| nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typePNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data Hash134fce13c189ed0e483a1bddb6406204 eed559ac52e9731c56a1fb03eb94fc82e551bb66 723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
GET /wp-content/plugins/chp-ads-block-detector/assets/img/icon.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: image/png
content-length: 15671
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:29:33 GMT
cf-cache-status: HIT
age: 10108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRFiBBmhYfOZoo1ZQhopqr2hcA%2BiMKLvr01WrDWbBv9eOFKKjqNN6QMa%2FAsm9ejLZnjPT1lEh8W9C3dH%2B8AwupAEcd1Ly6lJYSTJ%2Frz49Aihj%2FQJ30KYpSGU1mc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636ef9c802b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png | 188.114.97.1 | 200 OK | 95 B |
URL GET HTTP/3nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typePNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data Hash71a50dbba44c78128b221b7df7bb51f1 0ec63b140374ba704a58fa0c743cb357683313dd 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /wp-content/plugins/ad-inserter/images/ads.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: image/png
content-length: 95
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:12 GMT
cf-cache-status: HIT
age: 9614
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FonDmEiN5S23%2F3ffaqk5fkAvTf6luqj2uGi8dxTzK3gYfwCdJcI85nVTdWa8qN8lx3iT34xICXyFRGOnF6kgLxejcIG73EPS5GRufG9QzNGO94RcJXvAA3Oi3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636efa0863b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i0.wp.com/images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1 | 192.0.77.2 | 200 OK | 44 kB |
URL GET HTTP/2i0.wp.com/images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1 IP 192.0.77.2:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash75c6cf85f705a0e0864e59824ab2c735 cab75b114fd4bfefe79a88008824f651801bd557 8e2a80cbd5c939e48360b46716bf1cd7598ad513f525a34ae9b2a3f549c0d18e
GET /images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: image/webp
content-length: 44016
last-modified: Mon, 02 Oct 2023 12:52:59 GMT
expires: Thu, 02 Oct 2025 00:52:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "88dd70ee97fb240b"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| i0.wp.com/images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1 | 192.0.77.2 | 200 OK | 42 kB |
URL GET HTTP/2i0.wp.com/images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1 IP 192.0.77.2:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hashd4928f7b25fded3f8d8a950e9d163f32 d3c246313c0b85eb96b9bea998baeb1c8da5a7c5 6590cb89e20fcfe488bf87db73a0a86d040513f68b0711e6456c0a0da091bce4
GET /images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: image/webp
content-length: 42380
last-modified: Tue, 10 Oct 2023 09:05:01 GMT
expires: Thu, 09 Oct 2025 21:05:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1f81867bb8a4a38b"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1 | 192.0.77.2 | 200 OK | 2.8 kB |
URL GET HTTP/2i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1 IP 192.0.77.2:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image\012- data Hash948c6dc3d3c1e2e9d315418f6eabe2bf ed06ff1f0994f3be033f22d808241d3fcca9d1e8 3a2e29960ba6130c22ce96089a7592ae91b6a0d6a11595a10daaa9662522ad0b
GET /nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: image/webp
content-length: 2836
last-modified: Sat, 24 Sep 2022 18:25:42 GMT
expires: Tue, 24 Sep 2024 06:25:42 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/nsw2u.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0101732b85ce3bdc"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.67 | | 472 B |
IP 142.250.74.67:0
Hashc6586490ae5e9261b5c987e8e1dafb4d 6d58c98401fc33ed35507a807b424a38b66e3989 0955de17ff7d32a2ff91d0ebd1fceb8784f371ff5db206bc80b87ea50ffe3f21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Oct 2023 22:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1 | 192.0.77.2 | 200 OK | 32 kB |
URL GET HTTP/2i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1 IP 192.0.77.2:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash3dde27351094fd110611b7099df7612d 1f8633afc647ab96114d9cd7b87b2e1bd9d73fae f7118208621987432e4309b2429b3ca26191166ec2b5b4dfab15204958f9de33
GET /images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: image/webp
content-length: 31608
last-modified: Sat, 25 Mar 2023 13:28:37 GMT
expires: Tue, 25 Mar 2025 01:28:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5948b74d64865dea"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.67 | | 472 B |
IP 142.250.74.67:0
Hashc6586490ae5e9261b5c987e8e1dafb4d 6d58c98401fc33ed35507a807b424a38b66e3989 0955de17ff7d32a2ff91d0ebd1fceb8784f371ff5db206bc80b87ea50ffe3f21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Oct 2023 22:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.31 | 188.114.97.1 | 200 OK | 23 B |
URL GET HTTP/3nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.31 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with no line terminators Hashe509c98a0bcad0ce8e6248ac8eb31de1 ec5fe203df631088270b5f2b0b7a85498a2aeb8b 352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63
GET /wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.31 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
content-length: 23
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=25
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:13 GMT
cf-cache-status: HIT
age: 10108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FY%2Bq3QoZrBGjJWepjXyrvQCgIhxQcG3Obt7ba%2B%2Bi%2BUlk4NsZA%2B3pdXl2wNAWWeI8rq4djIm4uFVMYviBkxwsA%2FNse0%2FB6wWPiLfLadLUPFi%2Bv5qJXo5z%2BfAUHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636efcba6eb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.3.2 | 142.250.74.106 | 200 OK | 739 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.3.2 IP 142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint73:C0:B4:AB:41:0A:6A:68:D4:AE:EE:E2:11:A4:38:23:EF:D2:86:B7 ValidityMon, 18 Sep 2023 08:25:07 GMT - Mon, 11 Dec 2023 08:25:06 GMT
File typegzip compressed data, max compression\012- data Hashfac28ca87d50b82fb0b7412ecbea1441 b59325228602a61931ec41c6248b549dc1a14c12 29078b038ad8130d1b252761d2437b91e9a57a8f96dd1d79628ca1962dc185d9
GET /css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.3.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Oct 2023 22:59:34 GMT
date: Sat, 14 Oct 2023 22:59:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 188.114.97.1 | 200 OK | 3.9 kB |
URL GET HTTP/3nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typegzip compressed data, from Unix\012- data Hashb9dac5fe9b6bb7aa7bec0232e6d1f39f 2f42229e594dda8ef42fe66c23e39fd0678b3ec4 88e3466ecaf8eedffd0e3c77614856f3400af1a82615e02a7b862a1e67fe86e3
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
last-modified: Mon, 09 Oct 2023 07:45:52 GMT
etag: W/"6523afb0-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILRh9gT1WEEEVivsBpfpRvlL9BhH%2F9%2BDorWqfFlY03z1SRVMx212A%2FItqEejPZo7O%2BZDU0oQhT60xiNGmZ5plggRZnRfkQStwQ4xvASGfsjJ8vRTqVB6dxPk6OI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636efa0864b4fa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 16 Oct 2023 22:59:34 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.3.2 | 104.17.24.14 | 200 OK | 3.2 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.3.2 IP 104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (7862) Hash45bacd312d5098b4b59f563d8756c15d fa55e2cff078381e5365d95782a95a787d0b7192 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
GET /ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.3.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942b38-c4e"
last-modified: Thu, 22 Jun 2023 11:06:32 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3839604
expires: Thu, 03 Oct 2024 22:59:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkpaAYHEekd4LhPNTNhEqiJHKfqEPEPBJcTQbFIdAqmwMJ0qHFqWHjP1qnLN%2FSO6AmrvTMs2aOAFEIB2B52XOQBvaBAp06FeqDesoplq3%2FBglUz6UEtkEBlEsH5jY3ldhNOYKqXn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81636efd2f84b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css | 188.114.97.1 | 200 OK | 31 kB |
URL GET HTTP/3nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeUnicode text, UTF-8 text, with very long lines (34393) Hashd7b3559e5a5b93a95b6de98541911a3c fc4bbbe7374a33a2af492895014b8a73db4c81f0 414c7164bb91e068a1b3dd4f7465890fbe58a85895654f7212386cf36f54056d
GET /wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Tue, 29 Aug 2023 11:06:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 9614
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4MR4KhJWOD%2FWctZ%2FxC%2B8dNw7ffgcPeyqbzYUYFz5CVlJgkgCeTXM7YxxlIrZ4yqOAzPqTrKpAq2RgfvwyM4w0qqBFylLQBv4U%2BaID19mpwjpG6A64TzFViSg%2Fk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636ef9afebb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.3.2 | 104.17.24.14 | 200 OK | 677 B |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.3.2 IP 104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (1845) Hashf6a3dd4ecbf227acbafcff33d68dc71d 7421115ddcd5d436b89a1fd27e0cdce5a01978e6 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
GET /ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.3.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 677
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-750"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 111307
expires: Thu, 03 Oct 2024 22:59:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3%2Bf%2FrDKR8LkGz%2FZaB13XX%2B%2Fn8ZDtStDzk7mZ3Fpa2vSa9mQtUJNtNw07fprGRp6EMjm3kUN3HojzgTHtwAJd047X5mNPDKdfYF5DWhY0XRtn56G2ZU9AzKxEaIqSAAS9RS2eAd0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81636efd4f92b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 | 188.114.97.1 | 200 OK | 77 kB |
URL GET HTTP/3nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/5qz0r.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/font-woff2
content-length: 77160
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
cf-cache-status: HIT
age: 9582
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iZYKp%2BmD%2F5e2TOccybZM2Q3f0FN8Z6zGBbprB9IccIs%2BvT9Yo1wY%2BJp%2FyKdBqIOMGWZsAB6hrddOu80o%2BC3sSxAsLndELMPlU5tBN%2BkD%2Fzq69fcBJrSXM7Cs5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636efd9b1bb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery.min.js | 192.0.77.37 | 200 OK | 30 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery.min.js IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (65447) Hashff04dd1ef5c67998d8652330c0441689 5e6ff5bd5240181a8bdea983837f39ac231dac4d 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
GET /c/6.3.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 26 May 2023 11:33:35 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js | 192.0.77.37 | 200 OK | 12 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /c/6.3.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-262573192-2 | 142.250.74.168 | 200 OK | 68 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-262573192-2 IP 142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT
File typeASCII text, with very long lines (4179) Hashf857e50bb34a2a25112f214bd2a9cb60 8eab946abce84c1d5aebd62424c96b7b36e357f3 70d401f1b3ca53daffccd34ed252c71b2a6218ed1182fd09fc11381625a17c68
GET /gtag/js?id=UA-262573192-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Oct 2023 22:59:34 GMT
expires: Sat, 14 Oct 2023 22:59:34 GMT
cache-control: private, max-age=900
last-modified: Sat, 14 Oct 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68140
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.67 | | 471 B |
IP 142.250.74.67:0
Hashb383875d47cf3281cf9553fbc71410ac 6275628318e097e7cd3a45aefbf544e3a9bac6eb b599aba77b5fbc4ad65fcce338306120730c4a4b5e6d358642f0045fc82a51f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Oct 2023 22:59:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1 | 192.0.77.2 | 200 OK | 2.6 kB |
URL GET HTTP/2i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1 IP 192.0.77.2:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image\012- data Hash513677192f138c2aba3a3847c320f723 7ce5b67d80a2c2dedf8685b08547bcc8bf012f99 d60495bc835271423ec6445708aceb3a068ed6f2ebfd796a86c9f9e134ca1788
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: image/webp
content-length: 2568
last-modified: Sat, 24 Sep 2022 18:28:57 GMT
expires: Tue, 24 Sep 2024 06:28:57 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "deb437b05941c6de"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1 | 192.0.77.2 | 200 OK | 374 B |
URL GET HTTP/2i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1 IP 192.0.77.2:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image\012- data Hash43df8a9873aa31bb000672a677ac1640 4c1bcd8c3a797217d375df16b4bcab2d6a2763a3 d865b1c06cbff014e7c47cf5afb4332de4c95a537f86074e001b577c50aef07d
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: image/webp
content-length: 374
last-modified: Sat, 24 Sep 2022 18:25:44 GMT
expires: Tue, 24 Sep 2024 06:25:44 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "9a9a255d155ea6c0"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 64.233.161.113 | 200 OK | 21 kB |
URL GET HTTP/2www.google-analytics.com/analytics.js IP 64.233.161.113:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT
File typeASCII text, with very long lines (2343) Hash575b5480531da4d14e7453e2016fe0bc e5c5f3134fe29e60b591c87ea85951f0aea36ee1 de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20994
date: Sat, 14 Oct 2023 21:08:04 GMT
expires: Sat, 14 Oct 2023 23:08:04 GMT
cache-control: public, max-age=7200
age: 6691
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 80 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c IP 142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT
File typeASCII text, with very long lines (5788) Hash7d0614863b8d50b7f86f3f6870159f2b f133f9b814e40a2f4f3e93e8e51fb9457c191abc 4d15bd04f337f723d12a5000f3a3ccdad8d9986089c7a20eab6d32580d75efd9
GET /gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Oct 2023 22:59:35 GMT
expires: Sat, 14 Oct 2023 22:59:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80356
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 76 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c IP 142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F ValidityMon, 18 Sep 2023 08:19:25 GMT - Mon, 11 Dec 2023 08:19:24 GMT
File typeASCII text, with very long lines (4179) Hasha4cc62d82c9898e21e51febbb64af4f1 a9174a05ab2a6e94e94ad62f2c7f9186d8656c1d d8ad7aff271a2a8195032fe31289808c48b8b6af65830e6d934a0accb9d4fe93
GET /gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Oct 2023 22:59:35 GMT
expires: Sat, 14 Oct 2023 22:59:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76495
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.0 | 188.114.97.1 | 200 OK | 1.5 kB |
URL GET HTTP/3nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.0 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash87015559c535c9314bb1a8d6ed05597e b9e3b22a2bd7457d044551d5126a29bae25489a9 e5903bfc201247ffb215a9c8ca6b66cf2b77d63dc7c7953937619535dd394a7e
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 25 Sep 2023 10:34:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUH%2FY16tBHTx7NHohDe%2Bzmv2mNBgbVAc4JWNkWLoQl0JoLG90s1KZxBPTBCLefq5K85k8nHibBCHpykJTaRMFnvN6gO1KZTo5IF9XGzgXNCE8RyHC80eylWrV4Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efcca7ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js | 192.243.61.227 | 200 OK | 11 kB |
URL GET HTTP/1.1definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js IP 192.243.61.227:443
ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectdefinedbootnervous.com FingerprintFE:CF:3A:96:3E:47:C4:AA:55:62:56:91:23:16:FC:0A:94:CC:D9:DC ValidityTue, 19 Sep 2023 06:24:07 GMT - Mon, 18 Dec 2023 06:24:06 GMT
File typeexported SGML document, ASCII text, with very long lines (29697), with no line terminators Hash933e24644fe6d434048c2e4172d045b6 05a1e96a0caaeccbb888378ca989c3ba43fc319a e20624a1a9ecd3eec6ae77fb643d30449721e290651f489deab30918947dab8d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /a45922fa4966955cecdffbdde5347ae5/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Oct 2023 22:59:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 082a7636634857ff466e90217611ced8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.r2m03.amazontrust.com/ | 108.157.228.227 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP 108.157.228.227:0
Hash02ca498b6476542955589c29c454c015 7985e28cc1f0596e950d94f57df660d1daee8769 97b3a1f34faf3f970492879972097fadead266c7abfae65b68b4e5ee6429876a
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 14 Oct 2023 22:59:36 GMT
Last-Modified: Sat, 14 Oct 2023 21:41:13 GMT
Server: ECAcc (ska/F69C)
X-Cache: Miss from cloudfront
Via: 1.1 d913eed4ff9d3ba68bce11280aa7e1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: wXWxbajXFlnlRPqw9ARuHNNgWpH7sXrcEaaaL6GHYjH-tKXCc-XQ3Q==
Age: 4704
|
|
| nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115 | 188.114.97.1 | 200 OK | 479 B |
URL GET HTTP/3nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash88744222f59f4700c6bc9212e12a653c df0bf43d60bed605eabbcb2776e0fbb46f1d1c05 4b179f8204186f3aa954f47cd81dbe86bf89c08edb8d5341b8e0697d99e35073
GET /wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PlntxrfA5XOC2%2F1HN2uJkHML01CYTs%2BlFJmuIPPx1e4Ei8Zc%2B6QGOt81XIy9ESCA0meepuPo1i%2F4UIuBDc1A4U%2B1WICydDQghrlziSvcefYyX9c9JpjrL3WXvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efcea92b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| professionalswebcheck.com/stats | 3.73.202.184 | 200 OK | 40 B |
URL GET HTTP/2professionalswebcheck.com/stats IP 3.73.202.184:443
CertificateIssuerAmazon Subjectprofessionalswebcheck.com Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash2dd4dfa14d8dcf0d89c8615264c5a4ab a9440e9da8361380d5452760d6c7117560c46bfd 65c42e3d139c510e889ca8565a01c94c07e5ee388ba4b4c127dd498e12d304cb
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Oct 2023 22:59:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nsw2u.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=5595b258-07ec-439d-bbd1-7fea07f58238:3:1; expires=Tue, 11 Oct 2033 22:59:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/wp-mediaelement.min.css | 192.0.77.37 | 200 OK | 2.5 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/js/mediaelement/wp-mediaelement.min.css IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (4186), with no line terminators Hashea958276b7de454bd3c2873f0dc47e5f b143f6e8e8f79d8f104c26b0057ef5514d763219 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
GET /c/6.3.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.67 | | 472 B |
IP 142.250.74.67:0
Hash6d008a14974101e1d82c1911a1197973 3264efa3ffba2e687328b8e6f2940921c5fb5944 4445108bc2c18d5fb71890e419bc2d157b1f505e6bb9b29a608c028485aedbeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Oct 2023 22:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 216.58.211.2 | 200 OK | 51 kB |
URL GET HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 216.58.211.2:443
CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint70:7D:E3:74:3D:B2:68:A6:79:15:85:2C:E6:A4:E9:90:4F:74:46:F1 ValidityMon, 18 Sep 2023 08:19:20 GMT - Mon, 11 Dec 2023 08:19:19 GMT
File typeASCII text, with very long lines (3968) Hash678e39a47f887be43bd87b8543ef5302 4aced5bce7fb5eafad77ffa76c20d8e74e5ace41 849837509debd71c4f5e88f5dfdf3b4a0c7ba237dfbf3d29292665c2f9a7d404
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 14 Oct 2023 22:59:36 GMT
expires: Sat, 14 Oct 2023 22:59:36 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6821326382936011859
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| itespurrom.com/tag.min.js | 139.45.197.243 | 200 OK | 25 kB |
URL GET HTTP/2itespurrom.com/tag.min.js IP 139.45.197.243:443
CertificateIssuerLet's Encrypt Subjectitespurrom.com Fingerprint5D:66:B9:C1:ED:43:A1:06:F2:CC:D6:05:58:38:E8:85:78:9F:83:BE ValiditySat, 07 Oct 2023 07:19:17 GMT - Fri, 05 Jan 2024 07:19:16 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hasha95c344616a01fcb847758f5eab31207 274f322059eb248f3518f7c78b2fc69faae0551c 72e9c7cfe696a88de9acd9d80da1b2c4c3441c2ff2c0cf5c57a07aa153d91f13
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: itespurrom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:36 GMT
content-type: text/javascript; charset=utf-8
content-length: 25432
content-encoding: br
x-trace-id: 5d34ae9b3c16fd9a735b4a0bb598d985
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 13 Oct 2023 23:17:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.67 | | 472 B |
IP 142.250.74.67:0
Hash6d008a14974101e1d82c1911a1197973 3264efa3ffba2e687328b8e6f2940921c5fb5944 4445108bc2c18d5fb71890e419bc2d157b1f505e6bb9b29a608c028485aedbeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Oct 2023 22:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1 | 192.0.77.2 | 200 OK | 7.7 kB |
URL GET HTTP/2i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1 IP 192.0.77.2:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash1f2664d6059193e6c1a59ee7ef14d1a0 46542860abd849426ea23d66c601ff0888d735db f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621
GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:36 GMT
content-type: image/webp
content-length: 7712
last-modified: Sun, 19 Feb 2023 09:06:57 GMT
expires: Tue, 18 Feb 2025 21:06:57 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "95d72d4081ab31e0"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206 | 188.114.97.1 | 200 OK | 800 B |
URL GET HTTP/3nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hashc3a5b08af3e63049707797efe65eab86 f66ed251ef8c24614ff24376d472f2f394f7b93f d79752e33e156b5cb219ab45103fe0ed7d80f111533dd8eec42c57546b4da500
GET /wp-content/themes/posterpro/js/navigation.js?ver=20120206 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFN3WLnfcaYnG5JKhbeT5fPks%2Ft2azyioI9om592oFS5EDTr4X1QEEVNBxLMHneoeKilXmtLYlpNX2hdcoQpQwDHyPVOtXAba5UgzoTPM1CovtD8Xo6MH%2FZQBU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efcea93b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rabblespidersrenaissance.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js | 192.243.61.225 | 200 OK | 18 kB |
URL GET HTTP/1.1rabblespidersrenaissance.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js IP 192.243.61.225:443
ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectrabblespidersrenaissance.com Fingerprint73:4E:26:17:C1:CF:AC:01:11:05:12:E6:14:6C:C3:91:DE:DB:06:DE ValidityWed, 27 Sep 2023 00:59:44 GMT - Tue, 26 Dec 2023 00:59:43 GMT
File typeASCII text, with very long lines (43160), with no line terminators Hasha4ebc7499985f89f51514a7941d42755 426e11fb788360274437a6b38ddca17df4441172 846d2558831aeb877a06583d06f74a74f5366c810da2739e69ea92df020c0e43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js HTTP/1.1
Host: rabblespidersrenaissance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Oct 2023 22:59:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b4aa23aa3133a4c87563ba85fd70a00
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| images.vfl.ru/ii/1697025199/2d40d0fc/39033877.jpg | 62.173.140.199 | 200 OK | 71 kB |
URL GET HTTP/1.1images.vfl.ru/ii/1697025199/2d40d0fc/39033877.jpg IP 62.173.140.199:443
ASN#34300 Internet-Cosmos LLC
CertificateIssuerGoogle Trust Services LLC Subject*.vfl.ru FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04 ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data Hashc9578ce1b30a7957a4f58916181545c1 5edd16bdbdd4c4caacd7ba9408b15b01bbb765fe 881c108606af7bdf549477962370e9b2e17f1473a875354f37a09c634e34d492
GET /ii/1697025199/2d40d0fc/39033877.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Oct 2023 22:59:36 GMT
Content-Type: image/jpeg
Content-Length: 70673
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 11 Oct 2023 11:53:19 GMT
ETag: "65268caf-11411"
Expires: Mon, 13 Nov 2023 22:59:36 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| rabblespidersrenaissance.com/watch.1155184760552.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=5595b258-07ec-439d-bbd1-7fea07f58238%3A3%3A1 | 173.233.137.36 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1rabblespidersrenaissance.com/watch.1155184760552.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=5595b258-07ec-439d-bbd1-7fea07f58238%3A3%3A1 IP 173.233.137.36:443
CertificateIssuerLet's Encrypt Subjectrabblespidersrenaissance.com Fingerprint73:4E:26:17:C1:CF:AC:01:11:05:12:E6:14:6C:C3:91:DE:DB:06:DE ValidityWed, 27 Sep 2023 00:59:44 GMT - Tue, 26 Dec 2023 00:59:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1155184760552.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=5595b258-07ec-439d-bbd1-7fea07f58238%3A3%3A1 HTTP/1.1
Host: rabblespidersrenaissance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 14 Oct 2023 22:59:36 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Location: https://rabblespidersrenaissance.com/watch.1155184760552.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=5595b258-07ec-439d-bbd1-7fea07f58238%3A3%3A1&shu=ac6ddf1f014350d045d96ab2ea05ae8a80831f8619fe0d74888fd84ca8d8167e9a966c3f00e3b21f516203d76a08e9611da09dc8852a15d172f82be64da4e64cb6b7641bf51e5385c736a6e21495375f7da945ddc08ebe9d7e73a7421086&pst=1697324436&rmtc=t
Set-Cookie: u_pl=19067264; expires=Sun, 15 Oct 2023 22:59:36 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjgiOiJlZDZjYTVlYjhhYmM5YTg2NGZmYTM5MTE1Nzk5YjY0MSIsIjI5IjoiM2EyMjZhNjY0MGE2NDQ2ZGJjN2NkYzk2ZWNjNmIzZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vIn19.whvp_sQpIdUSm4SK7_ZQxkz-uJBivC_dFSr-vXd5VZ4; expires=Sat, 14 Oct 2023 23:00:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28354406c9d75af61d8bbad66bccabd6
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| images.vfl.ru/ii/1696713535/648489ee/39029634.jpg | 62.173.140.199 | 200 OK | 31 kB |
URL GET HTTP/1.1images.vfl.ru/ii/1696713535/648489ee/39029634.jpg IP 62.173.140.199:443
ASN#34300 Internet-Cosmos LLC
CertificateIssuerGoogle Trust Services LLC Subject*.vfl.ru FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04 ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 412x667, components 3\012- data Hasha415bdab5e6150241178552746fe5d71 3cb9afec132f0cf1a88e83abc0b77614ee20f5b6 8155cd0c598eeeb3df53fc23087d819333a91d25521f7f8401241b279e13bf35
GET /ii/1696713535/648489ee/39029634.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Oct 2023 22:59:37 GMT
Content-Type: image/jpeg
Content-Length: 31191
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 07 Oct 2023 21:18:55 GMT
ETag: "6521cb3f-79d7"
Expires: Mon, 13 Nov 2023 22:59:37 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| my.rtmark.net/gid.js?userId=a53fc37264d74665b3856b33232234c6 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=a53fc37264d74665b3856b33232234c6 IP 139.45.195.8:443
CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1 ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT
File typeJSON data\012- , ASCII text Hash4185597917c681706802b8a43b8ee2c6 c856d5a1dccc5d1b2d7268a73f61446486681820 6ff760df8872ce038a79b2dcea109abc0e77f696bad670a3aa03f61106d46d1d
GET /gid.js?userId=a53fc37264d74665b3856b33232234c6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nsw2u.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a53fc37264d74665b3856b33232234c6; expires=Sun, 13 Oct 2024 22:59:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| images.vfl.ru/ii/1696499345/2d834ce4/39025715.jpg | 62.173.140.199 | 200 OK | 46 kB |
URL GET HTTP/1.1images.vfl.ru/ii/1696499345/2d834ce4/39025715.jpg IP 62.173.140.199:443
ASN#34300 Internet-Cosmos LLC
CertificateIssuerGoogle Trust Services LLC Subject*.vfl.ru FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04 ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data Hashd54f3e961e843224381b52420787300b b24ff4dd6ff0b3c210ac80ccec30d1612bfb2c70 230c8719f7ff0cd67d89b8c5052dcc864b6c7ebbb62bf2ec21228af727652049
GET /ii/1696499345/2d834ce4/39025715.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Oct 2023 22:59:36 GMT
Content-Type: image/jpeg
Content-Length: 45689
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 05 Oct 2023 09:49:05 GMT
ETag: "651e8691-b279"
Expires: Mon, 13 Nov 2023 22:59:36 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| images.vfl.ru/ii/1696606849/450212ed/39028293.jpg | 62.173.140.199 | 200 OK | 86 kB |
URL GET HTTP/1.1images.vfl.ru/ii/1696606849/450212ed/39028293.jpg IP 62.173.140.199:443
ASN#34300 Internet-Cosmos LLC
CertificateIssuerGoogle Trust Services LLC Subject*.vfl.ru FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04 ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data Hashf31e59ed8b4014e8c240b752b138ca58 92fe10034473f9c1939631c2c50642bfa521bf0f 2e559285efef0bb13f7cb134710ea244f456a76074859562fff2cd86952aed87
GET /ii/1696606849/450212ed/39028293.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Oct 2023 22:59:37 GMT
Content-Type: image/jpeg
Content-Length: 85525
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 06 Oct 2023 15:40:49 GMT
ETag: "65202a81-14e15"
Expires: Mon, 13 Nov 2023 22:59:37 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg | 62.173.140.199 | 200 OK | 67 kB |
URL GET HTTP/1.1images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg IP 62.173.140.199:443
ASN#34300 Internet-Cosmos LLC
CertificateIssuerGoogle Trust Services LLC Subject*.vfl.ru FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04 ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data Hash81eb51e7c3a0df2a962b5b00d61669ff 42c531b818a0bc7e01c602c8668f21065d8cd67d 9ee994cfc66772056b1ae42f4012412d4a9f49fc8250c2c22153e54caed7b965
GET /ii/1692466089/24d36bc8/38995517.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Oct 2023 22:59:37 GMT
Content-Type: image/jpeg
Content-Length: 66636
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 19 Aug 2023 17:28:09 GMT
ETag: "64e0fba9-1044c"
Expires: Mon, 13 Nov 2023 22:59:37 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| images.vfl.ru/ii/1696380530/d1e56cf6/39023796.jpg | 62.173.140.199 | 200 OK | 54 kB |
URL GET HTTP/1.1images.vfl.ru/ii/1696380530/d1e56cf6/39023796.jpg IP 62.173.140.199:443
ASN#34300 Internet-Cosmos LLC
CertificateIssuerGoogle Trust Services LLC Subject*.vfl.ru FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04 ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data Hash8fb21aff3c5603164134463b537c2f06 db677f758830d5083c36c8cb55bada22376c5b03 6cd036c8cc0d0b0bc4c32b26f0e630234780d45f573d465103ca04f6c25a93e8
GET /ii/1696380530/d1e56cf6/39023796.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Oct 2023 22:59:37 GMT
Content-Type: image/jpeg
Content-Length: 54351
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 04 Oct 2023 00:48:50 GMT
ETag: "651cb672-d44f"
Expires: Mon, 13 Nov 2023 22:59:37 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| images.vfl.ru/ii/1692466506/8e093ade/38995519.jpg | 62.173.140.199 | 200 OK | 62 kB |
URL GET HTTP/1.1images.vfl.ru/ii/1692466506/8e093ade/38995519.jpg IP 62.173.140.199:443
ASN#34300 Internet-Cosmos LLC
CertificateIssuerGoogle Trust Services LLC Subject*.vfl.ru FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04 ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data Hashf5ca0775d6b4c6d61ccb84d080eab5b3 71044f9bb69af45e4f171cf7e7c0ff3c9bcdfb1f a968f61a9dcb9774217eee6c6298381b912ef95f00d273c551485c5d73930696
GET /ii/1692466506/8e093ade/38995519.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Oct 2023 22:59:37 GMT
Content-Type: image/jpeg
Content-Length: 61571
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 19 Aug 2023 17:35:06 GMT
ETag: "64e0fd4a-f083"
Expires: Mon, 13 Nov 2023 22:59:37 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1 | 192.0.77.2 | 200 OK | 7.7 kB |
URL GET HTTP/2i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1 IP 192.0.77.2:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash1f2664d6059193e6c1a59ee7ef14d1a0 46542860abd849426ea23d66c601ff0888d735db f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621
GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:37 GMT
content-type: image/webp
content-length: 7712
last-modified: Sun, 19 Feb 2023 09:06:19 GMT
expires: Tue, 18 Feb 2025 21:06:19 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6b02d3dbdaa697a7"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| images.vfl.ru/ii/1696413057/d6012654/39024631.jpg | 62.173.140.199 | 200 OK | 71 kB |
URL GET HTTP/1.1images.vfl.ru/ii/1696413057/d6012654/39024631.jpg IP 62.173.140.199:443
ASN#34300 Internet-Cosmos LLC
CertificateIssuerGoogle Trust Services LLC Subject*.vfl.ru FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04 ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data Hash33f03174acbe027a947bea29f4bd9a9c d9ac82e4b1aa6e9d23ab6cf376cdb2e77ea8bbe9 7c83cabdcce42904e30b4444eb9995271eebdaab4399caf7d81d14b6d434b88e
GET /ii/1696413057/d6012654/39024631.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Oct 2023 22:59:37 GMT
Content-Type: image/jpeg
Content-Length: 71099
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 04 Oct 2023 09:50:57 GMT
ETag: "651d3581-115bb"
Expires: Mon, 13 Nov 2023 22:59:37 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| images.vfl.ru/ii/1696002141/146fe0ac/39018698.jpg | 62.173.140.199 | 200 OK | 72 kB |
URL GET HTTP/1.1images.vfl.ru/ii/1696002141/146fe0ac/39018698.jpg IP 62.173.140.199:443
ASN#34300 Internet-Cosmos LLC
CertificateIssuerGoogle Trust Services LLC Subject*.vfl.ru FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04 ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data Hashc460612c4d4cb7eb70853eebce076baf 3d6be3f9f61590ecaac2ab42fb08786fc0888d39 2448139dc41930859e47eac8e14abb85784ec5577b7ace629055103102371af3
GET /ii/1696002141/146fe0ac/39018698.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 14 Oct 2023 22:59:37 GMT
Content-Type: image/jpeg
Content-Length: 72238
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 29 Sep 2023 15:42:21 GMT
ETag: "6516f05d-11a2e"
Expires: Mon, 13 Nov 2023 22:59:37 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
|
|
| rabblespidersrenaissance.com/watch.1155184760552.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=5595b258-07ec-439d-bbd1-7fea07f58238%3A3%3A1&shu=ac6ddf1f014350d045d96ab2ea05ae8a80831f8619fe0d74888fd84ca8d8167e9a966c3f00e3b21f516203d76a08e9611da09dc8852a15d172f82be64da4e64cb6b7641bf51e5385c736a6e21495375f7da945ddc08ebe9d7e73a7421086&pst=1697324436&rmtc=t | 192.243.61.225 | 200 OK | 2.1 kB |
URL GET HTTP/1.1rabblespidersrenaissance.com/watch.1155184760552.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=5595b258-07ec-439d-bbd1-7fea07f58238%3A3%3A1&shu=ac6ddf1f014350d045d96ab2ea05ae8a80831f8619fe0d74888fd84ca8d8167e9a966c3f00e3b21f516203d76a08e9611da09dc8852a15d172f82be64da4e64cb6b7641bf51e5385c736a6e21495375f7da945ddc08ebe9d7e73a7421086&pst=1697324436&rmtc=t IP 192.243.61.225:443
ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectrabblespidersrenaissance.com Fingerprint73:4E:26:17:C1:CF:AC:01:11:05:12:E6:14:6C:C3:91:DE:DB:06:DE ValidityWed, 27 Sep 2023 00:59:44 GMT - Tue, 26 Dec 2023 00:59:43 GMT
File typeHTML document text\012- HTML document, ASCII text, with very long lines (2648) Hashfafdbcab2e841e3d69d7e9c3c405e448 07d1afb007a773dce187343699668377330cd1b1 d0eda76105203b6d866ad156af1d12a6c00b892d065408669cdda0e1b6bb775a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1155184760552.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2F&tz=0&dev=e&res=14.2079&uuid=5595b258-07ec-439d-bbd1-7fea07f58238%3A3%3A1&shu=ac6ddf1f014350d045d96ab2ea05ae8a80831f8619fe0d74888fd84ca8d8167e9a966c3f00e3b21f516203d76a08e9611da09dc8852a15d172f82be64da4e64cb6b7641bf51e5385c736a6e21495375f7da945ddc08ebe9d7e73a7421086&pst=1697324436&rmtc=t HTTP/1.1
Host: rabblespidersrenaissance.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19067264; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjgiOiJlZDZjYTVlYjhhYmM5YTg2NGZmYTM5MTE1Nzk5YjY0MSIsIjI5IjoiM2EyMjZhNjY0MGE2NDQ2ZGJjN2NkYzk2ZWNjNmIzZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vIn19.whvp_sQpIdUSm4SK7_ZQxkz-uJBivC_dFSr-vXd5VZ4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Oct 2023 22:59:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5595b258-07ec-439d-bbd1-7fea07f58238:3:1; expires=Sat, 21 Oct 2023 22:59:37 GMT; secure; SameSite=None
iprc43849944d24ebb057e4e7a7d8065a15f=3570421; expires=Sun, 15 Oct 2023 02:59:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 15 Oct 2023 22:59:37 GMT; secure; SameSite=None
uncs=1; expires=Sun, 15 Oct 2023 22:59:37 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sun, 15 Oct 2023 22:59:37 GMT; secure; SameSite=None
uncs32=1; expires=Sun, 15 Oct 2023 22:59:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c2a155692f438a19eec62a5f7a09fb1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| banquetunarmedgrater.com/advertisers.js | 172.67.196.166 | 200 OK | 0 B |
URL GET HTTP/2banquetunarmedgrater.com/advertisers.js IP 172.67.196.166:443
CertificateIssuerGoogle Trust Services LLC Subjectbanquetunarmedgrater.com Fingerprint77:2B:76:51:D0:51:70:02:2E:BF:B7:9B:02:8B:5A:A4:91:FA:0B:9E ValidityMon, 11 Sep 2023 08:34:11 GMT - Sun, 10 Dec 2023 08:34:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Oct 2023 22:59:37 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 376238843fcbe525af67dc483cfc4476
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 14 Oct 2023 22:59:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPsPucHfMjQaGz%2BfSKf2zWkSjQGctqJTI1HquOYIgKerAcRwYcZkTvJ6pcgmMTZZURrj16QBZylZ18vF77CtC3CpIOKDtPvpQmarUA7gctg7KyAwTQsIVIcHeaTZAIlywh0s7SKG%2BagMGo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636f0d2fcd56b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js | 188.114.97.1 | 200 OK | 4.5 kB |
URL GET HTTP/3nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash0e78b1db7d662e95ae8c3506146b080a 9f1675c87a306e4dd45f84d0b7ac484ae506245e 6e79424f448b401656e2384514c9332a4baa6ab4d458ba048655e01f4b1c60f2
GET /wp-content/themes/posterpro/foundation/js/foundation.core.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRUcZN%2BuWy4EG4vVLwUEUpSgv0VQ55LYMqAXwnAsDUWdKW5J90zcwrowtgQZwoOIgE7ynQGWpKiFteGdUcvV550DTTIkuBD6E3zLH57iiC2xqySWMBwDsJDQ9%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efcea8db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg | 45.133.44.10 | 200 OK | 25 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg IP 45.133.44.10:443
ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42 ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File typeJPEG image data, baseline, precision 8, 320x50, components 3\012- data Hashd465d02b90e928dfd9d9846e102a9dac 22f7333777bec813bd9a7b870913a2b79b6d2fe4 e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Oct 2023 22:59:37 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Mon, 16 Oct 2023 22:59:37 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| friendshipmale.com/sfp.js | 104.21.234.33 | 200 OK | 86 kB |
URL GET HTTP/2friendshipmale.com/sfp.js IP 104.21.234.33:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37 ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Oct 2023 22:59:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5633dd0ac2d2e8cf0e5c0e0d5df76d7f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 14 Oct 2023 22:59:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8jF%2FLjwIOFvvp4nNdh0LOXVqksU7mU83JpwcKTQw6F2g7gl1ocFCO6Ur5C81swNalUlkgLxjf4lWI2m7j5eRSUBMf20xjZneR66asx7zBKhaYySjjHqCn3%2B6J7QQE%2FRWe28vNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636f0c6ac16359-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| c0.wp.com/p/jetpack/12.7/css/jetpack.css | 192.0.77.37 | 200 OK | 101 kB |
URL GET HTTP/2c0.wp.com/p/jetpack/12.7/css/jetpack.css IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Size101 kB (100602 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/jetpack/12.7/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 10 Oct 2023 19:16:20 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| stats.wp.com/w.js?ver=202341 | 192.0.76.3 | 200 OK | 11 kB |
URL GET HTTP/2stats.wp.com/w.js?ver=202341 IP 192.0.76.3:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (10778), with no line terminators Hashf6c87bc49e7646c7ccda489b9defc829 9003fc52b4c4014b4bd9fe2f4506440b299478b2 e97d12898ebf1039197a2a1c2f87bfe3b56f93eca2bfe60a46a1053fab7ad860
GET /w.js?ver=202341 HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/10813-1684461103132.7104
content-encoding: br
expires: Mon, 07 Oct 2024 13:30:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
|
|
| i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1 | 192.0.77.2 | 200 OK | 7.7 kB |
URL GET HTTP/2i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1 IP 192.0.77.2:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash1f2664d6059193e6c1a59ee7ef14d1a0 46542860abd849426ea23d66c601ff0888d735db f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621
GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: image/webp
content-length: 7712
last-modified: Sat, 11 Jun 2022 22:08:00 GMT
expires: Tue, 11 Jun 2024 10:08:00 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "416c01d7e07bbbbf"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js | 188.114.97.1 | 200 OK | 124 kB |
URL GET HTTP/3nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with very long lines (32024) Size124 kB (123510 bytes) Hash7ed39eb42c8c450b59a24bab9cfa7fae 7fdd3fee90709f703fac533b6061864fcd7ec206 35ddb1ce73a4ac4f4792b00c8b8c56cbf857910ada5e2a0183d898b01adc16bb
GET /wp-content/themes/posterpro/foundation/js/foundation.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBDSUsURiwACu4F%2FeeII5tnfrddiSsupiQukl3ybJiGJWOWNW4RDjQ5EKm3L2uuyxuarfbSkpebIiiIVM5XwSmIFiKPIfAQaewXsOe31TIkVwOyvd8djyGc0RGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efcda86b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| c0.wp.com/c/6.3.2/wp-includes/js/dist/url.min.js | 192.0.77.37 | 200 OK | 9.1 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/js/dist/url.min.js IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (10357), with no line terminators Hash93d89333b0ea716b0dded414b6fd690e bea26f3b7bf556a03bf81259459154e5728de2cb acab68f8aa0636ce9058f6bf3d72d59dede88fb7111dd75532dcbd572ecb8722
GET /c/6.3.2/wp-includes/js/dist/url.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.3.2/wp-includes/css/dist/block-library/style.min.css | 192.0.77.37 | 200 OK | 104 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/css/dist/block-library/style.min.css IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Size104 kB (104484 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/6.3.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 19 Jul 2023 11:13:55 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.0 | 188.114.97.1 | 200 OK | 8.0 kB |
URL GET HTTP/3nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.0 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with very long lines (8246), with no line terminators Hash95e8541b1c7d8d1c6d971b8a1254f05e a0a315f535cefee969c8f938ae9133beb051b51d 94d90d0cae68aae94246413284189ad0fd41bca226dcfc1d3394f25087df2ede
GET /wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 25 Sep 2023 10:34:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcthfPfLMu1mWxBnNUX2uzYgSMw8VC3%2FmvUxugF2s5b6MDI4FDZvFmsrEeKpTUvsg3E0Tj%2FY0uhS9pD5edj1hgDpU%2F8BCscm2TlkcYC0NxCRe5WaXVkbhkSYy4Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efcea97b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.2 | 188.114.97.1 | 200 OK | 68 kB |
URL GET HTTP/3nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.2 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.2 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:31:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bi%2Bz6Y%2Be3Vicg%2Foc5QOytyauFji%2BUvV9tcRbbjAtHzN9JGA6M0Yv%2FqYBHFuh%2FF%2BHBQUPpuVqZZdeHTfBUD%2BrN3ZxXEIM%2FM6nDq4c3DzAFtinabRfiNQS2KbQfyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efcea96b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| c0.wp.com/c/6.3.2/wp-includes/js/dist/i18n.min.js | 192.0.77.37 | 200 OK | 9.4 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/js/dist/i18n.min.js IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (9729), with no line terminators Hash3597d2da73a2e3de74981fcc5ecbfce4 94f7e899ca4635c129e8285579b3f0e38cf19730 080a50955b97dc50d39c296cc22e8d02f07a3cfcc58d3127d93466e281514637
GET /c/6.3.2/wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 28 Jun 2023 20:08:46 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| | 188.114.97.1 | 200 OK | 333 kB |
URL User Request GET HTTP/2IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Size333 kB (333368 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Oct 2023 22:59:33 GMT
content-type: text/html
last-modified: Sat, 14 Oct 2023 20:07:00 GMT
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ghg6%2BYvEydpTCpA9U0xJE5OSad37bh2u7dUyiYXWIkMCTBC0rIW9piVFiEypOqQjq8KQbkMgqm3D%2F5AbxCn3uxnyNgWNFqdWFSZppJyXJkyO9sZcxsNcuni3oEI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636ef57a9db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.31 | 188.114.97.1 | 200 OK | 22 B |
URL GET HTTP/3nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.31 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with no line terminators Hash41bd53fe0ee631d5cfd895e18a53291d 9d9d3c42c53ad7f906cb083a0d2d37afb4537764 dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40
GET /wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.31 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
content-length: 22
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=24
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:13 GMT
cf-cache-status: HIT
age: 10108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vd1xe%2FDnNBKhKmPs99RPwhvl2Hb9X6EUocG%2BK7SgkvEUNsKDjEYwMxiNoyRnUIZHMEds%2B5W1jMmw1m%2FFW1ZPBoJiBPU8%2FOT0Pw%2F1y5c1Ky7vmAeamamZdliniOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636efcba74b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.2 | 188.114.97.1 | 200 OK | 4.6 kB |
URL GET HTTP/3nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.2 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with very long lines (4857), with no line terminators Hash3c05b4818fda400788cc5c2f60d87ea4 01e544e8461be8bb14a13fb8be13cc1e8259858e db8170cdde3c954a075a4c1cfe836be73fc450ee8a298978470ca6a110284a08
GET /wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.2 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:31:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZpXwgT0nuGah0hbQ5PljCTxyzFdhL9F1ofY7NeJXJzt34DlXM52guJZLQz%2F9PqiK69%2BfO8jF7t82UFIQOdOBR8x9sc868STeFwPxaKhq93zRyZjNi0bl5WFxoM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efcea9ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill.min.js | 192.0.77.37 | 200 OK | 16 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill.min.js IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f | 188.114.97.1 | 200 OK | 77 kB |
URL GET HTTP/3nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: _ga_V5K7GYT3S4=GS1.1.1697324376.1.0.1697324376.0.0.0; _ga=GA1.1.1560127986.1697324376; _ga_HS5Y0K7QPG=GS1.1.1697324376.1.0.1697324376.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:36 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Thu, 12 Oct 2023 20:06:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 9614
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxOGwPdqZ10McdaiBcnbNPGwtjYR5nHcGGd%2BNI2551yfzbKYABFpIh5VCZDrcc9rJo%2FJ%2FmvHeeF4o%2FKgBNXsKd%2FFfAZtt1LqVlQ%2BFWglNSyEwdSz6ccl9FM7ouA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636f099b1ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| c0.wp.com/c/6.3.2/wp-includes/js/dist/hooks.min.js | 192.0.77.37 | 200 OK | 4.6 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/js/dist/hooks.min.js IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (4704), with no line terminators Hash414c8462f6209b4905f767c8ba5c787d a80b8b79908e6cdf11648f810e707a75c859cda3 007c3734a3f7737d74061ab5b96905dcb14ba1f88e7a6df55364b9d9573e3ce1
GET /c/6.3.2/wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js | 192.0.77.37 | 200 OK | 6.6 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (6777), with no line terminators Hash4b5583c1e3d9c4f85089eebae5b0ea63 8f1a4ba1dabf9fb35cfc2a2ebd08b93a91c0923b 4c4ee791f1baebfe9e127c3341a2eda8e6e8a5debf27d91fae8c04cd2adb1527
GET /c/6.3.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2023 15:56:37 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| nsw2u.com/ | 188.114.97.1 | 200 OK | 0 B |
IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: _ga_V5K7GYT3S4=GS1.1.1697324376.1.0.1697324376.0.0.0; _ga=GA1.1.1560127986.1697324376; _ga_HS5Y0K7QPG=GS1.1.1697324376.1.0.1697324376.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:36 GMT
content-type: text/html
last-modified: Sat, 14 Oct 2023 20:07:00 GMT
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwmIowBUB%2FVc%2B6NAoP2y95suS4Lno42DxldLKExQW58WsruEbKVfBtXXpnwZGcgiBcmmbFrmRHbMlKHl58eUH0G3WtT8F5%2BBkMUNIRoLhZuHRi7K9VNuCipvq7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636f09cb4db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.31 | 188.114.97.1 | 200 OK | 21 B |
URL GET HTTP/3nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.31 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with no line terminators Hash169a5dd1261e0d434162d1af68acbbcd c18d59ed069049b012a61a8e6b958bfb25bc1b71 82b3dabc6615507ef352f36aa08a805d409e883f8024fd01fda43175b6b67b38
GET /wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.31 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
content-length: 21
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:14 GMT
cf-cache-status: HIT
age: 10108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0h%2B9ynDMEP7%2FqYehE%2Bs%2B4gTC6StTMRkB%2FzntMulNXhOk2SEZMOXUjc8PvQgcAju9UWHiRe5NoUICRNrd5DU7rLSF%2FHekq9vi0A8HIh5Zj4bDA59vX6cOCSLc9z4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636efcea95b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.31 | 188.114.97.1 | 200 OK | 110 B |
URL GET HTTP/3nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.31 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with no line terminators Hash70cd599fb1a952f67216cc82829f9ada 74cfae7f053f69abf2dce9cb74c962a83b8ba8bf 1fa8347df53b4287898f910b10e189b287e5610aa9d6cd322fb53d487b37a56d
GET /wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.31 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=112
expires: max-age=A10368000, public
last-modified: Fri, 22 Sep 2023 09:31:13 GMT
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0l454Br4nTyLOJcR2ZxKERRaucauHiFQ951QQaHUP0X0D4hfsgcoblDx2rhn5C8NjCRW%2B%2B6Cl1w1gDHotuM4OqwuGbdvH6apebNl1ZcWXZSyTXt2aFI3GE19Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81636efcca76b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nsw2u.com/wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js | 188.114.97.1 | 200 OK | 6.2 kB |
URL GET HTTP/3nsw2u.com/wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with very long lines (6303), with no line terminators Hashf9853427f0beb8a283ac3cdabe910ad6 8fcd5776a89dbe61bde8c23df7abd40148d0a336 1d280a7d6bcd1ea74968f32131f53c6a7b39468f6d7f9a21543fef8525b405ca
GET /wp-content/cache/wpfc-minified/7kcuf8x0/5qz0r.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Tue, 29 Aug 2023 11:06:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CI9mOQ2w4sHxN6R1yQTIH0nkC9cknEVbeS6JC1%2FLxWOaKHtnPKeLDD3oLl%2FtaNxmQSvXRcjl4QTasnk5EGyDNC13GBl9yZSdjgUXX999b%2Bm3R320iPkr2o4ND38%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efd2abeb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js | 192.0.77.37 | 200 OK | 8.2 kB |
URL GET HTTP/2c0.wp.com/c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js IP 192.0.77.37:443
CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37 ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (8365), with no line terminators Hash08e6714eaf3cfe8f3c7839f22d90ba4e 94fdad68854d0d3482b877aef7ba7c2eb265c621 e424039d5a737a1bda8a5ded60919e5067085729310762eebb09c20e07d249c8
GET /c/6.3.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
content-encoding: br
expires: Sun, 13 Oct 2024 22:59:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/dmlqt.css | 188.114.97.1 | 200 OK | 8.1 kB |
URL GET HTTP/3nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/dmlqt.css IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with very long lines (8145), with no line terminators Hash734068ce5268bc23a7506f3e9e9f5d41 acf53910826dc6702a5fb8f2bf6aab44b17f4886 2dd5b45b7df3d954548b70324f5730bf593bcdab6dac3632cc19ac119e8912a8
GET /wp-content/cache/wpfc-minified/q8eepl4d/dmlqt.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sun, 03 Sep 2023 08:56:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 9614
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5nZnZIcCSseLq903GywFoZ8R5td5n79suP2SJlM%2FwgRHeWF8%2FXrHMm0qPJ7b4YgOQI3ibbiYWGeW1Uuf2lV1Ue82U7RUd7xsQHn55kIzo98X1NAX%2BREOQAvULQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636ef9c805b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.3.2 | 104.17.24.14 | 200 OK | 3.1 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.3.2 IP 104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (3166), with no line terminators Hash268941a21977d78e5375571a621395be e31219f1b0ded9a8cc5834a977297006fedd2c07 b6e184987af8853a448d3300cecb87e5c9c91adcf6af8bde29199a9d94bc3cd7
GET /ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.3.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 1101
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-bf7"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 11845989
expires: Thu, 03 Oct 2024 22:59:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfSZsb3TWToecf2s26U1Bds4yjHf76M97%2BTuv%2BsPY262P4d2xMnqyOD8rz9GjHTQJu8hhTeekT1a3JDUict8HTaCRUAXZfyO6txs4daNnymsk%2BuO8dEbeet7ADvA98WWyC8jqp5C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81636efd3f90b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=0aa4f53ecbe8911b5307 | 188.114.97.1 | 200 OK | 7.6 kB |
URL GET HTTP/3nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=0aa4f53ecbe8911b5307 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File typeASCII text, with very long lines (7804), with no line terminators Hash9c77b566bd54b44feb40dae5abb672fd 4800962e6abb9f034197101fd654cd8f89e40e51 4fa5b8f79358bd73eafe22ac4a73531acbbed4b61f646d001d8636f27c4b2b07
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=0aa4f53ecbe8911b5307 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:34 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Thu, 12 Oct 2023 20:06:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyxeRAWGWp59trcShph4xgIx9SVt%2Be%2FqeG%2FdTj6IizrHpfgdouFGYqhKpyRW78rvvpCd9fBowakim83Hu8tLQ8ao4i8peuCG%2F4N0FSp%2Bz9S6o1KkE932ipfwFZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636efd0aa1b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| formationwallet.com/pixel/purst?dl=0&th=0&sc=0&rs=3512&rd=3512&fd=608&bv=23.10.v.1&tmpl=70 | 173.233.137.52 | 200 OK | 0 B |
URL GET HTTP/1.1formationwallet.com/pixel/purst?dl=0&th=0&sc=0&rs=3512&rd=3512&fd=608&bv=23.10.v.1&tmpl=70 IP 173.233.137.52:443
CertificateIssuerLet's Encrypt Subjectformationwallet.com FingerprintFB:1B:95:13:DB:5E:B2:BD:D9:2C:E1:1E:D6:05:5D:BA:63:17:4D:14 ValiditySat, 23 Sep 2023 00:48:03 GMT - Fri, 22 Dec 2023 00:48:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=3512&rd=3512&fd=608&bv=23.10.v.1&tmpl=70 HTTP/1.1
Host: formationwallet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Oct 2023 22:59:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=ae1ab3cfcf7670b1d705 | 188.114.97.1 | 200 OK | 36 kB |
URL GET HTTP/3nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=ae1ab3cfcf7670b1d705 IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=ae1ab3cfcf7670b1d705 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Cookie: _ga_V5K7GYT3S4=GS1.1.1697324376.1.0.1697324376.0.0.0; _ga=GA1.1.1560127986.1697324376; _ga_HS5Y0K7QPG=GS1.1.1697324376.1.0.1697324376.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Oct 2023 22:59:36 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Thu, 12 Oct 2023 20:06:14 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 9614
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5NFKMEXdrmiwEDNDFuJrbp5m29vzD3JqwSaQ3uLaKwaQHUQvB3JXo%2FW03dxQMYLhvbSkaIA23v8EaK3R08PpsN9pzIkRbJK5jLtyQMqehVkNf66Ez%2Fqjuiec6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81636f09cb50b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| nsw2u.com/wp-content/cache/wpfc-minified/ehn7s3j8/dmlqt.css | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3nsw2u.com/wp-content/cache/wpfc-minified/ehn7s3j8/dmlqt.css IP 188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectnsw2u.com FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
|