nsw2u.com/fatal-twelve-switch-nsp-xci
200 OK 0 B URL User Request POST HTTP/3 nsw2u.com/fatal-twelve-switch-nsp-xci
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fatal-twelve-switch-nsp-xci HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 21 May 2023 18:55:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 21 May 2023 19:55:45 GMT
Location: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiK%2FVkZuiM6p7h1EI2B4be06qdrPib2oWlafN5yUFL8eUeVB%2B%2BGFtzfE3fLayTM9eyUumJNjhTPfYrpb428GXDEDZdgZ7DgCsYwdqO7wzfo6d3E650Xwcu2VU3M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7caf09166ef8b523-OSL
alt-svc: h2=":443"; ma=60
nsw2u.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7caf09169f8db523
42 B URL nsw2u.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7caf09169f8db523
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7caf09169f8db523 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:46 GMT
content-type: image/gif
content-length: 42
last-modified: Thu, 18 May 2023 12:46:56 GMT
etag: "64661e40-2a"
server: cloudflare
cf-ray: 7caf0919bdddb523-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 21 May 2023 20:55:46 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
200 OK 16 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash 134fce13c189ed0e483a1bddb6406204
eed559ac52e9731c56a1fb03eb94fc82e551bb66
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
GET /wp-content/plugins/chp-ads-block-detector/assets/img/icon.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/png
content-length: 15671
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 15 May 2023 23:42:50 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 2072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSO6kHn0f5TALqu4dMbURnuWjkU%2FxDEQfvywgOZH4zeL%2FRdFJ4N5TYVWYuKNzLvExtcI6%2B5jxk8wFsKDJfJwnxkpWz0Qhg%2B56JXTJBsqA0Uj2IEEa%2BBlnygKitA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf0933ddc4b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
200 OK 95 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /wp-content/plugins/ad-inserter/images/ads.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/png
content-length: 95
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 2072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39JQkVwms4ABRXz5BshEblOgksVDW4NnEyE5mStUSMlYAmsa2ZolirKTivaTPdCKjF2L4AgedGRw5VnnPyHNFG4PIaO7dMb39MH36nXCFYIIgSDn4ybdYpDImnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09346eebb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.28
200 OK 23 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.28
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash e509c98a0bcad0ce8e6248ac8eb31de1
ec5fe203df631088270b5f2b0b7a85498a2aeb8b
352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63
GET /wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
content-length: 23
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=25
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 2072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giDwPQ5Ve4ItN7JX4NyWnIQ8lg9o7HhLe7%2BZTSFOL9cBQ%2BA8c1%2BsjZXy1R%2BbxnyEE9c92J%2BwZiMVmibEdadxAXojN%2FGvpUgmnogkIRIzCEN6F5hsjWLDKY%2BT2ek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09346ef4b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.28
200 OK 22 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.28
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 41bd53fe0ee631d5cfd895e18a53291d
9d9d3c42c53ad7f906cb083a0d2d37afb4537764
dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40
GET /wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
content-length: 22
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=24
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 2072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfntpuamVCsjfIBmC6aWe13p3ZMysmtRcmVrY%2FDx6rkuNUV2wJaELTxBlp9CEk94KsXs2WKEsR%2FN6XTl37GNVckDSevLNaYzzxO%2Bk%2BLjLSxRLfF2ZMjITU6wm6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09346ef7b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.28
200 OK 21 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.28
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7b5568740085d86e99a5b2b3e3451cf7
0e46d43f176a16789e65b3a786fd418fec4d1c38
c1673ed04d0735a2c9fcfcb9c77d9f19e5fc6937feb503e99090bdc24ea0eea2
GET /wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
content-length: 21
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:18 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 2072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1TwOR60crJiYuyhiKZEONOVuQ7KdRMhtRlsfR6xcHKv7tY4n74pXRAbPRH%2Flij6%2FeftRTlb1oU7LAd5AujrivtsuYx9oXQT9ZmATEqxcYf0njI48pcqndKbcKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09346ef5b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c0.wp.com/c/6.2.1/wp-includes/css/classic-themes.min.css
200 OK 291 B URL GET HTTP/2 c0.wp.com/c/6.2.1/wp-includes/css/classic-themes.min.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 1a0804b1a9d09705657f91fe7cad4c5a
feeece6f0b3e0bcf090547c475329a2772f6b26b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
GET /c/6.2.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: text/css
content-length: 291
last-modified: Mon, 13 Feb 2023 20:50:19 GMT
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/03/Euro-Truck-Simulator-2-v146220s-P2P-PC.jpg?ssl=1
200 OK 15 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/03/Euro-Truck-Simulator-2-v146220s-P2P-PC.jpg?ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5048740ec6dfb48f712f05395b69888
ea7b00bc4f41ec3cf736908908bd6813f0eccc40
065c7610edddd1ea17845bf33e3abee8c0dc76bb5cb30747ec4d788b35c8df21
GET /game-2u.com/wp-content/uploads/2023/03/Euro-Truck-Simulator-2-v146220s-P2P-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 15286
last-modified: Wed, 17 May 2023 07:34:23 GMT
expires: Fri, 16 May 2025 19:34:23 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/03/Euro-Truck-Simulator-2-v146220s-P2P-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "bfaa28aff800c013"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/05/Humanity-GoldBerg-PC.jpg?ssl=1
200 OK 13 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/05/Humanity-GoldBerg-PC.jpg?ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f84bc043fa13ca24917ee39e3e389e05
404d37a5f6d7e739726c3053d165c376c3144ffa
93eb84a8288836cc6acf464c4caa96ac7b5a1543775e617821c1a54468dceecb
GET /game-2u.com/wp-content/uploads/2023/05/Humanity-GoldBerg-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 12884
last-modified: Tue, 16 May 2023 13:36:12 GMT
expires: Fri, 16 May 2025 01:36:12 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/05/Humanity-GoldBerg-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3dc774e9b1aaf6ed"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.2.1
200 OK 3.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.2.1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (7862)
Hash 45bacd312d5098b4b59f563d8756c15d
fa55e2cff078381e5365d95782a95a787d0b7192
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
GET /ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.2.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-1ed1"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5687307
expires: Fri, 10 May 2024 18:55:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqUrhDqAji7sEdTM%2FPsw8sEv0sQ7eGIxAAEuIbwG115NgQUObUnMi0GrtxpBQyvpu8R%2F6wCM5IIrhMV8L2%2FsHvrEm2Cme6xibLNe6tMCg81nWLu3q0LkzK4%2BRv5hgjPkP4qHxsHw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7caf09350c86b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
200 OK 32 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3dde27351094fd110611b7099df7612d
1f8633afc647ab96114d9cd7b87b2e1bd9d73fae
f7118208621987432e4309b2429b3ca26191166ec2b5b4dfab15204958f9de33
GET /images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 31608
last-modified: Sat, 25 Mar 2023 13:28:37 GMT
expires: Tue, 25 Mar 2025 01:28:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5948b74d64865dea"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg?ssl=1
200 OK 24 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg?ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d5d00d2bddc5fc46b487ee7526be1b1
70f1125a9b148ca9ca45b8150bb0d9e64446d405
d2846967d75c27d3e1693d3f91532d1bfbb6750bcc1c544d3d9e200c34b5b3ad
GET /images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 23824
last-modified: Sat, 25 Mar 2023 10:05:58 GMT
expires: Mon, 24 Mar 2025 22:05:58 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ffe38a63a8792d3c"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.2.1
200 OK 677 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.2.1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (1845)
Hash f6a3dd4ecbf227acbafcff33d68dc71d
7421115ddcd5d436b89a1fd27e0cdce5a01978e6
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
GET /ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.2.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 677
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-750"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 182446
expires: Fri, 10 May 2024 18:55:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tn8Zlg8wWaTH0svcYYRg1p1dYiOaLW6YKdOD%2BMQ%2Fc5EmbOHcBgS9Ce1n8yBu2FpNQfCI57IENmt%2BQXfngGyFUSdhb7Fdf9tgxoz6LOI95zJk4JBTPaZaXV9EYEg02zYtVa7G9ZeZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7caf09351ca6b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679707845/154521c0/38824712.jpg?ssl=1
200 OK 12 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679707845/154521c0/38824712.jpg?ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 10a8a711c6faa0d08703483686e5b8f7
fa2a6bbfa09a005d6c900c354301c42856e11d96
c010cae4bd876aded1ddef373f4b06fb6501f4258766ea2a1d225a18580ecb0c
GET /images.vfl.ru/ii/1679707845/154521c0/38824712.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 12042
last-modified: Sat, 25 Mar 2023 01:33:02 GMT
expires: Mon, 24 Mar 2025 13:33:02 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679707845/154521c0/38824712.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c4584129a86ae2c1"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/05/House-Party-Winter-Holiday-Pack-GOG-PC.jpg?ssl=1
200 OK 9.5 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/05/House-Party-Winter-Holiday-Pack-GOG-PC.jpg?ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8044c9b0b95c575269326375d14e9614
9365127ac7c39547c403a62d76f1755e5b1aa7ea
2c6153fea08df1f0780e5fa2e2810f294a51dc238aea65500e4e65eb45530172
GET /game-2u.com/wp-content/uploads/2023/05/House-Party-Winter-Holiday-Pack-GOG-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 9504
last-modified: Wed, 17 May 2023 07:23:29 GMT
expires: Fri, 16 May 2025 19:23:29 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/05/House-Party-Winter-Holiday-Pack-GOG-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "925d00910fe246bd"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?resize=200%2C200&ssl=1
200 OK 10 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?resize=200%2C200&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 79b891d5bcb9e78dd5305869191dcd3d
dde0f92b92e027e9c606728ece6576923cbc52e3
d6edc51ee1a374d31a5e8b8d0520e0760b8338aab27ccdf2aa30a6a8337679fd
GET /images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 10442
last-modified: Mon, 15 May 2023 22:03:02 GMT
expires: Thu, 15 May 2025 10:03:02 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7156d99e3892042c"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1
200 OK 2.7 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash ae58f5f8d93958f30ee4edffe1e3c6bb
7957b10b6f0faabd5ffc655a9698ca0bbc6bd708
dd21bb2f24c912107f1df2b4f6adc9ac747047e1c911a4f5319aa8966e532f1c
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 2734
last-modified: Fri, 28 Oct 2022 09:04:59 GMT
expires: Sun, 27 Oct 2024 21:04:59 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "ab7fb3ec3d012ba6"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?resize=200%2C200&ssl=1
200 OK 7.8 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?resize=200%2C200&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e7baefad47d6e5eba8c00e698ec40a9b
2ae1da7acfe323e61bb8591bf4e21718eec0a07f
dcc5fbc1a06a25afada7603483c9bd22dbb18912e9f04b84bf58ba049ec27b88
GET /images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 7762
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "35c83120a522250c"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?resize=200%2C200&ssl=1
200 OK 12 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?resize=200%2C200&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aa6aea40861f4e4163b87b450cde9c7e
a88ede460723f410745c4b2451a2031550545b2e
eb9b54ea9bf370a939ae445f9a413474174f65ecff82f1dae7e09cb40687bb5b
GET /images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 11726
last-modified: Tue, 16 May 2023 17:52:37 GMT
expires: Fri, 16 May 2025 05:52:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0f945ea115012a60"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?resize=200%2C200&ssl=1
200 OK 7.8 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?resize=200%2C200&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be07a3f2db2eace56f7df3f78894fca8
8e65dbde4ea2283e2bcbb7d0d911ef861142d403
6845300d33cae612d9492b78ead6b905dc8a767f85a31676a4edceb40127845c
GET /images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 7818
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cfc6705945ce67d3"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1
200 OK 9.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1bb636cbc4bf45105ea09f678ec75095
95ab741b213cdf879782c361d4b305eaa169627d
bab239986bea594efd10c82ca1bb36dab2fd45a75c18448c6ba963cc59ab41a6
GET /images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 9702
last-modified: Tue, 18 Oct 2022 22:29:18 GMT
expires: Fri, 18 Oct 2024 10:29:18 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3fe814ac9b579a80"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?resize=200%2C200&ssl=1
200 OK 6.6 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?resize=200%2C200&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a8b7bd9d71982a5d6ccdba5d85599d82
5f016a731c8a7acb86f11f65d1d1ac39684bccde
1b4ab922121786f4c16ddb863b08b91d3c4fb9caba7ad5e7339c823d362cb1ff
GET /images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 6586
last-modified: Wed, 17 May 2023 09:09:41 GMT
expires: Fri, 16 May 2025 21:09:41 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "62f6acd8ad9d53ed"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?resize=200%2C200&ssl=1
200 OK 11 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?resize=200%2C200&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55473ced46ee7b2c3ebfe99006c8fcbc
c4fcc42638388d595c03927b0661ecbf7ad69678
53981062ac0743bf339898075ec08151de47c5b0fa9039b708bd80e679f668b5
GET /images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 10874
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "60e070fa86c100a6"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?resize=200%2C200&ssl=1
200 OK 14 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?resize=200%2C200&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2d0de84889daf001d4fe25311de7c748
438167bbd8a4da998c94107a9da9a885e60c9b35
5e05c163fb80b4076fa2986037c539ddc56d2011e5fc44f60bd0a0910f2de20e
GET /images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: image/webp
content-length: 14008
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "eb9b1bb61c41d633"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.2.1
200 OK 1.1 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.2.1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (3036)
Hash 94279a9a0c4060a96efcf1da47716f86
ea88b3fd8b01a8b86edfd0f4120cc9a834893018
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a
GET /ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.2.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 1101
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-bf7"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 11152179
expires: Fri, 10 May 2024 18:55:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXmg4AYEXkOfzRx0ZhSJP63ktKlPUlT90TK5DYmRLRvZjfODKaY%2F6nbKFPiIOSIKujqHpjfbTMjbh1QJg1A8z2R92B2263SZsSvC6QIi1lRrm4cuLJ2CmCc%2BXkXzeerl7rE7QFfJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7caf09355d40b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 3b91f01d5207d1641bcdd0ee53561353
4ef7d6092b868eb8b500e8729efb4301e1d1f4be
b36bd6756866f8c7ebebee886314ac7ee381615d365b7509c008df8f57ecf655
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 18:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash e704e964bb5b3041d29c68fb02cb8543
ba61630a2b52c8218e035207224a176c8ea70710
b327e7e251d144f45d6f57d50444343e7dc666dedfeea217c65b1b32943995f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 18:55:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-262573192-2
200 OK 47 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-262573192-2
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (2271)
Hash abb109edf52fc78935f7760e79ebd49b
b6f4f6a316db772abf57f08e941642617c896bc8
ed5a4086cf225295b3b093a61b7c871ef16134450752dd7853e0792c9bcf1e96
GET /gtag/js?id=UA-262573192-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 21 May 2023 18:55:51 GMT
expires: Sun, 21 May 2023 18:55:51 GMT
cache-control: private, max-age=900
last-modified: Sun, 21 May 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46557
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 3b91f01d5207d1641bcdd0ee53561353
4ef7d6092b868eb8b500e8729efb4301e1d1f4be
b36bd6756866f8c7ebebee886314ac7ee381615d365b7509c008df8f57ecf655
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 18:55:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash e704e964bb5b3041d29c68fb02cb8543
ba61630a2b52c8218e035207224a176c8ea70710
b327e7e251d144f45d6f57d50444343e7dc666dedfeea217c65b1b32943995f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 18:55:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nsw2u.com/wp-content/uploads/2023/01/5053309-scaled.jpg
200 OK 165 kB URL GET HTTP/3 nsw2u.com/wp-content/uploads/2023/01/5053309-scaled.jpg
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Freepik Company S.L. - www.freepik.com], baseline, precision 8, 2560x1707, components 3\012- data
Size 165 kB (165425 bytes)
Hash 6852b036e1ca6706dfd08adb9c453a3a
a6ad87ebc00f7a3b1b7bc7b973fbb9d2d63f6cc4
f604e7f73dba65231360db90d84583e729f20d58f4b03b8e17c799e0a575c09b
GET /wp-content/uploads/2023/01/5053309-scaled.jpg HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:51 GMT
content-type: image/jpeg
content-length: 165425
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Tue, 03 Jan 2023 15:01:38 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 2073
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wvOTHEtSzHGx9KvOjig9IlviSXjWGcsBtufiMKuklk9KCHk2qe8bJ%2BBtdGI5LR%2F%2BWh9Z37jW9bzIR8VPaTGK2Sz5RmkzcfHba%2BkyPuNz4f%2F71bUuczq%2BHg6n%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf0939a91cb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/kyzl.css
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:51 GMT
content-type: application/font-woff2
content-length: 77160
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 18:49:08 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 302
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsKdbQbCGP%2B5CaEmwVo285TEjycSr5gTNTn0Ao2behVPaXFmAyU7h9%2BNSTJjR3PAHa4V5FY3MoUsn%2FucTf%2FuFmfATiNPAA0i1onqLURnKxIQBfgLyjsYIRTXhA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf093a1a21b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
471 B IP
Hash d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 18:55:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nsw2u.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1679380905
200 OK 83 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1679380905
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash e282993fe22a08bcd0a3b605534aaa20
e879ec22d1d855833e33bffdcaa710b8c76e5da5
3d4d6372580ddefbc9bd63523a6a49a2cd17a57fd16cf6c5c7b7a98852bfbee8
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1679380905 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 21 Mar 2023 06:41:45 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1GGuDWqD%2B0LaAG07gv39qROr2homVX6EuU7de2hHRjnmD689qBn0WgRmEU05RhHTz33Uhye1459KIoh34HrmSSREUEkkoVFSzDqmhAVTDvPMIL9LOlH55Mkxx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09346eeeb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 11:49:35 GMT
expires: Fri, 17 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 284776
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
280 B IP
Hash f57bde3e4c736422b2e8383431f9e1ae
79b6cf4ad96ae2f70c85f8721f931095d27022dd
e9ebb5a58038764b942c5af5711786b5226dbe5e72f808e941d3a2578c6f37c0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 21 May 2023 18:55:51 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Sun, 21 May 2023 16:43:17 GMT
Expires: Sun, 28 May 2023 16:43:16 GMT
Etag: "79b6cf4ad96ae2f70c85f8721f931095d27022dd"
Cache-Control: max-age=596709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7caf093b39b60b59-OSL
ocsp.sectigo.com/
280 B IP
Hash f57bde3e4c736422b2e8383431f9e1ae
79b6cf4ad96ae2f70c85f8721f931095d27022dd
e9ebb5a58038764b942c5af5711786b5226dbe5e72f808e941d3a2578c6f37c0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 21 May 2023 18:55:51 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Sun, 21 May 2023 16:43:17 GMT
Expires: Sun, 28 May 2023 16:43:16 GMT
Etag: "79b6cf4ad96ae2f70c85f8721f931095d27022dd"
Cache-Control: max-age=596614,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7caf093b4ecfb50c-OSL
ocsp.pki.goog/gts1c3
471 B IP
Hash d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 18:55:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.profitabledisplaynetwork.com/0820d72adb12696922227f6272d36ff9/invoke.js
200 OK 9.8 kB URL GET HTTP/1.1 www.profitabledisplaynetwork.com/0820d72adb12696922227f6272d36ff9/invoke.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
Fingerprint75:B6:E0:A9:9C:98:35:B5:EC:3D:8C:9C:9F:FB:80:AF:E9:D1:32:E0
ValidityTue, 02 May 2023 03:55:51 GMT - Mon, 31 Jul 2023 03:55:50 GMT
File type exported SGML document, ASCII text, with very long lines (26939), with no line terminators
Hash a3f95632617461dd1042ed81bd793bb0
68c110efb45f878647c15ea2fad3887e9246dbcf
1c5140b076549e5d193f368ac0dcca9144267a411568fcf5dd90c14a69a6de3a
GET /0820d72adb12696922227f6272d36ff9/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 21 May 2023 18:55:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50117eea6e4cbe67249b83a6bfd1a07f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplaynetwork.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
200 OK 9.8 kB URL GET HTTP/1.1 www.profitabledisplaynetwork.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectprofitabledisplaynetwork.com
Fingerprint75:B6:E0:A9:9C:98:35:B5:EC:3D:8C:9C:9F:FB:80:AF:E9:D1:32:E0
ValidityTue, 02 May 2023 03:55:51 GMT - Mon, 31 Jul 2023 03:55:50 GMT
File type exported SGML document, ASCII text, with very long lines (26988), with no line terminators
Hash 8ce781caeb92503f3bf3982e871790f2
43c3ccf84dd73f8e3b71692e0d9019bc15a6c5ee
8d90f0a5d200ab1e08ba724a33752efed22aff1695ea56b7c0cd8d95065a2a7b
GET /a45922fa4966955cecdffbdde5347ae5/invoke.js HTTP/1.1
Host: www.profitabledisplaynetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 21 May 2023 18:55:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ed025e5c1c68b4d83696522e22577874
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206
200 OK 3.3 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash 8a7bb9e592588225d6cdf7d158d6cb83
638cbad343f1052bc82a2bb635f49134f7ac09bc
e0ce1f421e496d7b9abd4ae85fae454eeb8f6376a38d38dbb478c6a663df67de
GET /wp-content/themes/posterpro/js/navigation.js?ver=20120206 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Wed, 16 Nov 2022 18:49:09 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwg88umBi0u1Wafo6f%2B5OdTBsWqV53H4qNOyky66U%2Bkx9rwxgm%2FYgkeIhftho6SOtx4cNgrTP2oFQiIbOxfMLqhrzwrD2WJW8nCXpfWe212Rx2M76NO3LokzpUM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09340e4db523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js
200 OK 125 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (32024)
Size 125 kB (124742 bytes)
Hash 2f152222965edeff5fce218fcd627165
5fdce14b4a6b446f0406aa51c266cd242338bce6
884aa2f05fa8a363aacb1659217b2116835b6568f6dcd5e047b28764dac5fd60
GET /wp-content/themes/posterpro/foundation/js/foundation.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Wed, 16 Nov 2022 18:49:09 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyoVikGkMx4M2eMpqbcwnPgk%2Ff1vTiCK7BKxV74N3q2LYlRDpRUnSd50x1Zhznp%2Fw3VaQfU5Xfk%2F9baq3GMreo8K8rA3lAUd6pUMojdAxzyNFCPESKYExkPvXvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09341e5db523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
200 OK 3.4 kB URL GET HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (2702)
Hash 0adc401b43de2aa1c60a9aef970d7739
360c3d8968ce4ea9497a90bb9d1c328d4efa65cd
8e657c0ef1763965fb05ff2d31c111675fc2869e3b32b2cb09ba9a0dacc34c76
GET /wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"63242ce6-45a9"
content-encoding: br
expires: Sat, 16 Sep 2023 07:59:40 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 8cf9a40e2e5051719a54d487b5b69094
962a4d7406fd8f5384e0804fb795b2039aa3018d
30be41b28dd3dcc08b4ed409918278bed6198d35dce17c186541da4a95a07aaf
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 18:55:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nsw2u.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=29d46a9e-81d6-439f-9a2c-8bc4acc7ed21:2:1; expires=Wed, 18 May 2033 18:55:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
c0.wp.com/c/6.2.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
200 OK 710 kB URL GET HTTP/2 c0.wp.com/c/6.2.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (4186), with no line terminators
Size 710 kB (709554 bytes)
Hash ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
GET /c/6.2.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/406685/728x90?region=eu-central-1
200 OK 658 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/406685/728x90?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/1686449?size=728x90
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 728 x 90\012- data
Size 658 kB (658334 bytes)
Hash 96e1a1f6a465ffb1996646a4932ba18b
95316a340412448c7b2298022f95018a84bd06b9
3779aca15c0cd71ccd037bc921af5cf96adfc673d7f5ca6f4bf1f57080e499ef
GET /a-ads-banners/406685/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: image/gif
content-length: 658334
x-amz-id-2: ojQV1cZeWVt0ql19jCKylCmyFn2tYyQznZEn2vKDVmTvARn/9megDh5Jko+OvjW+xiN8MkvWKqc=
x-amz-request-id: TNHNAK9QQ4K5MJ1W
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 08:12:39 GMT
etag: "96e1a1f6a465ffb1996646a4932ba18b"
cache-control: max-age=315360000
x-amz-version-id: dSwIG7baX58cw3WRkIIoRJVF5bmIjlTM
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1/_inc/build/photon/photon.min.js
200 OK 356 B URL GET HTTP/2 c0.wp.com/p/jetpack/12.1/_inc/build/photon/photon.min.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (685), with no line terminators
Hash 24626ac4453bf45fe07e6c5d4e859fbd
9adbe5e7a5e1b5fb19aee82a9d765631b62ecb2f
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
GET /p/jetpack/12.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/452145/320x50?region=eu-central-1
200 OK 14 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/452145/320x50?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/2093561?size=320x50
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 320 x 50\012- data
Hash 40846c748b108cf688f9271caf57b86f
3268634652c5fac3dba24991d5800ba20d66ca07
fd7b4cdf4eadff478c4887b5d89fed5588374b3d3d4af1f4eebedec44a43e197
GET /a-ads-banners/452145/320x50?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/gif
content-length: 13983
x-amz-id-2: yYFqPI8CcWZsz5XGIfL4kjgaf7DpxNd/bSi6My95DTjGHKYA6BeL2zfvzZZ6Md5BoV7nVSRlI5A=
x-amz-request-id: GDY5CZBEJHWQW5KS
x-amz-replication-status: COMPLETED
last-modified: Sat, 29 Apr 2023 12:10:47 GMT
etag: "40846c748b108cf688f9271caf57b86f"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: e3w6.pTaCaxFbNksHfWVJqUwbNPMVpk3
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1/css/jetpack.css
200 OK 17 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.1/css/jetpack.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4cc4e0cba17c8a9c76e0884632f9421f
9bdb840afdd68033ee0a3a8779cddcc7d71580b0
05db96d56969f90368d364da6c464ad073255964267594cb7e2b65b90d385da0
GET /p/jetpack/12.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 17 Apr 2023 18:32:50 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
200 OK 58 kB URL GET HTTP/2 s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (3416)
Hash a38c5731b06a34d75d5eded37e05cc60
fbd73b4f1fb9e7137d1ef48e920801818e3afb2a
822183b6912f8ef43349d897aa66f65f840a059a488c1dae834f2e1b4d847c1c
GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 07:43:45 GMT
etag: W/"63218631-a4f5"
content-encoding: br
expires: Thu, 14 Sep 2023 07:43:50 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?w=1280&resize=1280&ssl=1
200 OK 49 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3943799e6866beec74635dd2fdf512e3
f2a7081c65cacb1983cc0392810729c4eacad9b7
49130321a941d18ebfea6a84080d4c3970903aba00b12f293f7e621673f40efa
GET /images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 48746
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "694acd0f20d20e8b"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?w=1280&resize=1280&ssl=1
200 OK 39 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbbdd80b56bcb03e9714388f4c95c471
a4693886d67e62d67fcdeb0ec58e75a9fdb1449b
fbffa88f412ac959dd742b148fbed63c29114648fb3b320bdc12572fe1a09182
GET /images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 38646
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "fcea96ff6e009adb"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?w=1280&resize=1280&ssl=1
200 OK 28 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 048ca27e9a24944c5531fa55bdb3441e
393537e6aaeb5bbe92fddfb89b1378b3aec900c9
d2152def1ec841566f8e13c94a9c15669427f69104e4118eb4f3272973f404b5
GET /images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 27668
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "37ab1c9b59690ae3"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?w=1280&resize=1280&ssl=1
200 OK 29 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f0903e7801d2c7637954bd4fadc1c12
62918a0a952e2e44aff030874bae048197d722a5
69ae402481c759a2e1fc97b1a5e8a508ef69d695950d53ae273ae34146216b13
GET /images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 29114
last-modified: Sat, 06 May 2023 15:25:19 GMT
expires: Tue, 06 May 2025 03:25:19 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e4320d5664e43dc6"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?w=1280&resize=1280&ssl=1
200 OK 43 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8eecd8735e9e9aeaf1983aba0e7f3b6d
8f8e31633b28a78a7a8a964bdb002c8ea32da38c
e731f1c1e067138cf40fe4df0d8968451df8f6bcfbfeaa1ed5bf35d8ef1c0000
GET /images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 42946
last-modified: Fri, 18 Nov 2022 23:15:09 GMT
expires: Mon, 18 Nov 2024 11:15:09 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8c3403d21496b34b"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js
200 OK 59 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash 0921ffcc516c8a8658c053cabc84560d
d9262cc8a91cea571a858651d9264255924f6a62
e62da2223a3acb27582b6f9aed487b9397370b30555bc5d6a15e8619f1dc98f3
GET /wp-content/themes/posterpro/foundation/js/foundation.core.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Wed, 16 Nov 2022 18:49:09 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18QUl2LIK4pGy1KRdSs%2BSqj5N0gAR5n951hnxQJk040J41GgHSroqOLtAygwoJOBp7zUjQu5At9fn3VETPOtwOot%2FO%2B3rcZgAZpOVKJ936Y0NWWTwNYCaHzhYn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09340e48b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/cdn-cgi/challenge-platform/h/g/img/7caf09169f8db523/1684695346420/1iUq2m20Ra-hXcj
72 kB URL nsw2u.com/cdn-cgi/challenge-platform/h/g/img/7caf09169f8db523/1684695346420/1iUq2m20Ra-hXcj
IP
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type PNG image data, 5 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash c5d88e62d52f93c1e13a15f7a0a5c425
c514573651c4b16480366938288ea50ea4007373
056522fb24f3fce805538c1c413ffbcfc7b2acd5da034fc9628ae92d137f0be8
GET /cdn-cgi/challenge-platform/h/g/img/7caf09169f8db523/1684695346420/1iUq2m20Ra-hXcj HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:49 GMT
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Imw4Nci2m%2BSfe%2Bw7AWbG6TpA0MQOg8SItTdgls6U41UhP9Hx7GQyGIqE6NWOHtiwUttMdnW5X1URQe2fAP%2FkpE1dfyTyl7%2Bn%2BpNl07YjBJilu3H8ynB5MtzYkas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf092e5b16b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
woafoame.net/tag.min.js
200 OK 23 kB IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectwoafoame.net
Fingerprint3E:37:26:2B:FF:DD:C6:96:A7:8A:25:DE:C9:94:3C:5B:96:4D:99:26
ValidityTue, 04 Apr 2023 05:14:43 GMT - Mon, 03 Jul 2023 05:14:42 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 982390d6845d21c670f0eaa32e717170
ddda54010d91bae3aad6a5bc334ff8672ac2ad8d
dbbbeb170f2b87e600d854b8d4b577d664037a911ba69a45b4124aeba93ecace
GET /tag.min.js HTTP/1.1
Host: woafoame.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 23420
content-encoding: br
x-trace-id: 4a35ca1663161a110d7d407084e27638
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 19 May 2023 13:48:43 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 5b1b70095823dc8bb0129349a778d8bf
0768f03a92dacd94c1390730781aff4ba2a67a57
cbb74ab4fcf68bf5a22ada7fd0fff44009becbdc840a4308643c775ba51118f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 21 May 2023 18:55:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1
200 OK 2.8 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 948c6dc3d3c1e2e9d315418f6eabe2bf
ed06ff1f0994f3be033f22d808241d3fcca9d1e8
3a2e29960ba6130c22ce96089a7592ae91b6a0d6a11595a10daaa9662522ad0b
GET /nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 2836
last-modified: Sat, 24 Sep 2022 18:25:42 GMT
expires: Tue, 24 Sep 2024 06:25:42 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/nsw2u.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0101732b85ce3bdc"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg?resize=432%2C700&ssl=1
200 OK 39 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg?resize=432%2C700&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 34b06f961cc6ec726cf3e7b947291ada
ed575c7a694d5a90648afd93d8681719871fbb3c
bfd0187532ddf67ef4dd7c29036f071c9dc25bd92c802cbfd9033c943efe8578
GET /images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg?resize=432%2C700&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 39332
last-modified: Fri, 12 May 2023 12:01:02 GMT
expires: Mon, 12 May 2025 00:01:02 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "bf51337c83c083d3"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ad.a-ads.com/1686449?size=728x90
200 OK 38 kB URL GET HTTP/2 ad.a-ads.com/1686449?size=728x90
IP
ASN #24940 Hetzner Online GmbH
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash e3f14bf65abd03b3c121d5e81cc60528
47c0ea2dfb213625d4658e697f9f1fa0fff28d88
9a584b2e3546b14aa4ef9bb2e0e9811b1f2d61ab406000655cbf523d9bbb6e69
GET /1686449?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://nsw2u.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 47 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
FingerprintFD:51:D6:58:C0:8D:80:53:41:E1:38:6F:00:65:31:B0:78:F0:65:FD
ValidityMon, 24 Apr 2023 11:56:03 GMT - Mon, 17 Jul 2023 11:56:02 GMT
File type ASCII text, with very long lines (3552)
Hash 8cafbe460e4947eb8296ee2ae63b70bd
9b2f81b20ea4cca6f349d59b853a1b4c83eb7fe3
a978d7017f0006bc9c93769350bd253a25b8ea7a2a4c86bf3fac12547a6338da
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 21 May 2023 18:55:52 GMT
expires: Sun, 21 May 2023 18:55:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12467534960335319572
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/challenge-platform/scripts/invisible.js
302 Found 12 kB URL GET HTTP/3 nsw2u.com/cdn-cgi/challenge-platform/scripts/invisible.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash a14fc7e7d9ad75a3423258096f1dccea
63bd40de03ebd249aaf8e08c49d9e2f6728ed2d0
6d65743915a34d00425a85beafa8ca3b2acd9b26ec2c713943124b473b48f1de
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160; _ga_HS5Y0K7QPG=GS1.1.1684695351.1.0.1684695351.0.0.0; _ga=GA1.1.1510417050.1684695352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sun, 21 May 2023 18:55:52 GMT
cache-control: max-age=300, public
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REaA8ZVor8O3zNvn%2BvFuxzKlZOci2UOoTlNQyVPZVlGDBvZS8stEVyL6xOsMyfKFANIqQJHDuipwTl7LhBSf9oaBUv496yw7xOUx%2BqD7Z97SPB9Qp51uUMctD6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09411fc8b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c0.wp.com/p/jetpack/12.1/_inc/social-logos/social-logos.min.css
200 OK 21 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.1/_inc/social-logos/social-logos.min.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11580)
Hash 6fe4fbe2d529a23a0c2c15640fbe15b1
35748eb5f288ebf9849080411e51be68e0f3af70
5af9881e63eb82017b7f84922fa8ba9928bcfb4416eb3579f1b3528263003a18
GET /p/jetpack/12.1/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 21 Mar 2023 13:24:16 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ad.a-ads.com/2093561?size=320x50
200 OK 44 kB URL GET HTTP/2 ad.a-ads.com/2093561?size=320x50
IP
ASN #24940 Hetzner Online GmbH
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash b3242625cc06131dd016ec1bfd9cee3d
3bb30023c99374d8c3808a7ca2ee3e345c2de3c5
7c32edcd4f3cf29839ac75da8570cadd3d21fab800604bc4203316bd10ad293c
GET /2093561?size=320x50 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://nsw2u.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1
200 OK 2.6 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 513677192f138c2aba3a3847c320f723
7ce5b67d80a2c2dedf8685b08547bcc8bf012f99
d60495bc835271423ec6445708aceb3a068ed6f2ebfd796a86c9f9e134ca1788
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 2568
last-modified: Sat, 24 Sep 2022 18:28:57 GMT
expires: Tue, 24 Sep 2024 06:28:57 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "deb437b05941c6de"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1
200 OK 374 B URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 43df8a9873aa31bb000672a677ac1640
4c1bcd8c3a797217d375df16b4bcab2d6a2763a3
d865b1c06cbff014e7c47cf5afb4332de4c95a537f86074e001b577c50aef07d
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 374
last-modified: Sat, 24 Sep 2022 18:25:44 GMT
expires: Tue, 24 Sep 2024 06:25:44 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "9a9a255d155ea6c0"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/kyzl.css
200 OK 168 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/kyzl.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (34393)
Size 168 kB (168521 bytes)
Hash 901dccd299137aa8adf45d7c8a9eb90f
82e9a803522afc2499101d16e22a6cd7aa0d5a67
e14f727616053367b3768c6e43f1a3f3d2d9fa2f9461c88d906696a16aa2a47c
GET /wp-content/cache/wpfc-minified/fhg2umku/kyzl.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Sun, 14 May 2023 11:10:35 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7yBpvhMh8bBMsxNzCq0fMe8OGn2CpzovoW5G1yC3n4NxBg%2BrIx3n7Yn6jjgW3cqsnXVYI0Jk4Zk3c6kA2YmTNptgIzqkxj4hzsoAUkPuhq0I2ytv7Z2qyblPLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09339d41b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
simplewebanalysis.com/stats
200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 05876ab6d7f5998a961da9484803fad2
ad58fe3e947bccccceaedb60a0ed6899462f7e5b
1a0eacff7f57511ebb3f31cbff3dadecdcaf7d00434a864f9bf9c9bc424e140c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: uid_id2=c2527f51-6a66-4fe9-97d2-8219b49f4517:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 21 May 2023 18:55:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nsw2u.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg?w=500&resize=500&ssl=1
200 OK 39 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg?w=500&resize=500&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 34b06f961cc6ec726cf3e7b947291ada
ed575c7a694d5a90648afd93d8681719871fbb3c
bfd0187532ddf67ef4dd7c29036f071c9dc25bd92c802cbfd9033c943efe8578
GET /images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg?w=500&resize=500&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:53 GMT
content-type: image/webp
content-length: 39332
last-modified: Tue, 16 May 2023 02:54:59 GMT
expires: Thu, 15 May 2025 14:54:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ec8ca1ede80bd2b1"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
investorequalityfrog.com/watch.1593108537640.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=
307 Temporary Redirect 0 B URL GET HTTP/1.1 investorequalityfrog.com/watch.1593108537640.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectinvestorequalityfrog.com
Fingerprint0A:6E:42:7D:FB:1D:68:E7:A7:94:22:71:DE:18:39:A1:8C:B0:57:0D
ValidityFri, 28 Apr 2023 01:27:07 GMT - Thu, 27 Jul 2023 01:27:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1593108537640.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid= HTTP/1.1
Host: investorequalityfrog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 21 May 2023 18:55:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Location: https://investorequalityfrog.com/watch.1593108537640.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=&shu=6157aa938ef7c04cd734493449e6aa4871922f7633ad6a2323b554899309c88a6bd39762322e67a80fd643e5336dbeac5d470560433bce03bda054dd40d6cdd1648308468733cd82fa69deff7c5a0efc761b349383d7f63b13506338d43a08&pst=1684695413&rmtc=t
Set-Cookie: u_pl=19067264; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjkiOiIzYTIyNmE2NjQwYTY0NDZkYmM3Y2RjOTZlY2M2YjNlOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25zdzJ1LmNvbS9mYXRhbC10d2VsdmUtc3dpdGNoLW5zcC14Y2kifX0.J-FCaTT0hhYZeChwOhlJqiUKeCNd0yQgW0YQVTfwApo; expires=Sun, 21 May 2023 18:56:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 257246dbacf6e73b3a220a2fe51a4f26
Strict-Transport-Security: max-age=0; includeSubdomains
investorequalityfrog.com/watch.1593108537640.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=&shu=6157aa938ef7c04cd734493449e6aa4871922f7633ad6a2323b554899309c88a6bd39762322e67a80fd643e5336dbeac5d470560433bce03bda054dd40d6cdd1648308468733cd82fa69deff7c5a0efc761b349383d7f63b13506338d43a08&pst=1684695413&rmtc=t
200 OK 2.1 kB URL GET HTTP/1.1 investorequalityfrog.com/watch.1593108537640.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=&shu=6157aa938ef7c04cd734493449e6aa4871922f7633ad6a2323b554899309c88a6bd39762322e67a80fd643e5336dbeac5d470560433bce03bda054dd40d6cdd1648308468733cd82fa69deff7c5a0efc761b349383d7f63b13506338d43a08&pst=1684695413&rmtc=t
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectinvestorequalityfrog.com
Fingerprint0A:6E:42:7D:FB:1D:68:E7:A7:94:22:71:DE:18:39:A1:8C:B0:57:0D
ValidityFri, 28 Apr 2023 01:27:07 GMT - Thu, 27 Jul 2023 01:27:06 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2572)
Hash 6888ff5ae20d3758fa3584ef08068dee
6473d9c82fdf12060fcfa0b1dabd647d287a6d2b
5a733ae7a4dde93b7c718280b2dd621f4d8b9a7603dc26c049641e1d86b58682
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1593108537640.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=&shu=6157aa938ef7c04cd734493449e6aa4871922f7633ad6a2323b554899309c88a6bd39762322e67a80fd643e5336dbeac5d470560433bce03bda054dd40d6cdd1648308468733cd82fa69deff7c5a0efc761b349383d7f63b13506338d43a08&pst=1684695413&rmtc=t HTTP/1.1
Host: investorequalityfrog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19067264; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjkiOiIzYTIyNmE2NjQwYTY0NDZkYmM3Y2RjOTZlY2M2YjNlOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25zdzJ1LmNvbS9mYXRhbC10d2VsdmUtc3dpdGNoLW5zcC14Y2kifX0.J-FCaTT0hhYZeChwOhlJqiUKeCNd0yQgW0YQVTfwApo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 21 May 2023 18:55:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Set-Cookie: iprcdac9e8b0efdb65594ac95b89b8b719f2=3570421; expires=Sun, 21 May 2023 22:55:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
uncs=1; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
pdhtkv32=true; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
uncs32=1; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 317d1c2d4e106cc6b66e420bf9d44f7f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
my.rtmark.net/gid.js?userId=6ce452c0f1dd4de8af8f667c9a43aab5
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=6ce452c0f1dd4de8af8f667c9a43aab5
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type JSON data\012- , ASCII text
Hash b33f32d210622dc1bb0ba818ee55f9ef
44257e2b7d4c3c07ebf9560078e2315ca2a30341
772ae0211d086a4d942c5ed1c211408ce5a8dba5bff160ad98f6cc87e899e39a
GET /gid.js?userId=6ce452c0f1dd4de8af8f667c9a43aab5 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:53 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nsw2u.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6ce452c0f1dd4de8af8f667c9a43aab5; expires=Mon, 20 May 2024 18:55:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
uppereugene.com/watch.422029426324.js?key=0820d72adb12696922227f6272d36ff9&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=
307 Temporary Redirect 0 B URL GET HTTP/1.1 uppereugene.com/watch.422029426324.js?key=0820d72adb12696922227f6272d36ff9&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectuppereugene.com
FingerprintF4:EE:8E:5A:C9:21:10:65:0B:B6:AE:1C:0C:4C:D3:A8:7D:02:8C:5D
ValidityFri, 05 May 2023 09:33:30 GMT - Thu, 03 Aug 2023 09:33:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.422029426324.js?key=0820d72adb12696922227f6272d36ff9&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid= HTTP/1.1
Host: uppereugene.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 21 May 2023 18:55:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Location: https://uppereugene.com/watch.422029426324.js?key=0820d72adb12696922227f6272d36ff9&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=&shu=1dcba9e89b6d40fadf1bd3d15162e583c9684946b43fae171c6a8fae3727ec5287d4b46cb930abcecf649113285c466da84103c566c1c9ddc4da30b9dbd7dc30a031e017eea8ef6931b5017401641a6ca4b5fbe8&pst=1684695413&rmtc=t
Set-Cookie: u_pl=19067474; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzQ3NCwiayI6IjA4MjBkNzJhZGIxMjY5NjkyMjIyN2Y2MjcyZDM2ZmY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqanEwcHVpcDZuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vZmF0YWwtdHdlbHZlLXN3aXRjaC1uc3AteGNpIn19.96AOqMgX_awKcoRq8qy2okBVCxxZNv8L6d6DhtIvZb4; expires=Sun, 21 May 2023 18:56:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cab2e8c48851cd6dc761d509afc51e21
Strict-Transport-Security: max-age=0; includeSubdomains
woafoame.net/?rb=7EWW_e5oQl9WSUtw1i_dmfs7eY070qEQp5TD1EUyXljrY0AwBjyHZtoe0ExwKWsOvPV-xHfFLiHnh8IP9B23zTMHbo8vS_KMDuc2kyMs30AP44o3Oua69uGbq8BDDt-mdxTExeto6uM5WCJXwvDWEXJ4FnaIuZouRl7jj6A9zDK960ayHF-Rk9ezvfZLSPL6rhmuw3h8eXyq-z5q7HH0YA%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.543.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=7&pl=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&drf=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci%3F__cf_chl_tk%3DygfY3.pYDmGt5hOZZmGJ0KGTVCAC6Eh8reT52_82ids-1684695345-0-gaNycGzNCpA&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.543.0&bs=7fc7b335-988e-4e15-82b5-4e41dc15416c&userId=6ce452c0f1dd4de8af8f667c9a43aab5&m=link
200 OK 26 kB URL GET HTTP/2 woafoame.net/?rb=7EWW_e5oQl9WSUtw1i_dmfs7eY070qEQp5TD1EUyXljrY0AwBjyHZtoe0ExwKWsOvPV-xHfFLiHnh8IP9B23zTMHbo8vS_KMDuc2kyMs30AP44o3Oua69uGbq8BDDt-mdxTExeto6uM5WCJXwvDWEXJ4FnaIuZouRl7jj6A9zDK960ayHF-Rk9ezvfZLSPL6rhmuw3h8eXyq-z5q7HH0YA%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.543.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=7&pl=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&drf=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci%3F__cf_chl_tk%3DygfY3.pYDmGt5hOZZmGJ0KGTVCAC6Eh8reT52_82ids-1684695345-0-gaNycGzNCpA&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.543.0&bs=7fc7b335-988e-4e15-82b5-4e41dc15416c&userId=6ce452c0f1dd4de8af8f667c9a43aab5&m=link
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectwoafoame.net
Fingerprint3E:37:26:2B:FF:DD:C6:96:A7:8A:25:DE:C9:94:3C:5B:96:4D:99:26
ValidityTue, 04 Apr 2023 05:14:43 GMT - Mon, 03 Jul 2023 05:14:42 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 3119a99976921116d31ddb11847c6b75
fa27932d10e6945dd4ce67f7445c010af2101620
874007c9858261a866dca487c52763bdabd1ba8162bba437bc33cfd3f281fe07
GET /?rb=7EWW_e5oQl9WSUtw1i_dmfs7eY070qEQp5TD1EUyXljrY0AwBjyHZtoe0ExwKWsOvPV-xHfFLiHnh8IP9B23zTMHbo8vS_KMDuc2kyMs30AP44o3Oua69uGbq8BDDt-mdxTExeto6uM5WCJXwvDWEXJ4FnaIuZouRl7jj6A9zDK960ayHF-Rk9ezvfZLSPL6rhmuw3h8eXyq-z5q7HH0YA%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.543.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=7&pl=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&drf=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci%3F__cf_chl_tk%3DygfY3.pYDmGt5hOZZmGJ0KGTVCAC6Eh8reT52_82ids-1684695345-0-gaNycGzNCpA&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.543.0&bs=7fc7b335-988e-4e15-82b5-4e41dc15416c&userId=6ce452c0f1dd4de8af8f667c9a43aab5&m=link HTTP/1.1
Host: woafoame.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Cookie: OAID=6ce452c0f1dd4de8af8f667c9a43aab5; oaidts=1684695352
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:53 GMT
content-type: application/json
x-trace-id: 3797d63891a5021756884517e6145483
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6ce452c0f1dd4de8af8f667c9a43aab5; expires=Mon, 20 May 2024 18:55:53 GMT; path=/; secure; SameSite=None
oaidts=1684695353; expires=Mon, 20 May 2024 18:55:53 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 28 May 2023 18:55:53 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
uppereugene.com/watch.422029426324.js?key=0820d72adb12696922227f6272d36ff9&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=&shu=1dcba9e89b6d40fadf1bd3d15162e583c9684946b43fae171c6a8fae3727ec5287d4b46cb930abcecf649113285c466da84103c566c1c9ddc4da30b9dbd7dc30a031e017eea8ef6931b5017401641a6ca4b5fbe8&pst=1684695413&rmtc=t
200 OK 2.0 kB URL GET HTTP/1.1 uppereugene.com/watch.422029426324.js?key=0820d72adb12696922227f6272d36ff9&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=&shu=1dcba9e89b6d40fadf1bd3d15162e583c9684946b43fae171c6a8fae3727ec5287d4b46cb930abcecf649113285c466da84103c566c1c9ddc4da30b9dbd7dc30a031e017eea8ef6931b5017401641a6ca4b5fbe8&pst=1684695413&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectuppereugene.com
FingerprintF4:EE:8E:5A:C9:21:10:65:0B:B6:AE:1C:0C:4C:D3:A8:7D:02:8C:5D
ValidityFri, 05 May 2023 09:33:30 GMT - Thu, 03 Aug 2023 09:33:29 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2562)
Hash 0e2b9370954996f70669cffb30245866
5bc97a3d62e7e4c635a40a1c4c9d5aa1ea0280de
22076174fdc022cb9c423e83256acf39a667ef095037e5549c843262c3837e15
GET /watch.422029426324.js?key=0820d72adb12696922227f6272d36ff9&kw=%5B%22fatal%22%2C%22twelve%22%2C%22switch%22%2C%22nsp%22%2C%22xci%22%2C%22nsw2u%22%2C%22com%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci&tz=0&dev=e&res=12.2079&uuid=&shu=1dcba9e89b6d40fadf1bd3d15162e583c9684946b43fae171c6a8fae3727ec5287d4b46cb930abcecf649113285c466da84103c566c1c9ddc4da30b9dbd7dc30a031e017eea8ef6931b5017401641a6ca4b5fbe8&pst=1684695413&rmtc=t HTTP/1.1
Host: uppereugene.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19067474; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzQ3NCwiayI6IjA4MjBkNzJhZGIxMjY5NjkyMjIyN2Y2MjcyZDM2ZmY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJqanEwcHVpcDZuIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vZmF0YWwtdHdlbHZlLXN3aXRjaC1uc3AteGNpIn19.96AOqMgX_awKcoRq8qy2okBVCxxZNv8L6d6DhtIvZb4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 21 May 2023 18:55:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Set-Cookie: iprc0ca7562ff26de39aac37c47b7235c663=3569806; expires=Sun, 21 May 2023 22:55:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
uncs=1; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 22 May 2023 18:55:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 469bf77299634e8506c713ffb65ca550
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
200 OK 144 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 21 May 2023 18:55:53 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Tue, 23 May 2023 18:55:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=c2527f51-6a66-4fe9-97d2-8219b49f4517&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=3a226a6640a6446dbc7cdc96ecc6b3e8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=c2527f51-6a66-4fe9-97d2-8219b49f4517&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=3a226a6640a6446dbc7cdc96ecc6b3e8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint33:54:5C:58:7C:8E:75:EE:DF:A0:8C:41:D3:AC:1B:BF:B6:66:28:EC
ValidityMon, 27 Mar 2023 07:09:08 GMT - Sun, 25 Jun 2023 07:09:07 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=c2527f51-6a66-4fe9-97d2-8219b49f4517&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=3a226a6640a6446dbc7cdc96ecc6b3e8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 21 May 2023 18:55:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68afc095112d3c71f5604016b484c2fc
Strict-Transport-Security: max-age=0; includeSubdomains
i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?w=1280&resize=1280&ssl=1
200 OK 45 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 72978d20622aca4524ce0ca543368087
3ebd22dea1ada7df0bc20d48bc1be9ed6c3761b6
56453928099306b6ff0cf633e1b4024a191c15ea3b9b84e8394f213a5e4fd42b
GET /images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 45436
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8066d816a3828c8d"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/challenge-platform/h/g/cv/result/7caf093178feb523
200 OK 2 B URL POST HTTP/3 nsw2u.com/cdn-cgi/challenge-platform/h/g/cv/result/7caf093178feb523
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7caf093178feb523 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12389
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160; _ga_HS5Y0K7QPG=GS1.1.1684695351.1.0.1684695351.0.0.0; _ga=GA1.1.1510417050.1684695352
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:52 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=YpItzbait0ZIC9zcIsuZsyB_irgr_swZGDUjUEQ7Rqg-1684695352-0-AT1iAYBpio2uKZAB+X9wn8xZoaw4vaS/a2IG40xcEPSlppDmNdn0JgvTf+Zzq5wcUkOMxqUAZo2jMJXRcJfoHkz/2DGpeV4foxumuS7E8LQo; path=/; expires=Sun, 21-May-23 19:25:52 GMT; domain=.nsw2u.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiOnmhCWJCjxiCkAs5xpo6jd%2BSO2gTCbREBDtw7UV1yU%2F9adhxPCxdVwyypK46paO%2F8Breo8bGyQXT%2FDxJGE0xs2ahYEIE6FBrVvaBs1NjGjx95%2B2Ejs8mgpqls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09440cadb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/cache/wpfc-minified/lxvgsdbc/kyzl.css
200 OK 1.6 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/lxvgsdbc/kyzl.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (1610), with no line terminators
Hash 85001da72d2adacd89f64191337692ca
f4aabaaef3d271c4e6cbcfb974b3d3b403a32db0
95d19d87f29a6ea4e274e3681e839eac392e30647f4d373841c3c9c30749b64b
GET /wp-content/cache/wpfc-minified/lxvgsdbc/kyzl.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Sun, 14 May 2023 11:10:35 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XO5byUwl3VnMfN5PA3I%2B5I4wmwBY6FyYIRwpG%2FcBvMtH%2FcI3g4kUBUPTpXstYOjTuS%2B44cMg%2F6MjMb0ng%2BVZLYvMQ%2Fhu4XYriVJA626q9ngul9kqD2bBcHSkAIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09338d26b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ad.a-ads.com/1535207?size=728x90
200 OK 12 kB URL GET HTTP/2 ad.a-ads.com/1535207?size=728x90
IP
ASN #24940 Hetzner Online GmbH
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash aabac32fd510a7137206e917951255a3
dc14a5d73ab2ae6c92bd832a4116db75c0a7be74
6329ed367525ba3747e52f5e0967a1ca62b7ccb1c72a048e3f71e1a98c1f3186
GET /1535207?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://nsw2u.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.3.5
200 OK 399 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.3.5
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (423), with no line terminators
Hash ed94fa94e236140899a07d0bb24f233d
8e7f16eda1a41233d4d0f19264382b6222959b6c
2fb43730229e7993c5976889479bdd4488ce1cab9f939f11d7bba6e327c9a5df
GET /wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.3.5 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Tue, 16 May 2023 19:53:59 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siOv1BBwuYWLX4gv5zustOCWjRvrVNZaH7NPNR1g2hS6j0mWH2dUu%2FCd5xLwZvGuRDM6UiRr4D8Z%2BCIhfkzSy%2Fn0A4eeU1oOSIgD9NS62BQ%2B7dw%2BtzhPG5bpgVA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09340e31b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgnetu.com/js/full-page-script.js
403 Forbidden 0 B URL GET HTTP/2 mgnetu.com/js/full-page-script.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerGoogle Trust Services LLC
Subjectmgnetu.com
FingerprintA0:1F:F9:62:DB:61:7C:B6:D8:CE:EF:2D:59:66:4B:80:71:46:45:CC
ValidityTue, 09 May 2023 04:33:37 GMT - Mon, 07 Aug 2023 04:33:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/full-page-script.js HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Sun, 21 May 2023 18:55:50 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3qExq3RGuxrWAwIWHkv5JK6dh6Q%2BCiLTFcvVq%2F9dTP98PNmt4bbyM8SvCd4P2QUR94fmWFC31uapiTtjblqQP6VD8nkKI15CBJgL99Oq5iP3%2FeYIjMdiEjPvLf5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7caf0934cc82b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
200 OK 1.2 kB URL GET HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 2 x 26\012- data
Hash 41570c42d47e846f51422b154ebe8cc8
eed821bb5bf98caf32c563a56a1ebf145f7aca74
0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35
GET /wp-content/mu-plugins/highlander-comments/images/button-back.gif HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/gif
content-length: 1232
last-modified: Thu, 29 Nov 2018 13:53:31 GMT
etag: "5bffef5b-4d0"
expires: Fri, 10 Nov 2023 15:10:58 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg
200 OK 20 kB URL GET HTTP/1.1 images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg
IP
ASN #24940 Hetzner Online GmbH
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
Fingerprint42:F5:55:E7:1E:EE:A7:BD:73:66:7A:7A:ED:02:3E:54:06:11:A4:71
ValidityWed, 03 May 2023 06:14:33 GMT - Tue, 01 Aug 2023 06:14:32 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 405x155, components 3\012- data
Hash f18da1b42e09a935a23ae2c2edb6c248
56d1abe76fce57f741324ccd50d2a77cc959f03a
6c1e24df00b0eed30b44db4563966b05a63a84f8b78615b5d4988998bf5fafb5
GET /ii/1588854988/40f4425a/30440747.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 21 May 2023 18:55:52 GMT
Content-Type: image/jpeg
Content-Length: 20041
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 07 May 2020 12:36:28 GMT
ETag: "5eb400cc-4e49"
Expires: Tue, 20 Jun 2023 18:55:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/d.svg
200 OK 73 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/d.svg
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (20829)
Hash 496d1ae6bd68127d1c2e7d768de2702d
401094e71de488d2233d229bad8be282130a92b5
51ed1f79aeb5a9c25435cb7b6d5335353448d2eefaac75fa24470d93a0d07fde
GET /wp-content/plugins/chp-ads-block-detector/assets/img/d.svg HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: image/svg+xml
last-modified: Mon, 15 May 2023 23:42:50 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2568
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXUfLKljDUCd5ZNoAo5SFsASXvfkxPfLYuYlfUJE2iC1tCRUuTSI3GALpBAB0ojF0IepCkv6wAtWUyfdAZwAqrr24vdPlmIm8KlN7170gwX9FqlASAUJmIqf0cE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf0933ddc0b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c0.wp.com/c/6.2.1/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 13 kB URL GET HTTP/2 c0.wp.com/c/6.2.1/wp-includes/js/jquery/jquery-migrate.min.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (13326)
Hash 5cfa2b481de6e87c2190a0e3538515d8
0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
GET /c/6.2.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 06 Feb 2023 20:59:15 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/9j14kts3/kyzn.js
200 OK 3.9 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/9j14kts3/kyzn.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (4157), with no line terminators
Hash d7c647d0d73d7edb6fe7a18e64a8a37d
2d463525b6064785bdd2fdfc9a90006ac54c3b29
0758757f9296dc52c2fb56e547cdc763e1921d29084465d6da396c0ed94bb350
GET /wp-content/cache/wpfc-minified/9j14kts3/kyzn.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Sun, 14 May 2023 11:10:37 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1965
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtvrpEH%2BMBKP8yeV%2FpGK7ggdI4u5bAb%2FslHcYsMBfkuBBJTGt5IWqx2iZxSQUGiQH6kAcD%2FxOkHgL6Ix3f8ymxlh7xPracJ%2BhvJNhk1b8Bk%2BlH%2Fs9VY8BloukiE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf0933ad67b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/cache/wpfc-minified/12xngu3j/kyzn.css
200 OK 18 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/12xngu3j/kyzn.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (6818)
Hash ff84606c6cdce3e678f6bc63e0b09b84
2825d845207ed38745aa7de04dd5ec92e61f81a6
73bffd10dc370f48dafba318497cc23abd1e8c9d0b1b3d81d60b378a105e0931
GET /wp-content/cache/wpfc-minified/12xngu3j/kyzn.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Sun, 14 May 2023 11:10:37 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1965
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCIMtIum2G8NFRYm1aRlfAdb2FH%2BgwTzQhTttyj%2FdpH%2FuDXZKjhDbcug25%2Fe6zGp2ZQhkj3ENnw3dmV7x2LU8bFvjY9%2FlBhoHWAAvrBT3ZZWFloXmqESd87u%2FBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09339d3ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
stats.wp.com/e-202320.js
200 OK 14 kB IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 36a5287b66e9d145da53194a97a6245a
8569750e9f82d96f556d6f549cba940b2f316d2c
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
GET /e-202320.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
last-modified: Fri, 19 Nov 2021 15:42:07 GMT
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Wed, 08 May 2024 20:05:38 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c
200 OK 201 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (4372)
Size 201 kB (201189 bytes)
Hash edf0f57bde0f3d6d09174dbb4e7e05ee
1542ff817c2bd7fec74e3c2d21c7b02e2abd86c6
b6c353781715c074ecfb78285baa0262fcdbcfc00ac4a426a2da313e52dc2f00
GET /gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 21 May 2023 18:55:51 GMT
expires: Sun, 21 May 2023 18:55:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
investorequalityfrog.com/3a/22/6a/3a226a6640a6446dbc7cdc96ecc6b3e8.js
200 OK 37 kB URL GET HTTP/1.1 investorequalityfrog.com/3a/22/6a/3a226a6640a6446dbc7cdc96ecc6b3e8.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectinvestorequalityfrog.com
Fingerprint0A:6E:42:7D:FB:1D:68:E7:A7:94:22:71:DE:18:39:A1:8C:B0:57:0D
ValidityFri, 28 Apr 2023 01:27:07 GMT - Thu, 27 Jul 2023 01:27:06 GMT
File type ASCII text, with very long lines (37133), with no line terminators
Hash 72ffc7125f3395b714c5e83577eee931
604f514c9356498263c4b39f86c708253d20e85a
d394d181ccd5ac131b0dc5c039437adf593341aedf2e2ce9a0c46273c08dd168
Analyzer Verdict Alert quad9 Sinkholed
GET /3a/22/6a/3a226a6640a6446dbc7cdc96ecc6b3e8.js HTTP/1.1
Host: investorequalityfrog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 21 May 2023 18:55:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d768b8e83a76145c3856644544207491
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.1
200 OK 4.6 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (4857), with no line terminators
Hash 3c05b4818fda400788cc5c2f60d87ea4
01e544e8461be8bb14a13fb8be13cc1e8259858e
db8170cdde3c954a075a4c1cfe836be73fc450ee8a298978470ca6a110284a08
GET /wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Thu, 30 Mar 2023 10:21:39 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNJ2vsIOw%2FUBaW4gE70p%2BLciL7x4iuRQBRk2n5cNoEH0ZeooiNctmZYxg2uJ3u%2BLfue7IAb5b5gvgI%2BXpnotf%2FhaeUPV7OIJUuxjvM9ZCmOeScMjrlx7FCbVsRc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09342e69b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
0.gravatar.com/dist/css/services.min.css?ver=202320b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023
200 OK 3.2 kB URL GET HTTP/2 0.gravatar.com/dist/css/services.min.css?ver=202320b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (3272), with no line terminators
Hash 22279b2268dd3e6478c1d32cb8cf43a6
5cce9a858ad5d4c045af74ff4a6bfdd9bb19925d
e56d7b716561e40613eae4b7d4eba86307add5acd4a4adf959847f2feddb6dcb
GET /dist/css/services.min.css?ver=202320b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023 HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: text/css
last-modified: Tue, 03 Jan 2023 09:10:35 GMT
etag: W/"63b3f10b-ca5"
content-encoding: br
expires: Sun, 28 May 2023 18:55:52 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
0.gravatar.com/js/gprofiles.js?ver=202320b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023
200 OK 22 kB URL GET HTTP/2 0.gravatar.com/js/gprofiles.js?ver=202320b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (21895), with no line terminators
Hash d0d9f7c9c33c418adad721c73de7deb4
da03ab21ea120e26daf219adec95cc285c87ebf1
b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023
GET /js/gprofiles.js?ver=202320b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023 HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: application/javascript
last-modified: Mon, 15 May 2023 14:17:32 GMT
etag: W/"64623efc-5587"
content-encoding: br
expires: Sun, 28 May 2023 18:55:51 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
c0.wp.com/c/6.2.1/wp-includes/js/comment-reply.min.js
200 OK 3.0 kB URL GET HTTP/2 c0.wp.com/c/6.2.1/wp-includes/js/comment-reply.min.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (3056), with no line terminators
Hash dc7f90d513295c29acc441fe114a2cab
ca9e5069d9afc4aa13ab2e152313dfb476e842ef
f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /c/6.2.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1/_inc/build/sharedaddy/sharing.min.js
200 OK 8.8 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.1/_inc/build/sharedaddy/sharing.min.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (9025), with no line terminators
Hash 37fe9ed70b0fe722f202086e15a63bf6
33c12494f9898eb5e42d186f4c3c37cd9f32c7fd
084010b158ae807f175a6476ba875269ac08722c0af645f67da920618e608899
GET /p/jetpack/12.1/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Mar 2023 19:14:38 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.28
200 OK 110 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.28
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 70cd599fb1a952f67216cc82829f9ada
74cfae7f053f69abf2dce9cb74c962a83b8ba8bf
1fa8347df53b4287898f910b10e189b287e5610aa9d6cd322fb53d487b37a56d
GET /wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=112
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 2072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=892clif7v7hID1BrHDQlb3k0599dzuigMIiM%2FX6gUtZ52eh5cIFsorxRe36HMyzi%2Fwf97UqEL6Bcbs6CgR9V21d8GTTceB3E9IahG4%2Bk5kqTwcwi%2BdkdiMhiN3c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09346efab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.google-analytics.com/analytics.js
200 OK 52 kB URL GET HTTP/2 www.google-analytics.com/analytics.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (1573)
Hash 4507839525a19180914799b08fb5fa5b
738d7e47e47a102e67d09efa63408d21aaf02245
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20737
date: Sun, 21 May 2023 18:45:37 GMT
expires: Sun, 21 May 2023 20:45:37 GMT
cache-control: public, max-age=7200
age: 615
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.3.5
200 OK 3.9 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.3.5
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (4076), with no line terminators
Hash 2541a2baf045e01159ee696c0811648d
b2263916a7fde84879fc3bda16095767ddf000f4
0548af9bb27732d955c46677c38cbffd67f7bcbdcf2d95797d395eefe44a6464
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.3.5 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 16 May 2023 19:53:59 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8%2BO7oXGSKB1kiMqaQvM1KMEenwcXdiLFL16IxVIgHvA3nzRdCeUFyqVBQdbwLAAzb4Llmg0I%2F6s3Hm1B7jSl%2FKNiRgG9gsnuM3l1DJ%2Fp414%2FlC4jAqSEZd8eZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09346eedb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
200 OK 868 B URL GET HTTP/2 s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (870), with no line terminators
Hash 66013d98abd079e93657bcb57eff003c
132dd4d1de1a24522eb0792b82dd2b0a18e10be0
36c800efdfce1b5f78bc34bda5d8799cd5be83585c7d4ba8b97aec272628b434
GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"5ffc31a9-465"
content-encoding: br
expires: Thu, 23 Nov 2023 13:57:44 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/hovercard.min.css?ver=202320b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023
200 OK 8.3 kB URL GET HTTP/2 0.gravatar.com/dist/css/hovercard.min.css?ver=202320b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (8298), with no line terminators
Hash e1c280af956c29813768667ec3d7b341
28d33e5bea848af7d1b3ce32020df14c85d711e8
ba5d20d22ca4ee52bdab719dfb15c1caaedde987cd7ca07d4e39ce35c60fc85c
GET /dist/css/hovercard.min.css?ver=202320b9875fa6d57b2f0e277a39ce0bf6e105167a0175a2008e6f1c83efffd69ee023 HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: text/css
last-modified: Mon, 08 May 2023 11:36:52 GMT
etag: W/"6458ded4-203b"
content-encoding: br
expires: Sun, 28 May 2023 18:55:52 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
woafoame.net/5/3812660/?oo=1&aab=1
200 OK 2.7 kB URL GET HTTP/2 woafoame.net/5/3812660/?oo=1&aab=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectwoafoame.net
Fingerprint3E:37:26:2B:FF:DD:C6:96:A7:8A:25:DE:C9:94:3C:5B:96:4D:99:26
ValidityTue, 04 Apr 2023 05:14:43 GMT - Mon, 03 Jul 2023 05:14:42 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2989), with no line terminators
Hash 87b7d74451e5224ea87b0ed684d1a2d7
2fef89627b585fdc46d11770b9e6d2146929e6f8
9ade8279f1be33bed2dc5da532a563f525b34a57fc5933eccbd0b7c8ff1e74ee
GET /5/3812660/?oo=1&aab=1 HTTP/1.1
Host: woafoame.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: application/json
x-trace-id: f387bc3d3c71958c240b6e58a1f62c56
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=6ce452c0f1dd4de8af8f667c9a43aab5; expires=Mon, 20 May 2024 18:55:52 GMT; path=/; secure; SameSite=None
oaidts=1684695352; expires=Mon, 20 May 2024 18:55:52 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
200 OK 25 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File type JPEG image data, baseline, precision 8, 320x50, components 3\012- data
Hash d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 18:55:53 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Tue, 23 May 2023 18:55:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/217382/728x90?region=eu-central-1
200 OK 709 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/217382/728x90?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/1535207?size=728x90
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 728 x 90\012- data
Size 709 kB (708571 bytes)
Hash c6395473fd63604afe5354149bef9bc0
21613e909cd38229abc80cf6928c8644a17e59c5
808adc74c8c2c7a45e2e6d5eed2e427723a4890732168915a15d37ac81bcb9a1
GET /a-ads-banners/217382/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: image/gif
content-length: 708571
x-amz-id-2: 81Am0cogxQtv9KSDsGVfbP9HGTZTQ/wiaE/oER0sJF2lfdCL2x5uEhwV4noGoRz77NPtHzJJd1M=
x-amz-request-id: 70P53D9V11123RWY
x-amz-replication-status: COMPLETED
last-modified: Sun, 11 Jul 2021 13:31:19 GMT
etag: "c6395473fd63604afe5354149bef9bc0"
cache-control: max-age=315360000
x-amz-version-id: MdSXS0TBBSMSIX2gIg1WADzWVBc7YcGN
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?w=1280&resize=1280&ssl=1
200 OK 72 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4c28860adab80d6ef3b8494fcd0e8d7
71b65392dfad02ea5ff649f311bd66eab1894c1a
d40c40b81c801617a059bf06efeb21186b278d6cceb865cf75b0592a9a4bd279
GET /images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 72120
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b75b321975d16bde"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
200 OK 9.0 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9051), with no line terminators
Hash aee5233a88e59cf85afd5849a59da09c
a63fb67599f130b81880e3e9730462bff4ee5cc6
3a798d6addbffdfee5bcd2f5398f08585cc5f2c3bd6c511e45871e4ed72cbf7b
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 02 May 2023 19:16:18 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHwF4HSwvQ2pSIdTkAzIrLMDO%2Flq6vi%2FOyODaJ1P3wqlQmrlj07kK1bk%2BS70TB9boFwKn7SofHU8NaFCuJAhbBojNyqFXqscJ7tjzWUHb4Yw6OH8zEln3cNChr4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09342e6eb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/kyzl.css
200 OK 8.1 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/kyzl.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (8145), with no line terminators
Hash 734068ce5268bc23a7506f3e9e9f5d41
acf53910826dc6702a5fb8f2bf6aab44b17f4886
2dd5b45b7df3d954548b70324f5730bf593bcdab6dac3632cc19ac119e8912a8
GET /wp-content/cache/wpfc-minified/q8eepl4d/kyzl.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Sun, 14 May 2023 11:10:35 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QnnzyCxTAyPbv76oJMu9DuM9Hhh%2Bf6XMo6Y7mDG5LWcE6fd9bkhKCYvGbDGmJggElJhAgVIZiGKIqsxPoZsiwvqVeu%2B6sf9442lUGRx49AbY4Vjwgtj8goNSW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09340e2db523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322
200 OK 23 kB URL GET HTTP/2 jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wordpress.com
FingerprintA3:A5:D8:C8:1D:A5:FD:3E:95:A9:0C:25:E8:5A:C2:26:BD:14:73:44
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1831)
Hash c9c0d4967a6370191daf8935f6b36fc1
0f41058ebc376bf28dccd621afc98a02f7abc0f0
405924273f6879180a7d0b751f5e8a1f479fb7c64b1220908c7ac0a9ad0c50da
GET /jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322 HTTP/1.1
Host: jetpack.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: text/html; charset=UTF-8
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
vary: Accept-Encoding, accept, content-type
content-encoding: br
x-ac: 4.arn _dca EXPIRED
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
200 OK 5.6 kB URL GET HTTP/3 nsw2u.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (5648), with no line terminators
Hash 5c8c6c9bfb42f2204b66c8927f9cb4a1
69c4a8964d0967668e3b57a81ae2ce2d45763477
3fcf861f882843d0103bcd4516d8801b54e25aa581e4fcac4d95f921dfc2c90d
GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160; _ga_HS5Y0K7QPG=GS1.1.1684695351.1.0.1684695351.0.0.0; _ga=GA1.1.1510417050.1684695352
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:52 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnXVG77VSAhm6wiAXTulBeAtGtK0g2%2FpWMVwp6tTuzn%2FXIcTlkSxLG2iWfD8UFyfqtecoFpeXst80bxCCrv2qVrk0JuBMCav4%2BT%2BYMeJlviDQXFihrA3j0o9qeA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09422981b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
s0.wp.com/_static/??/wp-content/mu-plugins/likes/queuehandler.js,/wp-content/mu-plugins/akismet-3.0/_inc/akismet-frontend.js?m=1683897436j
200 OK 24 kB URL GET HTTP/2 s0.wp.com/_static/??/wp-content/mu-plugins/likes/queuehandler.js,/wp-content/mu-plugins/akismet-3.0/_inc/akismet-frontend.js?m=1683897436j
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 4704c1eb35424d96800d3c41a2442a39
bb2e6c029d5aa36ecebce1276f088dc30cd3ff65
780b61f483cfb44ee9881cbd362d41cf89609d401d12e9726e1471530ab14738
GET /_static/??/wp-content/mu-plugins/likes/queuehandler.js,/wp-content/mu-plugins/akismet-3.0/_inc/akismet-frontend.js?m=1683897436j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 May 2023 13:17:23 GMT
etag: W/"645e3c63-5e76"
content-encoding: br
expires: Sat, 11 May 2024 13:17:31 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
c0.wp.com/c/6.2.1/wp-includes/js/jquery/jquery.min.js
200 OK 90 kB URL GET HTTP/2 c0.wp.com/c/6.2.1/wp-includes/js/jquery/jquery.min.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 0e850a69bc7fd0acc2e92ce6eee87959
8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
GET /c/6.2.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.3.5
200 OK 8.0 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.3.5
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (8246), with no line terminators
Hash 95e8541b1c7d8d1c6d971b8a1254f05e
a0a315f535cefee969c8f938ae9133beb051b51d
94d90d0cae68aae94246413284189ad0fd41bca226dcfc1d3394f25087df2ede
GET /wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.3.5 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 16 May 2023 19:53:59 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8Z3xcNs7s%2FxGjhzqTfMArHSUqEli7GdEh1JuYogEkNdHsH%2F8ENPNK8cNTE9RCByI3SBGC%2BrAxzq1bXBYvhbCXpmYhMXrjwqpE8j4JQhgy%2BVzgzODIM6iFbCF0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09346ef0b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?w=1280&resize=1280&ssl=1
200 OK 47 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 72c12797df7d41494d8f50e61ef1ed51
39da85e92cc10c51187fa1fbd0193f2e13299371
596ccd6c81bb72f913a05e042c1948f4f091486173394f8c85be00ccfd056fb8
GET /images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 46786
last-modified: Mon, 15 May 2023 14:02:04 GMT
expires: Thu, 15 May 2025 02:02:04 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "962f02714fe54d76"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
200 OK 26 kB URL GET HTTP/3 nsw2u.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (25749), with no line terminators
Hash d714120873f0de5090134e93f4716252
f56a8b82fd2c925bc07409eeb93758800794c160
3b6a6168422615cfbcdc927d2bd6fcf2f4ea5cfbe3d95689c51816b479b5ff8a
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160; _ga_HS5Y0K7QPG=GS1.1.1684695351.1.0.1684695351.0.0.0; _ga=GA1.1.1510417050.1684695352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:52 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Clz7dhOSSwN3c8a7UWX%2BUOnJvx4uKQzJtZsHFOBa3e69Vndvdfh6MlIP6dGvEk6A13MFR2LporrH%2FDh02uZHweR%2FLwvmXZ6ZtkNtBoX6yiMI%2Bgvdrna6IGmkBfQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09416833b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=2e29137590434abf5fbe
200 OK 2.4 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=2e29137590434abf5fbe
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (2489), with no line terminators
Hash e23c9de5432b52f6d744cd061b122e67
496b4a6d904fdf54b22c11f3ba02e4f0f92aae63
f379cbbbc572b34069563871f8b2db374e518ac28ea7c9e1c5562fec96d013d9
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=2e29137590434abf5fbe HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 02 May 2023 19:16:18 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ta0sJHdt8yv4Uu9rgwdqE9qgVlrfj1wHRAbIx3M1W%2F%2FBDUzUNorcz8xTYLRyNUzTRhfXN3nrBMZFcQFJs6rEdaTSO%2BUlOz2QIJQT1R%2FTwyM%2BP6yoE18vOv6v6bA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09342e6cb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
200 OK 19 kB URL GET HTTP/2 s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 4ba6be1612fb7d972e306b40ca81c69e
f438812921a7e44f4649a8cc1e0680f3b16350b6
7551cbecbf078a66df8f9d246d8b11c773247921f5ff0bbe601f0cf67e1e287b
GET /_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 21:55:38 GMT
etag: W/"619d635a-4b6b"
content-encoding: br
expires: Wed, 09 Aug 2023 21:35:02 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg?w=1280&resize=1280&ssl=1
200 OK 39 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 34b06f961cc6ec726cf3e7b947291ada
ed575c7a694d5a90648afd93d8681719871fbb3c
bfd0187532ddf67ef4dd7c29036f071c9dc25bd92c802cbfd9033c943efe8578
GET /images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/webp
content-length: 39332
last-modified: Sun, 21 May 2023 18:55:52 GMT
expires: Wed, 21 May 2025 06:55:52 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1627515252/c20da6bd/35314109.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "58c42a93672927d8"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 21 May 2023 18:55:53 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7edfe21fd4c4206b02bab80bd11f6175
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 21 May 2023 18:55:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MahFF8HPR3drm0hnDZ%2Fh%2BHRwVprPT7DwfmvM3g9HoYKvKpAjeZSSJEmfmKn8Yl5ea2MoXRCGJIKkF3z%2FBdyMCGpyknzUd%2FgZteKGmJto0e8usrv6OMU0wUHQaYXiuv3hhr2o%2Fzc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7caf09450b68777a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.2.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
200 OK 11 kB URL GET HTTP/2 c0.wp.com/c/6.2.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11256), with no line terminators
Hash 2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
GET /c/6.2.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G
200 OK 1.0 kB URL GET HTTP/2 1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G
IP
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=49579&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=d253ef4c27&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=ba6e2daad808d7e49d6acdda3d04f20aba34e322#parent=https%3A%2F%2Fnsw2u.com%2Ffatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type PNG image data, 25 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash fed546357e9f16dd0ee47c7ee5846ef7
eb4a7277c8e1360d0deb902644838f27a21b42de
3e75955919222f7160538b335b7cdb2b302136521aed489ba5c96e1c2bf3ab5a
GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:52 GMT
content-type: image/png
content-length: 1028
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G>; rel="canonical"
access-control-allow-origin: *
expires: Sun, 21 May 2023 19:00:52 GMT
cache-control: max-age=300
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
mgnetu.com/js/full-page-script.js
403 Forbidden 0 B URL GET HTTP/3 mgnetu.com/js/full-page-script.js
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerGoogle Trust Services LLC
Subjectmgnetu.com
FingerprintA0:1F:F9:62:DB:61:7C:B6:D8:CE:EF:2D:59:66:4B:80:71:46:45:CC
ValidityTue, 09 May 2023 04:33:37 GMT - Mon, 07 Aug 2023 04:33:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/full-page-script.js HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Sun, 21 May 2023 18:55:52 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOcmHK729lB2H0hJachoOXaXydMqx7WBs9ObxOL1xPEteLMCYC4avaapQD59uWzJP8sRxK1R0b5H%2FrTpZfM8s%2BI1PUYX6gzCLXGXc1hzLMFjr7Tb%2F6Nki3f%2FER6J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7caf093efd750b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
c0.wp.com/c/6.2.1/wp-includes/css/dist/block-library/style.min.css
200 OK 98 kB URL GET HTTP/2 c0.wp.com/c/6.2.1/wp-includes/css/dist/block-library/style.min.css
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/6.2.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 21 May 2023 18:55:50 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 10 Mar 2023 00:22:37 GMT
content-encoding: br
expires: Mon, 20 May 2024 18:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.2.1
200 OK 8.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.2.1
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (8472), with no line terminators
Hash 2fb747fcb02191ec9252350d000794be
d451d0344f2cd1f1d599eabbfc96fe286ba851b6
f1478ff2ecac39d2c5c3d1d5537b906a7ad68a3e6beb21452593a031bea20f26
GET /css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.2.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 21 May 2023 18:55:51 GMT
date: Sun, 21 May 2023 18:55:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115
200 OK 880 B URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115
IP
Requested by https://nsw2u.com/fatal-twelve-switch-nsp-xci
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (965), with no line terminators
Hash fa7fe6b99dd294598a44154cb2f424b7
78a909d97e5dfeffa1e1311e2c7ad8633d768960
9600c505b5d0d438a661c90d7b6ef5c6098024ff4e16e58a3577d5d0c837237f
GET /wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/fatal-twelve-switch-nsp-xci
Cookie: cf_clearance=95sFQ3VbZLsFkMwwtImoKUfXQD30dzMNKzJDIFs5EKA-1684695345-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 21 May 2023 18:55:50 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Wed, 16 Nov 2022 18:49:09 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XytWi3fbreq05L%2B4N7NC5%2BpQOp6Reit8CFqhfTamdLm63acFpr%2F8mQ58Ma0N4n60RvEODJInmWTunmBX9lxecY5NOJOfwcaRQT%2FgfsFbuFvO2JFblWML0%2FuBiuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7caf09340e4ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
172.67.150.79
136.243.22.74
104.17.24.14
139.45.197.239
0.0.0.0