switchnsz.com Open in urlscan Pro
2606:4700:3033::681b:b5e1 Public Scan

URL:
http://switchnsz.com/
Submission: On September 02 via manual (September 2nd 2020, 3:08:15 pm UTC) from IN

Summary HTTP 58 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3033::681b:b5e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is switchnsz.com.

This is the only time switchnsz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3033::681b:b5e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.190.90.202 35.190.90.202	15169 (GOOGLE) (GOOGLE)
1	5.9.10.165 5.9.10.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
3 3	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
58	16

15 2606:4700:3033::681b:b5e1 (United States)

ASN13335 (CLOUDFLARENET, US)

switchnsz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.90.202 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 202.90.190.35.bc.googleusercontent.com

steadfastsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.10.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.10.9.5.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.77.2 (San Francisco, United States) 3 redirects

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	blogspot.com 1.bp.blogspot.com 2.bp.blogspot.com 4.bp.blogspot.com 3.bp.blogspot.com	520 KB
15	switchnsz.com switchnsz.com	64 KB
11	wp.com 3 redirects c0.wp.com stats.wp.com i0.wp.com pixel.wp.com	60 KB
5	cloudflare.com cdnjs.cloudflare.com	6 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	doubleclick.net stats.g.doubleclick.net ad.doubleclick.net	667 B
2	steadfastsystem.com steadfastsystem.com	30 KB
1	googlesyndication.com tpc.googlesyndication.com
1	gstatic.com fonts.gstatic.com	26 KB
1	a-ads.com ad.a-ads.com
1	cloudflareinsights.com static.cloudflareinsights.com	4 KB
1	googleapis.com fonts.googleapis.com	994 B
58	12

	Domain	Requested by
15	switchnsz.com	switchnsz.com static.cloudflareinsights.com c0.wp.com
6	4.bp.blogspot.com	switchnsz.com cdnjs.cloudflare.com
6	2.bp.blogspot.com	switchnsz.com cdnjs.cloudflare.com
6	c0.wp.com	switchnsz.com
5	cdnjs.cloudflare.com	switchnsz.com cdnjs.cloudflare.com
3	3.bp.blogspot.com	switchnsz.com cdnjs.cloudflare.com
3	i0.wp.com	3 redirects
3	1.bp.blogspot.com	switchnsz.com cdnjs.cloudflare.com
3	www.google-analytics.com	switchnsz.com
2	steadfastsystem.com	switchnsz.com steadfastsystem.com
1	tpc.googlesyndication.com	steadfastsystem.com
1	ad.doubleclick.net	steadfastsystem.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.wp.com	switchnsz.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ad.a-ads.com	switchnsz.com
1	static.cloudflareinsights.com	switchnsz.com
1	stats.wp.com	switchnsz.com
1	fonts.googleapis.com	switchnsz.com
58	19

This site contains links to these domains. Also see Links.

Domain
99colorthemes.com

Subject Issuer	Validity	Valid
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-20` - `2021-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
steadfastsystem.com Let's Encrypt Authority X3	`2020-08-20` - `2020-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://switchnsz.com/
Frame ID: B0199F73E8D80536F83253E7A61C8A22
Requests: 57 HTTP requests in this frame

Frame: http://ad.a-ads.com/1336869?size=468x60
Frame ID: 62E4C64CF3C8BF2168E2239026CAA6C5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: ACCE8262DFB6BBE874CC827D322FEE07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

58
Requests

74 %
HTTPS

63 %
IPv6

12
Domains

19
Subdomains

16
IPs

3
Countries

731 kB
Transfer

1266 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://99colorthemes.com/
Title: 99colorthemes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 34

https://i0.wp.com/2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg?resize=160%2C200&ssl=1 HTTP 302
https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg

Request Chain 38

http://www.google-analytics.com/plugins/ua/linkid.js HTTP 307
https://www.google-analytics.com/plugins/ua/linkid.js

Request Chain 46

https://i0.wp.com/2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg?resize=160%2C200&ssl=1 HTTP 302
https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg

Request Chain 55

https://i0.wp.com/2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg?resize=160%2C200&ssl=1 HTTP 302
https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
switchnsz.com/ 61 KB
14 KB 232ms
217ms Document
text/html 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.28
Resource Hash: 4da02d845f108286ea74c0b9b7e29154b4b0ac5cc78085b24e0b17f166585911

Request headers

Host: switchnsz.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d119a136460f364e0f239ba8477a0e6cd1599059276; expires=Fri, 02-Oct-20 15:07:56 GMT; path=/; domain=.switchnsz.com; HttpOnly; SameSite=Lax
X-Powered-By: PHP/7.2.28
Link: <https://switchnsz.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/bB9Ug>; rel=shortlink
Vary: Accept-Encoding
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 04f0f54a530000d6c50b1c0200000001
Server: cloudflare
CF-RAY: 5cc824bd5815d6c5-FRA
Content-Encoding: gzip

GET
H2 200 style.min.css
c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/ 52 KB
7 KB 76ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
last-modified: Fri, 24 Apr 2020 15:32:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Thu, 02 Sep 2021 15:07:56 GMT

GET
H/1.1 200
OK bootstrap-reboot.css
switchnsz.com/wp-content/themes/cherry-blog/assets/css/ 5 KB
2 KB 105ms
98ms Stylesheet
text/css 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/themes/cherry-blog/assets/css/bootstrap-reboot.css?ver=5.4.2
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65af136a8018835073994f517bb162cba1e1dda7388ecc0f13530a793b3de5bc

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 16 May 2020 23:19:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=16070400
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5cc824bece05c29f-FRA
Content-Length: 1718
cf-request-id: 04f0f54b380000c29fb7932200000001

GET
H/1.1 200
OK bootstrap.css
switchnsz.com/wp-content/themes/cherry-blog/assets/css/ 188 KB
25 KB 154ms
147ms Stylesheet
text/css 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/themes/cherry-blog/assets/css/bootstrap.css?ver=5.4.2
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fbb6dc3891aacaf1ffa07abec2344fdbc454aab533a2a03bcf93577eb7837b

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 16 May 2020 23:19:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=16070400
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5cc824becae9dfe7-FRA
Content-Length: 25440
cf-request-id: 04f0f54b3f0000dfe79b891200000001

GET
H2 200 css
fonts.googleapis.com/ 4 KB
994 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C400%2C600%2C700&display=swap&ver=5.4.2

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a57e0277897d019e4d6e9c2568af84a7c6026fac051920d09e4ab5342c4f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Sep 2020 15:07:56 GMT
server: ESF
date: Wed, 02 Sep 2020 15:07:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Sep 2020 15:07:56 GMT

GET
H/1.1 200
OK custom.css
switchnsz.com/wp-content/themes/cherry-blog/assets/css/ 11 KB
3 KB 110ms
103ms Stylesheet
text/css 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/themes/cherry-blog/assets/css/custom.css?ver=5.4.2
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e1c6d0076ba5330f5d257bfe19ef89ab7599c249f36295eafcb78a55833fcf7

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 16 May 2020 23:19:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=16070400
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5cc824becc86969e-FRA
Content-Length: 2551
cf-request-id: 04f0f54b390000969e52a78200000001

GET
H/1.1 200
OK style.css
switchnsz.com/wp-content/themes/cherry-blog/ 20 KB
6 KB 110ms
103ms Stylesheet
text/css 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/themes/cherry-blog/style.css?ver=5.4.2
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 206ed40cf9d4ae343677193d14775b8a86b76e51815da544584ed147a866dd15

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 16 May 2020 23:19:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=16070400
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5cc824beca721f45-FRA
Content-Length: 5394
cf-request-id: 04f0f54b3900001f45d183e200000001

GET
H2 200 dyflKYOMgWbz.css
switchnsz.com/wp-content/uploads/ztzDxJIbHQCW/ 3 KB
942 B 145ms
129ms Stylesheet
text/css 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://switchnsz.com/wp-content/uploads/ztzDxJIbHQCW/dyflKYOMgWbz.css?ver=2.2.3
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97e350bc4df961d4471a69395c8241862aafe5a5282a4e87bca6540a3d8f79da

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 18 May 2020 03:51:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 5cc824bedaa31f45-FRA
cf-request-id: 04f0f54b4300001f45de878200000001

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/8.7.1/css/ 74 KB
13 KB 75ms
24ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.7.1/css/jetpack.css

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e62c5e4f73e2790691b899a501ef20d9ba0f12f64d24c1fdc7d67705dea112e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Thu, 02 Sep 2021 15:07:56 GMT

GET
H/1.1 200
OK frontend.min.js Show response
switchnsz.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
3 KB 103ms
97ms Script
application/javascript 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend.min.js?ver=6.1.0
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 28 Jun 2020 15:50:24 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=16070400
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5cc824becbfb63dd-FRA
Content-Length: 2766
cf-request-id: 04f0f54b39000063dd08839200000001

GET
H2 200 jquery.js Show response
c0.wp.com/c/5.4.2/wp-includes/js/jquery/ 95 KB
32 KB 75ms
24ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery.js

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Thu, 02 Sep 2021 15:07:56 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.4.2/wp-includes/js/jquery/ 10 KB
4 KB 75ms
24ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Thu, 02 Sep 2021 15:07:56 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 6736
date: Wed, 02 Sep 2020 13:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Wed, 02 Sep 2020 15:15:40 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 jquery.lazyloadxt.spinner.min.css
cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/ 64 B
188 B 36ms
14ms Stylesheet
text/css 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.spinner.min.css?ver=5.4.2

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af91dcfbc72c59334f1ae2651eba3387c941a92ff916d376208a449806a7de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 758379
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59
cf-request-id: 04f0f54b5a0000c27c1984e200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
etag: "5eb03ec3-40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cc824befe24c27c-FRA
expires: Mon, 23 Aug 2021 15:07:56 GMT

GET
H/1.1 200
OK woo.css
switchnsz.com/wp-content/plugins/featured-image-from-url/includes/html/css/ 76 B
505 B 95ms
90ms Stylesheet
text/css 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/plugins/featured-image-from-url/includes/html/css/woo.css?ver=5.4.2
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0414033fcf612b5f7da12c2ec3c6ad1289929a7dd8c8650e6a8918cf714cff73

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Jul 2020 00:20:13 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=16070400
Transfer-Encoding: chunked
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
CF-RAY: 5cc824bedc56d6c5-FRA
cf-request-id: 04f0f54b4a0000d6c50b1e7200000001

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/8.7.1/_inc/build/photon/ 758 B
422 B 86ms
52ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/8.7.1/_inc/build/photon/photon.min.js

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Thu, 02 Sep 2021 15:07:56 GMT

GET
H/1.1 200
OK navigation.js Show response
switchnsz.com/wp-content/themes/cherry-blog/js/ 2 KB
1 KB 186ms
99ms Script
application/javascript 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/themes/cherry-blog/js/navigation.js?ver=20151215
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c1b0a513274f7e80a5dea859e55c394b0d729f446212f7a9c28596fc2e68625

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 16 May 2020 23:19:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=16070400
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5cc824bf5c4363dd-FRA
Content-Length: 939
cf-request-id: 04f0f54b9b000063dd0883f200000001

GET
H/1.1 200
OK custom.js Show response
switchnsz.com/wp-content/themes/cherry-blog/assets/js/ 1 KB
744 B 176ms
89ms Script
application/javascript 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/themes/cherry-blog/assets/js/custom.js?ver=5.4.2
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eff7b0e24cb91641e35fab8192a5200cf612c5843f5c6cdc182be71ba456d553

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 16 May 2020 23:19:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=16070400
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5cc824bf6f40c29f-FRA
Content-Length: 296
cf-request-id: 04f0f54b9c0000c29fb7939200000001

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
switchnsz.com/wp-content/themes/cherry-blog/js/ 685 B
865 B 195ms
103ms Script
application/javascript 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/themes/cherry-blog/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 16 May 2020 23:19:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=16070400
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5cc824bf6d0e969e-FRA
Content-Length: 417
cf-request-id: 04f0f54ba10000969e52a7c200000001

GET
H2 200 IhHUsnerqwTQ.js Show response
switchnsz.com/wp-content/uploads/ztzDxJIbHQCW/ 14 KB
4 KB 15ms
11ms Script
application/javascript 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://switchnsz.com/wp-content/uploads/ztzDxJIbHQCW/IhHUsnerqwTQ.js?ver=2.2.3
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f524b7b0a70243b47c49010400b1324a98ef12139b06b494833f9150bad9f9

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
cf-cache-status: HIT
age: 82058
cf-polished: origSize=28297
status: 200
cf-request-id: 04f0f54b4a00001f45de87a200000001
last-modified: Mon, 18 May 2020 03:51:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
cf-ray: 5cc824bedac41f45-FRA
cf-bgj: minify

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.4.2/wp-includes/js/ 1 KB
721 B 56ms
25ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.4.2/wp-includes/js/wp-embed.min.js

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT fra 2
date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Thu, 02 Sep 2021 15:07:56 GMT

GET
H2 200 jquery.lazyloadxt.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/ 2 KB
1 KB 34ms
15ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

305c7973d04b5ac7b4ad4f7f1a5d08ea73be8831fb0929949b754c92a6b49c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 758663
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1226
cf-request-id: 04f0f54b5a0000c27c1984f200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
etag: "5eb03ec3-97f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cc824befe26c27c-FRA
expires: Mon, 23 Aug 2021 15:07:56 GMT

GET
H2 200 jquery.lazyloadxt.bg.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/ 307 B
689 B 32ms
14ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.bg.min.js?ver=5.4.2

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2da0ff18cbefb989e21b2b7cef3e53d9243ccd88636559847521782d56b461e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 758935
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 207
cf-request-id: 04f0f54b5a0000c27c19850200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
etag: "5eb03ec3-133"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cc824befe28c27c-FRA
expires: Mon, 23 Aug 2021 15:07:56 GMT

GET
H2 200 jquery.lazyloadxt.srcset.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/ 1 KB
743 B 34ms
16ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.srcset.min.js?ver=5.4.2

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8987d5e6ca3fbdbafebc8e5dc115173d4ac4c6a7ca258602eafecdf04e796148

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 583452
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
cf-request-id: 04f0f54b5a0000c27c19851200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
etag: "5eb03ec3-538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cc824befe29c27c-FRA
expires: Mon, 23 Aug 2021 15:07:56 GMT

GET
H/1.1 200
OK image.js Show response
switchnsz.com/wp-content/plugins/featured-image-from-url/includes/html/js/ 3 KB
1 KB 182ms
93ms Script
application/javascript 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://switchnsz.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?3_1_8&ver=5.4.2
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c38fb4a7be3797fcaf527ed12fe8ce00759e4337a1a02bb0642c348916cdd299

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Jul 2020 00:20:13 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=16070400
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5cc824bf6c481f45-FRA
Content-Length: 923
cf-request-id: 04f0f54ba300001f45d184c200000001

GET
H2 200 e-202036.js Show response
stats.wp.com/ 9 KB
3 KB 74ms
24ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202036.js
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Sun, 29 Aug 2021 22:14:46 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 10 KB
4 KB 28ms
13ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a501b2d3e77be83e3f7464b0e39f8dcae689ca96ca1290f606caa8eb8e5c88

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:07:56 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cf-ray: 5cc824bfe9250ebb-FRA
cf-request-id: 04f0f54bec00000ebb732ba200000001

GET
H2 200 v2wglnESxay0SFLb62QsBOFWQzYbGoGBuABQJVoKQmaq2WJ5XVKvs-STqqSAhJtX8uSdZTL-kksV29O3VvZs7lndnabBU9qISsDeEfW_v9j7_GR9Duyq8T3M1dHYK Show response
steadfastsystem.com/ 95 KB
29 KB 107ms
49ms Script
text/javascript 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2wglnESxay0SFLb62QsBOFWQzYbGoGBuABQJVoKQmaq2WJ5XVKvs-STqqSAhJtX8uSdZTL-kksV29O3VvZs7lndnabBU9qISsDeEfW_v9j7_GR9Duyq8T3M1dHYK

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

5dae019c5c61b38a2100d141495156244243cfeb8c9e17e83b4e0e7764956031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "94733b844333467c99b645ee6c1f8d215a002ca82305cbd6d38ce0dee1c92ef1"
vary: Accept-Encoding, Accept-Language
x-hostname: paris
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Wed, 02 Sep 2020 15:07:56 GMT
timing-allow-origin: *

GET
H/1.1 200
OK 1336869
ad.a-ads.com/ Frame 62E4 0
0 85ms
67ms Document
text/html 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1336869?size=468x60

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

HTTP/1.1

Server

5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.10.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://switchnsz.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://switchnsz.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 02 Sep 2020 15:07:56 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
Content-Encoding: gzip

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2
fonts.gstatic.com/s/josefinsans/v16/ 26 KB
26 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v16/Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C400%2C600%2C700&display=swap&ver=5.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://switchnsz.com
Referer: https://fonts.googleapis.com/css?family=Josefin+Sans%3A300%2C400%2C600%2C700&display=swap&ver=5.4.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:06:34 GMT
server: sffe
age: 187412
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26876
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:24 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 loading.gif
cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/ 3 KB
3 KB 12ms
11ms Image
image/gif 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/loading.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.spinner.min.css?ver=5.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.spinner.min.css?ver=5.4.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:07:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 758376
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2519
cf-request-id: 04f0f54cd50000c27c1986e200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
etag: "5eb03ec3-c88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: image/gif; charset=utf-8
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cc824c15b7ac27c-FRA
expires: Mon, 23 Aug 2021 15:07:57 GMT

GET
H2 200 3.jpg
1.bp.blogspot.com/-lFAWgzTww9o/X05QMkUFWHI/AAAAAAAAT5M/Y-5UHdeIKIgwkdBkp48T1q-icRIoi1FPgCLcBGAsYHQ/s1600/ 33 KB
34 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-lFAWgzTww9o/X05QMkUFWHI/AAAAAAAAT5M/Y-5UHdeIKIgwkdBkp48T1q-icRIoi1FPgCLcBGAsYHQ/s1600/3.jpg

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fec62b3396fb05aa2473bd0bb211d3cde5b35d8cc1c38957b61f880858caffed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:00:00 GMT
x-content-type-options: nosniff
age: 477
status: 200
content-disposition: inline;filename="3.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34234
x-xss-protection: 0
server: fife
etag: "v4f96"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 02 Sep 2020 13:58:29 GMT

GET
H2 200 2.jpg
2.bp.blogspot.com/-H5WOrbdnzvg/X05QMorjJCI/AAAAAAAAT5E/5xYp5gVC_2U5BOnpPW7meTNw4W-FZgdPACLcBGAsYHQ/s1600/ 37 KB
38 KB 34ms
7ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-H5WOrbdnzvg/X05QMorjJCI/AAAAAAAAT5E/5xYp5gVC_2U5BOnpPW7meTNw4W-FZgdPACLcBGAsYHQ/s1600/2.jpg

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75d4acd1873244dacafa84618e2077a6aa0c76426bb73a0fb92b6fa0978c6225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 14:26:40 GMT
x-content-type-options: nosniff
age: 2477
status: 200
content-disposition: inline;filename="2.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38065
x-xss-protection: 0
server: fife
etag: "v4f94"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 02 Sep 2020 13:58:29 GMT

GET
H2 200 1.jpg
4.bp.blogspot.com/-tuUaTkc1I_k/X05QMnl2hCI/AAAAAAAAT5I/tgy5TIGFpfAFu8F1Pub-LOSOu5GXFtI-QCLcBGAsYHQ/s1600/ 29 KB
29 KB 32ms
6ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-tuUaTkc1I_k/X05QMnl2hCI/AAAAAAAAT5I/tgy5TIGFpfAFu8F1Pub-LOSOu5GXFtI-QCLcBGAsYHQ/s1600/1.jpg

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a1a9f03c0d83374cb2a0759c866fc8356edd9607a8b8600e7b7f0687033d66a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:00:00 GMT
x-content-type-options: nosniff
age: 477
status: 200
content-disposition: inline;filename="1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29308
x-xss-protection: 0
server: fife
etag: "v4f95"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 02 Sep 2020 13:58:29 GMT

GET
H3-Q050

200

1.jpg
2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/
Redirect Chain

https://i0.wp.com/2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg?resize=160%2C200&ssl=1
https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg

24 KB
25 KB

27ms
14ms

Image
image/jpeg

2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

944434c777dc021673e19530c6c7fc99fc14ac9739b4f37aa0aba40923ec53aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 12:07:00 GMT
x-content-type-options: nosniff
age: 10857
status: 200
content-disposition: inline;filename="1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24772
x-xss-protection: 0
server: fife
etag: "v4f8f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 03 Sep 2020 12:07:00 GMT

Redirect headers

status: 302
x-nc: EXPIRED fra 6
date: Wed, 02 Sep 2020 15:07:57 GMT
server: nginx
content-length: 138
location: https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg
content-type: text/html

GET
H2 200 3.jpg
4.bp.blogspot.com/-kBaUQ8-QUrc/X0pkLUpB8nI/AAAAAAAATyw/HrQYlMxZgGgEZgb0uSAWgyWGoEbTIaVEwCLcBGAsYHQ/s1600/ 34 KB
34 KB 37ms
11ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-kBaUQ8-QUrc/X0pkLUpB8nI/AAAAAAAATyw/HrQYlMxZgGgEZgb0uSAWgyWGoEbTIaVEwCLcBGAsYHQ/s1600/3.jpg

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3298eadb8c43a0b1eaaf129aafa4406929e5ed4bd3bb5830a512b2a37919e93d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 13:21:21 GMT
x-content-type-options: nosniff
age: 6396
status: 200
content-disposition: inline;filename="3.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35075
x-xss-protection: 0
server: fife
etag: "v4f37"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 03 Sep 2020 04:54:03 GMT

GET
H2 200 1.jpg
3.bp.blogspot.com/-BjaUHpHqZDI/X0pkLQL8yBI/AAAAAAAATy0/IgOrL8zSxegyXZM8fnu4Yur5ajRX1qNGwCLcBGAsYHQ/s320/ 15 KB
15 KB 32ms
6ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-BjaUHpHqZDI/X0pkLQL8yBI/AAAAAAAATy0/IgOrL8zSxegyXZM8fnu4Yur5ajRX1qNGwCLcBGAsYHQ/s320/1.jpg

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

20bc11bce8833489fb3916aefbb75dbc66c29a0d1d7a74d3750e6e04a982335e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 12:17:36 GMT
x-content-type-options: nosniff
age: 10221
status: 200
content-disposition: inline;filename="1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15027
x-xss-protection: 0
server: fife
etag: "v4f36"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 01 Sep 2020 17:43:43 GMT

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
215 B 48ms
28ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A8.7.1&blog=171395916&post=0&tz=0&srv=switchnsz.com&host=switchnsz.com&ref=&fcp=595&rand=0.24166107922341573
Requested by: Host: switchnsz.com
URL: http://switchnsz.com/
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Sep 2020 15:07:57 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H3-Q050

200

linkid.js Show response
www.google-analytics.com/plugins/ua/
Redirect Chain

http://www.google-analytics.com/plugins/ua/linkid.js
https://www.google-analytics.com/plugins/ua/linkid.js

2 KB
1 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 14:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 972
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 02 Sep 2020 15:51:45 GMT

Redirect headers

Location: https://www.google-analytics.com/plugins/ua/linkid.js
Non-Authoritative-Reason: HSTS

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-124900868-8&cid=312993952.1599059277&jid=1149448219&gjid=1354547761&_gid=1270995744.1599059277&_u=aGBAgUAjCAAAAE~&z=206317617

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 02 Sep 2020 15:07:57 GMT
status: 200
content-type: text/plain
access-control-allow-origin: http://switchnsz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
5ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j85&a=214792363&t=pageview&_s=1&dl=http%3A%2F%2Fswitchnsz.com%2F&ul=en-us&de=UTF-8&dt=SwitchNSZ.com%20%E2%80%93%20Download%20All%20Nintendo%20Switch%20NSZ%20NSP%20XCI%20Game%20Roms&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjC~&jid=1149448219&gjid=1354547761&cid=312993952.1599059277&tid=UA-124900868-8&_gid=1270995744.1599059277&z=1588708792

Requested by

Host: switchnsz.com
URL: http://switchnsz.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 06:54:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1843981
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Bhlcyn Show response
ad.doubleclick.net/ddm/adj/Aqov/ 11 B
585 B 61ms
41ms Script
text/javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.doubleclick.net/ddm/adj/Aqov/Bhlcyn

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2wglnESxay0SFLb62QsBOFWQzYbGoGBuABQJVoKQmaq2WJ5XVKvs-STqqSAhJtX8uSdZTL-kksV29O3VvZs7lndnabBU9qISsDeEfW_v9j7_GR9Duyq8T3M1dHYK

Protocol

HTTP/1.1

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Sep 2020 15:07:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 31
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content performance Show response
switchnsz.com/cdn-cgi/beacon/ 0
216 B 17ms
17ms XHR
text/plain 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://switchnsz.com/cdn-cgi/beacon/performance?req_id=5cc824bd5815d6c5

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

HTTP/1.1

Server

2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

Date: Wed, 02 Sep 2020 15:07:57 GMT
X-Frame-Options: SAMEORIGIN
Server: cloudflare
Connection: keep-alive
CF-RAY: 5cc824c27f50969e-FRA
cf-request-id: 04f0f54d8f0000969e52a88200000001

GET
H3-Q050 200 3.jpg
1.bp.blogspot.com/-lFAWgzTww9o/X05QMkUFWHI/AAAAAAAAT5M/Y-5UHdeIKIgwkdBkp48T1q-icRIoi1FPgCLcBGAsYHQ/s1600/ 33 KB
34 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-lFAWgzTww9o/X05QMkUFWHI/AAAAAAAAT5M/Y-5UHdeIKIgwkdBkp48T1q-icRIoi1FPgCLcBGAsYHQ/s1600/3.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fec62b3396fb05aa2473bd0bb211d3cde5b35d8cc1c38957b61f880858caffed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:00:00 GMT
x-content-type-options: nosniff
age: 477
status: 200
content-disposition: inline;filename="3.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34234
x-xss-protection: 0
server: fife
etag: "v4f96"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 02 Sep 2020 13:58:29 GMT

GET
H3-Q050 200 2.jpg
2.bp.blogspot.com/-H5WOrbdnzvg/X05QMorjJCI/AAAAAAAAT5E/5xYp5gVC_2U5BOnpPW7meTNw4W-FZgdPACLcBGAsYHQ/s1600/ 37 KB
37 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-H5WOrbdnzvg/X05QMorjJCI/AAAAAAAAT5E/5xYp5gVC_2U5BOnpPW7meTNw4W-FZgdPACLcBGAsYHQ/s1600/2.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75d4acd1873244dacafa84618e2077a6aa0c76426bb73a0fb92b6fa0978c6225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 14:26:40 GMT
x-content-type-options: nosniff
age: 2477
status: 200
content-disposition: inline;filename="2.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38065
x-xss-protection: 0
server: fife
etag: "v4f94"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 02 Sep 2020 13:58:29 GMT

GET
H3-Q050 200 1.jpg
4.bp.blogspot.com/-tuUaTkc1I_k/X05QMnl2hCI/AAAAAAAAT5I/tgy5TIGFpfAFu8F1Pub-LOSOu5GXFtI-QCLcBGAsYHQ/s1600/ 29 KB
29 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-tuUaTkc1I_k/X05QMnl2hCI/AAAAAAAAT5I/tgy5TIGFpfAFu8F1Pub-LOSOu5GXFtI-QCLcBGAsYHQ/s1600/1.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a1a9f03c0d83374cb2a0759c866fc8356edd9607a8b8600e7b7f0687033d66a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:00:00 GMT
x-content-type-options: nosniff
age: 477
status: 200
content-disposition: inline;filename="1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29308
x-xss-protection: 0
server: fife
etag: "v4f95"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 02 Sep 2020 13:58:29 GMT

GET
H3-Q050

200

1.jpg
2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/
Redirect Chain

https://i0.wp.com/2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg?resize=160%2C200&ssl=1
https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg

24 KB
24 KB

6ms
6ms

Image
image/jpeg

2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

944434c777dc021673e19530c6c7fc99fc14ac9739b4f37aa0aba40923ec53aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 12:07:00 GMT
x-content-type-options: nosniff
age: 10857
status: 200
content-disposition: inline;filename="1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24772
x-xss-protection: 0
server: fife
etag: "v4f8f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 03 Sep 2020 12:07:00 GMT

Redirect headers

status: 302
x-nc: HIT fra 6
date: Wed, 02 Sep 2020 15:07:57 GMT
server: nginx
content-length: 138
location: https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg
content-type: text/html

GET
H3-Q050 200 3.jpg
4.bp.blogspot.com/-kBaUQ8-QUrc/X0pkLUpB8nI/AAAAAAAATyw/HrQYlMxZgGgEZgb0uSAWgyWGoEbTIaVEwCLcBGAsYHQ/s1600/ 34 KB
34 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-kBaUQ8-QUrc/X0pkLUpB8nI/AAAAAAAATyw/HrQYlMxZgGgEZgb0uSAWgyWGoEbTIaVEwCLcBGAsYHQ/s1600/3.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3298eadb8c43a0b1eaaf129aafa4406929e5ed4bd3bb5830a512b2a37919e93d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 13:21:21 GMT
x-content-type-options: nosniff
age: 6396
status: 200
content-disposition: inline;filename="3.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35075
x-xss-protection: 0
server: fife
etag: "v4f37"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 03 Sep 2020 04:54:03 GMT

GET
H3-Q050 200 1.jpg
3.bp.blogspot.com/-BjaUHpHqZDI/X0pkLQL8yBI/AAAAAAAATy0/IgOrL8zSxegyXZM8fnu4Yur5ajRX1qNGwCLcBGAsYHQ/s320/ 15 KB
15 KB 29ms
15ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-BjaUHpHqZDI/X0pkLQL8yBI/AAAAAAAATy0/IgOrL8zSxegyXZM8fnu4Yur5ajRX1qNGwCLcBGAsYHQ/s320/1.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

20bc11bce8833489fb3916aefbb75dbc66c29a0d1d7a74d3750e6e04a982335e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 12:17:36 GMT
x-content-type-options: nosniff
age: 10221
status: 200
content-disposition: inline;filename="1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15027
x-xss-protection: 0
server: fife
etag: "v4f36"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 01 Sep 2020 17:43:43 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame ACCE 0
0 32ms
13ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2wglnESxay0SFLb62QsBOFWQzYbGoGBuABQJVoKQmaq2WJ5XVKvs-STqqSAhJtX8uSdZTL-kksV29O3VvZs7lndnabBU9qISsDeEfW_v9j7_GR9Duyq8T3M1dHYK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://switchnsz.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://switchnsz.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Fri, 28 Aug 2020 20:53:06 GMT
expires: Sat, 28 Aug 2021 20:53:06 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 411291
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 v2bkuLojCoTIi-685XH0dhpGA04IzrklANOw1VmfUm3HQKOGG7KVsbCllxT7tVzS55ZtEbBLSetqfNK6imoKJwL4bGvXACh9Fx-cTljOjCcWefqRB1IIpgt9St3a1x8sjc0k4F4ayNmMe Show response
steadfastsystem.com/ 216 B
609 B 94ms
36ms Fetch
application/json 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2bkuLojCoTIi-685XH0dhpGA04IzrklANOw1VmfUm3HQKOGG7KVsbCllxT7tVzS55ZtEbBLSetqfNK6imoKJwL4bGvXACh9Fx-cTljOjCcWefqRB1IIpgt9St3a1x8sjc0k4F4ayNmMe

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2wglnESxay0SFLb62QsBOFWQzYbGoGBuABQJVoKQmaq2WJ5XVKvs-STqqSAhJtX8uSdZTL-kksV29O3VvZs7lndnabBU9qISsDeEfW_v9j7_GR9Duyq8T3M1dHYK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

f86bdbf8d5143092eb3f7f486bdf598de31c33c71f57758e131e4a5a06445349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Wed, 02 Sep 2020 15:07:57 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: http://switchnsz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: paris
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Wed, 02 Sep 2020 15:07:56 GMT

POST
H2 200 admin-ajax.php Show response
switchnsz.com/wp-admin/ 0
587 B 216ms
200ms XHR
text/html 2606:4700:3033::681b:b5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://switchnsz.com/wp-admin/admin-ajax.php

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681b:b5e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.28

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 02 Sep 2020 15:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.2.28
status: 200
cf-request-id: 04f0f54f91000005bf9bad9200000001
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://switchnsz.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
cf-ray: 5cc824c5b8a105bf-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-Q050 200 3.jpg
1.bp.blogspot.com/-lFAWgzTww9o/X05QMkUFWHI/AAAAAAAAT5M/Y-5UHdeIKIgwkdBkp48T1q-icRIoi1FPgCLcBGAsYHQ/s1600/ 33 KB
33 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-lFAWgzTww9o/X05QMkUFWHI/AAAAAAAAT5M/Y-5UHdeIKIgwkdBkp48T1q-icRIoi1FPgCLcBGAsYHQ/s1600/3.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fec62b3396fb05aa2473bd0bb211d3cde5b35d8cc1c38957b61f880858caffed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:00:00 GMT
x-content-type-options: nosniff
age: 478
status: 200
content-disposition: inline;filename="3.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34234
x-xss-protection: 0
server: fife
etag: "v4f96"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 02 Sep 2020 13:58:29 GMT

GET
H3-Q050 200 2.jpg
2.bp.blogspot.com/-H5WOrbdnzvg/X05QMorjJCI/AAAAAAAAT5E/5xYp5gVC_2U5BOnpPW7meTNw4W-FZgdPACLcBGAsYHQ/s1600/ 37 KB
37 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-H5WOrbdnzvg/X05QMorjJCI/AAAAAAAAT5E/5xYp5gVC_2U5BOnpPW7meTNw4W-FZgdPACLcBGAsYHQ/s1600/2.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

75d4acd1873244dacafa84618e2077a6aa0c76426bb73a0fb92b6fa0978c6225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 14:26:40 GMT
x-content-type-options: nosniff
age: 2478
status: 200
content-disposition: inline;filename="2.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38065
x-xss-protection: 0
server: fife
etag: "v4f94"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 02 Sep 2020 13:58:29 GMT

GET
H3-Q050 200 1.jpg
4.bp.blogspot.com/-tuUaTkc1I_k/X05QMnl2hCI/AAAAAAAAT5I/tgy5TIGFpfAFu8F1Pub-LOSOu5GXFtI-QCLcBGAsYHQ/s1600/ 29 KB
29 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-tuUaTkc1I_k/X05QMnl2hCI/AAAAAAAAT5I/tgy5TIGFpfAFu8F1Pub-LOSOu5GXFtI-QCLcBGAsYHQ/s1600/1.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a1a9f03c0d83374cb2a0759c866fc8356edd9607a8b8600e7b7f0687033d66a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 15:00:00 GMT
x-content-type-options: nosniff
age: 478
status: 200
content-disposition: inline;filename="1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29308
x-xss-protection: 0
server: fife
etag: "v4f95"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 02 Sep 2020 13:58:29 GMT

GET
H3-Q050

200

1.jpg
2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/
Redirect Chain

https://i0.wp.com/2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg?resize=160%2C200&ssl=1
https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg

24 KB
24 KB

10ms
6ms

Image
image/jpeg

2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

944434c777dc021673e19530c6c7fc99fc14ac9739b4f37aa0aba40923ec53aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 12:07:00 GMT
x-content-type-options: nosniff
age: 10858
status: 200
content-disposition: inline;filename="1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24772
x-xss-protection: 0
server: fife
etag: "v4f8f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 03 Sep 2020 12:07:00 GMT

Redirect headers

status: 302
x-nc: HIT fra 6
date: Wed, 02 Sep 2020 15:07:58 GMT
server: nginx
content-length: 138
location: https://2.bp.blogspot.com/-4SCNScQxTwU/X0z5TqyAvGI/AAAAAAAAT44/wpulZ946ekQ2mfrHTPRBf_Mk4idj2aXSQCLcBGAsYHQ/s1600/1.jpg
content-type: text/html

GET
H3-Q050 200 3.jpg
4.bp.blogspot.com/-kBaUQ8-QUrc/X0pkLUpB8nI/AAAAAAAATyw/HrQYlMxZgGgEZgb0uSAWgyWGoEbTIaVEwCLcBGAsYHQ/s1600/ 34 KB
34 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-kBaUQ8-QUrc/X0pkLUpB8nI/AAAAAAAATyw/HrQYlMxZgGgEZgb0uSAWgyWGoEbTIaVEwCLcBGAsYHQ/s1600/3.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3298eadb8c43a0b1eaaf129aafa4406929e5ed4bd3bb5830a512b2a37919e93d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 13:21:21 GMT
x-content-type-options: nosniff
age: 6397
status: 200
content-disposition: inline;filename="3.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35075
x-xss-protection: 0
server: fife
etag: "v4f37"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 03 Sep 2020 04:54:03 GMT

GET
H3-Q050 200 1.jpg
3.bp.blogspot.com/-BjaUHpHqZDI/X0pkLQL8yBI/AAAAAAAATy0/IgOrL8zSxegyXZM8fnu4Yur5ajRX1qNGwCLcBGAsYHQ/s320/ 15 KB
15 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-BjaUHpHqZDI/X0pkLQL8yBI/AAAAAAAATy0/IgOrL8zSxegyXZM8fnu4Yur5ajRX1qNGwCLcBGAsYHQ/s320/1.jpg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js?ver=5.4.2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

20bc11bce8833489fb3916aefbb75dbc66c29a0d1d7a74d3750e6e04a982335e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://switchnsz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Sep 2020 12:17:36 GMT
x-content-type-options: nosniff
age: 10222
status: 200
content-disposition: inline;filename="1.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15027
x-xss-protection: 0
server: fife
etag: "v4f36"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 01 Sep 2020 17:43:43 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.switchnsz.com/	1970-01-19 12:10:59	Name: _gat Value: 1
.switchnsz.com/	1970-01-19 12:12:25	Name: _gid Value: GA1.2.1270995744.1599059277
.switchnsz.com/	1970-01-20 05:42:11	Name: _ga Value: GA1.2.312993952.1599059277
.switchnsz.com/	1970-01-19 12:54:11	Name: __cfduid Value: d119a136460f364e0f239ba8477a0e6cd1599059276

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c0.wp.com/c/5.4.2/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ad.a-ads.com
ad.doubleclick.net
c0.wp.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
pixel.wp.com
static.cloudflareinsights.com
stats.g.doubleclick.net
stats.wp.com
steadfastsystem.com
switchnsz.com
tpc.googlesyndication.com
www.google-analytics.com
172.217.16.198
192.0.76.3
192.0.77.2
192.0.77.37
2606:4700:3033::681b:b5e1
2606:4700::6810:5e41
2606:4700::6811:4e6b
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:815::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:820::2003
2a00:1450:4001:821::2001
2a00:1450:400c:c0c::9d
35.190.90.202
5.9.10.165
0414033fcf612b5f7da12c2ec3c6ad1289929a7dd8c8650e6a8918cf714cff73
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1a1a9f03c0d83374cb2a0759c866fc8356edd9607a8b8600e7b7f0687033d66a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
206ed40cf9d4ae343677193d14775b8a86b76e51815da544584ed147a866dd15
20bc11bce8833489fb3916aefbb75dbc66c29a0d1d7a74d3750e6e04a982335e
2da0ff18cbefb989e21b2b7cef3e53d9243ccd88636559847521782d56b461e8
305c7973d04b5ac7b4ad4f7f1a5d08ea73be8831fb0929949b754c92a6b49c00
3298eadb8c43a0b1eaaf129aafa4406929e5ed4bd3bb5830a512b2a37919e93d
35fbb6dc3891aacaf1ffa07abec2344fdbc454aab533a2a03bcf93577eb7837b
3e1c6d0076ba5330f5d257bfe19ef89ab7599c249f36295eafcb78a55833fcf7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4da02d845f108286ea74c0b9b7e29154b4b0ac5cc78085b24e0b17f166585911
5c1b0a513274f7e80a5dea859e55c394b0d729f446212f7a9c28596fc2e68625
5dae019c5c61b38a2100d141495156244243cfeb8c9e17e83b4e0e7764956031
65af136a8018835073994f517bb162cba1e1dda7388ecc0f13530a793b3de5bc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
75d4acd1873244dacafa84618e2077a6aa0c76426bb73a0fb92b6fa0978c6225
80a501b2d3e77be83e3f7464b0e39f8dcae689ca96ca1290f606caa8eb8e5c88
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8987d5e6ca3fbdbafebc8e5dc115173d4ac4c6a7ca258602eafecdf04e796148
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
944434c777dc021673e19530c6c7fc99fc14ac9739b4f37aa0aba40923ec53aa
97e350bc4df961d4471a69395c8241862aafe5a5282a4e87bca6540a3d8f79da
9af91dcfbc72c59334f1ae2651eba3387c941a92ff916d376208a449806a7de5
ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c38fb4a7be3797fcaf527ed12fe8ce00759e4337a1a02bb0642c348916cdd299
c4a57e0277897d019e4d6e9c2568af84a7c6026fac051920d09e4ab5342c4f8d
d6f524b7b0a70243b47c49010400b1324a98ef12139b06b494833f9150bad9f9
dab98b1d5558dd15c7db5ada4438fe03a424a7c1f5e0f29567d39a0a892bcc41
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62c5e4f73e2790691b899a501ef20d9ba0f12f64d24c1fdc7d67705dea112e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff7b0e24cb91641e35fab8192a5200cf612c5843f5c6cdc182be71ba456d553
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f86bdbf8d5143092eb3f7f486bdf598de31c33c71f57758e131e4a5a06445349
fec62b3396fb05aa2473bd0bb211d3cde5b35d8cc1c38957b61f880858caffed

switchnsz.com Open in urlscan Pro 2606:4700:3033::681b:b5e1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

74 %HTTPS

63 %IPv6

12 Domains

19 Subdomains

16 IPs

3 Countries

731 kBTransfer

1266 kBSize

4 Cookies

1 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

switchnsz.com Open in urlscan Pro
2606:4700:3033::681b:b5e1 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

74 %
HTTPS

63 %
IPv6

12
Domains

19
Subdomains

16
IPs

3
Countries

731 kB
Transfer

1266 kB
Size

4
Cookies

58 HTTP transactions
1 data transactions