urlscan.io logo urlscan.io
SecurityTrails logo

nsw2u.xyz Open in urlscan Pro
2606:4700:e6::ac40:cf02  Public Scan

Go To Rescan Add Verdict Report
URL: https://nsw2u.xyz/
Submission Tags: falconsandbox
Submission: On September 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 85 HTTP transactions. The main IP is 2606:4700:e6::ac40:cf02, located in United States and belongs to CLOUDFLARENET, US. The main domain is nsw2u.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.
This is the only time nsw2u.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2606:4700:e6:... 13335 (CLOUDFLAR...)
8 192.0.77.37 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
17 192.0.77.2 2635 (AUTOMATTIC)
4 144.76.28.254 24940 (HETZNER-AS)
2 192.0.76.3 2635 (AUTOMATTIC)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.18.235.93 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
18 212.47.250.96 12876 (Online SAS)
85 13
24    2606:4700:e6::ac40:cf02 (United States)

ASN13335 (CLOUDFLARENET, US)
nsw2u.xyz
8    192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
i2.wp.com
i1.wp.com
4    144.76.28.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.254.28.76.144.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
18    212.47.250.96 (France)

ASN12876 (Online SAS, FR)
PTR: dionysus.semagroup.ru
images.vfl.ru
Domain Requested by
24 nsw2u.xyz nsw2u.xyz
18 images.vfl.ru
8 c0.wp.com nsw2u.xyz
6 i2.wp.com nsw2u.xyz
cdnjs.cloudflare.com
6 i0.wp.com nsw2u.xyz
5 i1.wp.com nsw2u.xyz
4 www.google-analytics.com nsw2u.xyz
www.googletagmanager.com
www.google-analytics.com
3 cdnjs.cloudflare.com nsw2u.xyz
2 static.a-ads.com ad.a-ads.com
2 www.googletagmanager.com nsw2u.xyz
www.googletagmanager.com
2 ad.a-ads.com nsw2u.xyz
1 pixel.wp.com
1 securepubads.g.doubleclick.net nsw2u.xyz
1 contextual.media.net nsw2u.xyz
1 stats.wp.com nsw2u.xyz
1 fonts.googleapis.com nsw2u.xyz
85 16
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
vfl.ru
Buypass Class 2 CA 5		 2021-07-27 -
2022-01-22		 6 months crt.sh

This page contains 6 frames:

Primary Page: https://nsw2u.xyz/
Frame ID: 075F4DE7AFCE6A425DDEBC8B1D75209A
Requests: 79 HTTP requests in this frame

Frame: https://ad.a-ads.com/1706572?size=728x90
Frame ID: BF1DDB0E6CCF8434967073A513FBD898
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1706574?size=728x90
Frame ID: AD0D4240AA9E9FAA9BB962D4AE7233AC
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/dmedianet.js
Frame ID: 0706A718428D511F8C055AFB309C73B3
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 3F8DB0E418B5C2599187DD8DE791798E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 98C1406FE92FB3C98A3D234C2A4687D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

nsw2u.xyz | Download Switch Roms eShop NSP XCI NSZ Previously Switch-xci

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

85
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

16
Subdomains

13
IPs

3
Countries

2148 kB
Transfer

3103 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nsw2u.xyz/ 		219 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a19574eb41ec2793a49eda4eaeb7277834e8289ee0f14fbc8eb2e942e80d889b

Request headers

:method
GET
:authority
nsw2u.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-type
text/html
last-modified
Sat, 25 Sep 2021 01:21:59 GMT
vary
Accept-Encoding,User-Agent
cache-control
max-age=0, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Mon, 29 Oct 1923 20:30:00 GMT
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oE3PX7I%2B5ykogPd78SWWNTRJeAbPtoeE7AFb6Kw9P4794rzeEeoPOAah189CLa%2B8BUog7YerSzjF7U2l7Y0Sac8puMLdT%2F40CFzDdm2g5axrOS6ryMPM9LwTQ9GoZNH8bBOh6z5FBH8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
694130cd7828d6b5-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 25 Sep 2022 03:33:22 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 25 Sep 2022 03:33:22 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 25 Sep 2022 03:33:22 GMT
ew5.css
nsw2u.xyz/wp-content/cache/wpfc-minified/ln4va9pi/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/cache/wpfc-minified/ln4va9pi/ew5.css
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49542f552ff88e531d47cc9a4646ee28f93ad4721e31b5ce587d563866333c2

Request headers

:path
/wp-content/cache/wpfc-minified/ln4va9pi/ew5.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7911
cf-polished
origSize=8493
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 22:07:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=659tSHrAvBrXfPjl00kUEVDznt7sXvgo0ljXWCrIOCnQpS%2F6hurEISeeBDg4Mkqa3BaCOgi0L6BXjlSYu0WRKLtjur073LkUjwwkFL7GT6S5W7XJKMe5W3hk9zHe5oMtqwbSUjLSOhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130ce187ed6b5-FRA
expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A100%2C300%2C400%2C700&ver=5.8.1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nsw2u.xyz/
Origin
https://nsw2u.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 03:33:22 GMT
server
ESF
date
Sat, 25 Sep 2021 03:33:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 Sep 2021 03:33:22 GMT
f7a.css
nsw2u.xyz/wp-content/cache/wpfc-minified/g1ng76up/ 		130 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/cache/wpfc-minified/g1ng76up/f7a.css
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46261c53d7f8e3df0765f6744df69a25199b9f81ceed92fa26f684b7f81c312f

Request headers

:path
/wp-content/cache/wpfc-minified/g1ng76up/f7a.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7910
cf-polished
origSize=137597
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 22:09:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXjEeaoWjIQwp9ATEiVgnGUCMUNiGbAJXg0MfxsW%2BY5c%2BFFI%2FDryH9wpcufisfVEZumbrfbRMmYQI%2BhlnYYL0vPw6jU0r%2BUu26wGUFylIOqcgkFxees8VNXUi6%2BhkWk6%2FW3t8XlUKCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130ce1880d6b5-FRA
expires
max-age=A10368000, public
jetpack.css
c0.wp.com/p/jetpack/10.1/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.1/css/jetpack.css
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
last-modified
Tue, 07 Sep 2021 15:38:53 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 25 Sep 2022 03:33:22 GMT
invisible.js
nsw2u.xyz/cdn-cgi/challenge-platform/h/b/scripts/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e48adbb4623d2f9b4dd235b18edf563e3ea65ee35904361b7f857136014e81

Request headers

:path
/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82iQ%2F8e%2BGpaom6tzGLm6lewMhHNNDb9XS%2FlPiltB%2BrF90HsY0XLNZZK38N2QvCwZWjqSsDXEjFgd4%2FF%2BLtWzoUSloSj9MH83bN6hrO4c7YAiIaM5QH4mjDAqfBzT%2BPrYmT9KMNm20Zc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
694130ce1882d6b5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
35945499.jpg
i0.wp.com/images.vfl.ru/ii/1632215589/d82e407f/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.vfl.ru/ii/1632215589/d82e407f/35945499.jpg?ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
f5580e0f7a851232d425ae001181da2ec46da03ee338535c9042a58cec6ede5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
x-optim-disabled
true
content-length
49891
x-nc
HIT hhn 1
last-modified
Tue, 21 Sep 2021 09:14:43 GMT
server
nginx
etag
"fd4ea4881cca9713"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1632215589/d82e407f/35945499.jpg>; rel="canonical"
expires
Thu, 21 Sep 2023 21:14:43 GMT
35905049.jpg
i0.wp.com/images.vfl.ru/ii/1631918123/81643d29/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.vfl.ru/ii/1631918123/81643d29/35905049.jpg?ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
642669fa3bdd07fe3675428cc5973d77c01b33fe964462c69c4cbb56e78e2d3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 23:00:07 GMT
server
nginx
etag
"64fc199bbc8df383"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1631918123/81643d29/35905049.jpg>; rel="canonical"
content-length
24888
expires
Mon, 18 Sep 2023 11:00:07 GMT
35904956.jpg
i2.wp.com/images.vfl.ru/ii/1631916295/dd7c82db/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/images.vfl.ru/ii/1631916295/dd7c82db/35904956.jpg?ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
22664856782800d9c1c2cd8bf0dbe70f678db70bb60963850b1e78ca635d5ca0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 22:48:01 GMT
server
nginx
etag
"4bbf2301c8c75e12"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1631916295/dd7c82db/35904956.jpg>; rel="canonical"
content-length
45558
expires
Mon, 18 Sep 2023 10:48:01 GMT
35744374.jpg
i2.wp.com/images.vfl.ru/ii/1630846786/6b651d7c/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/images.vfl.ru/ii/1630846786/6b651d7c/35744374.jpg?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3e82871c4330bc4c2f6f01a2530bdc71037f836b7e9df3eaee18777f7362c902
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Sep 2021 21:24:05 GMT
server
nginx
etag
"a340e9d267dea599"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1630846786/6b651d7c/35744374.jpg>; rel="canonical"
content-length
6624
expires
Fri, 22 Sep 2023 09:24:05 GMT
35979171.jpg
i0.wp.com/images.vfl.ru/ii/1632397389/5a6e7886/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.vfl.ru/ii/1632397389/5a6e7886/35979171.jpg?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
234b3c35f4bd1d9a1693903fe824be24ff2df43bd333c811c910b82cc9fecb12
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Sep 2021 19:01:00 GMT
server
nginx
etag
"9ebc84a5ae941a28"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1632397389/5a6e7886/35979171.jpg>; rel="canonical"
content-length
3812
expires
Sun, 24 Sep 2023 07:01:00 GMT
35987208.jpg
i2.wp.com/images.vfl.ru/ii/1632439934/4dfb59d9/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/images.vfl.ru/ii/1632439934/4dfb59d9/35987208.jpg?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
4e60204cb92ea71f80df7672586ac8962be619d8c133d07838439f5437ff279b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Sep 2021 07:08:33 GMT
server
nginx
etag
"1ddd3290c8e3d2ab"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1632439934/4dfb59d9/35987208.jpg>; rel="canonical"
content-length
8258
expires
Sun, 24 Sep 2023 19:08:33 GMT
25590816.png
i1.wp.com/images.vfl.ru/ii/1551420841/29df41b5/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/images.vfl.ru/ii/1551420841/29df41b5/25590816.png?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
1b777ddadf1fab5ce15610fa77862c5c55b926e6a1b2adb6ea6fa5656c8ffce1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Sep 2021 11:53:12 GMT
server
nginx
etag
"f80b223088732fd3"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1551420841/29df41b5/25590816.png>; rel="canonical"
content-length
56216
expires
Sun, 24 Sep 2023 23:53:12 GMT
34914802.jpg
i1.wp.com/images.vfl.ru/ii/1624390475/9eb075d0/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/images.vfl.ru/ii/1624390475/9eb075d0/34914802.jpg?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
c09b71bc13ce9d8640e4f40f794e0de30013e218c47b5ad9288c08e3ffe7e0b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Sep 2021 23:06:54 GMT
server
nginx
etag
"9f9fab576745fd25"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1624390475/9eb075d0/34914802.jpg>; rel="canonical"
content-length
9152
expires
Mon, 25 Sep 2023 11:06:54 GMT
35988486.jpg
i0.wp.com/images.vfl.ru/ii/1632461792/09233b88/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.vfl.ru/ii/1632461792/09233b88/35988486.jpg?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
6b9a65a230ecd4f450b380967db558289bb9e6ede309cfa863b8ae4a865cda60
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Sep 2021 23:04:15 GMT
server
nginx
etag
"7f764b9e0d39910a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1632461792/09233b88/35988486.jpg>; rel="canonical"
content-length
4386
expires
Mon, 25 Sep 2023 11:04:15 GMT
35549614.jpg
i0.wp.com/images.vfl.ru/ii/1629365666/626114b6/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.vfl.ru/ii/1629365666/626114b6/35549614.jpg?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
98d38b1d67a02ced6cdaf815d9b7b8a06a22a80eba4d0ae8613a91cf1354f85a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Sep 2021 23:06:54 GMT
server
nginx
etag
"0675d90279d8d7ea"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1629365666/626114b6/35549614.jpg>; rel="canonical"
content-length
6892
expires
Mon, 25 Sep 2023 11:06:54 GMT
35992992.jpg
i0.wp.com/images.vfl.ru/ii/1632480319/89c7678e/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/images.vfl.ru/ii/1632480319/89c7678e/35992992.jpg?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d4eaf0dd6ebaf5941562142ec2d5a00fd3c808d7b1c6285a047eb87e8ce566b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Sep 2021 23:06:54 GMT
server
nginx
etag
"6096e7211e07f034"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1632480319/89c7678e/35992992.jpg>; rel="canonical"
content-length
1696
expires
Mon, 25 Sep 2023 11:06:54 GMT
35923513.jpg
i1.wp.com/images.vfl.ru/ii/1632070251/209beb82/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/images.vfl.ru/ii/1632070251/209beb82/35923513.jpg?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
2e4ad7e177d3fff9e9f15842813387c0946366744b46ef7f1c633c2e8b0194b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 21:01:06 GMT
server
nginx
etag
"47cd90e5504b6763"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1632070251/209beb82/35923513.jpg>; rel="canonical"
content-length
8888
expires
Wed, 20 Sep 2023 09:01:06 GMT
35992759.jpg
i1.wp.com/images.vfl.ru/ii/1632479469/f4b976dd/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/images.vfl.ru/ii/1632479469/f4b976dd/35992759.jpg?resize=200%2C200&ssl=1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ad9ed2af18b09cd021bb204d871d659dab3bd57d1ba926c0d7fabc8b310fc161
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 25 Sep 2021 03:33:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 24 Sep 2021 23:06:54 GMT
server
nginx
etag
"1ac6e4e60325102e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1632479469/f4b976dd/35992759.jpg>; rel="canonical"
content-length
6594
expires
Mon, 25 Sep 2023 11:06:54 GMT
1706572
ad.a-ads.com/ Frame BF1D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1706572?size=728x90
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.28.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.28.76.144.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
d54a186198bc0d7d0de323d0f02c4bb48405f86aa86ed2cd06ac09439526c7be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://nsw2u.xyz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sat, 25 Sep 2021 03:33:22 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://nsw2u.xyz/
Content-Encoding
gzip
1706574
ad.a-ads.com/ Frame AD0D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1706574?size=728x90
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.28.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.28.76.144.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
77ec858ccdf63e795ef0598267e8d0b44b0570aafef9ad613d3a16862841e44a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://nsw2u.xyz/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sat, 25 Sep 2021 03:33:22 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://nsw2u.xyz/
Content-Encoding
gzip
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
ew5.css
nsw2u.xyz/wp-content/cache/wpfc-minified/kca10uv3/ 		272 B
433 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/cache/wpfc-minified/kca10uv3/ew5.css
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9277c720d84e9bd4482ce7d8b4720fafa4147fb476fab33f943dbf1d1ce2b04e

Request headers

:path
/wp-content/cache/wpfc-minified/kca10uv3/ew5.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7910
cf-polished
origSize=302
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 22:07:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20TyX7%2B1n1lhXwZnSus3qemNpLAjWQDJJM1fin8jlrTV%2BsqgUuXY1AeDFWpLa8IXkmYxq%2Fno0UA6ol%2FbsuthvLA4WwKhlRxLsgUwtwn8HS0d58MVdE4QVFdYbzjH4cJ68B%2BX9QMeu%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130ce288ed6b5-FRA
expires
max-age=A10368000, public
ads.png
nsw2u.xyz/wp-content/plugins/ad-inserter/images/ 		95 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsw2u.xyz/wp-content/plugins/ad-inserter/images/ads.png
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

:path
/wp-content/plugins/ad-inserter/images/ads.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7770
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
95
last-modified
Tue, 21 Sep 2021 05:15:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVXWSYfD%2B9Fia5RPAdaHWn6DGJQbeS34eeW8iYCwB2KyFV%2BSZ5ebMPYuHECtJ5o9qL0O11OpvV64nFVBSygcaD98NekvLE0fkFndB1fbJri0TeTe22ea9HdKpH9Y0qLtd9RLtOuqy0A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
694130ce288fd6b5-FRA
expires
max-age=A10368000, public
rocket-loader.min.js
nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Sep 2021 15:51:34 GMT
server
cloudflare
etag
W/"6149ff86-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ny5H8GVL9WIgFh2PY9PzMOCefo13QKPsD%2BmnQon0WIDIbPveX%2BMi53UBwkRDzUNPM8Xy%2BTLxJNCHlszkFPzd5%2FWLrd0z%2FQZM1uz%2BzSacYd2nK16QSJKIOrHSmQFXFXcKmtpook8gF3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
694130ce2895d6b5-FRA
vary
Accept-Encoding
expires
Mon, 27 Sep 2021 03:33:22 GMT
fontawesome-webfont.woff2
nsw2u.xyz/wp-content/themes/poster/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/themes/poster/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/wp-content/cache/wpfc-minified/g1ng76up/f7a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path
/wp-content/themes/poster/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://nsw2u.xyz
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/wp-content/cache/wpfc-minified/g1ng76up/f7a.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://nsw2u.xyz/wp-content/cache/wpfc-minified/g1ng76up/f7a.css
Origin
https://nsw2u.xyz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7770
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
last-modified
Mon, 12 Jul 2021 22:35:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4HacvLH1fmUSaNnnr6CM5ffF0QDLw7mTDK%2BdwXI2Zy0cKPQN8KeW%2FysnS8nb5S8O%2FTyK4eEJs6SuwbdrXeLVRZGaHN4ZekLKvQakSgPjlyCDU5UEOXXAEuG4sGTJQyfXAse0DUMBN0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
694130ced8e8d6b5-FRA
expires
max-age=A10368000, public
300x250.js
nsw2u.xyz/wp-content/plugins/ad-inserter/js/ 		23 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.4
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63

Request headers

:path
/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7769
cf-polished
origSize=25
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23
last-modified
Tue, 21 Sep 2021 05:15:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8F9jxeiHJnBBCole7%2Bn3icYkPhjo0avBHQ2daevPfP6h%2FMgIVH%2BKHAuN%2FOswJ8FWnvKo9nMzvRoqgzcRQC7DV64JUZ66Ke5MVPvBGigr9bX2hJNaCjJMtmN8PH8wDzRwehAn5M%2Fv53o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
694130d0097ad6b5-FRA
expires
max-age=A10368000, public
banner.js
nsw2u.xyz/wp-content/plugins/ad-inserter/js/ 		22 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.4
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40

Request headers

:path
/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7769
cf-polished
origSize=24
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22
last-modified
Tue, 21 Sep 2021 05:15:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8%2FaMP9gbGDEcYtLpKFDYsIFNxnCd%2Fl%2Bd5VZtdkZqcYSiDVRtKwRqiiFQdy6YcMc%2F1EPto9rCj8KKeFDG9hfgver9WGXERRUOUV5WSAyjhm6FvaIfGUfNT8%2BA8yHI3v7vyVVFAmD2qE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
694130d0097cd6b5-FRA
expires
max-age=A10368000, public
sponsors.js
nsw2u.xyz/wp-content/plugins/ad-inserter/js/ 		21 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.4
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7068ced7a6e29f9e6517f81bb0255f83c6f5c40da7f018fa3a2dc053de9b2699

Request headers

:path
/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7769
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21
last-modified
Tue, 21 Sep 2021 05:15:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=699Z%2FJYAP6Gut3OmLKnCmF%2B5feqiJnwQYQB%2BiYlPq597jNhhtEnBtep%2BTA4O16K16qdQ5W1fsvEkqgyI5cRbqjjACXDmzmE7D1gY3K%2BPtlA14IrcLnDdFa7AkSSTPL2HUi%2F%2F4Sl%2FpxY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
694130d0097dd6b5-FRA
expires
max-age=A10368000, public
ads.js
nsw2u.xyz/wp-content/plugins/ad-inserter/js/ 		110 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.4
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
651cbb53c3e67a452582c597784a988f2ad5db132c709c279a23ad74b9917448

Request headers

:path
/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7769
cf-polished
origSize=112
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 21 Sep 2021 05:15:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPTL9k2VQ9I46NZdD06bT%2BFCESOaplrbRAPylBrQz3JKLqh6Nw3vLVmtRZ7D3T4pGlutbGEY905KfNMHEoTJKVZ0Q9kNbVvk0NoXKlTOS3VGr16ijha4txULTZ%2Ba6swmyirBdBo8qTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d0097ed6b5-FRA
expires
max-age=A10368000, public
e-202138.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202138.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 12 Sep 2022 00:30:46 GMT
image.js
nsw2u.xyz/wp-content/plugins/featured-image-from-url/includes/html/js/ 		2 KB
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.7.3
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be787ecd75f84036f91164611448a85ecac69699d11deb0c9b7b877fe105af53

Request headers

:path
/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=3.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
cf-polished
origSize=2271
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:31:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViM3blLLhq%2Bo67FIiKvpdQqavsgj5uZLUh%2BfneecXm%2F44LsErP2XxOpiDTHBFDTVIUSuAW0SOdnCbnJMjCw1cN1jzZS1DZUQQnTllWvK048boEwxB2fipkgjF7DlavA%2BgiLl8ZAEzWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d0097fd6b5-FRA
expires
max-age=A10368000, public
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=5.8.1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
211826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3150
timing-allow-origin
*
last-modified
Wed, 31 Mar 2021 06:24:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60641588-1ed1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hty%2Bshc31lbjMdY1desMhpasvLepOftEIe3Ikd9hbS2HAlL46mfaWbbPsUydLLmu0Bhc7KAEoGKb6wLsawFxwZXH5Pi7bALvvdqeRr5T03BreEJVBblRoX9Lnr29kf9YUuhTrWSmLHlNaJ7IgJPU90xr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
694130d03f061f2d-FRA
expires
Thu, 15 Sep 2022 03:33:22 GMT
ls.bgset.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/bgset/ls.bgset.min.js?ver=5.8.1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
204322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1101
timing-allow-origin
*
last-modified
Wed, 31 Mar 2021 06:24:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60641588-bf7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeblycEfG0FV%2B4i5uU4CtXihpXwMcOEDDzkKQhOO5rVkXdcn6BlVlWp1o8h8aWtvEkpBmX6vzX7ebUwkmJNrNw1bPSC9idlhFxOopSDcIOQpoubJORbkD6rTtrELtRaMeXd3Zo8QdlRXxloij9R3T1vW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
694130d03f081f2d-FRA
expires
Thu, 15 Sep 2022 03:33:22 GMT
ls.unveilhooks.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js?ver=5.8.1
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
209948
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
677
timing-allow-origin
*
last-modified
Wed, 31 Mar 2021 06:24:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60641588-750"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWTjL14hZ72Pg%2FEtvzW7%2FR5ohSK0OcOKNYjkuUu37IvpPei%2FIbDYrbyTIJCs6CTqteTwUSV%2FTk%2BYV8gwWrudOpY0Df8xRvXWsBkmakuli4koGCNWFJGz2r1UAcCm66vUph2c8sKIyyBTYX%2Bhrq1ys6%2Bj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
694130d03f0a1f2d-FRA
expires
Thu, 15 Sep 2022 03:33:22 GMT
lazySizesConfig.js
nsw2u.xyz/wp-content/plugins/featured-image-from-url/includes/html/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=3.7.3
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab36dbce4cde7c36692fa06bef35b79cc1dc7e766aab0eea196a204eda7d78fe

Request headers

:path
/wp-content/plugins/featured-image-from-url/includes/html/js/lazySizesConfig.js?ver=3.7.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
cf-polished
origSize=2971
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 20:31:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDtfImDkcfJSjVy2kcbag8KA5iDmOg5nrlylU9fgRuGC5sN7Y5BvRVI2qItte1OSbO8mnadTtVsS1w0VpVOpbQ%2F7iUeoAmvnKQ63s5eFlHQ9Aj3H1JN1jdjTztC%2BSBo5aVJoC3k6VVs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d00981d6b5-FRA
expires
max-age=A10368000, public
wp-embed.min.js
c0.wp.com/c/5.8.1/wp-includes/js/ 		1 KB
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 25 Sep 2022 03:33:22 GMT
lazy-images.js
nsw2u.xyz/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

:path
/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 07 Sep 2021 17:15:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtLLxRgpokhEFvS3sfeBInQTTLFA3IByEi7YYiHLHJYMYexQ8%2BpH%2Bym9qYH%2FKMwXLdmW2nzHiqvNA6xOQWw8qOW0AS2PfSjOmLjvf486u139qCeChslctpv6GMqcafJfO%2FvhqRcDNaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d00982d6b5-FRA
expires
max-age=A10368000, public
intersection-observer.js
nsw2u.xyz/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550bee253a00a7e6089b3aa136a1f21d904592e93ee0740f08d4d36e4b1dcbe5

Request headers

:path
/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 07 Sep 2021 17:15:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQ3B%2F1A%2FxnoxyNgwwPgVM8V5hNlteFhZseNDlhdL1EnVcqg4XNqC1juI%2F5Y0m5CBFWPkuvcVFj2MP7szbG4BT0SUgt9TVvSXEpgjgHjTjCjJlY3LdZ8oytC829ff%2FR0wnt%2FmG9n%2FWUg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d00983d6b5-FRA
expires
max-age=A10368000, public
loadscripts.js
nsw2u.xyz/wp-content/themes/poster/js/ 		49 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/themes/poster/js/loadscripts.js?ver=1.0
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43eb4967f3f5711f5eda2d5fc4ba512f1a942bd8bb70a15a3027365497160b6

Request headers

:path
/wp-content/themes/poster/js/loadscripts.js?ver=1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
cf-polished
origSize=62
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 12 Jul 2021 22:35:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnIrZOAn60OMbN3IJGZU83yQx7ovdXoOA2sdygjd%2FseKd4cUIC6t00Jn%2BkuAe2b2OkRGDJaU7eFbJsXzgztVU%2Fqj0g6Ve05D%2F6bgrdeFLPyEKNZ8Gm7wROvGVJXn1bD8vlneQnUGxpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d00984d6b5-FRA
expires
max-age=A10368000, public
foundation.min.js
nsw2u.xyz/wp-content/themes/poster/foundation/js/ 		106 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/themes/poster/foundation/js/foundation.min.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fa3bdea50e7c47ebbcab43cbcf073745f1eb08f1dd996781c7098ec215a488

Request headers

:path
/wp-content/themes/poster/foundation/js/foundation.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 12 Jul 2021 22:35:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MheVv0oRDBnggpXY0N8rBDgEg1nh9hvns%2BeXmiCvGLCXMMSDgf0f26xblTsGRaELosp1QdsJutRMnu4jtWkM3AfbTZXPFmdNOnr5fR6VIK5oJz1%2B9t2iI6LIfKMTT%2BG%2FFwKvBZrxlmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d00985d6b5-FRA
expires
max-age=A10368000, public
foundation.core.js
nsw2u.xyz/wp-content/themes/poster/foundation/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/themes/poster/foundation/js/foundation.core.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d70382f3bf05e5893b55e8cd88979ca435c34e1fcadf16a14cf0c2fd56e35791

Request headers

:path
/wp-content/themes/poster/foundation/js/foundation.core.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
cf-polished
origSize=13696
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 12 Jul 2021 22:35:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ElORUtOWGhu828bYyceWlLVjZ%2FJzEPc8T0kiql8UBvPx8dVPagK6QOhZkmYT7%2FQ37R%2F6MQMwjOWfreEELPiTh8AF86%2BA5XmLQ5i%2BOQb6wvsYCOL91Yvm0FWey4UakEDV4SsqHiBubc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d00989d6b5-FRA
expires
max-age=A10368000, public
skip-link-focus-fix.js
nsw2u.xyz/wp-content/themes/poster/js/ 		588 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/themes/poster/js/skip-link-focus-fix.js?ver=20130115
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5

Request headers

:path
/wp-content/themes/poster/js/skip-link-focus-fix.js?ver=20130115
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
cf-polished
origSize=880
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 12 Jul 2021 22:35:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgivuXoiafN3l5PJKUJ%2F4k9851kmxRDRFaOzbi2nmUjQXfjfjlRIqzR7nPJGDaWORVd3c6ZCg4VVSsBWz0P%2BpdhaBx0bJSYSWwDmVEvrkW%2BRAlACDPfxackDfA0hqg8Xdwsuza6VZHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d0098ad6b5-FRA
expires
max-age=A10368000, public
navigation.js
nsw2u.xyz/wp-content/themes/poster/js/ 		1 KB
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/wp-content/themes/poster/js/navigation.js?ver=20120206
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975fcd769077c94bff0b689fbe3ad59e461ea7c948870bd979d21ad4716ecee9

Request headers

:path
/wp-content/themes/poster/js/navigation.js?ver=20120206
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
cf-polished
origSize=2279
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 12 Jul 2021 22:35:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx6ruSGAFAgRowczer1FoDCEy8TTDjjLIckBjWwnxG4nPiHJieCOgYu1Fpn7XmI9s9REkA32LByYzTNBw2tK4roHLjSUE%2BsiYdRvT6jfz3cwgdCWCT5Asc%2BlD3AzJZp22SvLqhSx4s0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
cf-ray
694130d0098bd6b5-FRA
expires
max-age=A10368000, public
photon.min.js
c0.wp.com/p/jetpack/10.1/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.1/_inc/build/photon/photon.min.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 25 Sep 2022 03:33:22 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-124900868-13
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2794ba33ebbcdc2df8cd1860c0c83433ebbc5391bc128a4abba996822f1897dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39241
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 25 Sep 2021 03:33:22 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 25 Sep 2022 03:33:22 GMT
jquery.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Sun, 25 Sep 2022 03:33:22 GMT
dmedianet.js
contextual.media.net/ Frame 0706 		125 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d1f8e9e55c7b2c2939397b42094667b21443e6f2acee6c2695fd001668c50b1f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/dmedianet.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
object
referer
https://nsw2u.xyz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/

Response headers

server
Apache
content-type
text/javascript; charset=utf-8
set-cookie
gdpr_status=1; Expires=Tue, 29 Mar 2022 03:33:22 GMT; domain=.media.net; Path=/; Samesite=None; Secure;
x-mnt-h
10-6
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-w
8-11
etag
"992869fe16abe09b324a8cb2660a7204"
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=300
expires
Sat, 25 Sep 2021 03:38:23 GMT
date
Sat, 25 Sep 2021 03:33:23 GMT
analytics.js
www.google-analytics.com/ Frame 3F8D 		48 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.google-analytics.com
:scheme
https
:path
/analytics.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
object
referer
https://nsw2u.xyz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 25 Sep 2021 02:52:00 GMT
expires
Sat, 25 Sep 2021 04:52:00 GMT
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
x-content-type-options
nosniff
content-type
text/javascript
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
Golfe2
content-length
19747
age
2482
cache-control
public, max-age=7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 98C1 		73 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
389e8e92a2c5ec60237daf64bbca63e5eab2192578723c6022a1343ac857a3b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
securepubads.g.doubleclick.net
:scheme
https
:path
/tag/js/gpt.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
object
referer
https://nsw2u.xyz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/

Response headers

vary
Accept-Encoding
content-encoding
gzip
content-type
text/javascript
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
25702
date
Sat, 25 Sep 2021 03:33:22 GMT
expires
Sat, 25 Sep 2021 03:33:22 GMT
cache-control
private, max-age=900, stale-while-revalidate=3600
etag
"997 / 646 of 1000 / last-modified: 1632522815"
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pica.js
nsw2u.xyz/cdn-cgi/challenge-platform/h/b/scripts/ 		22 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1d77d5fb29ac35ab0a6646d174265877681a36d8470a9d4f8e800446bbf144

Request headers

:path
/cdn-cgi/challenge-platform/h/b/scripts/pica.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
same-origin
accept
*/*
cache-control
no-cache
sec-fetch-dest
worker
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BE7thpLC%2BmMPsRmxd8gcx%2F6WR42J59v9HjPG8w8x21s6FeX42z4ONmUfd5ikYGe0B8orTzDXMeTg8aMrTl9708M1cmdneXoInovPazgxB%2BLf%2BCUKR%2FDejdizO3saL%2BzXjGA7JmZ7RRM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
694130d0399bd6b5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
728x90
static.a-ads.com/a-ads-banners/117619/ Frame BF1D 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117619/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1706572?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.28.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.28.76.144.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:22 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
9WQTF2491AGRXG5V
ETag
"8df22bfbf1b66e4d461cc595236e19c5"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
125388
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
0fATWmKYpJSZr5TJ6jtiSoqDotlI3uSs
x-amz-id-2
NoBuDt1Q159sTPCGythzTiMegwuoCAeyUkgut/L8+RMSie8qMyxfnqZIU7cj1ZWg40B4bEjofp8=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
728x90
static.a-ads.com/a-ads-banners/117619/ Frame AD0D 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117619/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1706574?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.28.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.28.76.144.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:22 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
9WQTF2491AGRXG5V
ETag
"8df22bfbf1b66e4d461cc595236e19c5"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
125388
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
0fATWmKYpJSZr5TJ6jtiSoqDotlI3uSs
x-amz-id-2
NoBuDt1Q159sTPCGythzTiMegwuoCAeyUkgut/L8+RMSie8qMyxfnqZIU7cj1ZWg40B4bEjofp8=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame BF1D 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AD0D 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124900868-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2483
date
Sat, 25 Sep 2021 02:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 25 Sep 2021 04:52:00 GMT
js
www.googletagmanager.com/gtag/ 		104 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MKP758ZF6M&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124900868-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e5dab9c0d544ca4af16101c92c738300cedb90e8d91fb6bd7a63c4c8f8f4846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42637
x-xss-protection
0
expires
Sat, 25 Sep 2021 03:33:23 GMT
collect
www.google-analytics.com/j/ 		1 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=732852858&t=pageview&_s=1&dl=https%3A%2F%2Fnsw2u.xyz%2F&ul=en-us&de=UTF-8&dt=nsw2u.xyz%20%7C%20Download%20Switch%20Roms%20eShop%20NSP%20XCI%20NSZ%20Previously%20Switch-xci&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=182779388&gjid=109215824&cid=1145672917.1632540803&tid=UA-124900868-13&_gid=1386278968.1632540803&_r=1&gtm=2ou9m0&did=dZTNiMT&z=1533947680
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nsw2u.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 03:33:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nsw2u.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MKP758ZF6M&gtm=2oe9m0&_p=732852858&sr=1600x1200&ul=en-us&cid=1145672917.1632540803&_s=1&dl=https%3A%2F%2Fnsw2u.xyz%2F&dt=nsw2u.xyz%20%7C%20Download%20Switch%20Roms%20eShop%20NSP%20XCI%20NSZ%20Previously%20Switch-xci&sid=1632540803&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MKP758ZF6M&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nsw2u.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 03:33:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nsw2u.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=195475189&post=0&tz=1&srv=nsw2u.xyz&host=nsw2u.xyz&ref=&fcp=439&rand=0.8486981443806794
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:23 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
cropped-NSW2U.xyz-switch-xci.png
i2.wp.com/nsw2u.xyz/wp-content/uploads/2021/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/nsw2u.xyz/wp-content/uploads/2021/07/cropped-NSW2U.xyz-switch-xci.png?w=327&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
1d7864ba669d1d3d2c7f21dd11a02c3156b6f958b9ef9b07389c10614e600710
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 25 Sep 2021 03:33:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Jul 2021 23:23:40 GMT
server
nginx
etag
"3ae7ddb64dfda1b7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nsw2u.xyz/wp-content/uploads/2021/07/cropped-NSW2U.xyz-switch-xci.png>; rel="canonical"
content-length
3798
expires
Thu, 13 Jul 2023 11:23:40 GMT
35987208.jpg
images.vfl.ru/ii/1632439934/4dfb59d9/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1632439934/4dfb59d9/35987208.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
9ab93253707fba9585ccce1f2c52eeda67dedf3f28d0e39582b13794138e60a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Thu, 23 Sep 2021 23:32:14 GMT
Server
nginx
ETag
"614d0e7e-c97c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
51580
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35979171.jpg
images.vfl.ru/ii/1632397389/5a6e7886/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1632397389/5a6e7886/35979171.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
9aff56a3c0fa862e24f901de45e4520cf142f2ad9754bab9d9ee73f8244e9be6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Thu, 23 Sep 2021 11:43:10 GMT
Server
nginx
ETag
"614c684e-7033"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
28723
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35744374.jpg
images.vfl.ru/ii/1630846786/6b651d7c/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1630846786/6b651d7c/35744374.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
0f5f979303062157b31c68552bdc0c68ffa58ae12251f6aa25ec47e4f74de507

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Sun, 05 Sep 2021 12:59:46 GMT
Server
nginx
ETag
"6134bf42-b2a0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
45728
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35922712.jpg
images.vfl.ru/ii/1632066777/070de5bd/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1632066777/070de5bd/35922712.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
b9d458bfe729b53a412f3f6785efb8030fa6eda4ef88df11c855cf3286b0c381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Sun, 19 Sep 2021 15:52:57 GMT
Server
nginx
ETag
"61475cd9-9563"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
38243
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35923513.jpg
images.vfl.ru/ii/1632070251/209beb82/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1632070251/209beb82/35923513.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
63ce390609f0c0606728cdeaf3edd0515c3687120422b28e0120afb96ddcbf8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Sun, 19 Sep 2021 16:50:51 GMT
Server
nginx
ETag
"61476a6b-c7cc"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
51148
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35878581.jpg
images.vfl.ru/ii/1631730857/36f16ce1/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1631730857/36f16ce1/35878581.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
04a94a8c51d8ef3425459f5dab0cd6d751f86607a020aa060246ec1fffb0f4cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Wed, 15 Sep 2021 18:34:17 GMT
Server
nginx
ETag
"61423ca9-b818"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
47128
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35809235.jpg
images.vfl.ru/ii/1631273348/bde7bb98/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1631273348/bde7bb98/35809235.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
585f2627cfd4164dc977907cd154031151ff000fa563127750fb327a1ab1328f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Fri, 10 Sep 2021 11:29:08 GMT
Server
nginx
ETag
"613b4184-d0de"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
53470
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35654562.jpg
images.vfl.ru/ii/1630114583/a1872540/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1630114583/a1872540/35654562.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
337b2a418757394cab924ef578908e8432f9f9ea8daa04c6c1786dd87b679937

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Sat, 28 Aug 2021 01:36:23 GMT
Server
nginx
ETag
"61299317-6eb3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
28339
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35560016.jpg
images.vfl.ru/ii/1629435489/4b4778a0/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1629435489/4b4778a0/35560016.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
a39d901319885110b207c6184d62708b366a6916f9dc3b7999bcbe5f2f794acd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Fri, 20 Aug 2021 04:58:09 GMT
Server
nginx
ETag
"611f3661-df49"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
57161
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35549614.jpg
images.vfl.ru/ii/1629365666/626114b6/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1629365666/626114b6/35549614.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
c4a6789a6bcf3b1073ff5bdf7bcb94a7a5d3d77538801666c1afa818064e37af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Thu, 19 Aug 2021 09:34:26 GMT
Server
nginx
ETag
"611e25a2-9c95"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
40085
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35393788.jpg
images.vfl.ru/ii/1628149185/a0f8372f/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1628149185/a0f8372f/35393788.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
a3b69fd23ff26fea8705e88916f792b8148ad6f8b47efbaca9d460923b86f2ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Thu, 05 Aug 2021 07:39:45 GMT
Server
nginx
ETag
"610b95c1-c5a1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
50593
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35232576.jpg
images.vfl.ru/ii/1626872594/072d1a3a/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1626872594/072d1a3a/35232576.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
aa083605e9883d151567274cb5e6fb7df54b70e2e3cebd4d2d15212ea11758ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Wed, 21 Jul 2021 13:03:14 GMT
Server
nginx
ETag
"60f81b12-b96c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
47468
Expires
Mon, 25 Oct 2021 03:33:28 GMT
34914802.jpg
images.vfl.ru/ii/1624390475/9eb075d0/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1624390475/9eb075d0/34914802.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
84ae3907bc55a4b8a84a4ac86616b3d313f20730d68b0bc839a7d8e4bc82a180

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Tue, 22 Jun 2021 19:34:35 GMT
Server
nginx
ETag
"60d23b4b-10836"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
67638
Expires
Mon, 25 Oct 2021 03:33:28 GMT
34503680.jpg
images.vfl.ru/ii/1621373737/d5d5d748/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1621373737/d5d5d748/34503680.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
7212884525878e0c5530915e679ab337a2e784c01c7e2b37ab69722d51bfc561

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Tue, 18 May 2021 21:35:37 GMT
Server
nginx
ETag
"60a43329-d601"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
54785
Expires
Mon, 25 Oct 2021 03:33:28 GMT
32592810.png
i1.wp.com/images.vfl.ru/ii/1607429100/963a3318/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/images.vfl.ru/ii/1607429100/963a3318/32592810.png?resize=480%2C134&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
0ee5e0d1c68e57e7db4aedb96b1b0898a65764c7b93032ba0e06a030cbd11709
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sat, 25 Sep 2021 03:33:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Dec 2020 12:08:26 GMT
server
nginx
etag
"6e5448365d4337a5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1607429100/963a3318/32592810.png>; rel="canonical"
content-length
12712
expires
Fri, 09 Dec 2022 00:08:26 GMT
30440747.jpg
i2.wp.com/images.vfl.ru/ii/1588854988/40f4425a/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg?resize=405%2C155&ssl=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
71b4306eb14d4d3b41e0f5355ec46c5981e8ccff950e9fd831f1925e302de598
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 25 Sep 2021 03:33:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 08:10:28 GMT
server
nginx
etag
"3697bd2c3735bb17"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://images.vfl.ru/ii/1588854988/40f4425a/30440747.jpg>; rel="canonical"
content-length
7956
expires
Sat, 05 Nov 2022 20:10:28 GMT
33819499.jpg
images.vfl.ru/ii/1616696837/40aacd1e/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1616696837/40aacd1e/33819499.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
a0d0c0cca8423e9e24f06d1ecb1b915f8be050974969fe6b934b5711c6c8e009

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Thu, 25 Mar 2021 18:27:17 GMT
Server
nginx
ETag
"605cd605-b831"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
47153
Expires
Mon, 25 Oct 2021 03:33:28 GMT
33601189.jpg
images.vfl.ru/ii/1615220742/906da1b3/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1615220742/906da1b3/33601189.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
f4b20b2736e401f1f5de493008ef50755fdf45b5b29c7980d9ce547a9b84449f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Mon, 08 Mar 2021 16:25:42 GMT
Server
nginx
ETag
"60465006-803d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
32829
Expires
Mon, 25 Oct 2021 03:33:28 GMT
35838337.jpg
images.vfl.ru/ii/1631467790/9d7f16f3/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1631467790/9d7f16f3/35838337.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
c8012a349a01ea08a90083b3b7adec11eaa29ea07ba21e5cf9ca2a6a68611a0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Sun, 12 Sep 2021 17:29:50 GMT
Server
nginx
ETag
"613e390e-ebf5"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
60405
Expires
Mon, 25 Oct 2021 03:33:28 GMT
29222156.png
images.vfl.ru/ii/1579188104/2eae594e/ 		369 KB
369 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.vfl.ru/ii/1579188104/2eae594e/29222156.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.47.250.96 , France, ASN12876 (Online SAS, FR),
Reverse DNS
dionysus.semagroup.ru
Software
nginx /
Resource Hash
1d5a1ec47e7b01b10963fc81079df8c0a721cfece1015b192e5bab53ba78b82a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 25 Sep 2021 03:33:28 GMT
Last-Modified
Thu, 16 Jan 2020 15:21:45 GMT
Server
nginx
ETag
"5e207f89-5c493"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
378003
Expires
Mon, 25 Oct 2021 03:33:28 GMT
cropped-NSW2U.xyz-switch-xci.png
i2.wp.com/nsw2u.xyz/wp-content/uploads/2021/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/nsw2u.xyz/wp-content/uploads/2021/07/cropped-NSW2U.xyz-switch-xci.png?w=327&ssl=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js?ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
1d7864ba669d1d3d2c7f21dd11a02c3156b6f958b9ef9b07389c10614e600710
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 25 Sep 2021 03:33:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Jul 2021 23:23:40 GMT
server
nginx
etag
"3ae7ddb64dfda1b7"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nsw2u.xyz/wp-content/uploads/2021/07/cropped-NSW2U.xyz-switch-xci.png>; rel="canonical"
content-length
3798
expires
Thu, 13 Jul 2023 11:23:40 GMT
loading.gif
nsw2u.xyz/wp-content/plugins/featured-image-from-url/includes/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsw2u.xyz/wp-content/plugins/featured-image-from-url/includes/images/loading.gif
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/wp-content/cache/wpfc-minified/kca10uv3/ew5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Request headers

:path
/wp-content/plugins/featured-image-from-url/includes/images/loading.gif
pragma
no-cache
cookie
_gid=GA1.2.1386278968.1632540803; _gat_gtag_UA_124900868_13=1; _ga_MKP758ZF6M=GS1.1.1632540803.1.0.1632540803.0; _ga=GA1.1.1145672917.1632540803
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/wp-content/cache/wpfc-minified/kca10uv3/ew5.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nsw2u.xyz/wp-content/cache/wpfc-minified/kca10uv3/ew5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:33:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3208
last-modified
Mon, 20 Sep 2021 20:31:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMV6hKx0RUrc07br7z0LJU9YhKboUDguxQ%2Fqp6nntIodE1V2bwZLht0FRidMnRoZQeDRqcAEqmY5KQ9z2wRxnjA9MzGy%2F1F8WgnOeA2x4a4bv1lv4Jti%2FCkSO6IKYvgpOUYt1MaF3JA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=16070400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
694130d4bc13d6b5-FRA
expires
max-age=A10368000, public
result
nsw2u.xyz/cdn-cgi/challenge-platform/h/b/cv/ 		2 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nsw2u.xyz/cdn-cgi/challenge-platform/h/b/cv/result?req_id=694130cd7828d6b5
Requested by
Host: nsw2u.xyz
URL: https://nsw2u.xyz/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cf02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-fetch-mode
cors
origin
https://nsw2u.xyz
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_gid=GA1.2.1386278968.1632540803; _gat_gtag_UA_124900868_13=1; _ga_MKP758ZF6M=GS1.1.1632540803.1.0.1632540803.0; _ga=GA1.1.1145672917.1632540803
content-length
14317
:path
/cdn-cgi/challenge-platform/h/b/cv/result?req_id=694130cd7828d6b5
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
nsw2u.xyz
referer
https://nsw2u.xyz/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://nsw2u.xyz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 Sep 2021 03:33:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBYuwtBiepn5PAcBEXpjJehFBCPmrnRTRfWdrY%2BKdA4tAbSTrvEFcKr3L2%2FBG0Ipy51k1D13TnKHMUc1kzwe%2FeXt1KgDtaCN6u%2FMDsyrYsAHDak1yft6l%2FZIVweECpre4TvPEHsTlmk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
set-cookie
__cf_bm=jpCPu.Ol0r2jDsrmGB2ya5h6szsxpDz8QoBZSaOOCzM-1632540803-0-AcxMd4Y2WPpmsBMxBicQWyBop1X5x/YlhnDdgiqB/CBvQNczREdOijZBEic5W3iCQoVbeNfTrBrtYZeHZWFfAkm6eV6CXAjiv1YzyFcN2TcDzqaBetuGIci1g032miWlFg==; path=/; expires=Sat, 25-Sep-21 04:03:23 GMT; domain=.nsw2u.xyz; HttpOnly; Secure; SameSite=None
cf-ray
694130d76d60d6b5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect boolean| originAgentCluster object| __CF$cv$params object| __cfQR function| __cf_worker_run_after_load function| __cf_run_after_load undefined| $ function| jQuery function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| Foundation function| _classCallCheck function| _createClass object| jetpackLazyImagesL10n object| wp function| fifu_lazy function| fifu_add_lazyload function| fifu_add_placeholder function| fifu_add_srcset function| fifu_get_delimiter function| fifu_get_delimited_url object| lazySizesConfig object| gaplugins object| gaGlobal object| gaData object| lazySizes object| fifuImageVars function| disableClick function| disableLink function| fifu_fix_gallery_height object| _stq function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| MobileDetect function| ai_adb_detection_type_log function| ai_adb_detection_type boolean| ai_js_code boolean| __cfRLUnblockHandlers object| e boolean| abbbbadc boolean| ad_banner boolean| ad_300x250 function| st_go function| linktracker_init object| wpcom undefined| clazz string| src undefined| datasrc object| types function| ai_process_lists boolean| ai_debugging_active number| ai_dummy

6 Cookies

Domain/Path Name / Value
.media.net/ Name: gdpr_status
Value: 1
.nsw2u.xyz/ Name: _gid
Value: GA1.2.1386278968.1632540803
.nsw2u.xyz/ Name: _gat_gtag_UA_124900868_13
Value: 1
.nsw2u.xyz/ Name: _ga_MKP758ZF6M
Value: GS1.1.1632540803.1.0.1632540803.0
.nsw2u.xyz/ Name: _ga
Value: GA1.1.1145672917.1632540803
.nsw2u.xyz/ Name: __cf_bm
Value: jpCPu.Ol0r2jDsrmGB2ya5h6szsxpDz8QoBZSaOOCzM-1632540803-0-AcxMd4Y2WPpmsBMxBicQWyBop1X5x/YlhnDdgiqB/CBvQNczREdOijZBEic5W3iCQoVbeNfTrBrtYZeHZWFfAkm6eV6CXAjiv1YzyFcN2TcDzqaBetuGIci1g032miWlFg==

1 Console Messages

Source Level URL
Text
deprecation warning URL: https://nsw2u.xyz/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
c0.wp.com
cdnjs.cloudflare.com
contextual.media.net
fonts.googleapis.com
i0.wp.com
i1.wp.com
i2.wp.com
images.vfl.ru
nsw2u.xyz
pixel.wp.com
securepubads.g.doubleclick.net
static.a-ads.com
stats.wp.com
www.google-analytics.com
www.googletagmanager.com
142.250.186.162
144.76.28.254
192.0.76.3
192.0.77.2
192.0.77.37
2.18.235.93
212.47.250.96
2606:4700::6810:125e
2606:4700:e6::ac40:cf02
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2008
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04a94a8c51d8ef3425459f5dab0cd6d751f86607a020aa060246ec1fffb0f4cf
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0ee5e0d1c68e57e7db4aedb96b1b0898a65764c7b93032ba0e06a030cbd11709
0f5f979303062157b31c68552bdc0c68ffa58ae12251f6aa25ec47e4f74de507
1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05
1b777ddadf1fab5ce15610fa77862c5c55b926e6a1b2adb6ea6fa5656c8ffce1
1d5a1ec47e7b01b10963fc81079df8c0a721cfece1015b192e5bab53ba78b82a
1d7864ba669d1d3d2c7f21dd11a02c3156b6f958b9ef9b07389c10614e600710
22664856782800d9c1c2cd8bf0dbe70f678db70bb60963850b1e78ca635d5ca0
234b3c35f4bd1d9a1693903fe824be24ff2df43bd333c811c910b82cc9fecb12
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2794ba33ebbcdc2df8cd1860c0c83433ebbc5391bc128a4abba996822f1897dd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e4ad7e177d3fff9e9f15842813387c0946366744b46ef7f1c633c2e8b0194b6
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
337b2a418757394cab924ef578908e8432f9f9ea8daa04c6c1786dd87b679937
352ea4dd2d545563bef7eb0ba6d6ebfe4bc9d9e51ab00d9c925cb9e103edee63
389e8e92a2c5ec60237daf64bbca63e5eab2192578723c6022a1343ac857a3b8
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
3e82871c4330bc4c2f6f01a2530bdc71037f836b7e9df3eaee18777f7362c902
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
46261c53d7f8e3df0765f6744df69a25199b9f81ceed92fa26f684b7f81c312f
4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25
4e60204cb92ea71f80df7672586ac8962be619d8c133d07838439f5437ff279b
550bee253a00a7e6089b3aa136a1f21d904592e93ee0740f08d4d36e4b1dcbe5
585f2627cfd4164dc977907cd154031151ff000fa563127750fb327a1ab1328f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
63ce390609f0c0606728cdeaf3edd0515c3687120422b28e0120afb96ddcbf8c
642669fa3bdd07fe3675428cc5973d77c01b33fe964462c69c4cbb56e78e2d3b
651cbb53c3e67a452582c597784a988f2ad5db132c709c279a23ad74b9917448
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9a65a230ecd4f450b380967db558289bb9e6ede309cfa863b8ae4a865cda60
6c1d77d5fb29ac35ab0a6646d174265877681a36d8470a9d4f8e800446bbf144
6e5dab9c0d544ca4af16101c92c738300cedb90e8d91fb6bd7a63c4c8f8f4846
7068ced7a6e29f9e6517f81bb0255f83c6f5c40da7f018fa3a2dc053de9b2699
71b4306eb14d4d3b41e0f5355ec46c5981e8ccff950e9fd831f1925e302de598
7212884525878e0c5530915e679ab337a2e784c01c7e2b37ab69722d51bfc561
77ec858ccdf63e795ef0598267e8d0b44b0570aafef9ad613d3a16862841e44a
84ae3907bc55a4b8a84a4ac86616b3d313f20730d68b0bc839a7d8e4bc82a180
86e48adbb4623d2f9b4dd235b18edf563e3ea65ee35904361b7f857136014e81
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9277c720d84e9bd4482ce7d8b4720fafa4147fb476fab33f943dbf1d1ce2b04e
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
975fcd769077c94bff0b689fbe3ad59e461ea7c948870bd979d21ad4716ecee9
98d38b1d67a02ced6cdaf815d9b7b8a06a22a80eba4d0ae8613a91cf1354f85a
9ab93253707fba9585ccce1f2c52eeda67dedf3f28d0e39582b13794138e60a7
9aff56a3c0fa862e24f901de45e4520cf142f2ad9754bab9d9ee73f8244e9be6
a0d0c0cca8423e9e24f06d1ecb1b915f8be050974969fe6b934b5711c6c8e009
a19574eb41ec2793a49eda4eaeb7277834e8289ee0f14fbc8eb2e942e80d889b
a39d901319885110b207c6184d62708b366a6916f9dc3b7999bcbe5f2f794acd
a3b69fd23ff26fea8705e88916f792b8148ad6f8b47efbaca9d460923b86f2ea
aa083605e9883d151567274cb5e6fb7df54b70e2e3cebd4d2d15212ea11758ed
ab36dbce4cde7c36692fa06bef35b79cc1dc7e766aab0eea196a204eda7d78fe
ad9ed2af18b09cd021bb204d871d659dab3bd57d1ba926c0d7fabc8b310fc161
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b9d458bfe729b53a412f3f6785efb8030fa6eda4ef88df11c855cf3286b0c381
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be787ecd75f84036f91164611448a85ecac69699d11deb0c9b7b877fe105af53
c09b71bc13ce9d8640e4f40f794e0de30013e218c47b5ad9288c08e3ffe7e0b3
c49542f552ff88e531d47cc9a4646ee28f93ad4721e31b5ce587d563866333c2
c4a6789a6bcf3b1073ff5bdf7bcb94a7a5d3d77538801666c1afa818064e37af
c8012a349a01ea08a90083b3b7adec11eaa29ea07ba21e5cf9ca2a6a68611a0a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1f8e9e55c7b2c2939397b42094667b21443e6f2acee6c2695fd001668c50b1f
d41c6733a8c4a3a7f08204de8e3d60e1d2baf17dd7f675a26830fb1047fac40a
d4eaf0dd6ebaf5941562142ec2d5a00fd3c808d7b1c6285a047eb87e8ce566b2
d54a186198bc0d7d0de323d0f02c4bb48405f86aa86ed2cd06ac09439526c7be
d70382f3bf05e5893b55e8cd88979ca435c34e1fcadf16a14cf0c2fd56e35791
dfb2e16986e257b608b45d14396378a8f2ac6a7321c0dc2f13c66a33ec8e4a40
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9
e8fa3bdea50e7c47ebbcab43cbcf073745f1eb08f1dd996781c7098ec215a488
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f43eb4967f3f5711f5eda2d5fc4ba512f1a942bd8bb70a15a3027365497160b6
f4b20b2736e401f1f5de493008ef50755fdf45b5b29c7980d9ce547a9b84449f
f5580e0f7a851232d425ae001181da2ec46da03ee338535c9042a58cec6ede5f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62