GET nsw2u.com/page/714?publics/index/37
301 Moved Permanently 0 B URL User Request GET HTTP/1.1 nsw2u.com/page/714?publics/index/37
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /page/714?publics/index/37 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Nov 2023 14:35:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 09 Nov 2023 15:35:08 GMT
Location: https://nsw2u.com/page/714?publics/index/37
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef5sNxl3aC%2FsvuNn%2B3iXHYZbMFltfbHguBzhTrRaM4%2F9Hw4g091CLhq260vcczsRYF0cHX2Es17WsgyUVn%2FqVZxzR9%2Bm1LOFvuvAxTRon7P9ZJNfevVFYd7hIwo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8236c7d35e1a569d-OSL
alt-svc: h2=":443"; ma=60
GET nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
200 OK 16 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash 134fce13c189ed0e483a1bddb6406204
eed559ac52e9731c56a1fb03eb94fc82e551bb66
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
GET /wp-content/plugins/chp-ads-block-detector/assets/img/icon.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: image/png
content-length: 15671
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:29:33 GMT
cf-cache-status: HIT
age: 722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VUjCRWGmxuW76TIs8Sdl1Eh26CpTDpQmICf9KTc9GLhdTyRyNidjBKMugGdJodwLEw3qj1JbrqtKHDeSCdfqiRR70cpfEWhViT82rtvLSI9fjhesktVYi1zePA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c7f0ec38b527-OSL
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
200 OK 95 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /wp-content/plugins/ad-inserter/images/ads.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: image/png
content-length: 95
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:19 GMT
cf-cache-status: HIT
age: 722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmcoH44CDjFRLY1gzwBxbij1ji%2Fj4o0zCBamTWuqybhk%2BCJSlH6t0X8yJyqwH%2FJxMU7r7aAXPQ89vlttuck2MdDJxCYxGZ8ietwUIQ71QMsKUS6g61d5ZMSvOJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c7f10c4eb527-OSL
alt-svc: h3=":443"; ma=86400
GET i0.wp.com/images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1
200 OK 44 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75c6cf85f705a0e0864e59824ab2c735
cab75b114fd4bfefe79a88008824f651801bd557
8e2a80cbd5c939e48360b46716bf1cd7598ad513f525a34ae9b2a3f549c0d18e
GET /images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: image/webp
content-length: 44016
last-modified: Mon, 02 Oct 2023 12:52:59 GMT
expires: Thu, 02 Oct 2025 00:52:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1696250976/cac8d0a1/39022607.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "88dd70ee97fb240b"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i0.wp.com/images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1
200 OK 42 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4928f7b25fded3f8d8a950e9d163f32
d3c246313c0b85eb96b9bea998baeb1c8da5a7c5
6590cb89e20fcfe488bf87db73a0a86d040513f68b0711e6456c0a0da091bce4
GET /images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: image/webp
content-length: 42380
last-modified: Tue, 10 Oct 2023 09:05:01 GMT
expires: Thu, 09 Oct 2025 21:05:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1696928090/cd438cd8/39032848.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1f81867bb8a4a38b"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
200 OK 32 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3dde27351094fd110611b7099df7612d
1f8633afc647ab96114d9cd7b87b2e1bd9d73fae
f7118208621987432e4309b2429b3ca26191166ec2b5b4dfab15204958f9de33
GET /images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: image/webp
content-length: 31608
last-modified: Sat, 25 Mar 2023 13:28:37 GMT
expires: Tue, 25 Mar 2025 01:28:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5948b74d64865dea"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i0.wp.com/game-2u.com/wp-content/uploads/2023/10/Age-of-Empires-II-DE-The-Mountain-Royals-RUNE-PC.jpg?ssl=1
200 OK 17 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/10/Age-of-Empires-II-DE-The-Mountain-Royals-RUNE-PC.jpg?ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 02fc29cfdc78e56ec3279f3b0e3345ef
679b5425a78272fea18ed6e0c8ce7772bfe85a63
730f35a2879e8fc876133fb86fac2eb586d7ba1dc5d0f563668108ae8a669cd6
GET /game-2u.com/wp-content/uploads/2023/10/Age-of-Empires-II-DE-The-Mountain-Royals-RUNE-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: image/webp
content-length: 16824
last-modified: Tue, 31 Oct 2023 20:37:35 GMT
expires: Fri, 31 Oct 2025 08:37:35 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/10/Age-of-Empires-II-DE-The-Mountain-Royals-RUNE-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cc6c5f2c1dcd46ff"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1
200 OK 2.8 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 948c6dc3d3c1e2e9d315418f6eabe2bf
ed06ff1f0994f3be033f22d808241d3fcca9d1e8
3a2e29960ba6130c22ce96089a7592ae91b6a0d6a11595a10daaa9662522ad0b
GET /nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: image/webp
content-length: 2836
last-modified: Sat, 24 Sep 2022 18:25:42 GMT
expires: Tue, 24 Sep 2024 06:25:42 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/nsw2u.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0101732b85ce3bdc"
vary: Accept
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i0.wp.com/game-2u.com/wp-content/uploads/2023/10/RoboCop-Rogue-City-Alex-Murphy-Edition-GoldBerg-PC.png?ssl=1
200 OK 92 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/10/RoboCop-Rogue-City-Alex-Murphy-Edition-GoldBerg-PC.png?ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5d7a50ace4a9d050725b26ba025ca25c
9a7448e3cbdedeccbd01f6a6d0f92e5777c24a33
25436cd29c3e1708033440fdb6e02b7225f6b7a4841974719c6723c8f9569d84
GET /game-2u.com/wp-content/uploads/2023/10/RoboCop-Rogue-City-Alex-Murphy-Edition-GoldBerg-PC.png?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: image/webp
content-length: 92520
last-modified: Tue, 31 Oct 2023 20:37:35 GMT
expires: Fri, 31 Oct 2025 08:37:35 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/10/RoboCop-Rogue-City-Alex-Murphy-Edition-GoldBerg-PC.png>; rel="canonical"
x-content-type-options: nosniff
etag: "70166589900765f5"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i0.wp.com/game-2u.com/wp-content/uploads/2023/10/RoboCop-Rogue-City-RUNE-PC.jpg?ssl=1
200 OK 14 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/10/RoboCop-Rogue-City-RUNE-PC.jpg?ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df0dd5e780f36640012a3c382fdbb0a8
087dfacdb49ced47f3a554b422e597e071c0681a
75cae6a1d0b5d88d18a4e4c4238919ccf1cee1c21209ec5c150ddf966bbcba6a
GET /game-2u.com/wp-content/uploads/2023/10/RoboCop-Rogue-City-RUNE-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: image/webp
content-length: 13700
last-modified: Tue, 31 Oct 2023 20:37:35 GMT
expires: Fri, 31 Oct 2025 08:37:35 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/10/RoboCop-Rogue-City-RUNE-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "58968411a1be3901"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.5.1
200 OK 567 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.5.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash 2b1417b2c8b1f76a0616ff553bf38296
d84080cdc7bd11cf7c56c306c42476c1d53e0554
0b94682b8ee56671ee8d7cd5c49de744ec21d7d5d036ce9d4007a8899037f418
GET /wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=399
expires: max-age=A10368000, public
last-modified: Fri, 20 Oct 2023 08:20:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8%2FQ3v9f2wwNPDLJGE%2BoXSvlAnFkOjyTdKLGZs0N%2ByX4Cn7wDivDreJphy4d68G1wuUqyEyr7hWBBK%2BMxLMbR36gaWuXOo0jbPsQ9aa739clI%2By2bdAEZjz7mWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f0ec39b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.32
200 OK 23 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.32
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash e509c98a0bcad0ce8e6248ac8eb31de1
ec5fe203df631088270b5f2b0b7a85498a2aeb8b
352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63
GET /wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.32 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
content-length: 23
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=25
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:20 GMT
cf-cache-status: HIT
age: 722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcOQxzsIilz%2B%2B%2B%2Bay0mKpJtOkL9GXDuh2ejorn4XGCz%2BD8LaZamxYwwtRK%2FitRjKc%2FYz7rufKEBd7Shr6%2B2QbTXvwH5P2N6l1N35A6eqhIByMc4UH2rensm4wyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c7f3df26b527-OSL
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.32
200 OK 22 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.32
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash 41bd53fe0ee631d5cfd895e18a53291d
9d9d3c42c53ad7f906cb083a0d2d37afb4537764
dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40
GET /wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.32 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
content-length: 22
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=24
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:20 GMT
cf-cache-status: HIT
age: 722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FbFVeed4fIBMj36oGixJ3LPgCSWNwIGGimDpaEhBPTSf4FIHdKdjikqykXPeVN0wMH8ZtM2GFZBZAjanjWQ55RKc%2BhRgY1fc1l9ebToOMz%2BvFKMndNCj25%2BgSc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c7f3df2ab527-OSL
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.32
200 OK 21 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.32
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash 169a5dd1261e0d434162d1af68acbbcd
c18d59ed069049b012a61a8e6b958bfb25bc1b71
82b3dabc6615507ef352f36aa08a805d409e883f8024fd01fda43175b6b67b38
GET /wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.32 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
content-length: 21
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:22 GMT
cf-cache-status: HIT
age: 722
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4chKkVJIhhXfGYg1G2jUkIz5BYrPFHr4P1va6VhMQYGqB708JLC1khUNGzVNs6PV0wmX6v0SUGuBRaEVFXRYdn%2FWxvM4brwRQAc%2Fu5C%2BOfXoIc4aZhvm%2BityFvM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c7f3ef33b527-OSL
alt-svc: h3=":443"; ma=86400
8.3 kB URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1795972046:1699539020:JKlqcdQ9jRHgck_HzdtlmmOrVAD2yXK0rmscC1oCT9Q/8236c7d8fc6b56a8/ddd4869be3ee255
IP
File type ASCII text, with very long lines (3512), with no line terminators
Hash 25a5312401ee233fa2b6c397d7a39ca5
1ec6313508f4fe2a972c8a24ec9dee0831baaff4
df3af3d9c35d822de47ea1ebc54b204f14e44548219ef1a52cdd34b087500bd0
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1795972046:1699539020:JKlqcdQ9jRHgck_HzdtlmmOrVAD2yXK0rmscC1oCT9Q/8236c7d8fc6b56a8/ddd4869be3ee255 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bb85c/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: ddd4869be3ee255
Content-Length: 26147
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:11 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: uPlgnjH7oQFgzMKs2x5kGNyVeH5pXvuYFmLd6+r36roZ/dCudKD+d66TgNt4ecKM5JY1AD4szIvTTqM+37FJa5FF4IYV5xM70EJbTz+ptZxcZBW0iAf8pG5lmdQF6hGT$gW3T89ntITXeDbNZZ7qwwg==
cf-chl-out-s: vMwXLErDxgWfSlFZ4hzHqHEB3r5Ia4Y2jRsCS8fa648DYIDSKv/jPLYojTGYNq8NCrY7Uwbs8xCieQ0EDE0Ajm+zNRkEDVYSZrRML6VqIn0a7MyZ+WoNyG2NZ8vEHAwhy5G+0NnhgNv1Q7htJHoPcUhy6rSZBsJNV+VziUrvzQEA8hf7TOb4oh05IxeHcGG8Ku1I3+tlMSIg9IHRUqQwAebsunbmaciWd4i0Ut9jdhWtuJ8GPHvXTGltCB+4EzP1mNqPT3yyjHBX3t4KfX8n7g==$qZ4N5E49cyhs5CWb9Tc5IQ==
server: cloudflare
cf-ray: 8236c7e65bab56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.4.1
200 OK 1.1 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.4.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (3036)
Hash 94279a9a0c4060a96efcf1da47716f86
ea88b3fd8b01a8b86edfd0f4120cc9a834893018
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a
GET /ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.4.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 1101
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-bf7"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1076138
expires: Tue, 29 Oct 2024 14:35:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XBi9zKy95zAZHH3PrxAv9z0rYsrlLG1jfK1SdBlw%2BK46JoQFxkc4ethVBxLKm5HyUKg9nQYvKAiuQin5s7Tq%2Fz6WvZk71HASsGaUbkYpjjprukzT63snTOgOtp0RFQtoC8XS9Xf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8236c7f45e30b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.4.1
200 OK 677 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.4.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (1845)
Hash f6a3dd4ecbf227acbafcff33d68dc71d
7421115ddcd5d436b89a1fd27e0cdce5a01978e6
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
GET /ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.4.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 677
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-750"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1340549
expires: Tue, 29 Oct 2024 14:35:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZ%2BXBXLibNUti8yOPjVe8wFX7KcCx6hFNiI7Po3%2BBQxl5REKrmVG4%2FduAUV9LPCN%2Bn9TnXUas1W6QQhlY4diDjL6dsEtB8%2F1bPw0duWrcuL3F2V2O4SQC%2BqdLXRh39pPOQ3A4IKJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8236c7f46e51b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1
200 OK 82 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (439)
Hash 9c68274c21052262d9bef2672b251874
4919f3fbccaea37c7b1e1b7527d4208c3106b2dc
895b02a349918bd518d94bd7bd9dda9e8bfa45dea210148bd880c4f55b70d72b
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=3949
expires: max-age=A10368000, public
last-modified: Fri, 20 Oct 2023 08:20:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRFoW9vmTAWHteZgZoG9lL9jl%2B%2FF5ogDj5LDLsmZeEV73xaItQcU4Q7zJkHrgw%2F6qpwXOHJ2oXr8UotUFrkzqZSHY6BeS5fWhBoXU9UgIwXSj7r8H%2F1yoNX4aF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f40f6ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 12 kB URL GET HTTP/3 nsw2u.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type gzip compressed data, from Unix\012- data
Hash 7a8f28a02771643aaab570b8bfeb0635
602cc9723195ea4be18a46d79e4229e5f2a6b528
019661bbcadeee2c33b68d1bcde261fd3b1cdc8835442bbe807998ee94a7f53b
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 16:16:02 GMT
etag: W/"654bb442-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJu13RCBc55N9q5nz2AFVqrfW9oHS84oN0HxM2Jk84Ev%2FkUMzIzISz0CK2hNNYx%2Bv2RWR%2FnyZKoJmeA38xA0BwlQo4IfXb2X5%2FsnjejGPYEQ9Z9JX757c1B4gZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c7f10c50b527-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 11 Nov 2023 14:35:13 GMT
cache-control: max-age=172800, public
content-encoding: gzip
GET www.googletagmanager.com/gtag/js?id=UA-262573192-2
200 OK 69 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-262573192-2
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT
File type ASCII text, with very long lines (4179)
Hash 71571db222a6785082bb530a035ee3fc
db1a060c5e8d81bec59513bb990a78204ad5804d
609cf806b1ddb339f4099ede754e0669c92f321e2ec4e4a94595ef1d8ab98c1c
GET /gtag/js?id=UA-262573192-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Nov 2023 14:35:14 GMT
expires: Thu, 09 Nov 2023 14:35:14 GMT
cache-control: private, max-age=900
last-modified: Thu, 09 Nov 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68712
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1
200 OK 2.6 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 513677192f138c2aba3a3847c320f723
7ce5b67d80a2c2dedf8685b08547bcc8bf012f99
d60495bc835271423ec6445708aceb3a068ed6f2ebfd796a86c9f9e134ca1788
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: image/webp
content-length: 2568
last-modified: Sat, 24 Sep 2022 18:28:57 GMT
expires: Tue, 24 Sep 2024 06:28:57 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "deb437b05941c6de"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/themes/posterpro/css/custom.css?ver=6.4.1
200 OK 14 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/css/custom.css?ver=6.4.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash 088b874777c07a4e1e5e49f645fda3c0
01822b6c1ff03151c0c3da75a797d2616732d50e
50d630aef628134b2f0f51040a472dd4eb1112fa3e96e5fbbf09b16b5e8b07d0
GET /wp-content/themes/posterpro/css/custom.css?ver=6.4.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjgxKNQzwcHHmVC7wR258IdCTzMF9%2BItW%2BlmoZqm485Dj%2FOrSbBdTSrXMj2AiEtLoscIDb%2Bc80xw845U4at4Bm5rNzDSYaQ8sa3SHAmaV2PO0sFIBp405oOYyzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f0bc0db527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET www.google-analytics.com/analytics.js
200 OK 21 kB URL GET HTTP/2 www.google-analytics.com/analytics.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT
File type ASCII text, with very long lines (2343)
Hash 575b5480531da4d14e7453e2016fe0bc
e5c5f3134fe29e60b591c87ea85951f0aea36ee1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20994
date: Thu, 09 Nov 2023 12:43:58 GMT
expires: Thu, 09 Nov 2023 14:43:58 GMT
cache-control: public, max-age=7200
age: 6676
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c
200 OK 81 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT
File type ASCII text, with very long lines (5955)
Hash 8303d82da8df95b1816f9c0c6f52acfa
602f9698a146d9f43c1b73441568618d2d7609cf
23b4b1a2c56f17c51ad1e9a5892d5b06714c4bfd210d84b1c16265780ac78b1e
GET /gtag/js?id=G-V5K7GYT3S4&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Nov 2023 14:35:14 GMT
expires: Thu, 09 Nov 2023 14:35:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.googletagmanager.com/gtag/js?id=GT-WBTNX6Q&l=dataLayer&cx=c
200 OK 77 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=GT-WBTNX6Q&l=dataLayer&cx=c
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint3B:1D:9C:59:AC:F8:2F:47:8A:C6:AE:4F:88:F0:8D:84:C7:6A:47:DA
ValidityMon, 16 Oct 2023 08:02:30 GMT - Mon, 08 Jan 2024 08:02:29 GMT
File type ASCII text, with very long lines (4179)
Hash 76d9a3f46f6f6ff6db9665ca843d4568
e9cf21305aae400fdafda4d43d0cc9280d9ad572
f76b0bcaa1b01a9d6a5b94dc8240bee68a5be51d08aee04bf3fbae03ca75623d
GET /gtag/js?id=GT-WBTNX6Q&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Nov 2023 14:35:14 GMT
expires: Thu, 09 Nov 2023 14:35:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76959
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
200 OK 11 kB URL GET HTTP/1.1 definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectdefinedbootnervous.com
FingerprintFE:CF:3A:96:3E:47:C4:AA:55:62:56:91:23:16:FC:0A:94:CC:D9:DC
ValidityTue, 19 Sep 2023 06:24:07 GMT - Mon, 18 Dec 2023 06:24:06 GMT
File type exported SGML document, ASCII text, with very long lines (29670), with no line terminators
Hash 07c430870b7580413a141a3f03453a41
6c76224138704b65c995e478e504a97c1fb2ff5c
f2fd44c3bc9c8083342216402f8170a20ff47d4b52f8be580467fadfb0fd69e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /a45922fa4966955cecdffbdde5347ae5/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 09 Nov 2023 14:35:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5003a50da40bb24be1d74c4a6b950d86
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.3985901078386481
200 OK 50 B URL GET HTTP/2 pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.3985901078386481
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.3985901078386481 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:15 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
63 kB URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8236c7d8fc6b56a8
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash b8250886b791afc10187c731226e27c7
d20f091545e22d01053f5aa9e8a352c64c44d48f
ef1fe7b30c784bd6f915657b7dafb6588162791fb291ac5e959aa1593cf93b50
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8236c7d8fc6b56a8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bb85c/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:09 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8236c7d9ad2056a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 14a021fa3efffff1c2889cec54b7db2e
705b02af2034e16756b9fb7c9a2003a42ca05bc0
602854a19021adfad3ae30d5ac17247c0f090d87f45f9ac7e1cbe96ce75ce346
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 Nov 2023 14:35:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nsw2u.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=8cdb6867-c184-4f27-ba25-782509ec8c66:2:1; expires=Sun, 06 Nov 2033 14:35:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/themes/posterpro/font-awesome/css/font-awesome.min.css?ver=6.4.1
200 OK 7.5 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/font-awesome/css/font-awesome.min.css?ver=6.4.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /wp-content/themes/posterpro/font-awesome/css/font-awesome.min.css?ver=6.4.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9G4Fj5Z7qvoomsFdOlE2VTjvzNT8vqiD8nqyz8zLBNWQcJdC7dyAf%2B91LhDNiGmIMAi98ufoJEUxe71EAHEK4zLe1jK%2BpWwKGDq4eabdhkLV%2BEofziT1mQmk2w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f0abf9b527-OSL
content-encoding: br
GET nsw2u.com/wp-content/themes/posterpro/foundation/css/foundation.min.css?ver=6.4.1
200 OK 13 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/foundation/css/foundation.min.css?ver=6.4.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type Unicode text, UTF-8 text, with very long lines (65516)
Hash 49ecce5e604e2bf7a288fde7c1de0087
511d0534ebd502d05b7492b79ade74484ccee51a
06692e6e48b45074ce152784b169d3c9a21d9e0ab1671f560da22ded7b30c141
GET /wp-content/themes/posterpro/foundation/css/foundation.min.css?ver=6.4.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0Dehpe8jp0mr5PjUK%2B1x%2Bx5KAL%2Br2oogKH2oBg3u7HcQjFCKxPmOKdDZFIpdEsKZlrW9Yvmk%2BTxUYo6vNX709sdT29neUCiLtsVENoyXUTqTt7Oq5VrA9rbU%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f0abfbb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET soocaips.com/tag.min.js
200 OK 26 kB IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectsoocaips.com
Fingerprint8F:A6:AE:F8:E4:FB:DC:71:57:A1:A9:35:2D:CD:71:DB:B7:48:3C:36
ValidityFri, 25 Aug 2023 05:28:54 GMT - Thu, 23 Nov 2023 05:28:53 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9886ced2a23f597e699da8c08cce79d8
052851b56885ea5ce57d98c36163680300f64bc0
515abc8669312dd2e623a0a8f1d6fce5593e131ddc96d330a38810dc3e04075c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tag.min.js HTTP/1.1
Host: soocaips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:15 GMT
content-type: text/javascript; charset=utf-8
content-length: 25508
content-encoding: br
x-trace-id: 8de849bc3c691f29ed56a82dd5eafa70
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Tue, 07 Nov 2023 13:37:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 52 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:DF:10:0D:E2:AE:CA:7A:5E:20:03:00:80:D2:EB:DD:4D:3A:F3:10
ValidityMon, 16 Oct 2023 08:02:29 GMT - Mon, 08 Jan 2024 08:02:28 GMT
File type ASCII text, with very long lines (3968)
Hash 5c8166a92bbeac8a259cc3eafc25d83b
f4a7e459c5f20ec55c834650297ab5012ee9f3de
b578a0a1013c296195a0ae0516f6905db18d8406ea1fb3f1799be0a2968bcd64
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Nov 2023 14:35:15 GMT
expires: Thu, 09 Nov 2023 14:35:15 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14933156707567781875
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52081
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1
200 OK 7.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1f2664d6059193e6c1a59ee7ef14d1a0
46542860abd849426ea23d66c601ff0888d735db
f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621
GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:16 GMT
content-type: image/webp
content-length: 7712
last-modified: Sun, 19 Feb 2023 09:06:57 GMT
expires: Tue, 18 Feb 2025 21:06:57 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "95d72d4081ab31e0"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET tollcondolences.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js
200 OK 24 kB URL GET HTTP/1.1 tollcondolences.com/ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjecttollcondolences.com
Fingerprint4D:30:3C:2A:7D:F2:90:64:59:45:C3:9A:5F:F7:C7:2C:EE:B9:05:9D
ValidityMon, 30 Oct 2023 06:04:57 GMT - Sun, 28 Jan 2024 06:04:56 GMT
File type ASCII text, with very long lines (62117), with no line terminators
Hash 1cbb0dd9147a3d28cb1ecfd24e9f1612
6c0bd56916efc256ccf3ad3fd477b61e46dc2087
5bbae0bf885e5630d6d7d9da552b1392705dff40350257cedb100ce6c00ecf99
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ed/6c/a5/ed6ca5eb8abc9a864ffa39115799b641.js HTTP/1.1
Host: tollcondolences.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 09 Nov 2023 14:35:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cc3b1add0f02a1f0e0dd5230810876ca
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET nsw2u.com/wp-content/themes/posterpro/css/ticker-style.css?ver=6.4.1
200 OK 5.1 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/css/ticker-style.css?ver=6.4.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash e285ffcd189a8f663b60ed875588611c
3610f8ab5aa64bf510063bc0ff1e7e7e8a26c144
60fe676c23cc04b70c2c711b758242d69337af11258fed87959f81c3e11d3c70
GET /wp-content/themes/posterpro/css/ticker-style.css?ver=6.4.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmqrCVSX%2Fok0%2Bazi7AH8x4zJ4OLS5vfNNMYQG0EVsOFt6u1dKwAK%2BzpDE3psGU1kuxmClgCOzEZtUueOhXiwOGjQT3aGiSSCdoctW%2BQH1307MwTGItbPGnWIdAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f0bc0cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET tollcondolences.com/watch.897999949239.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22page%22%2C%22714%22%2C%22of%22%2C%22925%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&tz=0&dev=e&res=14.2079&uuid=8cdb6867-c184-4f27-ba25-782509ec8c66%3A2%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 tollcondolences.com/watch.897999949239.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22page%22%2C%22714%22%2C%22of%22%2C%22925%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&tz=0&dev=e&res=14.2079&uuid=8cdb6867-c184-4f27-ba25-782509ec8c66%3A2%3A1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjecttollcondolences.com
Fingerprint4D:30:3C:2A:7D:F2:90:64:59:45:C3:9A:5F:F7:C7:2C:EE:B9:05:9D
ValidityMon, 30 Oct 2023 06:04:57 GMT - Sun, 28 Jan 2024 06:04:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.897999949239.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22page%22%2C%22714%22%2C%22of%22%2C%22925%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&tz=0&dev=e&res=14.2079&uuid=8cdb6867-c184-4f27-ba25-782509ec8c66%3A2%3A1 HTTP/1.1
Host: tollcondolences.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Location: https://tollcondolences.com/watch.897999949239.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22page%22%2C%22714%22%2C%22of%22%2C%22925%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&tz=0&dev=e&res=14.2079&uuid=8cdb6867-c184-4f27-ba25-782509ec8c66%3A2%3A1&shu=0431c87db6d38317c67ba93cb78032788f68726f76ba80056c9dffe7086fe2740ccaaf2fb752fc7176ada92e34af9c57f4efff7f058b1a7a7cb07fefae823c2b894039049b47ff4154348bf09f4809b7164454235c84cda0cb8cac2dae2bd1&pst=1699540576&rmtc=t
Set-Cookie: u_pl=19067264; expires=Fri, 10 Nov 2023 14:35:16 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjgiOiJlZDZjYTVlYjhhYmM5YTg2NGZmYTM5MTE1Nzk5YjY0MSIsIjI5IjoiM2EyMjZhNjY0MGE2NDQ2ZGJjN2NkYzk2ZWNjNmIzZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vcGFnZS83MTQ_cHVibGljcyUyRmluZGV4JTJGMzcifX0.SJ3-dLacDbJVagXnQD9sg0JSfckbZpgz8g7R7OmbQh0; expires=Thu, 09 Nov 2023 14:36:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f07d8e992ca4a2fd6d3befacf50a70c1
Strict-Transport-Security: max-age=0; includeSubdomains
GET images.vfl.ru/ii/1698919345/2d8fa781/39049372.jpg
200 OK 63 kB URL GET HTTP/1.1 images.vfl.ru/ii/1698919345/2d8fa781/39049372.jpg
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.11], baseline, precision 8, 432x700, components 3\012- data
Hash 190ce5d40a81c4638e17636db00bc9b1
d2c44b881ecdaaf7e93f6c9384dd25f6b8c55f43
19b903c61693e75aeddca05cf5de2e528d74afd07febc3b1ce52ddcf842fe5d7
GET /ii/1698919345/2d8fa781/39049372.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/jpeg
Content-Length: 62580
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 02 Nov 2023 10:02:25 GMT
ETag: "654373b1-f474"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET images.vfl.ru/ii/1694604934/0d07e435/39009949.jpg
200 OK 57 kB URL GET HTTP/1.1 images.vfl.ru/ii/1694604934/0d07e435/39009949.jpg
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Hash 1b3e32337bbde3922e0e9f72aa72002d
100b45332c71a4eb2e6c66d6de40bcc83f29c989
e67f85bbe57ff956ee312dda7de903700030b79bb4ef76d09c192a5da9a33751
GET /ii/1694604934/0d07e435/39009949.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/jpeg
Content-Length: 56936
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 13 Sep 2023 11:35:34 GMT
ETag: "65019e86-de68"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg
200 OK 67 kB URL GET HTTP/1.1 images.vfl.ru/ii/1692466089/24d36bc8/38995517.jpg
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.9], baseline, precision 8, 432x700, components 3\012- data
Hash 81eb51e7c3a0df2a962b5b00d61669ff
42c531b818a0bc7e01c602c8668f21065d8cd67d
9ee994cfc66772056b1ae42f4012412d4a9f49fc8250c2c22153e54caed7b965
GET /ii/1692466089/24d36bc8/38995517.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/jpeg
Content-Length: 66636
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 19 Aug 2023 17:28:09 GMT
ETag: "64e0fba9-1044c"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET images.vfl.ru/ii/1696499345/2d834ce4/39025715.jpg
200 OK 46 kB URL GET HTTP/1.1 images.vfl.ru/ii/1696499345/2d834ce4/39025715.jpg
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data
Hash d54f3e961e843224381b52420787300b
b24ff4dd6ff0b3c210ac80ccec30d1612bfb2c70
230c8719f7ff0cd67d89b8c5052dcc864b6c7ebbb62bf2ec21228af727652049
GET /ii/1696499345/2d834ce4/39025715.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/jpeg
Content-Length: 45689
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 05 Oct 2023 09:49:05 GMT
ETag: "651e8691-b279"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET images.vfl.ru/ii/1697025199/2d40d0fc/39033877.jpg
200 OK 71 kB URL GET HTTP/1.1 images.vfl.ru/ii/1697025199/2d40d0fc/39033877.jpg
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data
Hash c9578ce1b30a7957a4f58916181545c1
5edd16bdbdd4c4caacd7ba9408b15b01bbb765fe
881c108606af7bdf549477962370e9b2e17f1473a875354f37a09c634e34d492
GET /ii/1697025199/2d40d0fc/39033877.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/jpeg
Content-Length: 70673
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 11 Oct 2023 11:53:19 GMT
ETag: "65268caf-11411"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET images.vfl.ru/ii/1696606849/450212ed/39028293.jpg
200 OK 86 kB URL GET HTTP/1.1 images.vfl.ru/ii/1696606849/450212ed/39028293.jpg
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 700x700, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 5.0.10], baseline, precision 8, 432x700, components 3\012- data
Hash f31e59ed8b4014e8c240b752b138ca58
92fe10034473f9c1939631c2c50642bfa521bf0f
2e559285efef0bb13f7cb134710ea244f456a76074859562fff2cd86952aed87
GET /ii/1696606849/450212ed/39028293.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/jpeg
Content-Length: 85525
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 06 Oct 2023 15:40:49 GMT
ETag: "65202a81-14e15"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET my.rtmark.net/gid.js?userId=4980f16f13d844f095e60a96461f3b34
200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=4980f16f13d844f095e60a96461f3b34
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT
File type JSON data\012- , ASCII text
Hash e98b7333be1983bb8f75e1f38b47a563
6d782d61d4d5939b30c91c2cc6f1c1bb4395e1c9
09f0e2c51477e1885da6e3a8de17bccc0cebad2d0f2e91b6403c71d1d76ce21c
GET /gid.js?userId=4980f16f13d844f095e60a96461f3b34 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:16 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nsw2u.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4980f16f13d844f095e60a96461f3b34; expires=Fri, 08 Nov 2024 14:35:16 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
GET www.nintendo.com/content/dam/noa/en_US/games/switch/r/roulette-at-aces-casino-switch/roulette-at-aces-casino-switch-box-eshop.png
301 Moved Permanently 116 B URL GET HTTP/2 www.nintendo.com/content/dam/noa/en_US/games/switch/r/roulette-at-aces-casino-switch/roulette-at-aces-casino-switch-box-eshop.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerDigiCert Inc
Subjectwww.nintendo.com
Fingerprint8A:D5:47:83:94:01:6D:2B:84:FE:F3:66:4D:87:11:CC:81:38:7F:6E
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 97febdf23bbbbf4db4d28c9f1fea9f41
b00c30b4b05c574d839d2a1ca57f0ff6497b5734
c73de5814de3d7f3de41b4e88b4a9fae63c1394394c8d66ca8a9c830b79c8b29
GET /content/dam/noa/en_US/games/switch/r/roulette-at-aces-casino-switch/roulette-at-aces-casino-switch-box-eshop.png HTTP/1.1
Host: www.nintendo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: Apache
rtss: 2-9-29
content-type: text/plain; charset=utf-8
apigw-requestid: OCf9JjhvvHcEMVA=
cache-control: max-age=60
location: /us/content/dam/noa/en_US/games/switch/r/roulette-at-aces-casino-switch/roulette-at-aces-casino-switch-box-eshop.png
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 Nov 2023 14:35:16 GMT
x-served-by: cache-bfi-krnt7300034-BFI, cache-ams21031-AMS, cache-ams21031-AMS, cache-bma1647-BMA, cache-bma1647-BMA
x-cache: HIT, HIT, MISS, MISS, MISS
x-cache-hits: 3, 1, 0, 0, 0
x-timer: S1699540516.317575,VS0,VE95
strict-transport-security: max-age=31557600
content-length: 116
X-Firefox-Spdy: h2
GET images.vfl.ru/ii/1592139450/35dbb0f6/30804138.png
200 OK 334 kB URL GET HTTP/1.1 images.vfl.ru/ii/1592139450/35dbb0f6/30804138.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type PNG image data, 393 x 640, 8-bit/color RGBA, non-interlaced\012- data
Size 334 kB (334531 bytes)
Hash cc41ff62a4e1d7d7d32b8d2bfe31d6ce
5c7d7ad2771e43fa063f2b950e7dab141c52106f
ce6d437617c9a85f377489ad28c4cbc2df87a9e969e7ab421442a90a7a6014dc
GET /ii/1592139450/35dbb0f6/30804138.png HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/png
Content-Length: 334531
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sun, 14 Jun 2020 12:57:31 GMT
ETag: "5ee61ebb-51ac3"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET images.vfl.ru/ii/1591958214/a0cbe579/30788324.png
200 OK 428 kB URL GET HTTP/1.1 images.vfl.ru/ii/1591958214/a0cbe579/30788324.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type PNG image data, 393 x 640, 8-bit/color RGBA, non-interlaced\012- data
Size 428 kB (428402 bytes)
Hash 54283265a8628e3d66288601690702ab
8d8127d35ba42de15a5dc298cd2d2e66101cbe72
fafc1359a340e5d1036a15cb5ba370ee7148d94289d6f725748b49bced4ca866
GET /ii/1591958214/a0cbe579/30788324.png HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/png
Content-Length: 428402
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Fri, 12 Jun 2020 10:36:55 GMT
ETag: "5ee35ac7-68972"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1
200 OK 7.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1f2664d6059193e6c1a59ee7ef14d1a0
46542860abd849426ea23d66c601ff0888d735db
f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621
GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?w=500&resize=500&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:16 GMT
content-type: image/webp
content-length: 7712
last-modified: Sun, 19 Feb 2023 09:06:19 GMT
expires: Tue, 18 Feb 2025 21:06:19 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6b02d3dbdaa697a7"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET images.vfl.ru/ii/1592043294/643c88e6/30795836.png
200 OK 440 kB URL GET HTTP/1.1 images.vfl.ru/ii/1592043294/643c88e6/30795836.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type PNG image data, 393 x 640, 8-bit/color RGBA, non-interlaced\012- data
Size 440 kB (439562 bytes)
Hash b7a9bd856ebc79bedd3a12f697414e2c
aabbe6e6c99b4855f8cd6fa63d09c2948cae8393
33e94f7f7d93b811e6593f31a3dfdb3139429df11d3ea6200f1cdc6fed6263ce
GET /ii/1592043294/643c88e6/30795836.png HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/png
Content-Length: 439562
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 13 Jun 2020 10:14:55 GMT
ETag: "5ee4a71f-6b50a"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET www.nintendo.com/content/dam/noa/en_US/games/switch/j/jacks-or-better-video-poker-switch/jacks-or-better-video-poker-switch-box-eshop.png
301 Moved Permanently 124 B URL GET HTTP/2 www.nintendo.com/content/dam/noa/en_US/games/switch/j/jacks-or-better-video-poker-switch/jacks-or-better-video-poker-switch-box-eshop.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerDigiCert Inc
Subjectwww.nintendo.com
Fingerprint8A:D5:47:83:94:01:6D:2B:84:FE:F3:66:4D:87:11:CC:81:38:7F:6E
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash cb6c4b9088e30e6a9f825d41fdbbaff4
d346b4684f4f03606aeb57e5a13cfb804c66ff18
c1437ceb13aa60282eee9f3d28eb3290f93c9b4ec92bc46d783e969048b7a52d
GET /content/dam/noa/en_US/games/switch/j/jacks-or-better-video-poker-switch/jacks-or-better-video-poker-switch-box-eshop.png HTTP/1.1
Host: www.nintendo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
server: Apache
rtss: 2-9-29
content-type: text/plain; charset=utf-8
apigw-requestid: OBKv_jBGvHcEMgg=
cache-control: max-age=60
location: /us/content/dam/noa/en_US/games/switch/j/jacks-or-better-video-poker-switch/jacks-or-better-video-poker-switch-box-eshop.png
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 Nov 2023 14:35:16 GMT
x-served-by: cache-bfi-kbfi7400039-BFI, cache-ams21031-AMS, cache-ams21031-AMS, cache-bma1647-BMA, cache-bma1647-BMA
x-cache: HIT, HIT, MISS, MISS, MISS
x-cache-hits: 3, 1, 0, 0, 0
x-timer: S1699540517.631710,VS0,VE33
strict-transport-security: max-age=31557600
content-length: 124
X-Firefox-Spdy: h2
GET lemondependedadminister.com/pixel/purst?dl=0&th=0&sc=0&rs=4103&rd=4103&fd=544&bv=23.11.v.5&tmpl=70
200 OK 0 B URL GET HTTP/1.1 lemondependedadminister.com/pixel/purst?dl=0&th=0&sc=0&rs=4103&rd=4103&fd=544&bv=23.11.v.5&tmpl=70
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectlemondependedadminister.com
Fingerprint9A:0F:AD:E3:03:43:6D:74:75:71:85:24:3C:4E:7C:38:52:C9:E6:7F
ValidityMon, 09 Oct 2023 12:36:30 GMT - Sun, 07 Jan 2024 12:36:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=4103&rd=4103&fd=544&bv=23.11.v.5&tmpl=70 HTTP/1.1
Host: lemondependedadminister.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET tollcondolences.com/watch.897999949239.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22page%22%2C%22714%22%2C%22of%22%2C%22925%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&tz=0&dev=e&res=14.2079&uuid=8cdb6867-c184-4f27-ba25-782509ec8c66%3A2%3A1&shu=0431c87db6d38317c67ba93cb78032788f68726f76ba80056c9dffe7086fe2740ccaaf2fb752fc7176ada92e34af9c57f4efff7f058b1a7a7cb07fefae823c2b894039049b47ff4154348bf09f4809b7164454235c84cda0cb8cac2dae2bd1&pst=1699540576&rmtc=t
200 OK 2.1 kB URL GET HTTP/1.1 tollcondolences.com/watch.897999949239.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22page%22%2C%22714%22%2C%22of%22%2C%22925%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&tz=0&dev=e&res=14.2079&uuid=8cdb6867-c184-4f27-ba25-782509ec8c66%3A2%3A1&shu=0431c87db6d38317c67ba93cb78032788f68726f76ba80056c9dffe7086fe2740ccaaf2fb752fc7176ada92e34af9c57f4efff7f058b1a7a7cb07fefae823c2b894039049b47ff4154348bf09f4809b7164454235c84cda0cb8cac2dae2bd1&pst=1699540576&rmtc=t
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjecttollcondolences.com
Fingerprint4D:30:3C:2A:7D:F2:90:64:59:45:C3:9A:5F:F7:C7:2C:EE:B9:05:9D
ValidityMon, 30 Oct 2023 06:04:57 GMT - Sun, 28 Jan 2024 06:04:56 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2613)
Hash 7b20e6e3344b17b809a2c2bdb1f4cf02
642c586afe30079a6c33f536938ff573e0f3df47
5a2008388ff0b6a2be2deb77572ee28eb1e42437c7c19d22d9ea95b5d64061ea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.897999949239.js?key=a45922fa4966955cecdffbdde5347ae5&kw=%5B%22nsw2u%22%2C%22com%22%2C%22page%22%2C%22714%22%2C%22of%22%2C%22925%22%2C%22download%22%2C%22switch%22%2C%22roms%22%2C%22eshop%22%2C%22nsp%22%2C%22xci%22%2C%22nsz%22%5D&refer=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&tz=0&dev=e&res=14.2079&uuid=8cdb6867-c184-4f27-ba25-782509ec8c66%3A2%3A1&shu=0431c87db6d38317c67ba93cb78032788f68726f76ba80056c9dffe7086fe2740ccaaf2fb752fc7176ada92e34af9c57f4efff7f058b1a7a7cb07fefae823c2b894039049b47ff4154348bf09f4809b7164454235c84cda0cb8cac2dae2bd1&pst=1699540576&rmtc=t HTTP/1.1
Host: tollcondolences.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19067264; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTA2NzI2NCwiayI6ImE0NTkyMmZhNDk2Njk1NWNlY2RmZmJkZGU1MzQ3YWU1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNDQ5ODA3LCJwaWQiOjE2MjY3OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoibWh2ZzFhbXRhIiwiY3BrcyI6eyAiMjgiOiJlZDZjYTVlYjhhYmM5YTg2NGZmYTM5MTE1Nzk5YjY0MSIsIjI5IjoiM2EyMjZhNjY0MGE2NDQ2ZGJjN2NkYzk2ZWNjNmIzZTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9uc3cydS5jb20vcGFnZS83MTQ_cHVibGljcyUyRmluZGV4JTJGMzcifX0.SJ3-dLacDbJVagXnQD9sg0JSfckbZpgz8g7R7OmbQh0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nsw2u.com
Access-Control-Allow-Origin: https://nsw2u.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8cdb6867-c184-4f27-ba25-782509ec8c66:2:1; expires=Thu, 16 Nov 2023 14:35:16 GMT; secure; SameSite=None
iprc7825d51cc568a583f7dd79b442cbb9b5=3570421; expires=Thu, 09 Nov 2023 18:35:16 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 10 Nov 2023 14:35:16 GMT; secure; SameSite=None
uncs=1; expires=Fri, 10 Nov 2023 14:35:16 GMT; secure; SameSite=None
pdhtkv32=true; expires=Fri, 10 Nov 2023 14:35:16 GMT; secure; SameSite=None
uncs32=1; expires=Fri, 10 Nov 2023 14:35:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 65b2545b3f2f861f504ffb2d7228b9d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL GET HTTP/2 banquetunarmedgrater.com/advertisers.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 Nov 2023 14:35:16 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: aee7910a0445fb7cb7e20102842140ba
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 09 Nov 2023 14:35:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJSDbOQYUfSpaoAWZ3NJQ6cRRTCbMlfusuM8gaB1jd4Ld3Co3oyukCyaIGO5daauEnTnXminaogYVRjXjZvXpQafHNDLgK%2FnCZAduvDigNT%2FB9zd7tACsEcIvm7xHgm31DXyONLecAsla78%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c80548df56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET images.vfl.ru/ii/1592042037/4ebaaf47/30795640.png
200 OK 556 kB URL GET HTTP/1.1 images.vfl.ru/ii/1592042037/4ebaaf47/30795640.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
FingerprintD9:F0:63:03:03:30:7F:C2:7F:42:0C:BB:FC:94:2E:0B:8F:53:F3:04
ValidityThu, 05 Oct 2023 07:19:50 GMT - Wed, 03 Jan 2024 07:19:49 GMT
File type PNG image data, 393 x 640, 8-bit/color RGBA, non-interlaced\012- data
Size 556 kB (555894 bytes)
Hash 79084d84596f36a91697f878dde26f85
ebf6418940f8dfcf671b3c8f7ea1472a757a450a
a130671e30b264917a9cfc9c049bd602758af26f724cdc6fdbd058fb9df04e00
GET /ii/1592042037/4ebaaf47/30795640.png HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Nov 2023 14:35:16 GMT
Content-Type: image/png
Content-Length: 555894
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 13 Jun 2020 09:53:58 GMT
ETag: "5ee4a236-87b76"
Expires: Sat, 09 Dec 2023 14:35:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
GET www.nintendo.com/us/content/dam/noa/en_US/games/switch/r/roulette-at-aces-casino-switch/roulette-at-aces-casino-switch-box-eshop.png
404 Not Found 35 kB URL GET HTTP/2 www.nintendo.com/us/content/dam/noa/en_US/games/switch/r/roulette-at-aces-casino-switch/roulette-at-aces-casino-switch-box-eshop.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerDigiCert Inc
Subjectwww.nintendo.com
Fingerprint8A:D5:47:83:94:01:6D:2B:84:FE:F3:66:4D:87:11:CC:81:38:7F:6E
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10091)
Hash 71dc378c929fa6041a39891b80a31554
69c37ebaa728635de2b1d32a685db85f99dd4bb6
2eaa6f18ec1bcfcba9310f2d3586548e54bb89e7d363b38e2f9be7d28af30d7b
GET /us/content/dam/noa/en_US/games/switch/r/roulette-at-aces-casino-switch/roulette-at-aces-casino-switch-box-eshop.png HTTP/1.1
Host: www.nintendo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: Apache
rtss: 2-9-64
content-type: text/html; charset=utf-8
apigw-requestid: OIolzgWTvHcEPdQ=
cache-control: max-age=0
x-nextjs-cache: HIT
content-encoding: br
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 Nov 2023 14:35:16 GMT
x-served-by: cache-bfi-kbfi7400024-BFI, cache-ams21031-AMS, cache-ams21031-AMS, cache-bma1647-BMA, cache-bma1647-BMA
x-cache: MISS, MISS, MISS, MISS, MISS
x-cache-hits: 0, 0, 0, 0, 0
x-timer: S1699540517.647732,VS0,VE317
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 34697
X-Firefox-Spdy: h2
GET cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
200 OK 25 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type JPEG image data, baseline, precision 8, 320x50, components 3\012- data
Hash d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 Nov 2023 14:35:17 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Sat, 11 Nov 2023 14:35:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET c0.wp.com/c/6.4.1/wp-includes/js/dist/i18n.min.js
200 OK 9.4 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/i18n.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (9729), with no line terminators
Hash 3597d2da73a2e3de74981fcc5ecbfce4
94f7e899ca4635c129e8285579b3f0e38cf19730
080a50955b97dc50d39c296cc22e8d02f07a3cfcc58d3127d93466e281514637
GET /c/6.4.1/wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:13 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js
200 OK 6.2 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (6226), with no line terminators
Hash 321164d87fc8518009a6486a0090c547
b74dbdae6d36388be2631415b8024257c374a969
0bf8b102a09469a034a25023c219681a4c5e2eee57906832a56279cd41c96272
GET /wp-content/themes/posterpro/foundation/js/foundation.core.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=13696
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkfHPfkd06DzMATeAl%2FNNPzdXE7iEbVYOfl7DlJPfdONUIZEi76NH5QSFGUJzmota9zyPlgRHWIiNvw%2BPGfAA2wvOfRLY6aKS0tfx6xQv1AQnXd4vaqnYHmq7SM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f45fc8b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET c0.wp.com/c/6.4.1/wp-includes/js/dist/url.min.js
200 OK 9.6 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/url.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (11016), with no line terminators
Hash 1182019e3541cbb1ae0c57a02c77e3c2
03fce017e1ba2a5c745e57ab4a021af36c68a60a
93e8a741e2ef129ebe45332d38120ba5d425d50386c9c5e6df73e60d768756db
GET /c/6.4.1/wp-includes/js/dist/url.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:13 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
200 OK 6.6 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (6799), with no line terminators
Hash ccaa7ba23a1f74bc12d091b65b515c4f
26b795b942f321ee8237178a1fcc16f1cee5a99e
daceae61a869247d42436998814874e2698dc5f4789c65cd9bad98da52276db1
GET /c/6.4.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:14 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET c0.wp.com/p/jetpack/12.8/css/jetpack.css
200 OK 101 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.8/css/jetpack.css
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Size 101 kB (100678 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/jetpack/12.8/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 31 Oct 2023 20:55:38 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:13 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/plugins/add-search-to-menu/public/css/ivory-ajax-search.min.css?ver=5.5.4
200 OK 8.1 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/add-search-to-menu/public/css/ivory-ajax-search.min.css?ver=5.5.4
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (8145), with no line terminators
Hash 734068ce5268bc23a7506f3e9e9f5d41
acf53910826dc6702a5fb8f2bf6aab44b17f4886
2dd5b45b7df3d954548b70324f5730bf593bcdab6dac3632cc19ac119e8912a8
GET /wp-content/plugins/add-search-to-menu/public/css/ivory-ajax-search.min.css?ver=5.5.4 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 08:22:15 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rOXX4n4vvBJgivVN8vLtetvBXdPsblw4MbmSWqyOQZ9mxaS9ktUp4nWTgumhQ0%2B6sMhwpY2aZ8J0hoxJ4Sq2wyC9yos%2Bwx5q5mnjQmOzPH28PNPlF%2Fnr2E7fnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f0ec3ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/themes/posterpro/js/tickerme.min.js?ver=1.0
200 OK 2.7 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/js/tickerme.min.js?ver=1.0
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2882), with no line terminators
Hash 1f6d024818a2d204e13c3cdf928a18b4
308379e96d2bcd7642ea6d7f86d021f4287999c8
273ae6a31ccc6f39f505d74bbbb80eccaa444894d4a5c4259d1dfe34875ff7e9
GET /wp-content/themes/posterpro/js/tickerme.min.js?ver=1.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bbRIF1%2FfbEugk%2FsK%2B5MhjUQxKSPBdddRABbHTD7POAYsdc7hwhKcSOnE60hFUq8YCHZGkEUbaBwRDxFc3dAMyYGzSAKn70BXne%2BYKZdz91yGbe2LD%2Bjh2b27cY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f46fe4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js
200 OK 8.2 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (8365), with no line terminators
Hash 08e6714eaf3cfe8f3c7839f22d90ba4e
94fdad68854d0d3482b877aef7ba7c2eb265c621
e424039d5a737a1bda8a5ded60919e5067085729310762eebb09c20e07d249c8
GET /c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:14 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/themes/posterpro/style.css?ver=6.4.1
200 OK 14 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/style.css?ver=6.4.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (312)
Hash 6ab95f4cba22beb912c47fc24c57bb88
c807d75822c7065aa79602bcc1e9b03624ab693b
869b14ba37dcd97b87b1edf83caa3f2fb15c2bbe00ee240442259f7cae81af95
GET /wp-content/themes/posterpro/style.css?ver=6.4.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn35h1njp3bTBPMw9jtHjQkQ23g3Pia6u52UqWPvxPG8wygKXaqJxCOJoXTa5RShjruA0Svh8lOI2oxcGj1oQo7QuG7WaPoihAm3GEOSyB%2Fe83pZ%2FvY%2B9IVc7kI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f0abf2b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.4.1
200 OK 8.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.4.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT
File type ASCII text, with very long lines (8472), with no line terminators
Hash 3f5613f7160c3b6638dbbe32b93f8e97
62d3566bc0e2a74456c2bebb6d280be511402791
5d5d0961816e9953501ec925709e8c23de9e3add0dd57ccbc3f4402a0f53207c
GET /css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.4.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Nov 2023 14:35:13 GMT
date: Thu, 09 Nov 2023 14:35:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
200 OK 4.2 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (4186), with no line terminators
Hash ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
GET /c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:13 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
200 OK 701 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (727), with no line terminators
Hash e8b1dbb3b1a9bc1b59010bd6f7035465
c9d0ec84d9184c72ea6335c67193d25a90e003af
18c991e1cdc15a5c427215cf20569d60a7aa9bc32f1f7a2382640782a6e5bfe7
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Mon, 06 Nov 2023 20:50:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoDYXmt0iIT001mf33%2BpN3rRgmjIqaIR6pEIPWMnqghVMhxbwNq3j4kw8SzgwbFQ%2F%2B6K57wPa9Nvm2c%2B7SNcxiuLoqnlVbZ%2Fq%2FUodDq8qBlMYLe46YO4sTXV3X0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f45fd4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/page/714?publics%2Findex%2F37
200 OK 314 kB URL User Request GET HTTP/3 nsw2u.com/page/714?publics%2Findex%2F37
IP
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Size 314 kB (314353 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /page/714?publics%2Findex%2F37 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/page/714?publics/index/37&__cf_chl_tk=kn4NRacvPn7bZKusORfEW115Ynw4PUAPY4h3qiHqm6Q-1699540508-0-gaNycGzNCuU
DNT: 1
Connection: keep-alive
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.20
link: <https://nsw2u.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcpufDDDGHAh3D%2BpIsrkHKULi8o6PnW3Z5F5mmAgcLkNa%2BkwJHLs%2BhsMk99dIlVLkD2AzrqAed0Yq8vRYpOKzGJNJAzB7AS3drcHuR2zh5ifDj0qDNuflBHrjjg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7eb7e2cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=c4973b0b0a57b1114aa1
200 OK 7.6 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=c4973b0b0a57b1114aa1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (7804), with no line terminators
Hash ba01c26c159ae9a8ae89dcdaa65ef979
364c1e48bedde76da660ac88a5513fc12eb6b248
9f3c484b0961d939951092f12ab6a70232f29f0213e77bd2f8abea3d88296e2c
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=c4973b0b0a57b1114aa1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
expires: max-age=A10368000, public
last-modified: Mon, 06 Nov 2023 20:50:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYYGOhKT8TYmCvosI0gu09EwjXvgmDH2uU%2Fj8N8tKZwLpaVhb2s8lbVV%2B6WS4cNqSfOlIXl5bp0M6Hg8qK%2F%2FG7jNgU6qHzLRegnSwjoe4gcUNa1sy8jpYWH5q8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f45fcdb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET c0.wp.com/c/6.4.1/wp-includes/js/dist/hooks.min.js
200 OK 4.6 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/hooks.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (4704), with no line terminators
Hash 414c8462f6209b4905f767c8ba5c787d
a80b8b79908e6cdf11648f810e707a75c859cda3
007c3734a3f7737d74061ab5b96905dcb14ba1f88e7a6df55364b9d9573e3ce1
GET /c/6.4.1/wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:14 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=cd1953e27d96b3ba0ce2
200 OK 78 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=cd1953e27d96b3ba0ce2
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=cd1953e27d96b3ba0ce2 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0; _ga_V5K7GYT3S4=GS1.1.1699540514.1.0.1699540514.0.0.0; _ga=GA1.1.1799659912.1699540515; _ga_HS5Y0K7QPG=GS1.1.1699540514.1.0.1699540514.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:15 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=78804
expires: max-age=A10368000, public
last-modified: Mon, 06 Nov 2023 20:50:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 804
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBrtvsPeVyr7RCjYEvVWfmQC1UeD565V8G6ASv2YM8dQ7wpqJh%2FYbstyv9nIcf6HVRCv8u9uSIL8e235KG0G8dbSl%2Blfa5t4dugyKIbatQLvhArAIz7uW%2BwgcFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c8004b97b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.4
200 OK 4.6 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.4
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (4844), with no line terminators
Hash 0c25d30efd4aa460ab9922a3bcfb8c42
6522ee0dc866d20cd8d11109932d9d80a48a3db7
36de60ec7c408ce665901d0e775647c744c39969c0bada78d156819eeeedf103
GET /wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.4 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 08:22:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xa81GbgEdB3WNcyVhNAd7oyXF4zdBKBs3DPTl1svAXhY2eq9opU6NK%2BDzGh0ml%2FRs6f3bkbuGec6VmkTm0bFBt%2FqkXww3uYvK1hgiM7tK6ptu8RTRJdZ3rZTLzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f43fafb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css?ver=5.5.4
200 OK 6.6 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css?ver=5.5.4
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (6646), with no line terminators
Hash ba493f7f72f491035b9bde3c1b51c422
6911f0904c2b12b95132416c9fc2ce5a9364848e
554e78fa94b558a557664cf4cbf5d62f95ae1eac1b1fad184123ce22178ff1b5
GET /wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css?ver=5.5.4 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 08:22:15 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBBiG974XXBCnqGGi56sAT0PAZXIQmlb2RlTMwykkeKKcHdiu2K5M6DHHSWMn3Lpxl9Wd6XHAwlO8A72tPEhrjjFzaIG9lf8hb8A5f6qqrY5D%2FwRJUvBLYkEfEc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f09beeb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206
200 OK 1.4 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (1413), with no line terminators
Hash fb7fedcbc4898509446641bf9fd08189
374a4aa4443cc7d7fe9cdc45c1c7d723cd259f64
61ee64c9534a923b25e7faa8542df84482423ee82601c3c6fca192063f975e47
GET /wp-content/themes/posterpro/js/navigation.js?ver=20120206 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=2279
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kW%2Bvz5HNb1BwFdM0X1TNxQBZF8B7J%2BNDoQBPblb0WmQFaWFNp%2BDer%2BWLCmAEY0crvHfwtFOg86Si3VCoAuORdWq2wo6WTvLQrC93OM98P3CGxl2cdoeM7JnCZrw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f45fcbb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET soocaips.com/?rb=G-SgD_xodRkAEdSyzIHNWbSGZ1vlgCCrKB9B_rQis2hiHXLfrfFAVm_gxp4ObuCQHEEzOuCEOfhmv-REGEccoQpiWsDKElYQQDBOkjosMBWrxuO4xkjaGF8TiEsug5WMNFc1RuriRB4mBiBZHL4Na3T5ppYnDT77l_ucHcGnoPU75VsyQ731LmsCTjChLmjSzS5P5Ghkuh96FzE9HFPdYQ%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.624.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&drf=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%2Findex%2F37%26__cf_chl_tk%3Dkn4NRacvPn7bZKusORfEW115Ynw4PUAPY4h3qiHqm6Q-1699540508-0-gaNycGzNCuU&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.624.0&bs=01100d5c-b744-49c9-8e5d-48b6153af223&userId=4980f16f13d844f095e60a96461f3b34&m=link
200 OK 2.4 kB URL GET HTTP/2 soocaips.com/?rb=G-SgD_xodRkAEdSyzIHNWbSGZ1vlgCCrKB9B_rQis2hiHXLfrfFAVm_gxp4ObuCQHEEzOuCEOfhmv-REGEccoQpiWsDKElYQQDBOkjosMBWrxuO4xkjaGF8TiEsug5WMNFc1RuriRB4mBiBZHL4Na3T5ppYnDT77l_ucHcGnoPU75VsyQ731LmsCTjChLmjSzS5P5Ghkuh96FzE9HFPdYQ%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.624.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&drf=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%2Findex%2F37%26__cf_chl_tk%3Dkn4NRacvPn7bZKusORfEW115Ynw4PUAPY4h3qiHqm6Q-1699540508-0-gaNycGzNCuU&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.624.0&bs=01100d5c-b744-49c9-8e5d-48b6153af223&userId=4980f16f13d844f095e60a96461f3b34&m=link
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectsoocaips.com
Fingerprint8F:A6:AE:F8:E4:FB:DC:71:57:A1:A9:35:2D:CD:71:DB:B7:48:3C:36
ValidityFri, 25 Aug 2023 05:28:54 GMT - Thu, 23 Nov 2023 05:28:53 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2459), with no line terminators
Hash f21de7d30bb46b96e4382be1302f1a96
f8e199ff8e702af4637142f31d490b56077ba284
5c10df14a88c9d0f74b9a04c3300dceeacf47b1f5e1a8cf851702a9af33b8a99
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?rb=G-SgD_xodRkAEdSyzIHNWbSGZ1vlgCCrKB9B_rQis2hiHXLfrfFAVm_gxp4ObuCQHEEzOuCEOfhmv-REGEccoQpiWsDKElYQQDBOkjosMBWrxuO4xkjaGF8TiEsug5WMNFc1RuriRB4mBiBZHL4Na3T5ppYnDT77l_ucHcGnoPU75VsyQ731LmsCTjChLmjSzS5P5Ghkuh96FzE9HFPdYQ%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.624.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%252Findex%252F37&drf=https%3A%2F%2Fnsw2u.com%2Fpage%2F714%3Fpublics%2Findex%2F37%26__cf_chl_tk%3Dkn4NRacvPn7bZKusORfEW115Ynw4PUAPY4h3qiHqm6Q-1699540508-0-gaNycGzNCuU&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.624.0&bs=01100d5c-b744-49c9-8e5d-48b6153af223&userId=4980f16f13d844f095e60a96461f3b34&m=link HTTP/1.1
Host: soocaips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Cookie: OAID=4980f16f13d844f095e60a96461f3b34; oaidts=1699540515
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:16 GMT
content-type: application/json
x-trace-id: 4970a59667cf51cbb58e5b13d7131841
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=4980f16f13d844f095e60a96461f3b34; expires=Fri, 08 Nov 2024 14:35:16 GMT; path=/; secure; SameSite=None
oaidts=1699540516; expires=Fri, 08 Nov 2024 14:35:16 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 16 Nov 2023 14:35:16 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
GET stats.wp.com/w.js?ver=202345
200 OK 11 kB URL GET HTTP/2 stats.wp.com/w.js?ver=202345
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11119), with no line terminators
Hash 1ac0848d5bceb8555feaf98f8fb860cb
117dcc305a16fbf0f0ef2d173c3c52adfa816047
585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28
GET /w.js?ver=202345 HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/11154-1698845932750.503
content-encoding: br
expires: Mon, 04 Nov 2024 19:31:14 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
GET soocaips.com/5/3812660/?oo=1&aab=1
200 OK 2.7 kB URL GET HTTP/2 soocaips.com/5/3812660/?oo=1&aab=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectsoocaips.com
Fingerprint8F:A6:AE:F8:E4:FB:DC:71:57:A1:A9:35:2D:CD:71:DB:B7:48:3C:36
ValidityFri, 25 Aug 2023 05:28:54 GMT - Thu, 23 Nov 2023 05:28:53 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2989), with no line terminators
Hash d6403ac4bd1ea1aefe81a3b7a2185668
32124405de13bf37fa97b2047ea00fecf00f9e7f
da148a61848b19bfda3210b5ba3b78492487b1a4fa17d96d17f994d36fc998e7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /5/3812660/?oo=1&aab=1 HTTP/1.1
Host: soocaips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:15 GMT
content-type: application/json
x-trace-id: 5e1210683168c7c9ff3728ce0daa9115
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=4980f16f13d844f095e60a96461f3b34; expires=Fri, 08 Nov 2024 14:35:15 GMT; path=/; secure; SameSite=None
oaidts=1699540515; expires=Fri, 08 Nov 2024 14:35:15 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.32
200 OK 110 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.32
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with no line terminators
Hash 70cd599fb1a952f67216cc82829f9ada
74cfae7f053f69abf2dce9cb74c962a83b8ba8bf
1fa8347df53b4287898f910b10e189b287e5610aa9d6cd322fb53d487b37a56d
GET /wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.32 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=112
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 03:59:20 GMT
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBW0r3fj7xUbQbOr7FyYhuc14vIfUdUXSl%2BT9UcbUcC8vsbrz0wc7G7vQyzDiqeFoQFmS%2BQBfeuiWoNfZTaBw27Vnw2MhTc%2FKmHQYvrrt1R2N%2FofjV0AhzJG43g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c7f3ff53b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
HEAD nsw2u.com/page/714?publics%2Findex%2F37
200 OK 0 B URL HEAD HTTP/3 nsw2u.com/page/714?publics%2Findex%2F37
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /page/714?publics%2Findex%2F37 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0; _ga_V5K7GYT3S4=GS1.1.1699540514.1.0.1699540514.0.0.0; _ga=GA1.1.1799659912.1699540515; _ga_HS5Y0K7QPG=GS1.1.1699540514.1.0.1699540514.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:16 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.20
link: <https://nsw2u.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=692pPNqQRtDrFUIcMt6DjVl0HvtnqIR661xjNmQCyy5c%2BXOPBjyte0B2fFVwjUSkOS5YGvVD0I48luqJzkePVcRx46BqwGL%2B2L42eXZjb5ea413xxOhZZmSl8cA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7ff3a62b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
200 OK 11 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11256), with no line terminators
Hash 2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
GET /c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:13 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1
200 OK 5.3 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (5375), with no line terminators
Hash 7c9f427c3cfca6c5eac34a30c424d274
a5c957de7d44541200b323faa367eacfe745ac45
e7732b32debdbb9716a65f31ecc426f0e704a8fdeedcb0049b3015a507d26aed
GET /wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=8005
expires: max-age=A10368000, public
last-modified: Fri, 20 Oct 2023 08:20:23 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWSO8gEm%2BInUeS4XdV6JeGIGvKJaD%2BT2%2Fa%2FOk1fQMrKNAmAiLjNugonRth0BLx7YLeXZMZ8qPqrLJR0syL%2BRIOzN7122GOJ6BmMklH6EFAWwJJpw5T1L5356g8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f43faeb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
200 OK 115 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Size 115 kB (115127 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/6.4.1/wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:14 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.4
200 OK 68 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.4
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/add-search-to-menu/public/js/ivory-ajax-search.min.js?ver=5.5.4 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 01 Nov 2023 08:22:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=736pQfzlVsHW9kCeOTHNU59W67DqbunotBGwzccnDTZypjBippkHGvTioPOP5Dz6WpDq9aZQ25f6BhVOak%2FhVK%2FNEhxq6XnYel6Nm%2FPjSQdPmur0jvvmVJdrATM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f40f61b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.4.1
200 OK 7.9 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.4.1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (8073), with no line terminators
Hash b000bc37edd6208e6a67daaf0408d7a9
e8bf50bb4f68d1f4a96e9881c2779cc23bb7a2ea
536eccc9f762ef9357842e0d50d94d98737f6854ed5b81988d6752e07e4a2412
GET /ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.4.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-1ed1"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 171554
expires: Tue, 29 Oct 2024 14:35:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZAMzg%2Fc2dk3JulYMwq21nPHJxS1uQrG5ve6Skxo13P9Tq4gDJ%2BgLaunaMD20DYhQDbKzeRDUU4knyz5b%2FsNeT73EjJtxbKdRe284XlTejlG4yQvaGyo5v%2FbC%2FsGBmVIORXIsyk1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8236c7f45e2fb512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1
200 OK 374 B URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 43df8a9873aa31bb000672a677ac1640
4c1bcd8c3a797217d375df16b4bcab2d6a2763a3
d865b1c06cbff014e7c47cf5afb4332de4c95a537f86074e001b577c50aef07d
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: image/webp
content-length: 374
last-modified: Sat, 24 Sep 2022 18:25:44 GMT
expires: Tue, 24 Sep 2024 06:25:44 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "9a9a255d155ea6c0"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET friendshipmale.com/sfp.js
200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 Nov 2023 14:35:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7e4a982cab6191350abef5fbbda5b656
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 09 Nov 2023 14:35:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1w5OmxGeefSpmfgJEGEnM4%2BeNNhV91FsVQYYgfs8ZYB7cRLT4kNTBHwORt4naiKYdFmzzb1ClCGJaLnMNRzBUZz0aqdoYbZ2qjtdRn1OG2njy%2BJtudj8eL%2FzSapRkLD0cvx0KBw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c80329bb3693-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.nintendo.com/us/content/dam/noa/en_US/games/switch/j/jacks-or-better-video-poker-switch/jacks-or-better-video-poker-switch-box-eshop.png
404 Not Found 0 B URL GET HTTP/2 www.nintendo.com/us/content/dam/noa/en_US/games/switch/j/jacks-or-better-video-poker-switch/jacks-or-better-video-poker-switch-box-eshop.png
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerDigiCert Inc
Subjectwww.nintendo.com
Fingerprint8A:D5:47:83:94:01:6D:2B:84:FE:F3:66:4D:87:11:CC:81:38:7F:6E
ValidityMon, 10 Jul 2023 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /us/content/dam/noa/en_US/games/switch/j/jacks-or-better-video-poker-switch/jacks-or-better-video-poker-switch-box-eshop.png HTTP/1.1
Host: www.nintendo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: Apache
rtss: 2-9-29
content-type: text/html; charset=utf-8
apigw-requestid: OIolyi5YPHcEPxQ=
cache-control: max-age=0
x-nextjs-cache: HIT
content-encoding: br
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 Nov 2023 14:35:16 GMT
x-served-by: cache-bfi-kbfi7400038-BFI, cache-ams21031-AMS, cache-ams21031-AMS, cache-bma1647-BMA, cache-bma1647-BMA
x-cache: MISS, MISS, MISS, MISS, MISS
x-cache-hits: 0, 0, 0, 0, 0
x-timer: S1699540517.700082,VS0,VE265
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 34697
X-Firefox-Spdy: h2
GET c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 14 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery-migrate.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (13479)
Hash 9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /c/6.4.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:14 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=51faa0beb0a072f9ab2c
200 OK 37 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=51faa0beb0a072f9ab2c
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=51faa0beb0a072f9ab2c HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0; _ga_V5K7GYT3S4=GS1.1.1699540514.1.0.1699540514.0.0.0; _ga=GA1.1.1799659912.1699540515; _ga_HS5Y0K7QPG=GS1.1.1699540514.1.0.1699540514.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:15 GMT
content-type: text/css
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=36682
expires: max-age=A10368000, public
last-modified: Mon, 06 Nov 2023 20:50:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 804
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ggvk33oqdotdOJh7ooOFOC9lktQDaen8vxTrkBP7tSrhAxZpgSmlfKMbjWjdqInPcGkKz6KUi7txW4FYPXLaOAzAo2eXI1jPK7UfNAZg3LB%2FUfmP2egGL%2BJMrXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c8004b94b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true&ver=e69db286c9c94bd98790
200 OK 6.1 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true&ver=e69db286c9c94bd98790
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (6157), with no line terminators
Hash e7449a226f5312bd708d8da7b58e5e7d
3c19856aa027a9aaac3acb2993e10f0d4d1e2308
f1f2791d31a9895d53c9dbbc8f3fadaf5b9cb2418fde2fe41553fb441ca9ab13
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true&ver=e69db286c9c94bd98790 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 06 Nov 2023 20:50:00 GMT
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIXapRrerWbTAts0XeiqbGxs3XnDnHVSxFiPMKfQq71AMtI5Zrq9uwpVEKTYhvFdbZOFh9waObsN6uNzevqI0HkZO4QKpX1xHMMNTM9TLBSgW0yRsQuTXIsIZus%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f47ff0b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery.min.js
200 OK 88 kB URL GET HTTP/2 c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /c/6.4.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
content-encoding: br
expires: Fri, 08 Nov 2024 14:35:14 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115
200 OK 588 B URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (590), with no line terminators
Hash 072681a33ce7210615bd105a4a4ad160
de2827a281b89704e5d34e16dd29527302437d07
ca2b92d6682e943ae7db0898c6221cd9b25a002626fdf43ef49db19a764f29a5
GET /wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=880
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uU9W0fL%2B9P6osNi23%2BEE4i8puL9DpyHWG9%2BgTPCCM6%2B%2BRrvoONjDwS0VJOveTbkJNcGquMawGCwERKJhSFtZlvaPXXer%2BzEiGvV%2B5vSVZJbts273NQANgXmrsDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f45fcab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/wp-content/themes/posterpro/font-awesome/css/font-awesome.min.css?ver=6.4.1
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: application/font-woff2
content-length: 77160
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
cf-cache-status: HIT
age: 404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrFNRoAApSKWTxRlv2YwxcfWtkkvhq5%2FOVk4mi3Tp0dEImFPCsuwUJmbETby2%2F4ukpHzgANUOjbWQeqUm2vO55HK7o2L4kIOOHh%2Fxj05VR19Ujl4b2WQxEhkX7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8236c7f568d0b527-OSL
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js
200 OK 124 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
File type ASCII text, with very long lines (32024)
Size 124 kB (123510 bytes)
Hash 7ed39eb42c8c450b59a24bab9cfa7fae
7fdd3fee90709f703fac533b6061864fcd7ec206
35ddb1ce73a4ac4f4792b00c8b8c56cbf857910ada5e2a0183d898b01adc16bb
GET /wp-content/themes/posterpro/foundation/js/foundation.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:13 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Sat, 15 Jul 2023 09:45:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 722
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJUPSCm2Drm53r3RvqgE%2FE%2FAVNtaRzE90rKA%2FBvJmf74IplVjL6JYNocBs%2BlKs47aw%2FgfBGocF4U8O1EoyEyMz%2FbGmM7TWWxXH0BpKPQ7ZZN5fnudkMcA6T69u4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c7f44fb7b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f
200 OK 77 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerLet's Encrypt
Subjectnsw2u.com
FingerprintF3:56:5A:DF:95:E2:A8:CF:9E:B7:3F:B3:5B:E6:CA:39:3C:E0:F4:8E
ValiditySun, 08 Oct 2023 01:00:13 GMT - Sat, 06 Jan 2024 01:00:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=a812fafe63c2ca6c059f HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/page/714?publics%2Findex%2F37
Cookie: cf_chl_2=7ebe9a63d65a835; cf_clearance=bw9Suqy79.fptKcyIaGSRx8y4Rd_uv.pOlC9iFa9_iE-1699540508-0-1-69b0ef05.6b0d8b6b.438cce4a-160.0.0; _ga_V5K7GYT3S4=GS1.1.1699540514.1.0.1699540514.0.0.0; _ga=GA1.1.1799659912.1699540515; _ga_HS5Y0K7QPG=GS1.1.1699540514.1.0.1699540514.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 Nov 2023 14:35:15 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=77230
expires: max-age=A10368000, public
last-modified: Mon, 06 Nov 2023 20:50:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 723
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv9BkphF5jZE4MtGLIjjWb3lshXtAZuzWIsl6Sd8b5pwlE7WT1gSov8e%2BZctpmyJlLSjHr9f0LVlIm1shY3SZ4Pk4qT4M2RWVX8%2F8lUhZPUuilRFuiG5hQ0K%2Fg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8236c8003b84b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1
200 OK 7.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1
IP
Requested by https://nsw2u.com/page/714?publics%2Findex%2F37
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 405x155, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1f2664d6059193e6c1a59ee7ef14d1a0
46542860abd849426ea23d66c601ff0888d735db
f685610012cd711cdf0f3f186e878030c152058d3705dd751d6048d480bc2621
GET /images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 09 Nov 2023 14:35:14 GMT
content-type: image/webp
content-length: 7712
last-modified: Sat, 11 Jun 2022 22:08:00 GMT
expires: Tue, 11 Jun 2024 10:08:00 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "416c01d7e07bbbbf"
vary: Accept
x-nc: HIT arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
188.114.97.1
139.45.197.244
142.250.74.66
104.17.24.14
18.159.217.114
212.47.236.38
0.0.0.0