nsw2u.com/doom-switch-xci-nsp
188.114.96.1403 Forbidden 4.5 kB URL User Request GET HTTP/3 nsw2u.com/doom-switch-xci-nsp
IP 188.114.96.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3311)
Hash 052918e4206bb9aff518e10bfb4c2644
2059a7d3a13407f7cc55922922156774e48543b2
9eb461569c21eeb8427a01efb2decd9ea330c79480212b1c52325ae2ccc19c46
GET /doom-switch-xci-nsp HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Mon, 05 Jun 2023 18:48:22 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySWHDrPjHARPiEHyqUFsUo8AbKoHc3TcbBherYTGnb78sIvKCyCTZNmw4fEPgeu1GrC3HuY88Vdt9B7AQoFLzq2rcp5e3Vt38xsLikZoz3nZmbzJRB62JcWAmoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d2a96e349bcb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nsw2u.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2a96e498b5fab8
188.114.96.1 42 B URL nsw2u.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2a96e498b5fab8
IP 188.114.96.1:0
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d2a96e498b5fab8 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/doom-switch-xci-nsp
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:22 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 30 May 2023 15:20:42 GMT
etag: "6476144a-2a"
server: cloudflare
cf-ray: 7d2a96e64a38fab8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 05 Jun 2023 20:48:22 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
c0.wp.com/c/6.2.2/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 291 B URL GET HTTP/2 c0.wp.com/c/6.2.2/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 1a0804b1a9d09705657f91fe7cad4c5a
feeece6f0b3e0bcf090547c475329a2772f6b26b
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
GET /c/6.2.2/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/css
content-length: 291
last-modified: Mon, 13 Feb 2023 20:50:19 GMT
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
188.114.96.1200 OK 16 kB URL GET HTTP/3 nsw2u.com/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type PNG image data, 350 x 350, 8-bit colormap, non-interlaced\012- data
Hash 134fce13c189ed0e483a1bddb6406204
eed559ac52e9731c56a1fb03eb94fc82e551bb66
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791
GET /wp-content/plugins/chp-ads-block-detector/assets/img/icon.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/png
content-length: 15671
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Mon, 15 May 2023 23:42:50 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP5l8QT5Lp%2FnuoqmPw6vXeOJzQ5v%2BVSsK%2FP5DaLIgQ7pWtfCIdvZn%2B6psaNDLhvuzz8zGmsWSeEr5VW%2BOs5YLGVJjwmx0TiFr8HH63xnX5%2Fd%2Bz3UsQWkDZOXkFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97026e9dfab8-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 11 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 55473ced46ee7b2c3ebfe99006c8fcbc
c4fcc42638388d595c03927b0661ecbf7ad69678
53981062ac0743bf339898075ec08151de47c5b0fa9039b708bd80e679f668b5
GET /images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 10874
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "60e070fa86c100a6"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.28
188.114.96.1200 OK 21 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.28
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7b5568740085d86e99a5b2b3e3451cf7
0e46d43f176a16789e65b3a786fd418fec4d1c38
c1673ed04d0735a2c9fcfcb9c77d9f19e5fc6937feb503e99090bdc24ea0eea2
GET /wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
content-length: 21
cache-control: public, max-age=16070400
cf-bgj: minify
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:18 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0toqFIGlYbtbZ4PHkPZ%2BXbbXP5O5QHNDzftqPQpGc3Xrdin%2BqBWW8PsBxxtL%2F7G0ikwNXeupsrYdmhLpvO7b3zlDn1sDjk7JqETNX7tLuSI%2FMZhNxq3ZuAogk04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702df09fab8-OSL
nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
188.114.96.1200 OK 95 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/images/ads.png
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /wp-content/plugins/ad-inserter/images/ads.png HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/png
content-length: 95
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypF6Yzg8Uzxu9rZv0ItxeIzdTb4KsmsixA1AKo2z8noCAZboFrLLGRZIwNTrO3CrNLcjmJNCspSea9ukETqqIyPtq1PRIC28aSvRzJ2OsNKAoLe9yGqUW8VPCMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702df0afab8-OSL
nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.28
188.114.96.1200 OK 22 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.28
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 41bd53fe0ee631d5cfd895e18a53291d
9d9d3c42c53ad7f906cb083a0d2d37afb4537764
dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40
GET /wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
content-length: 22
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=24
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdM%2FFnVstSlOTpwEXvXkI0Jn3Q2gHUzEtcspfpb9i5opSvce9uwSghYiFZtlz1j13m%2Fm%2BrnnV7Jq7PcwT7tKVqWM5ts4gX5IAkI1qD0p1Ka1NIz8Nqjqes6GgNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a9702df0cfab8-OSL
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 14 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2d0de84889daf001d4fe25311de7c748
438167bbd8a4da998c94107a9da9a885e60c9b35
5e05c163fb80b4076fa2986037c539ddc56d2011e5fc44f60bd0a0910f2de20e
GET /images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 14008
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669375359/243cfd1a/38654662.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "eb9b1bb61c41d633"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
192.0.77.2200 OK 32 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3dde27351094fd110611b7099df7612d
1f8633afc647ab96114d9cd7b87b2e1bd9d73fae
f7118208621987432e4309b2429b3ca26191166ec2b5b4dfab15204958f9de33
GET /images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 31608
last-modified: Sat, 25 Mar 2023 13:28:37 GMT
expires: Tue, 25 Mar 2025 01:28:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679750390/4e99e8e1/38826367.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "5948b74d64865dea"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg?ssl=1
192.0.77.2200 OK 24 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d5d00d2bddc5fc46b487ee7526be1b1
70f1125a9b148ca9ca45b8150bb0d9e64446d405
d2846967d75c27d3e1693d3f91532d1bfbb6750bcc1c544d3d9e200c34b5b3ad
GET /images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 23824
last-modified: Sat, 25 Mar 2023 10:05:58 GMT
expires: Mon, 24 Mar 2025 22:05:58 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679738619/4429b61e/38826218.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ffe38a63a8792d3c"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/03/The-Last-Spell-GoldBerg-PC.jpg?ssl=1
192.0.77.2200 OK 22 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/03/The-Last-Spell-GoldBerg-PC.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 92cbf9f8ad7b96112ce683c394cfdc91
a529da1890b74e024926b93070329875c2269e3d
9a7588c1f43249cfda1bc2d0903f2072f9237208c427ede323b4d2738323f8e6
GET /game-2u.com/wp-content/uploads/2023/03/The-Last-Spell-GoldBerg-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 21598
last-modified: Wed, 24 May 2023 00:17:23 GMT
expires: Fri, 23 May 2025 12:17:23 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/03/The-Last-Spell-GoldBerg-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7308288dd0a397e9"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1679707845/154521c0/38824712.jpg?ssl=1
192.0.77.2200 OK 12 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1679707845/154521c0/38824712.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 549x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 10a8a711c6faa0d08703483686e5b8f7
fa2a6bbfa09a005d6c900c354301c42856e11d96
c010cae4bd876aded1ddef373f4b06fb6501f4258766ea2a1d225a18580ecb0c
GET /images.vfl.ru/ii/1679707845/154521c0/38824712.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 12042
last-modified: Sat, 25 Mar 2023 01:33:02 GMT
expires: Mon, 24 Mar 2025 13:33:02 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1679707845/154521c0/38824712.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c4584129a86ae2c1"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 10 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 79b891d5bcb9e78dd5305869191dcd3d
dde0f92b92e027e9c606728ece6576923cbc52e3
d6edc51ee1a374d31a5e8b8d0520e0760b8338aab27ccdf2aa30a6a8337679fd
GET /images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 10442
last-modified: Mon, 15 May 2023 22:03:02 GMT
expires: Thu, 15 May 2025 10:03:02 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7156d99e3892042c"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 12 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aa6aea40861f4e4163b87b450cde9c7e
a88ede460723f410745c4b2451a2031550545b2e
eb9b54ea9bf370a939ae445f9a413474174f65ecff82f1dae7e09cb40687bb5b
GET /images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 11726
last-modified: Tue, 16 May 2023 17:52:37 GMT
expires: Fri, 16 May 2025 05:52:37 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922429/c6e5e3fa/38637770.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0f945ea115012a60"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1
192.0.77.2200 OK 2.7 kB URL GET HTTP/2 i0.wp.com/nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash ae58f5f8d93958f30ee4edffe1e3c6bb
7957b10b6f0faabd5ffc655a9698ca0bbc6bd708
dd21bb2f24c912107f1df2b4f6adc9ac747047e1c911a4f5319aa8966e532f1c
GET /nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png?fit=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 2734
last-modified: Fri, 28 Oct 2022 09:04:59 GMT
expires: Sun, 27 Oct 2024 21:04:59 GMT
cache-control: public, max-age=63115200
link: <https://nsw2u.com/wp-content/uploads/2022/07/cropped-nintendo-switch-logo.png>; rel="canonical"
x-content-type-options: nosniff
etag: "ab7fb3ec3d012ba6"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 7.8 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash be07a3f2db2eace56f7df3f78894fca8
8e65dbde4ea2283e2bcbb7d0d911ef861142d403
6845300d33cae612d9492b78ead6b905dc8a767f85a31676a4edceb40127845c
GET /images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 7818
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cfc6705945ce67d3"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 7.8 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e7baefad47d6e5eba8c00e698ec40a9b
2ae1da7acfe323e61bb8591bf4e21718eec0a07f
dcc5fbc1a06a25afada7603483c9bd22dbb18912e9f04b84bf58ba049ec27b88
GET /images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 7762
last-modified: Wed, 17 May 2023 13:16:59 GMT
expires: Sat, 17 May 2025 01:16:59 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "35c83120a522250c"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 6.6 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a8b7bd9d71982a5d6ccdba5d85599d82
5f016a731c8a7acb86f11f65d1d1ac39684bccde
1b4ab922121786f4c16ddb863b08b91d3c4fb9caba7ad5e7339c823d362cb1ff
GET /images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 6586
last-modified: Wed, 17 May 2023 09:09:41 GMT
expires: Fri, 16 May 2025 21:09:41 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "62f6acd8ad9d53ed"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/04/Card-Survival-Tropical-Island-v104k-PC.jpg?ssl=1
192.0.77.2200 OK 14 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/04/Card-Survival-Tropical-Island-v104k-PC.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 410f75c51e485a92a4098f7445c4475b
548fcc333f432bd29c3c97cee7da741edc3ba799
90897b670aaf6e92a9996bc5b7c790b6ba8297f1ed722f2f179521d3847811c7
GET /game-2u.com/wp-content/uploads/2023/04/Card-Survival-Tropical-Island-v104k-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 13678
last-modified: Mon, 29 May 2023 12:07:38 GMT
expires: Thu, 29 May 2025 00:07:38 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/04/Card-Survival-Tropical-Island-v104k-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "839b70c5a6b17157"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/game-2u.com/wp-content/uploads/2023/05/Absolute-Drift-v253b773-PC.jpg?ssl=1
192.0.77.2200 OK 6.0 kB URL GET HTTP/2 i0.wp.com/game-2u.com/wp-content/uploads/2023/05/Absolute-Drift-v253b773-PC.jpg?ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 241x339, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7f3069a9095359a32d3eff2f9e5339df
9e40b86f9c5773256f33c0f4d5fd72a91bce2156
351fb05724f4df4fe8472b3e8f8e9141cb217f6bfc1e1ca0b64a53ffa5385ca1
GET /game-2u.com/wp-content/uploads/2023/05/Absolute-Drift-v253b773-PC.jpg?ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 6024
last-modified: Mon, 29 May 2023 12:15:09 GMT
expires: Thu, 29 May 2025 00:15:09 GMT
cache-control: public, max-age=63115200
link: <https://game-2u.com/wp-content/uploads/2023/05/Absolute-Drift-v253b773-PC.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f7f279af8bc4a343"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1
192.0.77.2200 OK 9.7 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1bb636cbc4bf45105ea09f678ec75095
95ab741b213cdf879782c361d4b305eaa169627d
bab239986bea594efd10c82ca1bb36dab2fd45a75c18448c6ba963cc59ab41a6
GET /images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg?resize=200%2C200&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: image/webp
content-length: 9702
last-modified: Tue, 18 Oct 2022 22:29:18 GMT
expires: Fri, 18 Oct 2024 10:29:18 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1659626961/946b2a41/38516846.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3fe814ac9b579a80"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.28
188.114.96.1200 OK 23 B URL GET HTTP/3 nsw2u.com/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.28
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash e509c98a0bcad0ce8e6248ac8eb31de1
ec5fe203df631088270b5f2b0b7a85498a2aeb8b
352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63
GET /wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.28 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
content-length: 23
cache-control: public, max-age=16070400
cf-bgj: minify
cf-polished: origSize=25
expires: max-age=A10368000, public
last-modified: Fri, 14 Apr 2023 19:16:17 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0Gy6dI3w7STwK6l%2BvTmlOWrJKfCSx7X6TD9KxJCYZhr0XPC%2BSbLY7VsnGSclPr4NHu6LtRmpsvUxQv4sZoMk%2FW4%2FZJ%2B8FAX7v0hiPEVtcP4NGqGxRZd3YS0ZwU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97031f4ffab8-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.2.2
104.17.25.14200 OK 1.1 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.2.2
IP 104.17.25.14:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (3036)
Hash 94279a9a0c4060a96efcf1da47716f86
ea88b3fd8b01a8b86edfd0f4120cc9a834893018
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a
GET /ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=6.2.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 1101
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-bf7"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 512522
expires: Sat, 25 May 2024 18:48:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utPkviu0IDMOVPBTNbKrbDGg5hWQgR87of3ORtVMg%2BDWZwbZNjHJ1rNLW0x3LTB5ix9gAyP%2FbeAVOIuDzTgw4hC1u0bDNT3gqD1H%2FP41nSI0x1oorpvDAaNBl%2FGtA%2BviD8rptXmD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d2a97036f310b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.2.2
104.17.25.14200 OK 677 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.2.2
IP 104.17.25.14:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (1845)
Hash f6a3dd4ecbf227acbafcff33d68dc71d
7421115ddcd5d436b89a1fd27e0cdce5a01978e6
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
GET /ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=6.2.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 677
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-750"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1478003
expires: Sat, 25 May 2024 18:48:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qjgyg9ZzUHrXkTlX7iy84jAjG%2BQqNOewmToYScroDCzch4y%2FsOCAkhp7fA%2Bp2oMrZhrXgNbuDb55pnzuJNXE2S9yfNsUH0mNVDa0CpylAMVjLnWMw1lEhQlW6FHdMLTTDyCCUxqR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d2a97037f3a0b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.2.2
104.17.25.14200 OK 3.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.2.2
IP 104.17.25.14:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (7862)
Hash 45bacd312d5098b4b59f563d8756c15d
fa55e2cff078381e5365d95782a95a787d0b7192
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
GET /ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=6.2.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 3150
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60641588-1ed1"
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6982864
expires: Sat, 25 May 2024 18:48:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SljZxi50O3X1RTmywqHsA31N9tfyxlJfcTIi8GUILB8EiwPMnnYVd2vsULyjcOpKowZvBJiYxDDAU4Yq9YJQoJNx90%2BEKh5%2FiwPsD329JJ%2BcGWLn%2FTW66XHstay2xFbDdO8v52TK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d2a97036f360b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e0fad54cb828605d258b3a3fc3494d
1998f119ae42787f25cac22435e05b7d8a7ecbcc
fdde19b20684979988b4db7567fdb883ef8cd0438f4c4ef053bdd058011f1dbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 793e96f16cfbafdfdfd065788089310e
d306bdb5e8a019aa638d23cd45513e1310e5b53e
ff417cdcfab1cb1e2a6d3793ed1a81ad9823c3d91d919cbec3a8d333832a275f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-262573192-2
142.250.74.168200 OK 47 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-262573192-2
IP 142.250.74.168:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash af458cb325013ac8ffb5ba72eff2c257
ed411ee94f6535007b1fe7c33ee174d0a2064c07
6efaee0a208f530d16a2040d6c83fccae723ef753b0d6669f5c441cf0a948f83
GET /gtag/js?id=UA-262573192-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Jun 2023 18:48:28 GMT
expires: Mon, 05 Jun 2023 18:48:28 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Jun 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f6e0fad54cb828605d258b3a3fc3494d
1998f119ae42787f25cac22435e05b7d8a7ecbcc
fdde19b20684979988b4db7567fdb883ef8cd0438f4c4ef053bdd058011f1dbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nsw2u.com/wp-content/uploads/2023/01/5053309-scaled.jpg
188.114.96.1200 OK 165 kB URL GET HTTP/3 nsw2u.com/wp-content/uploads/2023/01/5053309-scaled.jpg
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Freepik Company S.L. - www.freepik.com], baseline, precision 8, 2560x1707, components 3\012- data
Size 165 kB (165425 bytes)
Hash 6852b036e1ca6706dfd08adb9c453a3a
a6ad87ebc00f7a3b1b7bc7b973fbb9d2d63f6cc4
f604e7f73dba65231360db90d84583e729f20d58f4b03b8e17c799e0a575c09b
GET /wp-content/uploads/2023/01/5053309-scaled.jpg HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/doom-switch-xci-nsp
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: image/jpeg
content-length: 165425
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Tue, 03 Jan 2023 15:01:38 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 34026
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERTdAqwUERGjgRedOk5qLedWSCNsKfzXHw3%2FJuorZwx22UymkQhZ9wV%2FPHrvP1dCrLyukgpi3zUTMlqGNu%2BleeIdPNg9jJ9f%2F8ndxLEKj0ZCGCLu6j4Aa4kNFLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a970a0e44fab8-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 793e96f16cfbafdfdfd065788089310e
d306bdb5e8a019aa638d23cd45513e1310e5b53e
ff417cdcfab1cb1e2a6d3793ed1a81ad9823c3d91d919cbec3a8d333832a275f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
188.114.96.1200 OK 77 kB URL GET HTTP/3 nsw2u.com/wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 188.114.96.1:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/posterpro/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/wp-content/cache/wpfc-minified/fhg2umku/6x2u.css
Cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: application/font-woff2
content-length: 77160
cache-control: public, max-age=16070400
expires: max-age=A10368000, public
last-modified: Wed, 16 Nov 2022 18:49:08 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 32870
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjcGfQsY9HxU%2B0KnX8aprIk9dqTcDpXo5X49yybq1CZZWfwMP9QmrMRmYGnorp0ux5XKcuA9HAn0S8WDOIvcSAYyG%2Fl6b1gFK%2BQzcWCUy4j%2BXuEnYrgJ%2BR9RILo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a970a5ea5fab8-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data
Hash 31a8297826cdcea344698ff952694a7f
4fa1ee4c471d1c05e9141855eec5ee09b898d594
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 11:49:35 GMT
expires: Fri, 31 May 2024 11:49:35 GMT
cache-control: public, max-age=31536000
age: 370733
last-modified: Tue, 02 May 2023 15:08:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 281 B IP 104.18.14.101:0
Hash c63c6f88cdb62edd111c712a547955dd
ae8f5a62272f21843d673259a8029260740a85d5
b5f1028dd6a066a4ab42e756d4e143d151f06df0fde36b8f5515ea6d1aee79bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 18:48:28 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Sun, 04 Jun 2023 16:43:17 GMT
Expires: Sun, 11 Jun 2023 16:43:16 GMT
Etag: "ae8f5a62272f21843d673259a8029260740a85d5"
Cache-Control: max-age=512058,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d2a970af9a6b521-OSL
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash e7e560a1588ea25ad25242200936b149
946009b90527a122f590495540ca0d02f29945ec
cc56fa95fb4433116e1625385459b3dbab6ee45fd47a0c51789d9e50dc4e01e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 18:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.wp.com/e-202322.js
192.0.76.3200 OK 78 kB IP 192.0.76.3:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash 36a5287b66e9d145da53194a97a6245a
8569750e9f82d96f556d6f549cba940b2f316d2c
ab8517f3d5171dd42a8b9c22af6a2f944b41d00e7ea54ba02b4ed71a6c59e543
GET /e-202322.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 02:56:42 GMT
vary: Accept-Encoding
etag: W/"6466e56a-3508"
content-encoding: br
expires: Sun, 26 May 2024 21:54:49 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1.1/_inc/build/sharedaddy/sharing.min.js
192.0.77.37200 OK 37 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.1.1/_inc/build/sharedaddy/sharing.min.js
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (8793), with no line terminators
Hash fdf202abd4476fbb38a872c322fe32b3
d728b2a9cc4a0875c901aa602a3920b198922b54
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
GET /p/jetpack/12.1.1/_inc/build/sharedaddy/sharing.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Mar 2023 19:14:38 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/452146/728x90?region=eu-central-1
136.243.3.135200 OK 34 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/452146/728x90?region=eu-central-1
IP 136.243.3.135:443
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/1535207?size=728x90
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 728 x 90\012- data
Hash abee5b951901db7d5808cc14c1803f86
6abd0ca0c0d8ceba10b0105d92f54e3e32e0f9d9
df3f1522e3c1cfad89800cef7a2a5b3287cccf8efaf9b509153f5481a3bc5210
GET /a-ads-banners/452146/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: image/gif
content-length: 34060
x-amz-id-2: W8d57SyUuhRyWOJS7mXyUCZDXWVyRf9i6jJBU2Xf1jtJM8isbyHutYNFg55AVgR8I5ZRvraZXEI=
x-amz-request-id: ZJAVP4PZ2ECRJPDW
x-amz-replication-status: COMPLETED
last-modified: Sat, 29 Apr 2023 12:10:47 GMT
etag: "abee5b951901db7d5808cc14c1803f86"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 76whst7qvmX0l_vkmSfQJ7pFURrIqrZI
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
ad.a-ads.com/1686449?size=728x90
136.243.3.135200 OK 17 kB URL GET HTTP/2 ad.a-ads.com/1686449?size=728x90
IP 136.243.3.135:443
ASN #24940 Hetzner Online GmbH
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 648eadbf05dae197e9d5a700c1a32e70
1396c72180081f4d4fa145ee1ef6a4f313d8044e
316f6dbc6739736c422ed3113790f0f77cca059f927dc3d5039d3617d10b3a0d
GET /1686449?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:28 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://nsw2u.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G
192.0.73.2200 OK 1.0 kB URL GET HTTP/2 1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G
IP 192.0.73.2:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type PNG image data, 25 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash fed546357e9f16dd0ee47c7ee5846ef7
eb4a7277c8e1360d0deb902644838f27a21b42de
3e75955919222f7160538b335b7cdb2b302136521aed489ba5c96e1c2bf3ab5a
GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: image/png
content-length: 1028
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=monsterid&forcedefault=y&r=G>; rel="canonical"
access-control-allow-origin: *
expires: Mon, 05 Jun 2023 18:53:29 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/hovercard.min.css?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
192.0.73.2200 OK 2.5 kB URL GET HTTP/2 0.gravatar.com/dist/css/hovercard.min.css?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e
IP 192.0.73.2:443
Requested by https://jetpack.wordpress.com/jetpack-comment/?blogid=210416615&postid=2046&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=monsterid&greeting=Leave+a+Reply&jetpack_comments_nonce=942bd713f0&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.1.1&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=59c4df3c2d8eb01365ce0e9c605e6b6d54f0758f#parent=https%3A%2F%2Fnsw2u.com%2Fdoom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint40:4E:21:9D:74:27:BC:64:DC:8B:81:06:B1:0E:76:4E:0D:AE:2B:C6
ValidityWed, 23 Nov 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (8294)
Hash d0aea95f4f393faab7ce633f634f10a7
0fca663548f134a918865d2d73b729edf1ba5dcf
b6430eb74818a1eda8c688c967c3ccf00b2139dd175e868f6c5658d58f3abd11
GET /dist/css/hovercard.min.css?ver=202323a38e82b72ca7b7f7489a6e0d2e13bda8e1ecaa4ef340fc6b01754378626ee67e HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jetpack.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 08:02:31 GMT
etag: W/"64672d17-2067"
content-encoding: br
expires: Mon, 12 Jun 2023 18:48:29 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
definedbootnervous.com/b58778756eec0903d5f657ab91f7f0a8/invoke.js
173.233.139.164403 Forbidden 0 B URL GET HTTP/1.1 definedbootnervous.com/b58778756eec0903d5f657ab91f7f0a8/invoke.js
IP 173.233.139.164:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectdefinedbootnervous.com
Fingerprint0D:1D:94:97:51:12:2A:D9:C1:7A:C8:54:33:B8:0A:23:D9:1E:10:A8
ValidityMon, 22 May 2023 01:08:45 GMT - Sun, 20 Aug 2023 01:08:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /b58778756eec0903d5f657ab91f7f0a8/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 05 Jun 2023 18:48:29 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
definedbootnervous.com/0820d72adb12696922227f6272d36ff9/invoke.js
173.233.139.164403 Forbidden 0 B URL GET HTTP/1.1 definedbootnervous.com/0820d72adb12696922227f6272d36ff9/invoke.js
IP 173.233.139.164:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectdefinedbootnervous.com
Fingerprint0D:1D:94:97:51:12:2A:D9:C1:7A:C8:54:33:B8:0A:23:D9:1E:10:A8
ValidityMon, 22 May 2023 01:08:45 GMT - Sun, 20 Aug 2023 01:08:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /0820d72adb12696922227f6272d36ff9/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 05 Jun 2023 18:48:29 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
173.233.139.164403 Forbidden 0 B URL GET HTTP/1.1 definedbootnervous.com/a45922fa4966955cecdffbdde5347ae5/invoke.js
IP 173.233.139.164:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerLet's Encrypt
Subjectdefinedbootnervous.com
Fingerprint0D:1D:94:97:51:12:2A:D9:C1:7A:C8:54:33:B8:0A:23:D9:1E:10:A8
ValidityMon, 22 May 2023 01:08:45 GMT - Sun, 20 Aug 2023 01:08:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /a45922fa4966955cecdffbdde5347ae5/invoke.js HTTP/1.1
Host: definedbootnervous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Mon, 05 Jun 2023 18:48:29 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
static.a-ads.com/a-ads-banners/406678/320x50?region=eu-central-1
136.243.3.135200 OK 406 kB URL GET HTTP/2 static.a-ads.com/a-ads-banners/406678/320x50?region=eu-central-1
IP 136.243.3.135:443
ASN #24940 Hetzner Online GmbH
Requested by https://ad.a-ads.com/2093561?size=320x50
Certificate IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type GIF image data, version 89a, 320 x 50\012- data
Size 406 kB (406165 bytes)
Hash 15fb17d0bb9a26b0a194b66c860e9d15
5cb1da4546a36e2e2b0fcd7314eff108835da726
142cecf84e332c087feffa033a2c072b4765b52057d9d895d8d46327b9066898
GET /a-ads-banners/406678/320x50?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:29 GMT
content-type: image/gif
content-length: 406165
x-amz-id-2: +o7j9KDoiLRYshymMJDpSvpuhVwlPPYW1vhFt/NUy963FK/Hb1GHtT2dtT3plFlXANGm08gaD7I=
x-amz-request-id: SPZA0R8H7NMAY6TJ
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Aug 2022 08:12:38 GMT
etag: "15fb17d0bb9a26b0a194b66c860e9d15"
cache-control: max-age=315360000
x-amz-version-id: d8z5luthmT_Tb1UUXyz2HJlU9l9GWDKK
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1.1/modules/wpgroho.js
192.0.77.37200 OK 732 B URL GET HTTP/2 c0.wp.com/p/jetpack/12.1.1/modules/wpgroho.js
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash c1fafcf478e9f5d874558524ddade40a
e6aa77fbcc1bc2739f9f3742523b7ae623e9691c
ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708
GET /p/jetpack/12.1.1/modules/wpgroho.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Jul 2020 17:06:48 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg
212.47.236.38200 OK 20 kB URL GET HTTP/1.1 images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg
IP 212.47.236.38:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerGoogle Trust Services LLC
Subject*.vfl.ru
Fingerprint42:F5:55:E7:1E:EE:A7:BD:73:66:7A:7A:ED:02:3E:54:06:11:A4:71
ValidityWed, 03 May 2023 06:14:33 GMT - Tue, 01 Aug 2023 06:14:32 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 405x155, components 3\012- data
Hash f18da1b42e09a935a23ae2c2edb6c248
56d1abe76fce57f741324ccd50d2a77cc959f03a
6c1e24df00b0eed30b44db4563966b05a63a84f8b78615b5d4988998bf5fafb5
GET /ii/1588854988/40f4425a/30440747.jpg HTTP/1.1
Host: images.vfl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 18:48:29 GMT
Content-Type: image/jpeg
Content-Length: 20041
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Thu, 07 May 2020 12:36:28 GMT
ETag: "5eb400cc-4e49"
Expires: Wed, 05 Jul 2023 18:48:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 47 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 72c12797df7d41494d8f50e61ef1ed51
39da85e92cc10c51187fa1fbd0193f2e13299371
596ccd6c81bb72f913a05e042c1948f4f091486173394f8c85be00ccfd056fb8
GET /images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 46786
last-modified: Mon, 15 May 2023 14:02:04 GMT
expires: Thu, 15 May 2025 02:02:04 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1667922247/a3e9c55a/38637769.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "962f02714fe54d76"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/12.1.1/css/jetpack.css
192.0.77.37200 OK 66 kB URL GET HTTP/2 c0.wp.com/p/jetpack/12.1.1/css/jetpack.css
IP 192.0.77.37:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4cc4e0cba17c8a9c76e0884632f9421f
9bdb840afdd68033ee0a3a8779cddcc7d71580b0
05db96d56969f90368d364da6c464ad073255964267594cb7e2b65b90d385da0
GET /p/jetpack/12.1.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 17 Apr 2023 18:32:50 GMT
content-encoding: br
expires: Tue, 04 Jun 2024 18:48:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 39 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bbbdd80b56bcb03e9714388f4c95c471
a4693886d67e62d67fcdeb0ec58e75a9fdb1449b
fbffa88f412ac959dd742b148fbed63c29114648fb3b320bdc12572fe1a09182
GET /images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 38646
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669801198/18d9647c/38657837.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "fcea96ff6e009adb"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 28 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 048ca27e9a24944c5531fa55bdb3441e
393537e6aaeb5bbe92fddfb89b1378b3aec900c9
d2152def1ec841566f8e13c94a9c15669427f69104e4118eb4f3272973f404b5
GET /images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 27668
last-modified: Wed, 17 May 2023 13:22:01 GMT
expires: Sat, 17 May 2025 01:22:01 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1669564070/c5cf1365/38655710.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "37ab1c9b59690ae3"
vary: Accept
x-nc: HIT arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 29 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3f0903e7801d2c7637954bd4fadc1c12
62918a0a952e2e44aff030874bae048197d722a5
69ae402481c759a2e1fc97b1a5e8a508ef69d695950d53ae273ae34146216b13
GET /images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg?w=1280&resize=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nsw2u.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Jun 2023 18:48:30 GMT
content-type: image/webp
content-length: 29114
last-modified: Sat, 06 May 2023 15:25:19 GMT
expires: Tue, 06 May 2025 03:25:19 GMT
cache-control: public, max-age=63115200
link: <https://images.vfl.ru/ii/1642250333/fb2e40a2/37551870.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e4320d5664e43dc6"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
nsw2u.com/doom-switch-xci-nsp
188.114.96.1403 Forbidden 131 kB URL User Request GET HTTP/3 nsw2u.com/doom-switch-xci-nsp
IP 188.114.96.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC3:E1:F1:94:E2:4D:02:FF:E7:22:0C:84:DB:E0:04:E6:FA:70:3B:41
ValidityTue, 12 Jul 2022 00:00:00 GMT - Wed, 12 Jul 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 131 kB (130927 bytes)
Hash 7ff580d9c90810ae38f229b938a500c0
67dafaadf672c8873e45cdd4bb54ce430b00c56d
f9828f52879b1b40a23d1db2674519ecf97483640e31207978642178f660dec3
POST /doom-switch-xci-nsp HTTP/1.1
Host: nsw2u.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nsw2u.com/doom-switch-xci-nsp?__cf_chl_tk=yM5Pi9lQznwrPV3LlgCQr0gT1z74XAsxwQA1RyUiFIg-1685990902-0-gaNycGzNCns
Content-Type: application/x-www-form-urlencoded
Content-Length: 2849
Origin: https://nsw2u.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 05 Jun 2023 18:48:27 GMT
content-type: text/html
set-cookie: cf_clearance=8NtV7LxXnMmKah26IYPww0KY_LVcM_RhHjdzWk._u9k-1685990902-0-160; path=/; expires=Tue, 04-Jun-24 18:48:26 GMT; domain=.nsw2u.com; HttpOnly; Secure; SameSite=None
last-modified: Sat, 03 Jun 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Fuq0NxmFysh3dlDcXusasfmun4XfaIaPhSuj3%2FphAPEYJjt%2FgTeFme%2BkleB36ABDX9IIzxO2OOzjTOMC4X%2FKuL8HJlvcV7vLv9JgkZWQxQNn3%2FTPMaNGrfcuk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d2a97000bd5fab8-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?w=1280&resize=1280&ssl=1
192.0.77.2200 OK 45 kB URL GET HTTP/2 i0.wp.com/images.vfl.ru/ii/1667485067/b3f90ee8/38633676.jpg?w=1280&resize=1280&ssl=1
IP 192.0.77.2:443
Requested by https://nsw2u.com/doom-switch-xci-nsp
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint95:BC:E9:E5:77:EA:A7:DE:2E:30:01:1E:65:1D:21:13:4F:16:69:37
ValidityMon, 14 Nov 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 432x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 72978d20622aca4524ce0ca543368087
3ebd22dea1ada7df0bc20d48bc1be9ed6c3761b6
56453928099306b6ff0cf633e1b4024a191c15ea3b9b84e8394f213a5e4fd42b