6b8dcf76d901feea9db835ea61d23bad
80c13663cdfe2c858074bbd47982d95bab258ee8140bf9189a105900c3574d46

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 25501
content-encoding: br
x-trace-id: a8915b1be958ea0bfe84ed5bfb24b59e
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Tue, 24 Oct 2023 00:03:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

images.vfl.ru/ii/1697025199/2d40d0fc/39033877.jpg

212.47.236.38

200 OK

71 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1697025199/2d40d0fc/39033877.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data
Size
71 kB (70673 bytes)
Hash
c9578ce1b30a7957a4f58916181545c1
5edd16bdbdd4c4caacd7ba9408b15b01bbb765fe
881c108606af7bdf549477962370e9b2e17f1473a875354f37a09c634e34d492

HTTP Headers

GET /ii/1697025199/2d40d0fc/39033877.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 70673
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 11 Oct 2023 11:53:19 GMT
ETag: "65268caf-11411"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

nsw2u.com/wp-content/cache/wpfc-minified/ehn7s3j8/dmlqt.css

172.67.150.79

200 OK

15 kB

URL GET HTTP/3
nsw2u.com/wp-content/cache/wpfc-minified/ehn7s3j8/dmlqt.css
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with very long lines (6817)
Size
15 kB (15333 bytes)
Hash
1fee9d9ba9d8cc17b88610f753052dd1
b8608a7bcb05bcca68814671bb114871f2c97f0e
f50cc3d3d3714cc7aae738eb19b41f70b1eec94c290f8985af4dcd36dcfad0dd

HTTP Headers

GET /wp-content/cache/wpfc-minified/ehn7s3j8/dmlqt.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:12:59 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sun, 03 Sep 2023 08:56:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18951
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyWzu9afRB9Cu%2BFHxySvn%2B30QZhxLGVJMNNB6zYHfdtUn0s5710nx4ueKqC9Lu8JkHHombji4k1bVsRcPJF%2B52A3tz5LkezKuLt6N5YL8VOC54Vg9MOIGYPjI4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b2fe5b569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nsw2u.com/

172.67.150.79

200 OK

0 B

URL HEAD HTTP/3
nsw2u.com/
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: _ga_V5K7GYT3S4=GS1.1.1698113582.1.0.1698113582.0.0.0; _ga=GA1.1.1204719104.1698113582; _ga_HS5Y0K7QPG=GS1.1.1698113582.1.0.1698113582.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:02 GMT
content-type: text/html
last-modified: Mon, 23 Oct 2023 20:44:45 GMT
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoQfGYpJaL2eLV%2BoSEvnqOWyz5rSuVWZHB7PTBr7hFFLvEbmF8i%2Fp2dHeIm5bD6oSkbzamR0DSd2gEzH200aK2dv5Xw89DcPH63kz%2BGNRnOyGV6jujYhhlEYsTo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2c1db21569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=be4054ef01b79af42428

172.67.150.79

200 OK

79 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=be4054ef01b79af42428
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type

Size
79 kB (79073 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=be4054ef01b79af42428 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: _ga_V5K7GYT3S4=GS1.1.1698113582.1.0.1698113582.0.0.0; _ga=GA1.1.1204719104.1698113582; _ga_HS5Y0K7QPG=GS1.1.1698113582.1.0.1698113582.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:02 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 23 Oct 2023 20:17:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSMHaL1lmyn4bAFBW%2FW0u%2F1%2FvaP42rGiBQuyK1vVKbjrOrsSsXdWyFuDh8PvKCLd3lf5E7Ux19BovnS82eXtTI9bJWzWpnWGzuqaeuWsIXP2%2Bt%2F9qboLYx90O%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2c2eb67569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

my.rtmark.net/gid.js?userId=dc0d99ebc9f7461ea819149a8fc99e73

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=dc0d99ebc9f7461ea819149a8fc99e73
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
173de246d22aaa3c5c6378d04c93847d
6432fdc90242219737e602fda1bc63e426479d73
c18cae45fc2c51914d842b29bc8ef486b1af7253d2527389531f2cff9a21a191

HTTP Headers

GET /gid.js?userId=dc0d99ebc9f7461ea819149a8fc99e73 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:03 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nsw2u.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dc0d99ebc9f7461ea819149a8fc99e73; expires=Wed, 23 Oct 2024 02:13:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

images.vfl.ru/ii/1694604934/0d07e435/39009949.jpg

212.47.236.38

200 OK

57 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1694604934/0d07e435/39009949.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Size
57 kB (56936 bytes)
Hash
1b3e32337bbde3922e0e9f72aa72002d
100b45332c71a4eb2e6c66d6de40bcc83f29c989
e67f85bbe57ff956ee312dda7de903700030b79bb4ef76d09c192a5da9a33751

HTTP Headers

GET /ii/1694604934/0d07e435/39009949.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 56936
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 13 Sep 2023 11:35:34 GMT
ETag: "65019e86-de68"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

stats.wp.com/w.js?ver=202343

192.0.76.3

200 OK

11 kB

URL GET HTTP/2
stats.wp.com/w.js?ver=202343
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (10778), with no line terminators
Size
11 kB (10778 bytes)
Hash
f6c87bc49e7646c7ccda489b9defc829
9003fc52b4c4014b4bd9fe2f4506440b299478b2
e97d12898ebf1039197a2a1c2f87bfe3b56f93eca2bfe60a46a1053fab7ad860

HTTP Headers

GET /w.js?ver=202343 HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/10813-1684464982349.1523
content-encoding: br
expires: Mon, 21 Oct 2024 22:12:13 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

c0.wp.com/c/6.3.2/wp-includes/js/dist/url.min.js

192.0.77.37

200 OK

9.1 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/dist/url.min.js
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (10357), with no line terminators
Size
9.1 kB (9079 bytes)
Hash
93d89333b0ea716b0dded414b6fd690e
bea26f3b7bf556a03bf81259459154e5728de2cb
acab68f8aa0636ce9058f6bf3d72d59dede88fb7111dd75532dcbd572ecb8722

HTTP Headers

GET /c/6.3.2/wp-includes/js/dist/url.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js

192.0.77.37

200 OK

14 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

images.vfl.ru/ii/1694605816/c5504461/39009975.jpg

212.47.236.38

200 OK

54 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1694605816/c5504461/39009975.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Size
54 kB (53713 bytes)
Hash
083e031aeca99b61377f7f771be85e5f
7c10bb52e7bd5e86a9ea75b4dbbc9aaa657fdd2e
3acbb5c7692d646ea39ad2e07d2a9e7045b0f287a632862f7bd4bb4b386e2617

HTTP Headers

GET /ii/1694605816/c5504461/39009975.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 53713
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 13 Sep 2023 11:50:16 GMT
ETag: "6501a1f8-d1d1"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

c0.wp.com/p/jetpack/12.7.1/css/jetpack.css

192.0.77.37

200 OK

101 kB

URL GET HTTP/2
c0.wp.com/p/jetpack/12.7.1/css/jetpack.css
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
101 kB (100602 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/jetpack/12.7.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 23 Oct 2023 18:21:34 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js

172.67.150.79

200 OK

124 kB

URL GET HTTP/3
nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with very long lines (32024)
Size
124 kB (123510 bytes)
Hash
7ed39eb42c8c450b59a24bab9cfa7fae
7fdd3fee90709f703fac533b6061864fcd7ec206
35ddb1ce73a4ac4f4792b00c8b8c56cbf857910ada5e2a0183d898b01adc16bb

HTTP Headers

GET /wp-content/themes/posterpro/foundation/js/foundation.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pylu8H%2FypQDJnVZYCbWz2nLTDD6Kxeb2EckmlAUe%2Bb8yarnlpHI3URblMvIukp%2FxMbdV75s%2Fn%2F3ja5EYUvyCe%2FBehAf5tOVUyy2JjBlyu4gvXMt1dv0xM3ql8Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b68fe7569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

thaudray.com/?rb=9z6g5HWEsZJ1oEPW7G2jqEtoVsk0u6hSGbUEfRr5KsK8jbFDy4DgRm1MlV0SUS6eZD9PdLsbbLwwpYaUT1AqrEv5c81qCiLTaBYz9IFgaNqMZjK2Z8IVdvlc_setIYayKiWHmoYFYE7no09NmKtogYwzbBzBDAGEm88GyOaBChFAiZ3VlAM0SFir5OYfDrVvkyvs4EDKdfwNozVO-IWrWw%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.610.1-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fnsw2u.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.610.1-auto&bs=94177ec0-5bed-464f-935c-6422ce264afd&userId=dc0d99ebc9f7461ea819149a8fc99e73&m=link

139.45.197.237

200 OK

2.1 kB

URL GET HTTP/2
thaudray.com/?rb=9z6g5HWEsZJ1oEPW7G2jqEtoVsk0u6hSGbUEfRr5KsK8jbFDy4DgRm1MlV0SUS6eZD9PdLsbbLwwpYaUT1AqrEv5c81qCiLTaBYz9IFgaNqMZjK2Z8IVdvlc_setIYayKiWHmoYFYE7no09NmKtogYwzbBzBDAGEm88GyOaBChFAiZ3VlAM0SFir5OYfDrVvkyvs4EDKdfwNozVO-IWrWw%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.610.1-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fnsw2u.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.610.1-auto&bs=94177ec0-5bed-464f-935c-6422ce264afd&userId=dc0d99ebc9f7461ea819149a8fc99e73&m=link
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectthaudray.com
FingerprintC4:04:E7:56:23:4B:40:FA:A0:BE:32:61:EB:A9:B1:07:74:55:C5:B1
ValidityTue, 29 Aug 2023 05:32:07 GMT - Mon, 27 Nov 2023 05:32:06 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2135), with no line terminators
Size
2.1 kB (2105 bytes)
Hash
6f69a7fa03cc7c7b8b6cf2630f1df00b
7c7c33cb0cec4ae4769af2d342df073faa35fe93
7a77473e3c804520910a18b939a15d6a589a665eac497c26ba9cd19984321912

HTTP Headers

GET /?rb=9z6g5HWEsZJ1oEPW7G2jqEtoVsk0u6hSGbUEfRr5KsK8jbFDy4DgRm1MlV0SUS6eZD9PdLsbbLwwpYaUT1AqrEv5c81qCiLTaBYz9IFgaNqMZjK2Z8IVdvlc_setIYayKiWHmoYFYE7no09NmKtogYwzbBzBDAGEm88GyOaBChFAiZ3VlAM0SFir5OYfDrVvkyvs4EDKdfwNozVO-IWrWw%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.610.1-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fnsw2u.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.610.1-auto&bs=94177ec0-5bed-464f-935c-6422ce264afd&userId=dc0d99ebc9f7461ea819149a8fc99e73&m=link HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Cookie: OAID=dc0d99ebc9f7461ea819149a8fc99e73; oaidts=1698113582
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:03 GMT
content-type: application/json
x-trace-id: d5559c989b49bdf762cac68e64dcdf5a
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=dc0d99ebc9f7461ea819149a8fc99e73; expires=Wed, 23 Oct 2024 02:13:03 GMT; path=/; secure; SameSite=None
oaidts=1698113583; expires=Wed, 23 Oct 2024 02:13:03 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 31 Oct 2023 02:13:03 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

thaudray.com/5/3812660/?oo=1&aab=1

139.45.197.237

200 OK

2.8 kB

URL GET HTTP/2
thaudray.com/5/3812660/?oo=1&aab=1
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectthaudray.com
FingerprintC4:04:E7:56:23:4B:40:FA:A0:BE:32:61:EB:A9:B1:07:74:55:C5:B1
ValidityTue, 29 Aug 2023 05:32:07 GMT - Mon, 27 Nov 2023 05:32:06 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2990), with no line terminators
Size
2.8 kB (2750 bytes)
Hash
f72357363d9f9b9655b090f13d6a1538
9e3536390d095b38b2c8af2003887834c546dbd9
df6d3c3f441fd98200f1064e8bcfa449f851394ed73623752240cdb50840797c

HTTP Headers

GET /5/3812660/?oo=1&aab=1 HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:02 GMT
content-type: application/json
x-trace-id: f55dd82af73368800946843a14cd2ff7
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=dc0d99ebc9f7461ea819149a8fc99e73; expires=Wed, 23 Oct 2024 02:13:02 GMT; path=/; secure; SameSite=None
oaidts=1698113582; expires=Wed, 23 Oct 2024 02:13:02 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=0aa4f53ecbe8911b5307

172.67.150.79

200 OK

7.6 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=0aa4f53ecbe8911b5307
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with very long lines (7804), with no line terminators
Size
7.6 kB (7553 bytes)
Hash
9c77b566bd54b44feb40dae5abb672fd
4800962e6abb9f034197101fd654cd8f89e40e51
4fa5b8f79358bd73eafe22ac4a73531acbbed4b61f646d001d8636f27c4b2b07

HTTP Headers

GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=0aa4f53ecbe8911b5307 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 23 Oct 2023 20:17:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psi%2BSk5AAUnrm8UdFOiPCNyWVaZWzbiCKJ%2BESZ%2FI1cqAw%2FrH5CEgk1CES7enLH7O5elJG27%2BDVX8PKc4E5YSDJgVpmBArckPq0dObiTI0w6KP9O7to7KvcB%2FQzg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b6aff3569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

images.vfl.ru/ii/1692466506/8e093ade/38995519.jpg

212.47.236.38

200 OK

62 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1692466506/8e093ade/38995519.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Size
62 kB (61571 bytes)
Hash
f5ca0775d6b4c6d61ccb84d080eab5b3
71044f9bb69af45e4f171cf7e7c0ff3c9bcdfb1f
a968f61a9dcb9774217eee6c6298381b912ef95f00d273c551485c5d73930696

HTTP Headers

GET /ii/1692466506/8e093ade/38995519.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 61571
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 19 Aug 2023 17:35:06 GMT
ETag: "64e0fd4a-f083"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/dmlqt.css

172.67.150.79

200 OK

8.1 kB

URL GET HTTP/3
nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/dmlqt.css
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with very long lines (8145), with no line terminators
Size
8.1 kB (8143 bytes)
Hash
734068ce5268bc23a7506f3e9e9f5d41
acf53910826dc6702a5fb8f2bf6aab44b17f4886
2dd5b45b7df3d954548b70324f5730bf593bcdab6dac3632cc19ac119e8912a8

HTTP Headers

GET /wp-content/cache/wpfc-minified/q8eepl4d/dmlqt.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sun, 03 Sep 2023 08:56:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvZpqkZaPShU0v7CMDPqxzu0gD7q%2BHu4V8kEOWHRdTz3aXFZziLY3XH0rQa1qyRCC3JPAAgSXAbTCIqVn8oV6x9ecDOsHtRQ5F%2FFwVryGYGXPD6JZaSDScCjsnI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b35e87569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1

172.67.150.79

200 OK

8.0 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type
ASCII text, with very long lines (8246), with no line terminators
Size
8.0 kB (8005 bytes)
Hash
95e8541b1c7d8d1c6d971b8a1254f05e
a0a315f535cefee969c8f938ae9133beb051b51d
94d90d0cae68aae94246413284189ad0fd41bca226dcfc1d3394f25087df2ede

HTTP Headers

GET /wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Fri, 20 Oct 2023 08:20:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbiimJmRJGTgBs5qqFR%2FR6WOm8InY7z8onALS0UXHP4qOlnXu6KBF0wFP%2BoixgtCWiGs4md5PDlxIMeFqgeTaOdIsXjDoTDOle5tEFbz2sLyIwoZWwRnlXJpTU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2b68fe5569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1

192.0.77.2

200 OK

7.7 kB

URL GET HTTP/2
i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.7 kB (7712 bytes)
Hash
1f2664d6059193e6c1a59ee7ef14d1a0
46542860abd849426ea23d66c601ff0888d735db
f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621

HTTP Headers

GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: image/webp
content-length: 7712
last-modified: Sat, 11 Jun 2022 22:08:00 GMT
expires: Tue, 11 Jun 2024 10:08:00 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "416c01d7e07bbbbf"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c

142.250.74.168

200 OK

228 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89
ValidityThu, 28 Sep 2023 05:26:20 GMT - Thu, 21 Dec 2023 05:26:19 GMT

File type
ASCII text, with very long lines (5788)
Size
228 kB (227554 bytes)
Hash
aea24f93e9c536b9010acfa8090e28de
3116875d0d1a2efa5609ff3faecbac558d89db6b
d2690449c587bbf07b134eb1422b30e922accbbd883a56b863ec878ade8bb8d2

HTTP Headers

GET /gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 24 Oct 2023 02:13:01 GMT
expires: Tue, 24 Oct 2023 02:13:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

images.vfl.ru/ii/1696606849/450212ed/39028293.jpg

212.47.236.38

200 OK

86 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1696606849/450212ed/39028293.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data
Size
86 kB (85525 bytes)
Hash
f31e59ed8b4014e8c240b752b138ca58
92fe10034473f9c1939631c2c50642bfa521bf0f
2e559285efef0bb13f7cb134710ea244f456a76074859562fff2cd86952aed87

HTTP Headers

GET /ii/1696606849/450212ed/39028293.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 85525
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 06 Oct 2023 15:40:49 GMT
ETag: "65202a81-14e15"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c

142.250.74.168

200 OK

213 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89
ValidityThu, 28 Sep 2023 05:26:20 GMT - Thu, 21 Dec 2023 05:26:19 GMT

File type
ASCII text, with very long lines (4179)
Size
213 kB (213257 bytes)
Hash
a916433cea8d7f2eb5010e9607043493
860f51a83b897b5148c7f767d824ba2631c2b932
5cfe36054d4995994b78cae4523b84549e359f8eb23c0cc5ec0e5ef803de2b7a

HTTP Headers

GET /gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 24 Oct 2023 02:13:01 GMT
expires: Tue, 24 Oct 2023 02:13:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill.min.js

192.0.77.37

200 OK

16 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type

Size
16 kB (16146 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1

192.0.77.2

200 OK

2.6 kB

URL GET HTTP/2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.6 kB (2568 bytes)
Hash
513677192f138c2aba3a3847c320f723
7ce5b67d80a2c2dedf8685b08547bcc8bf012f99
d60495bc835271423ec6445708aceb3a068ed6f2ebfd796a86c9f9e134ca1788

HTTP Headers

GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:01 GMT
content-type: image/webp
content-length: 2568
last-modified: Sat, 24 Sep 2022 18:28:57 GMT
expires: Tue, 24 Sep 2024 06:28:57 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "deb437b05941c6de"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1

192.0.77.2

200 OK

374 B

URL GET HTTP/2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
374 B (374 bytes)
Hash
43df8a9873aa31bb000672a677ac1640
4c1bcd8c3a797217d375df16b4bcab2d6a2763a3
d865b1c06cbff014e7c47cf5afb4332de4c95a537f86074e001b577c50aef07d

HTTP Headers

GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:01 GMT
content-type: image/webp
content-length: 374
last-modified: Sat, 24 Sep 2022 18:25:44 GMT
expires: Tue, 24 Sep 2024 06:25:44 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "9a9a255d155ea6c0"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

images.vfl.ru/ii/1694605463/379b343c/39009958.jpg

212.47.236.38

200 OK

56 kB

URL GET HTTP/1.1
images.vfl.ru/ii/1694605463/379b343c/39009958.jpg
IP
212.47.236.38:443
ASN
#12876 Online S.a.s.

Requested by
https://nsw2u.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Size
56 kB (56299 bytes)
Hash
9231ea6579645ce1bc3d8409163b532c
799d9c08dd8f984836e6e25604c945ebaa4f279d
5044931355e94f41c11054849f656fe54626d4aa1d4b5332698b0e84e10794a1

HTTP Headers

GET /ii/1694605463/379b343c/39009958.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: image/jpeg
Content-Length: 56299
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 13 Sep 2023 11:44:23 GMT
ETag: "6501a097-dbeb"
Expires: Thu, 23 Nov 2023 02:13:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

c0.wp.com/c/6.3.2/wp-includes/js/dist/hooks.min.js

192.0.77.37

200 OK

4.6 kB

URL GET HTTP/2
c0.wp.com/c/6.3.2/wp-includes/js/dist/hooks.min.js
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://nsw2u.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (4704), with no line terminators
Size
4.6 kB (4627 bytes)
Hash
414c8462f6209b4905f767c8ba5c787d
a80b8b79908e6cdf11648f810e707a75c859cda3
007c3734a3f7737d74061ab5b96905dcb14ba1f88e7a6df55364b9d9573e3ce1

HTTP Headers

GET /c/6.3.2/wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 24 Oct 2023 02:13:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
content-encoding: br
expires: Wed, 23 Oct 2024 02:13:00 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f

172.67.150.79

200 OK

77 kB

URL GET HTTP/3
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type

Size
77 kB (77230 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: _ga_V5K7GYT3S4=GS1.1.1698113582.1.0.1698113582.0.0.0; _ga=GA1.1.1204719104.1698113582; _ga_HS5Y0K7QPG=GS1.1.1698113582.1.0.1698113582.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 02:13:02 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 23 Oct 2023 20:17:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 18953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSnFCPPnkcHE7J01d%2F%2BZf0C9MprYXXpsvjG4Q%2BA2MVca3c%2BocPm5Yx%2FjRqcY1Ipir%2BS7%2F4wKzPoWVGekN9tyJlJC1roVe%2BInltIEpBIBRzHU49%2BWh5K%2Bm5bXcLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2c2db63569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

192.243.59.20

307 Temporary Redirect

3.5 kB

URL GET HTTP/1.1
mimicdisperse.com/watch.744379574981.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=ca904766-6beb-4200-8975-bc9284b2f230%3A1%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectmimicdisperse.com
Fingerprint21:15:39:6E:77:1A:59:CB:E3:78:13:44:CF:D6:93:24:75:BF:26:78
ValidityTue, 10 Oct 2023 08:32:24 GMT - Mon, 08 Jan 2024 08:32:23 GMT

File type

Size
3.5 kB (3513 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.744379574981.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=ca904766-6beb-4200-8975-bc9284b2f230%3A1%3A1 HTTP/1.1
Host: mimicdisperse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Location: https://mimicdisperse.com/watch.744379574981.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=ca904766-6beb-4200-8975-bc9284b2f230%3A1%3A1&shu=c79ec1ee7e56068c6555318bf5b84c93e830020b1e2d968ab680cdd3bc7139182e534d76f2724194ca7906fa3e8cb5238740f4ad8afbc14e01f2635a37a446233e2b4385e1296c3a22a64325e644da44e5388248336e0b2f969f75c3646072&pst=1698113643&rmtc=t
Set-Cookie: u_pl=19067264; expires=Wed, 25 Oct 2023 02:13:03 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjgiOiJlZDZjYTVlYjhhYmM5YTg2NGZmYTM5MTE1Nzk5YjY0MSIsIjI5IjoiM2EyMjZhNjY0MGE2NDQ2ZGJjN2NkYzk2ZWNjNmIzZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vIn19.whvp_sQpIdUSm4SK7_ZQxkz-uJBivC_dFSr-vXd5VZ4; expires=Tue, 24 Oct 2023 02:14:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aeb8a5ac8203d4ac440bcf279ec63b8e
Strict-Transport-Security: max-age=0; includeSubdomains

mimicdisperse.com/watch.744379574981.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=ca904766-6beb-4200-8975-bc9284b2f230%3A1%3A1&shu=c79ec1ee7e56068c6555318bf5b84c93e830020b1e2d968ab680cdd3bc7139182e534d76f2724194ca7906fa3e8cb5238740f4ad8afbc14e01f2635a37a446233e2b4385e1296c3a22a64325e644da44e5388248336e0b2f969f75c3646072&pst=1698113643&rmtc=t

192.243.59.20

200 OK

3.5 kB

URL GET HTTP/1.1
mimicdisperse.com/watch.744379574981.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=ca904766-6beb-4200-8975-bc9284b2f230%3A1%3A1&shu=c79ec1ee7e56068c6555318bf5b84c93e830020b1e2d968ab680cdd3bc7139182e534d76f2724194ca7906fa3e8cb5238740f4ad8afbc14e01f2635a37a446233e2b4385e1296c3a22a64325e644da44e5388248336e0b2f969f75c3646072&pst=1698113643&rmtc=t
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nsw2u.com/
Certificate
IssuerLet's Encrypt
Subjectmimicdisperse.com
Fingerprint21:15:39:6E:77:1A:59:CB:E3:78:13:44:CF:D6:93:24:75:BF:26:78
ValidityTue, 10 Oct 2023 08:32:24 GMT - Mon, 08 Jan 2024 08:32:23 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (3541), with no line terminators
Size
3.5 kB (3513 bytes)
Hash
b504d0a32fbd4003ff0be22204d57321
b8619711f2b31dd563b4542c0d453ee4d891b89b
a954845260cf3bc5242dad21a1ed5d7365cc66e73afb037e253649eefee24ac9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.744379574981.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=ca904766-6beb-4200-8975-bc9284b2f230%3A1%3A1&shu=c79ec1ee7e56068c6555318bf5b84c93e830020b1e2d968ab680cdd3bc7139182e534d76f2724194ca7906fa3e8cb5238740f4ad8afbc14e01f2635a37a446233e2b4385e1296c3a22a64325e644da44e5388248336e0b2f969f75c3646072&pst=1698113643&rmtc=t HTTP/1.1
Host: mimicdisperse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19067264; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjgiOiJlZDZjYTVlYjhhYmM5YTg2NGZmYTM5MTE1Nzk5YjY0MSIsIjI5IjoiM2EyMjZhNjY0MGE2NDQ2ZGJjN2NkYzk2ZWNjNmIzZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vIn19.whvp_sQpIdUSm4SK7_ZQxkz-uJBivC_dFSr-vXd5VZ4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 24 Oct 2023 02:13:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=ca904766-6beb-4200-8975-bc9284b2f230:1:1; expires=Tue, 31 Oct 2023 02:13:03 GMT; secure; SameSite=None
iprcc91f32f09d21f23dec9bbb3fa477ffe6=3570421; expires=Tue, 24 Oct 2023 06:13:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 25 Oct 2023 02:13:03 GMT; secure; SameSite=None
uncs=1; expires=Wed, 25 Oct 2023 02:13:03 GMT; secure; SameSite=None
pdhtkv32=true; expires=Wed, 25 Oct 2023 02:13:03 GMT; secure; SameSite=None
uncs32=1; expires=Wed, 25 Oct 2023 02:13:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec11f98d696a6ba0665bbcbe0625bd22
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

nsw2u.com/

172.67.150.79

200 OK

316 kB

URL User Request GET HTTP/2
nsw2u.com/
IP
172.67.150.79:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT

File type

Size
316 kB (315595 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 02:12:59 GMT
content-type: text/html
last-modified: Mon, 23 Oct 2023 20:44:45 GMT
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J34FCn44Ae15tjktvpAcVQ45YRHvuMoCafnUYT0hNxJONJ%2BnrLZa%2Fzm2uteneNknrW33wINiDke8W4SOEG62pAr7gC7QX7XEE81whYJCl3U0z8oi9aknSljem6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81aeb2aee9a3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (64)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL