nsw2u.com/doom-switch-xci-nsp
188.114.96.1403 Forbidden 4.5 kB URL User Request GET HTTP/3 nsw2u.com/doom-switch-xci-nsp
IP 188.114.96.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3311)
Hash 052918e4206bb9aff518e10bfb4c2644
2059a7d3a13407f7cc55922922156774e48543b2
9eb461569c21eeb8427a01efb2decd9ea330c79480212b1c52325ae2ccc19c46
GET /doom-switch-xci-nsp HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Mon, 05 Jun 2023 18:48:22 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySWHDrPjHARPiEHyqUFsUo8AbKoHc3TcbBherYTGnb78sIvKCyCTZNmw4fEPgeu1GrC3HuY88Vdt9B7AQoFLzq2rcp5e3Vt38xsLikZoz3nZmbzJRB62JcWAmoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2a96e349bcb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2a96e498b5fab8
188.114.96.1 42 B URL nsw2u.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2a96e498b5fab8
IP 188.114.96.1:0
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2a96e498b5fab8 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/doom-switch-xci-nsp
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:22 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 30 May 2023 15:20:42 GMT
etag: "6476144a-2a"
server: cloudflare
cf-ray: 7d2a96e64a38fab8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 20:48:22 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
c0.wp.com/c/6.2.2/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 291 B URL GET HTTP/2 c0.wp.com/c/6.2.2/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 1a0804b1a9d09705657f91fe7cad4c5a
feeece6f0b3e0bcf090547c475329a2772f6b26b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
GET /c/6.2.2/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/css
content-length: 291
last-modified: Mon, 13 Feb 2023 20:50:19 GMT
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
188.114.96.1200 OK 16 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash 134fce13c189ed0e483a1bddb6406204
eed559ac52e9731c56a1fb03eb94fc82e551bb66
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
GET /wp-content/plugins/chp-ads-block-detector/assets/img/icon.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/png
content-length: 15671
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 15 May 2023 23:42:50 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP5l8QT5Lp%2FnuoqmPw6vXeOJzQ5v%2BVSsK%2FP5DaLIgQ7pWtfCIdvZn%2B6psaNDLhvuzz8zGmsWSeEr5VW%2BOs5YLGVJjwmx0TiFr8HH63xnX5%2Fd%2Bz3UsQWkDZOXkFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97026e9dfab8-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 11 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55473ced46ee7b2c3ebfe99006c8fcbc
c4fcc42638388d595c03927b0661ecbf7ad69678
53981062ac0743bf339898075ec08151de47c5b0fa9039b708bd80e679f668b5
GET /images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 10874
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "60e070fa86c100a6"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.28
188.114.96.1200 OK 21 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.28
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7b5568740085d86e99a5b2b3e3451cf7
0e46d43f176a16789e65b3a786fd418fec4d1c38
c1673ed04d0735a2c9fcfcb9c77d9f19e5fc6937feb503e99090bdc24ea0eea2
GET /wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
content-length: 21
cache-control: public, max-age=16070400
cf-bgj: minify
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:18 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0toqFIGlYbtbZ4PHkPZ%2BXbbXP5O5QHNDzftqPQpGc3Xrdin%2BqBWW8PsBxxtL%2F7G0ikwNXeupsrYdmhLpvO7b3zlDn1sDjk7JqETNX7tLuSI%2FMZhNxq3ZuAogk04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702df09fab8-OSL
nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
188.114.96.1200 OK 95 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /wp-content/plugins/ad-inserter/images/ads.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/png
content-length: 95
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypF6Yzg8Uzxu9rZv0ItxeIzdTb4KsmsixA1AKo2z8noCAZboFrLLGRZIwNTrO3CrNLcjmJNCspSea9ukETqqIyPtq1PRIC28aSvRzJ2OsNKAoLe9yGqUW8VPCMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702df0afab8-OSL
nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.28
188.114.96.1200 OK 22 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.28
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 41bd53fe0ee631d5cfd895e18a53291d
9d9d3c42c53ad7f906cb083a0d2d37afb4537764
dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40
GET /wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
content-length: 22
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=24
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdM%2FFnVstSlOTpwEXvXkI0Jn3Q2gHUzEtcspfpb9i5opSvce9uwSghYiFZtlz1j13m%2Fm%2BrnnV7Jq7PcwT7tKVqWM5ts4gX5IAkI1qD0p1Ka1NIz8Nqjqes6GgNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702df0cfab8-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 14 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2d0de84889daf001d4fe25311de7c748
438167bbd8a4da998c94107a9da9a885e60c9b35
5e05c163fb80b4076fa2986037c539ddc56d2011e5fc44f60bd0a0910f2de20e
GET /images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 14008
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "eb9b1bb61c41d633"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
192.0.77.2200 OK 32 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3dde27351094fd110611b7099df7612d
1f8633afc647ab96114d9cd7b87b2e1bd9d73fae
f7118208621987432e4309b2429b3ca26191166ec2b5b4dfab15204958f9de33
GET /images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 31608
last-modified: Sat, 25 Mar 2023 13:28:37 GMT
expires: Tue, 25 Mar 2025 01:28:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5948b74d64865dea"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg?ssl=1
192.0.77.2200 OK 24 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d5d00d2bddc5fc46b487ee7526be1b1
70f1125a9b148ca9ca45b8150bb0d9e64446d405
d2846967d75c27d3e1693d3f91532d1bfbb6750bcc1c544d3d9e200c34b5b3ad
GET /images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 23824
last-modified: Sat, 25 Mar 2023 10:05:58 GMT
expires: Mon, 24 Mar 2025 22:05:58 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ffe38a63a8792d3c"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/03/The-Last-Spell-GoldBerg-PC.jpg?ssl=1
192.0.77.2200 OK 22 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/03/The-Last-Spell-GoldBerg-PC.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 92cbf9f8ad7b96112ce683c394cfdc91
a529da1890b74e024926b93070329875c2269e3d
9a7588c1f43249cfda1bc2d0903f2072f9237208c427ede323b4d2738323f8e6
GET /game-2u.com/wp-content/uploads/2023/03/The-Last-Spell-GoldBerg-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 21598
last-modified: Wed, 24 May 2023 00:17:23 GMT
expires: Fri, 23 May 2025 12:17:23 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/03/The-Last-Spell-GoldBerg-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7308288dd0a397e9"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679707845/154521c0/38824712.jpg?ssl=1
192.0.77.2200 OK 12 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679707845/154521c0/38824712.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 10a8a711c6faa0d08703483686e5b8f7
fa2a6bbfa09a005d6c900c354301c42856e11d96
c010cae4bd876aded1ddef373f4b06fb6501f4258766ea2a1d225a18580ecb0c
GET /images.vfl.ru/ii/1679707845/154521c0/38824712.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 12042
last-modified: Sat, 25 Mar 2023 01:33:02 GMT
expires: Mon, 24 Mar 2025 13:33:02 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679707845/154521c0/38824712.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c4584129a86ae2c1"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 10 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 79b891d5bcb9e78dd5305869191dcd3d
dde0f92b92e027e9c606728ece6576923cbc52e3
d6edc51ee1a374d31a5e8b8d0520e0760b8338aab27ccdf2aa30a6a8337679fd
GET /images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 10442
last-modified: Mon, 15 May 2023 22:03:02 GMT
expires: Thu, 15 May 2025 10:03:02 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7156d99e3892042c"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 12 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aa6aea40861f4e4163b87b450cde9c7e
a88ede460723f410745c4b2451a2031550545b2e
eb9b54ea9bf370a939ae445f9a413474174f65ecff82f1dae7e09cb40687bb5b
GET /images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 11726
last-modified: Tue, 16 May 2023 17:52:37 GMT
expires: Fri, 16 May 2025 05:52:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0f945ea115012a60"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1
192.0.77.2200 OK 2.7 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash ae58f5f8d93958f30ee4edffe1e3c6bb
7957b10b6f0faabd5ffc655a9698ca0bbc6bd708
dd21bb2f24c912107f1df2b4f6adc9ac747047e1c911a4f5319aa8966e532f1c
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 2734
last-modified: Fri, 28 Oct 2022 09:04:59 GMT
expires: Sun, 27 Oct 2024 21:04:59 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "ab7fb3ec3d012ba6"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 7.8 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be07a3f2db2eace56f7df3f78894fca8
8e65dbde4ea2283e2bcbb7d0d911ef861142d403
6845300d33cae612d9492b78ead6b905dc8a767f85a31676a4edceb40127845c
GET /images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 7818
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cfc6705945ce67d3"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 7.8 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e7baefad47d6e5eba8c00e698ec40a9b
2ae1da7acfe323e61bb8591bf4e21718eec0a07f
dcc5fbc1a06a25afada7603483c9bd22dbb18912e9f04b84bf58ba049ec27b88
GET /images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 7762
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "35c83120a522250c"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 6.6 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a8b7bd9d71982a5d6ccdba5d85599d82
5f016a731c8a7acb86f11f65d1d1ac39684bccde
1b4ab922121786f4c16ddb863b08b91d3c4fb9caba7ad5e7339c823d362cb1ff
GET /images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 6586
last-modified: Wed, 17 May 2023 09:09:41 GMT
expires: Fri, 16 May 2025 21:09:41 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "62f6acd8ad9d53ed"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/04/Card-Survival-Tropical-Island-v104k-PC.jpg?ssl=1
192.0.77.2200 OK 14 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/04/Card-Survival-Tropical-Island-v104k-PC.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 410f75c51e485a92a4098f7445c4475b
548fcc333f432bd29c3c97cee7da741edc3ba799
90897b670aaf6e92a9996bc5b7c790b6ba8297f1ed722f2f179521d3847811c7
GET /game-2u.com/wp-content/uploads/2023/04/Card-Survival-Tropical-Island-v104k-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 13678
last-modified: Mon, 29 May 2023 12:07:38 GMT
expires: Thu, 29 May 2025 00:07:38 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/04/Card-Survival-Tropical-Island-v104k-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "839b70c5a6b17157"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/05/Absolute-Drift-v253b773-PC.jpg?ssl=1
192.0.77.2200 OK 6.0 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/05/Absolute-Drift-v253b773-PC.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f3069a9095359a32d3eff2f9e5339df
9e40b86f9c5773256f33c0f4d5fd72a91bce2156
351fb05724f4df4fe8472b3e8f8e9141cb217f6bfc1e1ca0b64a53ffa5385ca1
GET /game-2u.com/wp-content/uploads/2023/05/Absolute-Drift-v253b773-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 6024
last-modified: Mon, 29 May 2023 12:15:09 GMT
expires: Thu, 29 May 2025 00:15:09 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/05/Absolute-Drift-v253b773-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f7f279af8bc4a343"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 9.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1bb636cbc4bf45105ea09f678ec75095
95ab741b213cdf879782c361d4b305eaa169627d
bab239986bea594efd10c82ca1bb36dab2fd45a75c18448c6ba963cc59ab41a6
GET /images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 9702
last-modified: Tue, 18 Oct 2022 22:29:18 GMT
expires: Fri, 18 Oct 2024 10:29:18 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3fe814ac9b579a80"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.28
188.114.96.1200 OK 23 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.28
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash e509c98a0bcad0ce8e6248ac8eb31de1
ec5fe203df631088270b5f2b0b7a85498a2aeb8b
352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63
GET /wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
content-length: 23
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=25
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0Gy6dI3w7STwK6l%2BvTmlOWrJKfCSx7X6TD9KxJCYZhr0XPC%2BSbLY7VsnGSclPr4NHu6LtRmpsvUxQv4sZoMk%2FW4%2FZJ%2B8FAX7v0hiPEVtcP4NGqGxRZd3YS0ZwU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97031f4ffab8-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.2.2
104.17.25.14200 OK 1.1 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.2.2
IP 104.17.25.14:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (3036)
Hash 94279a9a0c4060a96efcf1da47716f86
ea88b3fd8b01a8b86edfd0f4120cc9a834893018
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a
GET /ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.2.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 1101
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-bf7"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 512522
expires: Sat, 25 May 2024 18:48:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utPkviu0IDMOVPBTNbKrbDGg5hWQgR87of3ORtVMg%2BDWZwbZNjHJ1rNLW0x3LTB5ix9gAyP%2FbeAVOIuDzTgw4hC1u0bDNT3gqD1H%2FP41nSI0x1oorpvDAaNBl%2FGtA%2BviD8rptXmD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d2a97036f310b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.2.2
104.17.25.14200 OK 677 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.2.2
IP 104.17.25.14:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (1845)
Hash f6a3dd4ecbf227acbafcff33d68dc71d
7421115ddcd5d436b89a1fd27e0cdce5a01978e6
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
GET /ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.2.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 677
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-750"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1478003
expires: Sat, 25 May 2024 18:48:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qjgyg9ZzUHrXkTlX7iy84jAjG%2BQqNOewmToYScroDCzch4y%2FsOCAkhp7fA%2Bp2oMrZhrXgNbuDb55pnzuJNXE2S9yfNsUH0mNVDa0CpylAMVjLnWMw1lEhQlW6FHdMLTTDyCCUxqR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d2a97037f3a0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.2.2
104.17.25.14200 OK 3.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.2.2
IP 104.17.25.14:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (7862)
Hash 45bacd312d5098b4b59f563d8756c15d
fa55e2cff078381e5365d95782a95a787d0b7192
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
GET /ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.2.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-1ed1"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6982864
expires: Sat, 25 May 2024 18:48:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SljZxi50O3X1RTmywqHsA31N9tfyxlJfcTIi8GUILB8EiwPMnnYVd2vsULyjcOpKowZvBJiYxDDAU4Yq9YJQoJNx90%2BEKh5%2FiwPsD329JJ%2BcGWLn%2FTW66XHstay2xFbDdO8v52TK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d2a97036f360b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e0fad54cb828605d258b3a3fc3494d
1998f119ae42787f25cac22435e05b7d8a7ecbcc
fdde19b20684979988b4db7567fdb883ef8cd0438f4c4ef053bdd058011f1dbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 793e96f16cfbafdfdfd065788089310e
d306bdb5e8a019aa638d23cd45513e1310e5b53e
ff417cdcfab1cb1e2a6d3793ed1a81ad9823c3d91d919cbec3a8d333832a275f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-262573192-2
142.250.74.168200 OK 47 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-262573192-2
IP 142.250.74.168:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash af458cb325013ac8ffb5ba72eff2c257
ed411ee94f6535007b1fe7c33ee174d0a2064c07
6efaee0a208f530d16a2040d6c83fccae723ef753b0d6669f5c441cf0a948f83
GET /gtag/js?id=UA-262573192-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Jun 2023 18:48:28 GMT
expires: Mon, 05 Jun 2023 18:48:28 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Jun 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e0fad54cb828605d258b3a3fc3494d
1998f119ae42787f25cac22435e05b7d8a7ecbcc
fdde19b20684979988b4db7567fdb883ef8cd0438f4c4ef053bdd058011f1dbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nsw2u.com/wp-content/uploads/2023/01/5053309-scaled.jpg
188.114.96.1200 OK 165 kB URL GET HTTP/3 nsw2u.com/wp-content/uploads/2023/01/5053309-scaled.jpg
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Freepik Company S.L. - www.freepik.com], baseline, precision 8, 2560x1707, components 3\012- data
Size 165 kB (165425 bytes)
Hash 6852b036e1ca6706dfd08adb9c453a3a
a6ad87ebc00f7a3b1b7bc7b973fbb9d2d63f6cc4
f604e7f73dba65231360db90d84583e729f20d58f4b03b8e17c799e0a575c09b
GET /wp-content/uploads/2023/01/5053309-scaled.jpg HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: image/jpeg
content-length: 165425
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Tue, 03 Jan 2023 15:01:38 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34026
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERTdAqwUERGjgRedOk5qLedWSCNsKfzXHw3%2FJuorZwx22UymkQhZ9wV%2FPHrvP1dCrLyukgpi3zUTMlqGNu%2BleeIdPNg9jJ9f%2F8ndxLEKj0ZCGCLu6j4Aa4kNFLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a970a0e44fab8-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 793e96f16cfbafdfdfd065788089310e
d306bdb5e8a019aa638d23cd45513e1310e5b53e
ff417cdcfab1cb1e2a6d3793ed1a81ad9823c3d91d919cbec3a8d333832a275f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
188.114.96.1200 OK 77 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/6x2u.css
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: application/font-woff2
content-length: 77160
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 18:49:08 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 32870
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjcGfQsY9HxU%2B0KnX8aprIk9dqTcDpXo5X49yybq1CZZWfwMP9QmrMRmYGnorp0ux5XKcuA9HAn0S8WDOIvcSAYyG%2Fl6b1gFK%2BQzcWCUy4j%2BXuEnYrgJ%2BR9RILo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a970a5ea5fab8-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 370733
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 281 B IP 104.18.14.101:0
Hash c63c6f88cdb62edd111c712a547955dd
ae8f5a62272f21843d673259a8029260740a85d5
b5f1028dd6a066a4ab42e756d4e143d151f06df0fde36b8f5515ea6d1aee79bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 18:48:28 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Sun, 04 Jun 2023 16:43:17 GMT
Expires: Sun, 11 Jun 2023 16:43:16 GMT
Etag: "ae8f5a62272f21843d673259a8029260740a85d5"
Cache-Control: max-age=512058,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d2a970af9a6b521-OSL
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.wp.com/e-202322.js
192.0.76.3200 OK 78 kB IP 192.0.76.3:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 36a5287b66e9d145da53194a97a6245a
8569750e9f82d96f556d6f549cba940b2f316d2c
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
GET /e-202322.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 02:56:42 GMT
vary: Accept-Encoding
etag: W/"6466e56a-3508"
content-encoding: br
expires: Sun, 26 May 2024 21:54:49 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1.1/_inc/build/sharedaddy/sharing.min.js
192.0.77.37200 OK 37 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.1.1/_inc/build/sharedaddy/sharing.min.js
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (8793), with no line terminators
Hash fdf202abd4476fbb38a872c322fe32b3
d728b2a9cc4a0875c901aa602a3920b198922b54
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
GET /p/jetpack/12.1.1/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Mar 2023 19:14:38 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/452146/728x90?region=eu-central-1
136.243.3.135200 OK 34 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/452146/728x90?region=eu-central-1
IP 136.243.3.135:443
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/1535207?size=728x90
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 728 x 90\012- data
Hash abee5b951901db7d5808cc14c1803f86
6abd0ca0c0d8ceba10b0105d92f54e3e32e0f9d9
df3f1522e3c1cfad89800cef7a2a5b3287cccf8efaf9b509153f5481a3bc5210
GET /a-ads-banners/452146/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: image/gif
content-length: 34060
x-amz-id-2: W8d57SyUuhRyWOJS7mXyUCZDXWVyRf9i6jJBU2Xf1jtJM8isbyHutYNFg55AVgR8I5ZRvraZXEI=
x-amz-request-id: ZJAVP4PZ2ECRJPDW
x-amz-replication-status: COMPLETED
last-modified: Sat, 29 Apr 2023 12:10:47 GMT
etag: "abee5b951901db7d5808cc14c1803f86"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 76whst7qvmX0l_vkmSfQJ7pFURrIqrZI
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ad.a-ads.com/1686449?size=728x90
136.243.3.135200 OK 17 kB URL GET HTTP/2 ad.a-ads.com/1686449?size=728x90
IP 136.243.3.135:443
ASN #24940 Hetzner Online GmbH
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 648eadbf05dae197e9d5a700c1a32e70
1396c72180081f4d4fa145ee1ef6a4f313d8044e
316f6dbc6739736c422ed3113790f0f77cca059f927dc3d5039d3617d10b3a0d
GET /1686449?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://nsw2u.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G
192.0.73.2200 OK 1.0 kB URL GET HTTP/2 1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G
IP 192.0.73.2:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type PNG image data, 25 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash fed546357e9f16dd0ee47c7ee5846ef7
eb4a7277c8e1360d0deb902644838f27a21b42de
3e75955919222f7160538b335b7cdb2b302136521aed489ba5c96e1c2bf3ab5a
GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: image/png
content-length: 1028
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G>; rel="canonical"
access-control-allow-origin: *
expires: Mon, 05 Jun 2023 18:53:29 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/hovercard.min.css?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
192.0.73.2200 OK 2.5 kB URL GET HTTP/2 0.gravatar.com/dist/css/hovercard.min.css?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
IP 192.0.73.2:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (8294)
Hash d0aea95f4f393faab7ce633f634f10a7
0fca663548f134a918865d2d73b729edf1ba5dcf
b6430eb74818a1eda8c688c967c3ccf00b2139dd175e868f6c5658d58f3abd11
GET /dist/css/hovercard.min.css?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 08:02:31 GMT
etag: W/"64672d17-2067"
content-encoding: br
expires: Mon, 12 Jun 2023 18:48:29 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
definedbootnervous.com/b58778756eec0903d5f657ab91f7f0a8/invoke.js
173.233.139.164403 Forbidden 0 B URL GET HTTP/1.1 definedbootnervous.com/b58778756eec0903d5f657ab91f7f0a8/invoke.js
IP 173.233.139.164:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectdefinedbootnervous.com
Fingerprint0D:1D:94:97:51:12:2A:D9:C1:7A:C8:54:33:B8:0A:23:D9:1E:10:A8
ValidityMon, 22 May 2023 01:08:45 GMT - Sun, 20 Aug 2023 01:08:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /b58778756eec0903d5f657ab91f7f0a8/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 05 Jun 2023 18:48:29 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
definedbootnervous.com/0820d72adb12696922227f6272d36ff9/invoke.js
173.233.139.164403 Forbidden 0 B URL GET HTTP/1.1 definedbootnervous.com/0820d72adb12696922227f6272d36ff9/invoke.js
IP 173.233.139.164:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectdefinedbootnervous.com
Fingerprint0D:1D:94:97:51:12:2A:D9:C1:7A:C8:54:33:B8:0A:23:D9:1E:10:A8
ValidityMon, 22 May 2023 01:08:45 GMT - Sun, 20 Aug 2023 01:08:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /0820d72adb12696922227f6272d36ff9/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 05 Jun 2023 18:48:29 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
173.233.139.164403 Forbidden 0 B URL GET HTTP/1.1 definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
IP 173.233.139.164:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectdefinedbootnervous.com
Fingerprint0D:1D:94:97:51:12:2A:D9:C1:7A:C8:54:33:B8:0A:23:D9:1E:10:A8
ValidityMon, 22 May 2023 01:08:45 GMT - Sun, 20 Aug 2023 01:08:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /a45922fa4966955cecdffbdde5347ae5/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 05 Jun 2023 18:48:29 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
static.a-ads.com/a-ads-banners/406678/320x50?region=eu-central-1
136.243.3.135200 OK 406 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/406678/320x50?region=eu-central-1
IP 136.243.3.135:443
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/2093561?size=320x50
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 320 x 50\012- data
Size 406 kB (406165 bytes)
Hash 15fb17d0bb9a26b0a194b66c860e9d15
5cb1da4546a36e2e2b0fcd7314eff108835da726
142cecf84e332c087feffa033a2c072b4765b52057d9d895d8d46327b9066898
GET /a-ads-banners/406678/320x50?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: image/gif
content-length: 406165
x-amz-id-2: +o7j9KDoiLRYshymMJDpSvpuhVwlPPYW1vhFt/NUy963FK/Hb1GHtT2dtT3plFlXANGm08gaD7I=
x-amz-request-id: SPZA0R8H7NMAY6TJ
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 08:12:38 GMT
etag: "15fb17d0bb9a26b0a194b66c860e9d15"
cache-control: max-age=315360000
x-amz-version-id: d8z5luthmT_Tb1UUXyz2HJlU9l9GWDKK
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1.1/modules/wpgroho.js
192.0.77.37200 OK 732 B URL GET HTTP/2 c0.wp.com/p/jetpack/12.1.1/modules/wpgroho.js
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash c1fafcf478e9f5d874558524ddade40a
e6aa77fbcc1bc2739f9f3742523b7ae623e9691c
ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708
GET /p/jetpack/12.1.1/modules/wpgroho.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Jul 2020 17:06:48 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg
212.47.236.38200 OK 20 kB URL GET HTTP/1.1 images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg
IP 212.47.236.38:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
Fingerprint42:F5:55:E7:1E:EE:A7:BD:73:66:7A:7A:ED:02:3E:54:06:11:A4:71
ValidityWed, 03 May 2023 06:14:33 GMT - Tue, 01 Aug 2023 06:14:32 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 405x155, components 3\012- data
Hash f18da1b42e09a935a23ae2c2edb6c248
56d1abe76fce57f741324ccd50d2a77cc959f03a
6c1e24df00b0eed30b44db4563966b05a63a84f8b78615b5d4988998bf5fafb5
GET /ii/1588854988/40f4425a/30440747.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 18:48:29 GMT
Content-Type: image/jpeg
Content-Length: 20041
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 07 May 2020 12:36:28 GMT
ETag: "5eb400cc-4e49"
Expires: Wed, 05 Jul 2023 18:48:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 47 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 72c12797df7d41494d8f50e61ef1ed51
39da85e92cc10c51187fa1fbd0193f2e13299371
596ccd6c81bb72f913a05e042c1948f4f091486173394f8c85be00ccfd056fb8
GET /images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 46786
last-modified: Mon, 15 May 2023 14:02:04 GMT
expires: Thu, 15 May 2025 02:02:04 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "962f02714fe54d76"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1.1/css/jetpack.css
192.0.77.37200 OK 66 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.1.1/css/jetpack.css
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4cc4e0cba17c8a9c76e0884632f9421f
9bdb840afdd68033ee0a3a8779cddcc7d71580b0
05db96d56969f90368d364da6c464ad073255964267594cb7e2b65b90d385da0
GET /p/jetpack/12.1.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 17 Apr 2023 18:32:50 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 39 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbbdd80b56bcb03e9714388f4c95c471
a4693886d67e62d67fcdeb0ec58e75a9fdb1449b
fbffa88f412ac959dd742b148fbed63c29114648fb3b320bdc12572fe1a09182
GET /images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 38646
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "fcea96ff6e009adb"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 28 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 048ca27e9a24944c5531fa55bdb3441e
393537e6aaeb5bbe92fddfb89b1378b3aec900c9
d2152def1ec841566f8e13c94a9c15669427f69104e4118eb4f3272973f404b5
GET /images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 27668
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "37ab1c9b59690ae3"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 29 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f0903e7801d2c7637954bd4fadc1c12
62918a0a952e2e44aff030874bae048197d722a5
69ae402481c759a2e1fc97b1a5e8a508ef69d695950d53ae273ae34146216b13
GET /images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 29114
last-modified: Sat, 06 May 2023 15:25:19 GMT
expires: Tue, 06 May 2025 03:25:19 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e4320d5664e43dc6"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/doom-switch-xci-nsp
188.114.96.1403 Forbidden 131 kB URL User Request GET HTTP/3 nsw2u.com/doom-switch-xci-nsp
IP 188.114.96.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 131 kB (130927 bytes)
Hash 7ff580d9c90810ae38f229b938a500c0
67dafaadf672c8873e45cdd4bb54ce430b00c56d
f9828f52879b1b40a23d1db2674519ecf97483640e31207978642178f660dec3
POST /doom-switch-xci-nsp HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/doom-switch-xci-nsp?__cf_chl_tk=yM5Pi9lQznwrPV3LlgCQr0gT1z74XAsxwQA1RyUiFIg-1685990902-0-gaNycGzNCns
Content-Type: application/x-www-form-urlencoded
Content-Length: 2849
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/html
set-cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160; path=/; expires=Tue, 04-Jun-24 18:48:26 GMT; domain=.nsw2u.com; HttpOnly; Secure; SameSite=None
last-modified: Sat, 03 Jun 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Fuq0NxmFysh3dlDcXusasfmun4XfaIaPhSuj3%2FphAPEYJjt%2FgTeFme%2BkleB36ABDX9IIzxO2OOzjTOMC4X%2FKuL8HJlvcV7vLv9JgkZWQxQNn3%2FTPMaNGrfcuk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97000bd5fab8-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 45 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 72978d20622aca4524ce0ca543368087
3ebd22dea1ada7df0bc20d48bc1be9ed6c3761b6
56453928099306b6ff0cf633e1b4024a191c15ea3b9b84e8394f213a5e4fd42b
GET /images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 45436
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8066d816a3828c8d"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 72 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4c28860adab80d6ef3b8494fcd0e8d7
71b65392dfad02ea5ff649f311bd66eab1894c1a
d40c40b81c801617a059bf06efeb21186b278d6cceb865cf75b0592a9a4bd279
GET /images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 72120
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b75b321975d16bde"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1
192.0.77.2200 OK 2.8 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 948c6dc3d3c1e2e9d315418f6eabe2bf
ed06ff1f0994f3be033f22d808241d3fcca9d1e8
3a2e29960ba6130c22ce96089a7592ae91b6a0d6a11595a10daaa9662522ad0b
GET /nsw2u.com/wp-content/uploads/2022/07/nsw2u.png?w=216&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 2836
last-modified: Sat, 24 Sep 2022 18:25:42 GMT
expires: Tue, 24 Sep 2024 06:25:42 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/nsw2u.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0101732b85ce3bdc"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/services.min.css?ver=202322
192.0.73.2200 OK 1.1 kB URL GET HTTP/2 secure.gravatar.com/dist/css/services.min.css?ver=202322
IP 192.0.73.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (3310)
Hash bdf804ceb6729fc2dff156585a234665
38fae74e3122859e8f0ee5646706b41053080faf
0aba0adbf0a9273bbe99171a923792dce0ade3404c9815005f5f8293f73be9d6
GET /dist/css/services.min.css?ver=202322 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: text/css
last-modified: Wed, 31 May 2023 10:26:31 GMT
etag: W/"647720d7-cef"
content-encoding: br
expires: Mon, 12 Jun 2023 18:48:30 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
i0.wp.com/2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png?w=1280&resize=1280&ssl=1
192.0.77.2302 Found 138 B URL GET HTTP/2 i0.wp.com/2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: text/html
content-length: 138
location: https://2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i
192.0.77.32200 OK 24 kB URL GET HTTP/2 s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i
IP 192.0.77.32:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (655), with no line terminators
Hash 5048b7bf6f335c259cae5d653d50726e
96f45044f726eef7c8e7c7f21f6368bf23a2b3f0
b6e4492d3b8358a81b80908b1f84e6bd2f64a7a46d48793af99d27bf29f4c2e8
GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/1125-1684460866104.371
content-encoding: br
expires: Thu, 30 May 2024 20:22:45 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.34200 OK 47 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.34:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint43:CE:FB:9F:15:CF:60:5A:60:72:25:27:C1:45:67:BF:C4:B1:1A:1E
ValidityFri, 19 May 2023 12:53:03 GMT - Fri, 11 Aug 2023 12:53:02 GMT
File type ASCII text, with very long lines (3548)
Hash 209d25e02e6d07a9c2bdebeddd16ef26
14951b9abf696e2ed491da684321d9e326844c74
20f0c0edbe3c36e0ee3faed708aa56b8a64b52df128125f8efa30229031d808f
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 05 Jun 2023 18:48:30 GMT
expires: Mon, 05 Jun 2023 18:48:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2635480746104122106
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 210516a6d654b88c66b731988e824f9d
108c7399ec2a80025d2a393218a3ce746a7be17d
2d74654b90d8e74650474b1f220e201edc50fa6ecfe87234307728c9709f358b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nsw2u.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
188.114.96.1200 OK 15 kB URL GET HTTP/3 nsw2u.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (23920), with no line terminators
Hash d5a474b33d9ff5c463fb9f8f53f6dcfe
0fc051a3adf717b4390f20b43bb37141f62a3e78
d71207c8d00d27bd25a0ec0b8afc92491c0bc5445f3b2e129039166cb6674f45
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160; _ga_HS5Y0K7QPG=GS1.1.1685990908.1.0.1685990908.0.0.0; _ga=GA1.1.83302851.1685990908
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9v4vR4Iy5GMVp87oXO4YAZY%2F%2FR%2BqP6mYTfwZhY5%2B3CQZN6dRjwWopfd1epqwB8NHvNnPvBcRybjvgWF5QAr1%2FvOF11o1N1FSmi%2B09Q8jtBOwxOUIopFecicI8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9714f9defab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 5a65ab604ecb4f6bc4d0b8f18872c757
5cc8c1fdb4fbf2b62c513edeea75b5cb7e8171b7
eebda0199d9f25f3d150aa63a7db585c04908ab1106684274ddaa15ac83dd7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/b7/6d3352a91be5ae878ea1ab88798b5cb7.jpeg?w=640&ssl=1
192.0.77.2200 OK 6.4 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/b7/6d3352a91be5ae878ea1ab88798b5cb7.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5f2d49cff416bab3b345864779f5832
72baaf8cc8adf315ecb2fbf921c38e4d6411e02a
f738988723e79e574258875b5c4fdd62d8dc6290d6c671b21d7b9ef3bc72495b
GET /i89.fastpic.ru/thumb/2019/0721/b7/6d3352a91be5ae878ea1ab88798b5cb7.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 6366
last-modified: Thu, 17 Nov 2022 07:46:31 GMT
expires: Sat, 16 Nov 2024 19:46:31 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/b7/6d3352a91be5ae878ea1ab88798b5cb7.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "77d96cf0d8dd91b5"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/cf/427319118f758b3fa1e75cf27c6fb4cf.jpeg?w=640&ssl=1
192.0.77.2200 OK 5.2 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/cf/427319118f758b3fa1e75cf27c6fb4cf.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fbdca622919e2c4b9765c28a5bb40f7b
3a057c1b7361e1919ca3b8b8aa0fd19f2508c4c3
8135ab6c754fef45b3c763f58123c681324dc8e3958f80ef654e50aec918c11d
GET /i89.fastpic.ru/thumb/2019/0721/cf/427319118f758b3fa1e75cf27c6fb4cf.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 5164
last-modified: Tue, 30 May 2023 10:33:47 GMT
expires: Thu, 29 May 2025 22:33:47 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/cf/427319118f758b3fa1e75cf27c6fb4cf.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "66626baf07a1aa4b"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206
188.114.96.1200 OK 7.3 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/js/navigation.js?ver=20120206
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash a857002d6b9070bbd5b0bf1b02b114ef
9c4a59534825b24ef85cd1f2d9f2790dca5aae86
737793a7811ec8e717147c11355375940c4f0251c8c324a92a0c83f1c4e6508f
GET /wp-content/themes/posterpro/js/navigation.js?ver=20120206 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Wed, 16 Nov 2022 18:49:09 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHGJxm4vuTq3XH8ZdkY%2B4ku5cSazEKB57GMaW%2BRf2tMEtvdO2HbDKCzE5YFnLsgqjinlQqiB6mtUAnYx8lAkMMWsHU9B5h0G5ch2CK%2BDT4MUIRT%2Fhn9Dm4cey00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97028eb9fab8-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/64/01808a48707e70d4c8aaf9f73f6bc764.jpeg?w=640&ssl=1
192.0.77.2200 OK 6.5 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/64/01808a48707e70d4c8aaf9f73f6bc764.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c0ecb4cd759e352553057c2847c6b814
23f9940909f7c47568cde492f5398a8808e146fd
a74eeda5253563f21df786ddc68664895b22ef05d88feaf75e330c53967288e8
GET /i89.fastpic.ru/thumb/2019/0721/64/01808a48707e70d4c8aaf9f73f6bc764.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 6460
last-modified: Sun, 16 Apr 2023 07:50:37 GMT
expires: Tue, 15 Apr 2025 19:50:37 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/64/01808a48707e70d4c8aaf9f73f6bc764.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "d64a4c85784cc292"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/45/632732d6436eb5658bf17404c3e20c45.jpeg?w=640&ssl=1
192.0.77.2200 OK 5.2 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/45/632732d6436eb5658bf17404c3e20c45.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81505d36e251d08c1818051e89d147ad
77342b8af86648475d62bc78bab4b072661af910
ad855c16ff622a1db3505e6afa50645e5df05526e55f6ba8ed5afd5870046fb6
GET /i89.fastpic.ru/thumb/2019/0721/45/632732d6436eb5658bf17404c3e20c45.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 5234
last-modified: Tue, 30 May 2023 10:33:47 GMT
expires: Thu, 29 May 2025 22:33:47 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/45/632732d6436eb5658bf17404c3e20c45.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "748a71d82922817d"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/f1/1c397d6b134fbbbaf3f13e546914b7f1.jpeg?w=640&ssl=1
192.0.77.2200 OK 5.0 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/f1/1c397d6b134fbbbaf3f13e546914b7f1.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f06c22a841cc4be1a4d6e49d2e9c050a
9e5c26d69102ed9893431cf6de4db6ece2d46d65
37ab67710ac559dcd3f3b05acd6434e3938e097c83c4219acf56670c55f50d89
GET /i89.fastpic.ru/thumb/2019/0721/f1/1c397d6b134fbbbaf3f13e546914b7f1.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 5028
last-modified: Sun, 16 Apr 2023 07:50:37 GMT
expires: Tue, 15 Apr 2025 19:50:37 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/f1/1c397d6b134fbbbaf3f13e546914b7f1.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "e45961f977565467"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/375267711:1685988518:cajykKi4jEcTbQ-WgfFNYAA4LSnXZkLTHvA91Giyy0k/7d2a96e84f6b0b41/53562cc6332721c
104.18.7.185 128 kB URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/375267711:1685988518:cajykKi4jEcTbQ-WgfFNYAA4LSnXZkLTHvA91Giyy0k/7d2a96e84f6b0b41/53562cc6332721c
IP 104.18.7.185:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 128 kB (127837 bytes)
Hash 7d033f94a69484b9ba502c64c1f10905
00672f59a145a300fd83a00e4c39a995cdd04ea8
5c5fb1a5376af09cd17c00bc0d268ed38d5ac48cf9b5886c2328725bd3c02ccf
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/375267711:1685988518:cajykKi4jEcTbQ-WgfFNYAA4LSnXZkLTHvA91Giyy0k/7d2a96e84f6b0b41/53562cc6332721c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hnnpd/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 53562cc6332721c
Content-Length: 2759
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:23 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: CS0+LHGNn/ufafYlF1RI9cEzygomMVB2oKNaW42Q6iIXLSonSVTm7QQDnWRNXBkSNgo6yo3+fap3Gxre/Wb7OpD4mCxFEtuCHKVM31BxId4e0gpfddKCPmPJxZUD/nwHazcJ/jlFwLotlcKP3RRlFVHINTiizu1nqGo2+hZyAtVdcE4xLzdMgGC7PwGZXyPqgPQrhHLXxRU9S9IxyBArXwNXKZ2lKu8bllrAszWWqbO64RIXjMF1404RaKvvi+OMzshQct/Ag9lA/MAjBAOkaMZn/IH508NHoZjUD9iK+WVqtKga8yFpcDFPfUVt/SqhaEOBK/zsg1oRFrfg3MEFXyRBTCUm8+eRsbxsgYPOBC4=$uJjoDsGuX40gsyWo5qMAFg==
server: cloudflare
cf-ray: 7d2a96ea19710b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/79/f0b0e60f43fac5205932d78bd5324479.jpeg?w=640&ssl=1
192.0.77.2200 OK 8.2 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/79/f0b0e60f43fac5205932d78bd5324479.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 44f027b9e06e2e5b63fb864f4ee827f2
15d3690a3dd877ed11a834e0f9e75de428f71f29
88e2bba0c0cc9aac0f0371b26ab0a10960e7363ef8a5673e12e2e3c49fc268a4
GET /i89.fastpic.ru/thumb/2019/0721/79/f0b0e60f43fac5205932d78bd5324479.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 8236
last-modified: Thu, 17 Nov 2022 07:46:32 GMT
expires: Sat, 16 Nov 2024 19:46:32 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/79/f0b0e60f43fac5205932d78bd5324479.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "8667688fcb53f0c6"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/lxvgsdbc/6x2u.css
188.114.96.1200 OK 20 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/lxvgsdbc/6x2u.css
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash ecb69e4ece700834877019c15bda92d7
98090d819808448208669eb5abdafdc10730f4e9
5cb834ab62f0d37dc909031a50c6298f32e901a60e92f62c700f72f329a7ff90
GET /wp-content/cache/wpfc-minified/lxvgsdbc/6x2u.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Thu, 25 May 2023 13:18:26 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOdql9AFPeVmsgFspT3hOn7%2Fkc8XMq3kAV3NRmSrgtGQ21xyaKREet711l1pXstdCZh3PKwZRu6pB4wCLWTd2XlAkWeiwedWXTshcjdyJrlih20qGlyU4vb11Ao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9701bdcefab8-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
104.18.7.185 12 kB URL challenges.cloudflare.com/turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit
IP 104.18.7.185:0
File type ASCII text, with very long lines (19175)
Hash 21a964474a4841c3e62893476cfec550
af06eb1e31d451fe557b7581e707cd88a3107491
fb479d9c5db685793fd57b4cacb188d2aa9ab40d660d54e1cf35d0f54b390c12
GET /turnstile/v0/g/68662470/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 18:48:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2a96e73cfdfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/6x2u.css
188.114.96.1200 OK 23 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/q8eepl4d/6x2u.css
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash 480d292cadc86175c95daaa5d7ff25b7
eb153ddbedbfbc71469fe4b272f3a083f3219759
23a036aff33d9730cd602a084c7ef3746fc86195a109bb83fdc3aa90cfebbde9
GET /wp-content/cache/wpfc-minified/q8eepl4d/6x2u.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Thu, 25 May 2023 13:18:26 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpQIM2X2DYlquqevAakKeuGWDGkHKt1jsaLSXrJPCRndPaQw3%2BhSqOk2E7ObQ0rnELfeHyLmRA0qImywMMBtkPlC%2F6bbyOCK3rvntddQc7CXDQopn9RyISQbs%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97027ea6fab8-OSL
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.28
188.114.96.1200 OK 4.5 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.28
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash b7d8aab20ec0137a23e4ff03411bd06c
bd7e901bbf5968d13abb3dee762244715541bdfe
651cbb53c3e67a452582c597784a988f2ad5db132c709c279a23ad74b9917448
GET /wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=112
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7DpUcrwt%2FpMnoutz53g8PwV82SU1ckv3GaVrdD4Qr2o7BnMQqTbh9DVq1gegc7nv%2FmRXPaITTtadAdM8zWB8I2BewSfvsIJLEEZHjVv0TsvVKE7u9r0N49zO%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702df0efab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/i106.fastpic.ru/thumb/2019/0721/c6/b2a31cf892be7581dd65c62eee4bcac6.jpeg?w=640&ssl=1
192.0.77.2200 OK 8.4 kB URL GET HTTP/2 i0.wp.com/i106.fastpic.ru/thumb/2019/0721/c6/b2a31cf892be7581dd65c62eee4bcac6.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08b7b43363160f132baa879b46c9a253
595d5a57a7e04c65807903db23eaed45ebd7b4eb
87347d37be74347e9f41688f18a62c579bb33ae360b81a34a1f0c34e3437161a
GET /i106.fastpic.ru/thumb/2019/0721/c6/b2a31cf892be7581dd65c62eee4bcac6.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 8362
last-modified: Sun, 16 Apr 2023 07:50:38 GMT
expires: Tue, 15 Apr 2025 19:50:38 GMT
cache-control: public, max-age=63115200
link: <https://i106.fastpic.ru/thumb/2019/0721/c6/b2a31cf892be7581dd65c62eee4bcac6.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "f0014adb85d70d34"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i106.fastpic.ru/thumb/2019/0721/10/f900ac71af5c6fa39b8d6849597f1110.jpeg?w=640&ssl=1
192.0.77.2200 OK 5.6 kB URL GET HTTP/2 i0.wp.com/i106.fastpic.ru/thumb/2019/0721/10/f900ac71af5c6fa39b8d6849597f1110.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4139415dec61c129d0d019f0bfbf3e80
18d355b40de3f7613cafd24699b0ad78880bcfb2
cdef82fd252075f38478890500647ac5f6641f343f4e0a268ae7c2106b756135
GET /i106.fastpic.ru/thumb/2019/0721/10/f900ac71af5c6fa39b8d6849597f1110.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 5602
last-modified: Tue, 30 May 2023 10:33:47 GMT
expires: Thu, 29 May 2025 22:33:47 GMT
cache-control: public, max-age=63115200
link: <https://i106.fastpic.ru/thumb/2019/0721/10/f900ac71af5c6fa39b8d6849597f1110.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "5a60e8a87b1be88b"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1724355697:1685988475:tWgTsNoSQDaDapzE3v84OG20dev1IIPmk5XAbotAezM/7d2a96e498b5fab8/82d5b2ab80ed2bb
188.114.96.1 73 kB URL nsw2u.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1724355697:1685988475:tWgTsNoSQDaDapzE3v84OG20dev1IIPmk5XAbotAezM/7d2a96e498b5fab8/82d5b2ab80ed2bb
IP 188.114.96.1:0
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (7416), with no line terminators
Hash 45fcff936e877646ee81146b9cc2594f
0bd35bf2d47d65a565e1c199082701b6d2481206
0704b5f7444705a02a058acb70125628a82bc8b2daaaf2f17f9c6efaaee473a7
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1724355697:1685988475:tWgTsNoSQDaDapzE3v84OG20dev1IIPmk5XAbotAezM/7d2a96e498b5fab8/82d5b2ab80ed2bb HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/doom-switch-xci-nsp
Content-type: application/x-www-form-urlencoded
CF-Challenge: 82d5b2ab80ed2bb
Content-Length: 1654
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:23 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: sbXN/xryCflIiX7v9rtRDYgW+X6l6u/3Mq9809K0s37Yw/3ljSW2RMWVMO4izsIe$Hmpm7uGRaRAPwPlt2hSajg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoTNLxzeh9%2F9EDwCa9%2BX6dWil9NS6VYbuhlXem3fjCVknl9Z5IUdJkzdADqLEPkODIbDIiGIPsdSsnTH8V7QgBKYzV5KJqzlmkE0gNL3aDKRVuxV2KTxe26d9eQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a96e7dbe7fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png
142.250.74.129200 OK 128 kB URL GET HTTP/3 2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png
IP 142.250.74.129:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint2F:A0:D5:AD:44:A5:5F:5A:3C:2C:02:18:3F:CD:C2:C3:AC:E3:56:53
ValidityFri, 19 May 2023 12:56:47 GMT - Fri, 11 Aug 2023 12:56:46 GMT
File type PNG image data, 199 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 128 kB (127733 bytes)
Hash 2f43fd601d5d7dbf30551ea00134b335
04d251682496cc570c4fda1d27f13453b3cfa35f
5f215d5e76702a59db54a93a3a463e7e807d3be0f9ed4e1872c5084baff1372a
GET /-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png"
x-content-type-options: nosniff
server: fife
content-length: 127733
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:48:30 GMT
expires: Tue, 06 Jun 2023 18:48:30 GMT
cache-control: public, max-age=86400, no-transform
etag: "v2d"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
woovoree.net/5/3812660/?oo=1&aab=1
139.45.197.243200 OK 8.0 kB URL GET HTTP/2 woovoree.net/5/3812660/?oo=1&aab=1
IP 139.45.197.243:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectwoovoree.net
FingerprintD2:A6:50:08:2E:B2:20:86:F3:77:28:9B:6D:15:4A:DA:0A:52:27:88
ValiditySat, 29 Apr 2023 08:40:42 GMT - Fri, 28 Jul 2023 08:40:41 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 94fbfca30bda5cadf87d66c70fd92c76
f696c04aac037cc03f803f6bf8ace1feeae6c20c
bc4c1e02fb7334772291f8d6db10eafa80bc03d9f8c75edfb2791d61e1c99b96
Analyzer Verdict Alert quad9 Sinkholed
GET /5/3812660/?oo=1&aab=1 HTTP/1.1
Host: woovoree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: application/json
x-trace-id: c70d741f8bda0b86f2a0f8a722a4a7de
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=6e5ef08875ff4c61a695ce8915b82d05; expires=Tue, 04 Jun 2024 18:48:30 GMT; path=/; secure; SameSite=None
oaidts=1685990910; expires=Tue, 04 Jun 2024 18:48:30 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/oxqrju5/6x2u.css
188.114.96.1200 OK 24 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/oxqrju5/6x2u.css
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash d143c4be294f342d009828ac56e3720b
703e0118e60bc9c23c5f31352758246b5b5d36f9
b775d74d755293a3f658f6f7437d7ccc556ba547c090e21386f8484760704b43
GET /wp-content/cache/wpfc-minified/oxqrju5/6x2u.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Thu, 25 May 2023 13:18:26 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMO%2FyLCkrUna0wc2x5vAH5aaK3iijqF6fdBeh0IwWB9CuZ4XrCrELf4HoGK2yUJyRr41Wk6wA44EoFb9vEGXnQe5chZFP4k%2BiMzrhDOrffn5Uf2EG91qGLsnVVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9701fe05fab8-OSL
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.2.2
142.250.74.106200 OK 8.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.2.2
IP 142.250.74.106:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type gzip compressed data, max compression\012- data
Hash b6060e6704d2ecdacab94a17f49640db
5d738b5e51acf0fef2c30e564b99c054ae3050f2
b207f72ca683c5ca1205b9217cf26f196ab0f46b68d19290c83d93b811b94aee
GET /css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=6.2.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Jun 2023 18:48:28 GMT
date: Mon, 05 Jun 2023 18:48:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/6x2u.css
188.114.96.1200 OK 152 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/6x2u.css
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (34393)
Size 152 kB (151668 bytes)
Hash f7d217e22523d4a4b2c340f5e40ef861
329eed97bc0d632ad90ab64e42f8c17cf08ad701
da7b65671f509b8057003200d8376b08735f3ae9a2fb9aac828accbf4a558b8f
GET /wp-content/cache/wpfc-minified/fhg2umku/6x2u.css HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Thu, 25 May 2023 13:18:26 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onPKveMWWF2YtNlKRXThCrbaiMGtXauobdK9ng0PlYbgTyVpxKLhwN9w%2FqNQFsXzoYSgF78zADSsqg5zHjH36Cs%2FVvHhWyysivXGoUpCnVbo4XqMSSppf51VJ%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97020e1dfab8-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 210516a6d654b88c66b731988e824f9d
108c7399ec2a80025d2a393218a3ce746a7be17d
2d74654b90d8e74650474b1f220e201edc50fa6ecfe87234307728c9709f358b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=2e29137590434abf5fbe
188.114.96.1200 OK 7.3 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=2e29137590434abf5fbe
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash 3e8eac94613da1f30e4b7308d9660e58
af19387aaee9facea9d8e16232c796f28b8f5b10
b5faea4b2aaf6b3f32fba6492419190fbf6c12eb10045cc94af7ce960e2cb38d
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=2e29137590434abf5fbe HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 30 May 2023 16:59:22 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWd%2BJw1dG6HoHY%2BP86DQbfaPNtjkdbKLb3VCWOtoIr8xhaGL1oLXR10N1b1CHjRxmGz6hp9trWA36rJgdpqqnfcMTxel2RzxVqJbd05haWMZq16nXsG6W3KVZ%2BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97029ecdfab8-OSL
alt-svc: h3=":443"; ma=86400
my.rtmark.net/gid.js?userId=6e5ef08875ff4c61a695ce8915b82d05
139.45.195.8200 OK 65 B URL GET HTTP/2 my.rtmark.net/gid.js?userId=6e5ef08875ff4c61a695ce8915b82d05
IP 139.45.195.8:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT
File type JSON data\012- , ASCII text
Hash 50854158eca66e431e8ce1e28e9351ef
92d325677d17225ff62368c5a7a7bcc6872f7285
d47137db44d81ae637c43844149044e19da8a666a644159a46af922fd46b9805
GET /gid.js?userId=6e5ef08875ff4c61a695ce8915b82d05 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nsw2u.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6e5ef08875ff4c61a695ce8915b82d05; expires=Tue, 04 Jun 2024 18:48:30 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1
192.0.77.2200 OK 2.6 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 513677192f138c2aba3a3847c320f723
7ce5b67d80a2c2dedf8685b08547bcc8bf012f99
d60495bc835271423ec6445708aceb3a068ed6f2ebfd796a86c9f9e134ca1788
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 2568
last-modified: Sat, 24 Sep 2022 18:28:57 GMT
expires: Tue, 24 Sep 2024 06:28:57 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "deb437b05941c6de"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1
192.0.77.2200 OK 374 B URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 43df8a9873aa31bb000672a677ac1640
4c1bcd8c3a797217d375df16b4bcab2d6a2763a3
d865b1c06cbff014e7c47cf5afb4332de4c95a537f86074e001b577c50aef07d
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 374
last-modified: Sat, 24 Sep 2022 18:25:44 GMT
expires: Tue, 24 Sep 2024 06:25:44 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "9a9a255d155ea6c0"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 21 kB URL GET HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (1573)
Hash 4507839525a19180914799b08fb5fa5b
738d7e47e47a102e67d09efa63408d21aaf02245
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20737
date: Mon, 05 Jun 2023 18:45:34 GMT
expires: Mon, 05 Jun 2023 20:45:34 GMT
cache-control: public, max-age=7200
age: 176
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i0.wp.com/2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png?w=240&resize=240&ssl=1
192.0.77.2302 Found 138 B URL GET HTTP/2 i0.wp.com/2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png?w=240&resize=240&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png?w=240&resize=240&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Jun 2023 18:48:31 GMT
content-type: text/html
content-length: 138
location: https://2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png
142.250.74.129200 OK 128 kB URL GET HTTP/3 2.bp.blogspot.com/-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png
IP 142.250.74.129:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint2F:A0:D5:AD:44:A5:5F:5A:3C:2C:02:18:3F:CD:C2:C3:AC:E3:56:53
ValidityFri, 19 May 2023 12:56:47 GMT - Fri, 11 Aug 2023 12:56:46 GMT
File type PNG image data, 199 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 128 kB (127733 bytes)
Hash 2f43fd601d5d7dbf30551ea00134b335
04d251682496cc570c4fda1d27f13453b3cfa35f
5f215d5e76702a59db54a93a3a463e7e807d3be0f9ed4e1872c5084baff1372a
GET /-9yQ5ohWEyCo/WzDkrVwdwmI/AAAAAAAAACw/Ta8S7HsxxrsSA5FLA9Ud0H1uVSQzv1uygCLcBGAs/s320/doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="doom_nintendo_switch_boxart_by_goldmetalsonic-dbnc74v.png"
x-content-type-options: nosniff
server: fife
content-length: 127733
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:48:30 GMT
expires: Tue, 06 Jun 2023 18:48:30 GMT
cache-control: public, max-age=86400, no-transform
age: 1
etag: "v2d"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-72-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 445 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-72-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (332)
Hash d39546249a86d29697ea6b389afd84f2
244ce5f2d9a3e80da843e527f35cae0b9d9e20be
ba339c9812783530a739e05b9bc0ec254d9c22eb13779e8e5be5860a192f8c80
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-72-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: 17805
rule-data-version: 1
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2023-07-20-17-01-41.chain; p384ecdsa=1WDqXC03WFmSoP0E1nuUaj88guAGp2H6vBpzEsxantB5pOqbXTs6LeIw8wG07Xtd9LZV-Yu8tjD3NXKIU7QhIy84SsiHI9WlDdDgZs1eMcStjdh2o92kPGggpsmd2qex
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Mon, 05 Jun 2023 18:35:09 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 445
age: 812
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
62.115.252.122 512 kB URL ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP 62.115.252.122:0
ASN #1299 Telia Company AB
File type Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size 512 kB (511815 bytes)
Hash 152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
Analyzer Verdict Alert VirusTotal 0/60
GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Last-Modified: Wed, 24 May 2023 20:52:50 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1684961569.84930
Content-Type: application/zip
X-Trans-Id: txa73051eac09b464dbbbc2-00646fbb00dfw1
Cache-Control: public, max-age=245286
Expires: Thu, 08 Jun 2023 14:56:47 GMT
Date: Mon, 05 Jun 2023 18:48:41 GMT
Connection: keep-alive
c0.wp.com/c/6.2.2/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 31 kB URL GET HTTP/2 c0.wp.com/c/6.2.2/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 0e850a69bc7fd0acc2e92ce6eee87959
8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
GET /c/6.2.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/cc/e7a48560ef234b9402ba849768bf83cc.jpeg?w=640&ssl=1
192.0.77.2200 OK 3.6 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/cc/e7a48560ef234b9402ba849768bf83cc.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 84450e3d2ef47cfa51814d1d6d833b29
b4c28c1c58a8fea6b72c2564498911aff3fd234c
eb2dab89b4a83f348284830d35f29e3fb04b9f97eec11a0ba167b078d83e305e
GET /i89.fastpic.ru/thumb/2019/0721/cc/e7a48560ef234b9402ba849768bf83cc.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 3618
last-modified: Tue, 30 May 2023 10:33:47 GMT
expires: Thu, 29 May 2025 22:33:47 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/cc/e7a48560ef234b9402ba849768bf83cc.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "1fab8424f8d07843"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/dc/22f0af7f17cc694efc2e5351ccc397dc.jpeg?w=640&ssl=1
192.0.77.2200 OK 6.2 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/dc/22f0af7f17cc694efc2e5351ccc397dc.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba9a42158acafaa2bfeb2b8c07c479cc
7b941279e56d576e18ee8420ee07019486b7cfdf
b212b3a38866baa3dd01a3eff732f7ce90c7061e226ccacb0fc0896ab0c1eda3
GET /i89.fastpic.ru/thumb/2019/0721/dc/22f0af7f17cc694efc2e5351ccc397dc.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 6198
last-modified: Sun, 16 Apr 2023 07:50:37 GMT
expires: Tue, 15 Apr 2025 19:50:37 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/dc/22f0af7f17cc694efc2e5351ccc397dc.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "ea2939000a353fca"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js
188.114.96.1200 OK 14 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.core.js
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash 0e78b1db7d662e95ae8c3506146b080a
9f1675c87a306e4dd45f84d0b7ac484ae506245e
6e79424f448b401656e2384514c9332a4baa6ab4d458ba048655e01f4b1c60f2
GET /wp-content/themes/posterpro/foundation/js/foundation.core.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Wed, 16 Nov 2022 18:49:09 GMT
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJrIJdY8a6shn531eutb7o9RrGZ7D5PmOp3K3jxdRk1nspr7ion6Q8qh%2FdS7tpwtgXE0gOxN0Oo8Rq%2F9Abcw5VVPhHM%2FneXkHkNxWCLXstOEW6bvhzITKm37qiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97028eb8fab8-OSL
mgnetu.com/js/full-page-script.js
172.67.146.233403 Forbidden 0 B URL GET HTTP/3 mgnetu.com/js/full-page-script.js
IP 172.67.146.233:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subjectmgnetu.com
FingerprintA0:1F:F9:62:DB:61:7C:B6:D8:CE:EF:2D:59:66:4B:80:71:46:45:CC
ValidityTue, 09 May 2023 04:33:37 GMT - Mon, 07 Aug 2023 04:33:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/full-page-script.js HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKxWGexUABCFGnl36Us3p4BfS3rxhLle2IOpifXfwLoV0UEzyiG73WrAwZ0Kjpo09BGsgNgkulWO4xZYLaS6AVivBAbCsSU62eCp72uA8qrn4kgIsL8zHxp%2BDm%2Bt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2a9711fb40b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
c0.wp.com/p/jetpack/12.1.1/_inc/build/photon/photon.min.js
192.0.77.37200 OK 685 B URL GET HTTP/2 c0.wp.com/p/jetpack/12.1.1/_inc/build/photon/photon.min.js
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (711), with no line terminators
Hash 0e65038e68e68d01f233c8fd05e48c1d
86375c7a10079a098d50dc82bd606676d09460c7
2b580e6709092e35bead327a2faee75175ca8a3036e3c50d9185062d7ed8673a
GET /p/jetpack/12.1.1/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1679380905
188.114.96.1200 OK 11 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1679380905
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash 94bc4228bb5941670e191e40a6bc44bd
ad06418894462185e7eecc1421310f552e1e5e36
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1679380905 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 21 Mar 2023 06:41:45 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 33929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oz7XCiaQjLklhcosGYeAg8S1f%2BIz8%2BIHeY6uwEJmnPTG3m4ZIh4Iheq4vt4lqLLbs1%2BsO9lTl11FMNHeO%2Bnxf0j9gbn4dFU3EN8LXKKaKzY9uJm5ai%2BBVW2PbtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702beeffab8-OSL
alt-svc: h3=":443"; ma=86400
mgnetu.com/js/full-page-script.js
172.67.146.233403 Forbidden 0 B URL GET HTTP/2 mgnetu.com/js/full-page-script.js
IP 172.67.146.233:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subjectmgnetu.com
FingerprintA0:1F:F9:62:DB:61:7C:B6:D8:CE:EF:2D:59:66:4B:80:71:46:45:CC
ValidityTue, 09 May 2023 04:33:37 GMT - Mon, 07 Aug 2023 04:33:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/full-page-script.js HTTP/1.1
Host: mgnetu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMTWMKatsX1MF0CGQ%2B42WfoJKpMlvmBttQnPV2LbZt3s7WaU%2FdR2rblraXvAcJzQcQDzySxeEcjeNxFyaK0X1VHAxDPVm0%2FZ9NVwx%2FPbBvXkA2GoYk3Qh63jxlv%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2a9703488fb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
secure.gravatar.com/js/gprofiles.js?ver=202322
192.0.73.2200 OK 26 kB URL GET HTTP/2 secure.gravatar.com/js/gprofiles.js?ver=202322
IP 192.0.73.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (26062)
Hash caf0f706328fcd249a7fbeae23b0a62f
6e2d57c57b1603ffc814a9808a880618a2b36a44
a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
GET /js/gprofiles.js?ver=202322 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
last-modified: Thu, 01 Jun 2023 11:07:36 GMT
etag: W/"64787bf8-6611"
content-encoding: br
expires: Mon, 12 Jun 2023 18:48:27 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
ad.a-ads.com/1535207?size=728x90
136.243.3.135200 OK 12 kB URL GET HTTP/2 ad.a-ads.com/1535207?size=728x90
IP 136.243.3.135:443
ASN #24940 Hetzner Online GmbH
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash 830f96a60843f82b108d338b33d3e9c6
d3a281010f5c7a02dce6fe803cede0b2f76d036f
e293c9b9b6b3825a6634779bff8bb93ed3cbc7bb0e32ee7b34a256346ab92e2d
GET /1535207?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://nsw2u.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/hovercard.min.css?ver=202322
192.0.73.2200 OK 8.3 kB URL GET HTTP/2 secure.gravatar.com/dist/css/hovercard.min.css?ver=202322
IP 192.0.73.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (8342), with no line terminators
Hash 8958f0c76fe21a28c91293f53d6d3f6f
8c7d3a87692d298bc597bb584acc5027541ef202
0b16953b19c6e07679067254de36478596a81471b44262fffd4dce4a51f7f347
GET /dist/css/hovercard.min.css?ver=202322 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 08:02:31 GMT
etag: W/"64672d17-2067"
content-encoding: br
expires: Mon, 12 Jun 2023 18:48:30 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
c0.wp.com/c/6.2.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 11 kB URL GET HTTP/2 c0.wp.com/c/6.2.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11256), with no line terminators
Hash 2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
GET /c/6.2.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 49 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3943799e6866beec74635dd2fdf512e3
f2a7081c65cacb1983cc0392810729c4eacad9b7
49130321a941d18ebfea6a84080d4c3970903aba00b12f293f7e621673f40efa
GET /images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 48746
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "694acd0f20d20e8b"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
192.0.77.32200 OK 42 kB URL GET HTTP/2 s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
IP 192.0.77.32:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 07:43:45 GMT
etag: W/"63218631-a4f5"
content-encoding: br
expires: Thu, 14 Sep 2023 07:43:50 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
ad.a-ads.com/2093561?size=320x50
136.243.3.135200 OK 12 kB URL GET HTTP/2 ad.a-ads.com/2093561?size=320x50
IP 136.243.3.135:443
ASN #24940 Hetzner Online GmbH
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash 3ef6e109b467f87543a145f604a295e0
2c0b9284e577762baab2dec21aca8db3997ef700
36baa459a53d4269bbf12ab0f521d2db3da22445d3c06493a6bd03689c98056e
GET /2093561?size=320x50 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://nsw2u.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
188.114.96.1200 OK 5.7 kB URL GET HTTP/3 nsw2u.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (5699), with no line terminators
Hash 60359b464993821b0d1e5e497d373dee
76ea7a77bb94eb6db3b483826ed690a60f461b2f
b5bdf3bc27e93e21f0f95ab35bbdb70cd16cda91848d44be906f0e6af94d0017
GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160; _ga_HS5Y0K7QPG=GS1.1.1685990908.1.0.1685990908.0.0.0; _ga=GA1.1.83302851.1685990908
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOYE1DoN0PAGrNAhywWMNWtRW1OQzsnEO1zmZeeDlhj34FDpyw3kPl%2Bi8CiUPAl%2F8ccrrnZp45%2FZsLZ2RW8Gom1RPJQrx6FtfOSeyQVdVKP3TZ4ntPAaS%2F2AKv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97168b65fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
woovoree.net/tag.min.js
139.45.197.243200 OK 74 kB IP 139.45.197.243:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectwoovoree.net
FingerprintD2:A6:50:08:2E:B2:20:86:F3:77:28:9B:6D:15:4A:DA:0A:52:27:88
ValiditySat, 29 Apr 2023 08:40:42 GMT - Fri, 28 Jul 2023 08:40:41 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 108831d56861ea0ee92dd3bbcb128e7c
35f1b3aae946f0ed3b5c607a30165f4eebfaed2b
ada0b5209a666e8a22bb806893202d4ce19cb37ce808654a9fcdfb3261310e1e
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: woovoree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: text/javascript; charset=utf-8
content-length: 23674
content-encoding: br
x-trace-id: fec63e0d53f4822dc327b4c50ffeac29
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 02 Jun 2023 11:24:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/41/3f3d9c70108912d2bd64868b66209541.jpeg?w=640&ssl=1
192.0.77.2200 OK 4.6 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/41/3f3d9c70108912d2bd64868b66209541.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 083e7a71e8d133e7162f157362840fbb
5260730cb661f5fb5199c1ae31dafd6f890a389f
ceaefdcaa13bd15c21093bf02c9912e12b10c9abfff938e6e0134b371dc57bf6
GET /i89.fastpic.ru/thumb/2019/0721/41/3f3d9c70108912d2bd64868b66209541.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 4562
last-modified: Sun, 16 Apr 2023 07:50:37 GMT
expires: Tue, 15 Apr 2025 19:50:37 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/41/3f3d9c70108912d2bd64868b66209541.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "20de1faaa90da0e0"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/challenge-platform/h/g/cv/result/7d2a97000bd5fab8
188.114.96.1200 OK 2 B URL POST HTTP/3 nsw2u.com/cdn-cgi/challenge-platform/h/g/cv/result/7d2a97000bd5fab8
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7d2a97000bd5fab8 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12380
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160; _ga_HS5Y0K7QPG=GS1.1.1685990908.1.0.1685990908.0.0.0; _ga=GA1.1.83302851.1685990908
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=8Tev324dO_YLu0snEonxHl4QHPVqvBxX5Owb8.9qF0o-1685990910-0-AQoBlIyp5QCNA7lqNg5t2cvSBWZ0kzYke9YlboNF0rt83NKFJcO6DTfI1KrgQsGVcHVn75x2BWHxp+uwVMzEbYvzIoapnJkCb1aAnN0bbsKV; path=/; expires=Mon, 05-Jun-23 19:18:30 GMT; domain=.nsw2u.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zerZ6jTWOu5MoaHQ2id1F9t4ysT7LIxVmMqo6YHTZp7EanzDAZUVbLEgOzpD9VlvlxxltOTq%2F3IMNytgVDjI1EanOohmIQ7ekZvvyyt7EnLame8d73AezhKgJzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97194e44fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/4e/d9614d3621103ec43ae009fa09ef414e.jpeg?w=640&ssl=1
192.0.77.2200 OK 4.0 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/4e/d9614d3621103ec43ae009fa09ef414e.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 676743fba411b80dfe6f1ea0627b1e3a
cf13f772a0af6b584992c31ee2c8108578104b5e
da484527bf688ed69d3b2918582b4c39234a6d6c516d17a86c1fda8b4f3aa875
GET /i89.fastpic.ru/thumb/2019/0721/4e/d9614d3621103ec43ae009fa09ef414e.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 3954
last-modified: Sun, 16 Apr 2023 07:50:37 GMT
expires: Tue, 15 Apr 2025 19:50:37 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/4e/d9614d3621103ec43ae009fa09ef414e.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "b31676bb256d65c9"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/d.svg
188.114.96.1200 OK 73 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/d.svg
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (20829)
Hash 496d1ae6bd68127d1c2e7d768de2702d
401094e71de488d2233d229bad8be282130a92b5
51ed1f79aeb5a9c25435cb7b6d5335353448d2eefaac75fa24470d93a0d07fde
GET /wp-content/plugins/chp-ads-block-detector/assets/img/d.svg HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: image/svg+xml
last-modified: Mon, 15 May 2023 23:42:50 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5zXwzLJTGRqCOZqYtlNTPqP0cJGEmEsu9vLRM5tRlS%2FFuitEDWy4C7MabbEyphIMxk4omN5FTbxeRLAh8tvBfVyZIhSLu5jnhMQtDrBs8WSZZmcY6t0ykSgtx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97026e9bfab8-OSL
alt-svc: h3=":443"; ma=86400
s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
192.0.77.32200 OK 1.2 kB URL GET HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
IP 192.0.77.32:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 2 x 26\012- data
Hash 41570c42d47e846f51422b154ebe8cc8
eed821bb5bf98caf32c563a56a1ebf145f7aca74
0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35
GET /wp-content/mu-plugins/highlander-comments/images/button-back.gif HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160i&cssminify=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: image/gif
content-length: 1232
last-modified: Thu, 29 Nov 2018 13:53:31 GMT
etag: "5bffef5b-4d0"
expires: Fri, 10 Nov 2023 15:10:58 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
c0.wp.com/c/6.2.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 4.2 kB URL GET HTTP/2 c0.wp.com/c/6.2.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (4186), with no line terminators
Hash ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
GET /c/6.2.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.3.6
188.114.96.1200 OK 399 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.3.6
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (423), with no line terminators
Hash ed94fa94e236140899a07d0bb24f233d
8e7f16eda1a41233d4d0f19264382b6222959b6c
2fb43730229e7993c5976889479bdd4488ce1cab9f939f11d7bba6e327c9a5df
GET /wp-content/plugins/featured-image-from-url/includes/html/css/lazyload.css?ver=4.3.6 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: text/css
last-modified: Tue, 23 May 2023 18:46:33 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v2Fd9MELWnZtMR87dqlMkHvq1GLQCN9VMyMaulDTRq6mwu0cYs%2BwKxrBx3Mk64%2F8AJ4etVCEgOGnrieQr3dC%2BRmpJPUwS1lGrEJTPp%2F9cGlGqnWfzdDCx5L7Ec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97026e9afab8-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/1f/6a3a406af7716e40dfd581aff842be1f.jpeg?w=640&ssl=1
192.0.77.2200 OK 5.0 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/1f/6a3a406af7716e40dfd581aff842be1f.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 899a60bb1290b63d52dd8c4da0b81bba
b8db418da62e14918106656162067cacb4bc7dfe
1f80dc445c0be1c95921c9eee5aad9d7c6a5e6c7dff7e5ce90d2ac8f29e7fb1a
GET /i89.fastpic.ru/thumb/2019/0721/1f/6a3a406af7716e40dfd581aff842be1f.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 5020
last-modified: Tue, 30 May 2023 10:33:48 GMT
expires: Thu, 29 May 2025 22:33:48 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/1f/6a3a406af7716e40dfd581aff842be1f.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "025bdfe8c0f612ab"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i106.fastpic.ru/thumb/2019/0721/fd/134915b5b5993fb05060aba81ea9b2fd.jpeg?w=640&ssl=1
192.0.77.2200 OK 3.9 kB URL GET HTTP/2 i0.wp.com/i106.fastpic.ru/thumb/2019/0721/fd/134915b5b5993fb05060aba81ea9b2fd.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ac8ccb3ea7e27dcb95afd8533d55ebf2
f17ac2a420e4afb49d6bcebd598d483d97035471
c728c43e890bde486dc9fc1e3650492bb509b81ab8fca757fd0cce03a1413d9c
GET /i106.fastpic.ru/thumb/2019/0721/fd/134915b5b5993fb05060aba81ea9b2fd.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 3884
last-modified: Tue, 30 May 2023 10:33:47 GMT
expires: Thu, 29 May 2025 22:33:47 GMT
cache-control: public, max-age=63115200
link: <https://i106.fastpic.ru/thumb/2019/0721/fd/134915b5b5993fb05060aba81ea9b2fd.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "13265750036ad54e"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.2.2/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 3.0 kB URL GET HTTP/2 c0.wp.com/c/6.2.2/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (3056), with no line terminators
Hash dc7f90d513295c29acc441fe114a2cab
ca9e5069d9afc4aa13ab2e152313dfb476e842ef
f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /c/6.2.2/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.3.6
188.114.96.1200 OK 3.9 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.3.6
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (4076), with no line terminators
Hash 2541a2baf045e01159ee696c0811648d
b2263916a7fde84879fc3bda16095767ddf000f4
0548af9bb27732d955c46677c38cbffd67f7bcbdcf2d95797d395eefe44a6464
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.3.6 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 23 May 2023 18:46:33 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlVJqORnWKGY0rGmENXTRLrrEGHaZRqoptwpx4FV9oo0CxIomSmjoCVHCnyhkjJWytwZxMzfl219T7VFQ5uCeIgwB4Gz4YHWqC7W9GgqZf34LGaLgEmXGIKQYAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702beeefab8-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/i106.fastpic.ru/thumb/2019/0721/84/f5a2fa2952ce23f8c8b58ddecb7db684.jpeg?w=640&ssl=1
192.0.77.2200 OK 4.5 kB URL GET HTTP/2 i0.wp.com/i106.fastpic.ru/thumb/2019/0721/84/f5a2fa2952ce23f8c8b58ddecb7db684.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f10ba213e57e0245b712155003d6482e
f664134845b001c59b053536c6b682b15dfb421a
2a8705245aea5666f0fde7836c7a1e1141b887eeae51c5cc75148e9751223f90
GET /i106.fastpic.ru/thumb/2019/0721/84/f5a2fa2952ce23f8c8b58ddecb7db684.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 4456
last-modified: Sun, 16 Apr 2023 07:50:38 GMT
expires: Tue, 15 Apr 2025 19:50:38 GMT
cache-control: public, max-age=63115200
link: <https://i106.fastpic.ru/thumb/2019/0721/84/f5a2fa2952ce23f8c8b58ddecb7db684.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "e621cf61d0b0dc9e"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.1
188.114.96.1200 OK 4.6 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.1
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (4857), with no line terminators
Hash 3c05b4818fda400788cc5c2f60d87ea4
01e544e8461be8bb14a13fb8be13cc1e8259858e
db8170cdde3c954a075a4c1cfe836be73fc450ee8a298978470ca6a110284a08
GET /wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.5.1 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Thu, 30 Mar 2023 10:21:39 GMT
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6xJItCJucymPjLT53NPmNso3kowmT9Or%2FfKXygDViU4MZsP0Vb7LN34pT1FSzd%2FCSkZtNT8FkssGgXAAVpH8pxpJc7A5YUh9Vuwf%2B4Rio8770ultS9QKJ7oojU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702bee6fab8-OSL
c0.wp.com/c/6.2.2/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 13 kB URL GET HTTP/2 c0.wp.com/c/6.2.2/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (13326)
Hash 5cfa2b481de6e87c2190a0e3538515d8
0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
GET /c/6.2.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 06 Feb 2023 20:59:15 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/cache/wpfc-minified/1difh1hx/6x2u.js
188.114.96.1200 OK 3.9 kB URL GET HTTP/3 nsw2u.com/wp-content/cache/wpfc-minified/1difh1hx/6x2u.js
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (4160), with no line terminators
Hash e2330273b72c1a250a8ae09ae04d0bfa
49a08f84119421590a83a5079bac9803abef148c
3165960f809382d0080ad8f42e09782968a882fa4e65669f2c8deaa7bd4ee1c1
GET /wp-content/cache/wpfc-minified/1difh1hx/6x2u.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Thu, 25 May 2023 13:18:26 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34002
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqqGz0Fa1JgZklbjBx8G5KgBuHsi61amWCX4nqv8IwfXorDoQsQ8obcryF9Lp5DvtUABTYZRUvTzgubqWKJQ1ChAmPrtapzaarRzMt3RBPAwIVO4nunjvg4dVpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97020e25fab8-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/i106.fastpic.ru/thumb/2019/0721/9a/b3f8c9e0020c5131cbbe85f9c2dfb09a.jpeg?w=640&ssl=1
192.0.77.2200 OK 7.6 kB URL GET HTTP/2 i0.wp.com/i106.fastpic.ru/thumb/2019/0721/9a/b3f8c9e0020c5131cbbe85f9c2dfb09a.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f79cfa4df27cbc08770c8d8d733143e1
d8683fdadcf39531805cddfcf30d4a56bb1ef43f
cdb41dfa3eed17b92cdcfa4036f418de9df14416bed11bf7b36ce350ae8f2016
GET /i106.fastpic.ru/thumb/2019/0721/9a/b3f8c9e0020c5131cbbe85f9c2dfb09a.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 7626
last-modified: Fri, 03 Feb 2023 14:53:28 GMT
expires: Mon, 03 Feb 2025 02:53:28 GMT
cache-control: public, max-age=63115200
link: <https://i106.fastpic.ru/thumb/2019/0721/9a/b3f8c9e0020c5131cbbe85f9c2dfb09a.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "ce9ada7f5eaf48b7"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/i106.fastpic.ru/thumb/2019/0721/39/e82d7fd2b4aa1b7b4e4581fd15ef4039.jpeg?w=640&ssl=1
192.0.77.2200 OK 6.7 kB URL GET HTTP/2 i0.wp.com/i106.fastpic.ru/thumb/2019/0721/39/e82d7fd2b4aa1b7b4e4581fd15ef4039.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 162cedad7c7af2614dcfe0d58b06d6bc
0601129b03acf4f5db74ae45de9bee3176267a62
02ffaf3f845130e98b5031551ce492f0de873f63261b71cdee2713fb7aa4c4ae
GET /i106.fastpic.ru/thumb/2019/0721/39/e82d7fd2b4aa1b7b4e4581fd15ef4039.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 6674
last-modified: Tue, 30 May 2023 10:33:47 GMT
expires: Thu, 29 May 2025 22:33:47 GMT
cache-control: public, max-age=63115200
link: <https://i106.fastpic.ru/thumb/2019/0721/39/e82d7fd2b4aa1b7b4e4581fd15ef4039.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "aff365f960adf7a0"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115
188.114.96.1200 OK 880 B URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (965), with no line terminators
Hash fa7fe6b99dd294598a44154cb2f424b7
78a909d97e5dfeffa1e1311e2c7ad8633d768960
9600c505b5d0d438a661c90d7b6ef5c6098024ff4e16e58a3577d5d0c837237f
GET /wp-content/themes/posterpro/js/skip-link-focus-fix.js?ver=20130115 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Wed, 16 Nov 2022 18:49:09 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BruVZ3x%2Fx1xotg4fOFVkD%2BWd4X0cNoIn5arA8K7inuLmDGre8J8TgIlqgjEDE0zO24a8UE5tTjqOA9dvsMF9%2B8BaiqPun%2BRrkY9YjBWbonqC7ey7d3BIXdin%2B8c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97028ebbfab8-OSL
alt-svc: h3=":443"; ma=86400
s0.wp.com/_static/??/wp-content/mu-plugins/likes/queuehandler.js,/wp-content/mu-plugins/akismet-3.0/_inc/akismet-frontend.js?m=1683897436j
192.0.77.32200 OK 24 kB URL GET HTTP/2 s0.wp.com/_static/??/wp-content/mu-plugins/likes/queuehandler.js,/wp-content/mu-plugins/akismet-3.0/_inc/akismet-frontend.js?m=1683897436j
IP 192.0.77.32:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 4704c1eb35424d96800d3c41a2442a39
bb2e6c029d5aa36ecebce1276f088dc30cd3ff65
780b61f483cfb44ee9881cbd362d41cf89609d401d12e9726e1471530ab14738
GET /_static/??/wp-content/mu-plugins/likes/queuehandler.js,/wp-content/mu-plugins/akismet-3.0/_inc/akismet-frontend.js?m=1683897436j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 May 2023 13:17:23 GMT
etag: W/"645e3c63-5e76"
content-encoding: br
expires: Sat, 11 May 2024 13:17:31 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
c0.wp.com/c/6.2.2/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 98 kB URL GET HTTP/2 c0.wp.com/c/6.2.2/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/6.2.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 10 Mar 2023 00:22:37 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/services.min.css?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
192.0.73.2200 OK 3.3 kB URL GET HTTP/2 0.gravatar.com/dist/css/services.min.css?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
IP 192.0.73.2:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (3348), with no line terminators
Hash 0c00e0c1ebbbc297c425a50bbbd0ad35
09ae84155d9120b8788c97a514c763f4382fe19e
a4198608989ddcd07a26a1981da7e93794a54742a2e60134aa848184504d92f4
GET /dist/css/services.min.css?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: text/css
last-modified: Wed, 31 May 2023 10:26:31 GMT
etag: W/"647720d7-cef"
content-encoding: br
expires: Mon, 12 Jun 2023 18:48:29 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
i0.wp.com/i106.fastpic.ru/thumb/2019/0721/ee/6ae1238cf7823d61a3f434262939e7ee.jpeg?w=640&ssl=1
192.0.77.2200 OK 5.6 kB URL GET HTTP/2 i0.wp.com/i106.fastpic.ru/thumb/2019/0721/ee/6ae1238cf7823d61a3f434262939e7ee.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dee3bc126033284510ba35935bfcd353
5b9d9bf35e391014f4260747ae88606e54b93571
0efc254ae5793edcf8db81b32eac06a88ee4ba052b5b0878506db53ac9b85c8f
GET /i106.fastpic.ru/thumb/2019/0721/ee/6ae1238cf7823d61a3f434262939e7ee.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 5646
last-modified: Sun, 16 Apr 2023 07:50:38 GMT
expires: Tue, 15 Apr 2025 19:50:38 GMT
cache-control: public, max-age=63115200
link: <https://i106.fastpic.ru/thumb/2019/0721/ee/6ae1238cf7823d61a3f434262939e7ee.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "b7a529290d6cb334"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
188.114.96.1200 OK 9.0 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9051), with no line terminators
Hash aee5233a88e59cf85afd5849a59da09c
a63fb67599f130b81880e3e9730462bff4ee5cc6
3a798d6addbffdfee5bcd2f5398f08585cc5f2c3bd6c511e45871e4ed72cbf7b
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 30 May 2023 16:59:22 GMT
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PbUn2709l2vB5ynXaFPC%2B%2BlHEB5IcBPjVJtVGALEGSY3zWh9DcEWroq1prNXhI059%2BhZtNxDKX3gUd8aFloNP5kstgd5lJ18p3fkivPdFyf%2BxO3jqiuiNIpt1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97028ebcfab8-OSL
s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
192.0.77.32200 OK 19 kB URL GET HTTP/2 s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
IP 192.0.77.32:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 4ba6be1612fb7d972e306b40ca81c69e
f438812921a7e44f4649a8cc1e0680f3b16350b6
7551cbecbf078a66df8f9d246d8b11c773247921f5ff0bbe601f0cf67e1e287b
GET /_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 21:55:38 GMT
etag: W/"619d635a-4b6b"
content-encoding: br
expires: Wed, 09 Aug 2023 21:35:02 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160i&cssminify=yes
192.0.77.32200 OK 15 kB URL GET HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160i&cssminify=yes
IP 192.0.77.32:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (14896), with no line terminators
Hash 6351b8d2b4c744f53ad04c649576118b
367ed42ea3dfb3eeb0adc1c192756c316a263872
ae2e2ce4e754233246589f8d6986deb99cec57327ae7294cf2a323a9af92b3c2
GET /wp-content/mu-plugins/highlander-comments/style.css?m=1663315160i&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jetpack.wordpress.com
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: text/css
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/17833-1684465005241.1526
content-encoding: br
expires: Thu, 30 May 2024 20:22:44 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 43 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8eecd8735e9e9aeaf1983aba0e7f3b6d
8f8e31633b28a78a7a8a964bdb002c8ea32da38c
e731f1c1e067138cf40fe4df0d8968451df8f6bcfbfeaa1ed5bf35d8ef1c0000
GET /images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 42946
last-modified: Fri, 18 Nov 2022 23:15:09 GMT
expires: Mon, 18 Nov 2024 11:15:09 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "8c3403d21496b34b"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/challenge-platform/scripts/invisible.js
188.114.96.1302 Found 24 kB URL GET HTTP/3 nsw2u.com/cdn-cgi/challenge-platform/scripts/invisible.js
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160; _ga_HS5Y0K7QPG=GS1.1.1685990908.1.0.1685990908.0.0.0; _ga=GA1.1.83302851.1685990908
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Mon, 05 Jun 2023 18:48:30 GMT
vary: accept-encoding
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/68662470/invisible.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am3aJEV3nwdSihoH8e6uZxNjYAZU%2F66N0ktEfbfv87IRS00fhaTdEXtpozlBnwyNHISG8qnkjml3xoF8vr4Vw1wwPZV1k2nThSvqNYSvnjR%2FQhs4QiFhPiD0BlE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9714b989fab8-OSL
alt-svc: h3=":443"; ma=86400
nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.3.6
188.114.96.1200 OK 8.0 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.3.6
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (8246), with no line terminators
Hash 95e8541b1c7d8d1c6d971b8a1254f05e
a0a315f535cefee969c8f938ae9133beb051b51d
94d90d0cae68aae94246413284189ad0fd41bca226dcfc1d3394f25087df2ede
GET /wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=4.3.6 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Tue, 23 May 2023 18:46:33 GMT
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZmPJAMNwgfGNgVv1Y922xLGFPjDXkAtFzpxPnsoKe9eTRJE%2FwLj1m8MMyaUhX%2B2zY8nqx8zhCIC2y3%2B40QIaMpYQjBjoRpOtW4O17QDPFdqoZr%2F%2FT8VU4OlSao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702bee8fab8-OSL
jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f
192.0.78.33200 OK 23 kB URL GET HTTP/2 jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f
IP 192.0.78.33:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wordpress.com
FingerprintA3:A5:D8:C8:1D:A5:FD:3E:95:A9:0C:25:E8:5A:C2:26:BD:14:73:44
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1831)
Hash fc675cd7789a3415c38d2dfd0d583d85
15fdc6838a51938de33436a067e23d11c2451191
c3e032c37f4b02327aeec55f3aab07ca8b690cf3b5a9bcac2551f9f90ce42956
GET /jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f HTTP/1.1
Host: jetpack.wordpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: text/html; charset=UTF-8
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
vary: Accept-Encoding, accept, content-type
content-encoding: br
x-ac: 4.arn _dca MISS
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1.1/_inc/social-logos/social-logos.min.css
192.0.77.37200 OK 12 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.1.1/_inc/social-logos/social-logos.min.css
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11580)
Hash 6fe4fbe2d529a23a0c2c15640fbe15b1
35748eb5f288ebf9849080411e51be68e0f3af70
5af9881e63eb82017b7f84922fa8ba9928bcfb4416eb3579f1b3528263003a18
GET /p/jetpack/12.1.1/_inc/social-logos/social-logos.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 21 Mar 2023 13:24:16 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c
142.250.74.168200 OK 203 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (4372)
Size 203 kB (203238 bytes)
Hash c9741d8b0f42f70088841fcc09994ffd
83d4de7a21429fd6c6c768ab250d3b8b147ab952
e0864ca29fd42e0e6dfe87a69f626eafbd12b7e5317d23eb7be57e90f42691dc
GET /gtag/js?id=G-HS5Y0K7QPG&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Jun 2023 18:48:28 GMT
expires: Mon, 05 Jun 2023 18:48:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i0.wp.com/i89.fastpic.ru/thumb/2019/0721/a7/1610a8db3b7f3e9f82ee391aae02c4a7.jpeg?w=640&ssl=1
192.0.77.2200 OK 5.3 kB URL GET HTTP/2 i0.wp.com/i89.fastpic.ru/thumb/2019/0721/a7/1610a8db3b7f3e9f82ee391aae02c4a7.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 730e52b897276fb134a3572af1b8ec80
28b8f28de14cbdc6755861362d7448dbe4c0c07d
74baab46a413705b9d6c4f9db6c012524fecea3934fc2a86f9c56d53cb22512b
GET /i89.fastpic.ru/thumb/2019/0721/a7/1610a8db3b7f3e9f82ee391aae02c4a7.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 5326
last-modified: Thu, 17 Nov 2022 07:46:32 GMT
expires: Sat, 16 Nov 2024 19:46:32 GMT
cache-control: public, max-age=63115200
link: <https://i89.fastpic.ru/thumb/2019/0721/a7/1610a8db3b7f3e9f82ee391aae02c4a7.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "870a7ebdf1740331"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
0.gravatar.com/js/gprofiles.js?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
192.0.73.2200 OK 26 kB URL GET HTTP/2 0.gravatar.com/js/gprofiles.js?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
IP 192.0.73.2:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (26062)
Hash caf0f706328fcd249a7fbeae23b0a62f
6e2d57c57b1603ffc814a9808a880618a2b36a44
a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
GET /js/gprofiles.js?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: application/javascript
last-modified: Thu, 01 Jun 2023 11:07:36 GMT
etag: W/"64787bf8-6611"
content-encoding: br
expires: Mon, 12 Jun 2023 18:48:28 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
woovoree.net/?rb=BvoAE1Y4Sh3R7CfuOT5BSOJhgTLeDaxtl6s73_qeCsjHhy3OerZ1idV63jq1mTGfxJlF-VSrDYpYsuJ02toHKpYiso1zHuuXMNiPepeR9qS8iJq3NJT0IMndqVUXaw4Eu4Q9NEiPvqn9ZxWRhCpQBktX40pmm0amfE_WRaeHm8knf5Ma_o4mzo26VUXgnBtfKskqxStUIvTwI7QHWr5nbA%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.553.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=6&pl=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp&drf=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp%3F__cf_chl_tk%3DyM5Pi9lQznwrPV3LlgCQr0gT1z74XAsxwQA1RyUiFIg-1685990902-0-gaNycGzNCns&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.553.0&bs=d1fae2b6-8ef5-40cb-87d2-8487610d8c61&userId=6e5ef08875ff4c61a695ce8915b82d05&m=link
139.45.197.243200 OK 1.9 kB URL GET HTTP/2 woovoree.net/?rb=BvoAE1Y4Sh3R7CfuOT5BSOJhgTLeDaxtl6s73_qeCsjHhy3OerZ1idV63jq1mTGfxJlF-VSrDYpYsuJ02toHKpYiso1zHuuXMNiPepeR9qS8iJq3NJT0IMndqVUXaw4Eu4Q9NEiPvqn9ZxWRhCpQBktX40pmm0amfE_WRaeHm8knf5Ma_o4mzo26VUXgnBtfKskqxStUIvTwI7QHWr5nbA%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.553.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=6&pl=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp&drf=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp%3F__cf_chl_tk%3DyM5Pi9lQznwrPV3LlgCQr0gT1z74XAsxwQA1RyUiFIg-1685990902-0-gaNycGzNCns&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.553.0&bs=d1fae2b6-8ef5-40cb-87d2-8487610d8c61&userId=6e5ef08875ff4c61a695ce8915b82d05&m=link
IP 139.45.197.243:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectwoovoree.net
FingerprintD2:A6:50:08:2E:B2:20:86:F3:77:28:9B:6D:15:4A:DA:0A:52:27:88
ValiditySat, 29 Apr 2023 08:40:42 GMT - Fri, 28 Jul 2023 08:40:41 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1870), with no line terminators
Hash c13d925c5b5ab590699ba546f266fff8
fdc7d95e265bccb8a0ef618db2fda5e886fa7ea0
52e315fa125c095c8ae42e19f2b55f4afbba90b8cae763e239eb5d3e36135fb3
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=BvoAE1Y4Sh3R7CfuOT5BSOJhgTLeDaxtl6s73_qeCsjHhy3OerZ1idV63jq1mTGfxJlF-VSrDYpYsuJ02toHKpYiso1zHuuXMNiPepeR9qS8iJq3NJT0IMndqVUXaw4Eu4Q9NEiPvqn9ZxWRhCpQBktX40pmm0amfE_WRaeHm8knf5Ma_o4mzo26VUXgnBtfKskqxStUIvTwI7QHWr5nbA%3D%3D&request_ab2=0&zoneid=3812660&js_build=iclick-v1.553.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=6&pl=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp&drf=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp%3F__cf_chl_tk%3DyM5Pi9lQznwrPV3LlgCQr0gT1z74XAsxwQA1RyUiFIg-1685990902-0-gaNycGzNCns&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.553.0&bs=d1fae2b6-8ef5-40cb-87d2-8487610d8c61&userId=6e5ef08875ff4c61a695ce8915b82d05&m=link HTTP/1.1
Host: woovoree.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Cookie: OAID=6e5ef08875ff4c61a695ce8915b82d05; oaidts=1685990910
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:31 GMT
content-type: application/json
x-trace-id: 41f38d6e84ba12a2b7305863801ab933
access-control-allow-origin: https://nsw2u.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6e5ef08875ff4c61a695ce8915b82d05; expires=Tue, 04 Jun 2024 18:48:31 GMT; path=/; secure; SameSite=None
oaidts=1685990911; expires=Tue, 04 Jun 2024 18:48:31 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 12 Jun 2023 18:48:31 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js
188.114.96.1200 OK 124 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/foundation/js/foundation.min.js
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (32024)
Size 124 kB (123510 bytes)
Hash 7ed39eb42c8c450b59a24bab9cfa7fae
7fdd3fee90709f703fac533b6061864fcd7ec206
35ddb1ce73a4ac4f4792b00c8b8c56cbf857910ada5e2a0183d898b01adc16bb
GET /wp-content/themes/posterpro/foundation/js/foundation.min.js HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
cache-control: public, max-age=16070400
expires: max-age=A10368000, public content-type: application/javascript
last-modified: Wed, 16 Nov 2022 18:49:09 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 34025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNieBOlSShueJjwjaAuVayj5wrqjUM3AFAbc2vdLQuSW%2FyLQycEgYj28%2FCcxIioRJfmXOyPeNmDp0vnP4JJnUe%2BkUUfe8WS0zYxAkxo%2BHt7pE3S72FTqXMBl7WM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97028ebafab8-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/i106.fastpic.ru/thumb/2019/0721/2d/0795a07f0fe8a32ebf04bbec027e092d.jpeg?w=640&ssl=1
192.0.77.2200 OK 5.6 kB URL GET HTTP/2 i0.wp.com/i106.fastpic.ru/thumb/2019/0721/2d/0795a07f0fe8a32ebf04bbec027e092d.jpeg?w=640&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x168, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6547bdedd3ce6f39a98fc1697f5e679f
ec7875f45415cb3f0343dbe55f8b055a60238b13
032bc0322f2bd5e3fd1eddc3f3977d7ef75f36ed301991c6a596b9b7a374166e
GET /i106.fastpic.ru/thumb/2019/0721/2d/0795a07f0fe8a32ebf04bbec027e092d.jpeg?w=640&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 5578
last-modified: Fri, 03 Feb 2023 14:53:28 GMT
expires: Mon, 03 Feb 2025 02:53:28 GMT
cache-control: public, max-age=63115200
link: <https://i106.fastpic.ru/thumb/2019/0721/2d/0795a07f0fe8a32ebf04bbec027e092d.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "63c57dfc74359733"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2