Report - nxbrew.net/oddballers-switch-nsp-eshop/

Report Overview

Visited public
2025-01-05 21:37:11
Tags
Submit Tags
URL
nxbrew.net/oddballers-switch-nsp-eshop/
Finishing URL
nxbrew.net/oddballers-switch-nsp-eshop/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
OddBallers Switch NSP + Update (eShop) | NXBrew.net

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
uv.uncotorture.com	unknown	2024-11-20	2024-12-04	2024-12-31	2.3 kB	3.1 kB	23.109.170.27
condemnfundraiserjune.com	unknown	2024-10-18	2024-12-04	2024-12-31	874 B	24 kB	192.243.61.225
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-01-01	1.6 kB	162 kB	142.250.74.163
stereospoutfireextinguisher.com	unknown	2024-08-19	2024-12-23	2024-12-30	494 B	506 B	192.243.59.13
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2025-01-05	1.8 kB	1.4 kB	3.127.100.141
s.w.org	748	1993-12-01	2017-01-30	2025-01-01	873 B	1.9 kB	192.0.77.48
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2024-12-31	910 B	104 kB	45.133.44.2
nxbrew.net	unknown	2024-11-07	2021-01-10	2024-12-31	17 kB	1.7 MB	188.114.97.1
recordedthereby.com	unknown	2024-05-08	2024-05-08	2025-01-05	395 B	86 kB	185.196.197.71
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-01-01	510 B	13 kB	142.250.74.10
cdn.ouo.io	404096	2014-06-15	2015-02-13	2024-12-29	404 B	25 kB	104.22.22.162
secure.gravatar.com	1671	2004-07-15	2012-05-22	2025-01-02	6.2 kB	69 kB	192.0.73.2
www.profitabledisplaycontent.com	138390	2020-10-14	2020-10-16	2024-12-30	5.6 kB	47 kB	192.243.59.20
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2025-01-05	409 B	375 B	185.196.197.72
unseenreport.com	unknown	2022-03-30	2022-03-30	2025-01-03	730 B	495 B	192.243.59.12

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-05	medium	uncotorture.com	Sinkholed
2025-01-05	medium	uncotorture.com	Sinkholed
2025-01-05	medium	uncotorture.com	Sinkholed
2025-01-05	medium	stereospoutfireextinguisher.com	Sinkholed
2025-01-05	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (34)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	145 B	2024-12-04	2025-07-13
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-04 08:44 Last Seen2025-07-13 16:35 Times Seen14 Hash 38193ebd854ce3c578148589edc900ca 069a1a35b2d1c4d3e9d762d2b61a17e78c693339 b139878fd0b7aa1bc854edcdf0b6e6f5d52ab16415d563d01a57c42dd9d917e7 Loading...

	unknown	ScriptElement	3.8 kB	2025-01-05	2025-01-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 21:37 Last Seen2025-01-05 21:37 Times Seen1 Hash 4cf91da6dad505876bfc0920f8bdbf02 9849242da2be938ea1a6b0ca2ce93d8f866367b6 762689054cc42c23575067770ed5682f09be20f936aa86b2964b4cb19d8ef927 Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	94 B	2023-03-07	2025-07-16
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:19 Last Seen2025-07-16 19:05 Times Seen2124 Hash ef4c6f4ed2791029af6637c1ccd58340 ba0d690b1bec64d3a7d573abfe61416d9845e66a 9227f383e313ecc066c659fa9a86bfbbb5e3c828d16a096701b5775cdff65f25 Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	3.3 kB	2024-12-04	2025-07-13
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-04 08:44 Last Seen2025-07-13 16:35 Times Seen16 Hash de2c1c5c4fe7b13d9850163ad5ea3329 664f233d7837c98d92a32f9dcc8048c1f1b0be2b df3495bdafa74fbe0c667c1018ef680ac8adc11d2d55a111ba6dc3fdc2328d01 Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	1.5 kB	2025-01-05	2025-01-05
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-05 21:37 Last Seen2025-01-05 21:37 Times Seen1 Hash d9911ab3f39f1a1195ac9f6659c11dfe 48172c4a7c934212d4b6578c7d7ba7fd36adff6b c7ca9e29ac15a053b0fcd6cd387501d9caa0bb31854a134fc49ac511d3c37e3c Loading...

	uv.uncotorture.com/t2KVHpY0H2mIp/87978	ScriptElement	5 B	2023-03-07	2025-07-17
Pretty URL uv.uncotorture.com/t2KVHpY0H2mIp/87978 IP 23.109.170.27 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-07-17 07:31 Times Seen6903 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	condemnfundraiserjune.com/060d8f743e909da8c28a6535c4eec811/invoke.js	ScriptElement	25 kB	2024-12-24	2025-01-05
Pretty URL condemnfundraiserjune.com/060d8f743e909da8c28a6535c4eec811/invoke.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-24 07:49 Last Seen2025-01-05 21:37 Times Seen7 Hash 4622ec0009a4e0d9154472ac8e0d96c2 3e42b358fc63d2413f0c080615299d4b571d03b8 c89415a5737b147bafcc2191149135ea7f52c2dcb0f1fcc02d6affaf30c22b9d Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	129 B	2025-01-05	2025-01-05
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-05 21:37 Last Seen2025-01-05 21:37 Times Seen1 Hash 2466021b48467ceadde2c192552c191b 71b39aa3e8134d4903154a7044f46580b461d2ae 23122d9285d70965dcc31ab8a13036c046af799d541e4862bb49b7fe02b1f5f4 Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	100 B	2024-12-20	2025-06-13
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-20 05:10 Last Seen2025-06-13 16:58 Times Seen5 Hash c7a92ffe283f8dc2a620f4c5e9fdc19c 3d0edbf165aa86c53a88d49a10a8b9ea6fe7a1a6 6d4abd0c4cd9938bb7afc20861ae96f1fb1485536a0e913e1d13965573adcb9d Loading...

	cdn.ouo.io/js/full-page-script.js	ScriptElement	24 kB	2023-03-07	2025-06-18
Pretty URL cdn.ouo.io/js/full-page-script.js IP 104.22.22.162 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05 Last Seen2025-06-18 02:32 Times Seen103 Hash 96bba75cededac75702ba6ac716d4973 775243f4de23825c140308e8f2c4cac797e5a750 5b373b36e3314ce0f7096a491c4a5b951aeb87dabca29702406e8b9bc28e0a0f Loading...

	condemnfundraiserjune.com/b4832ec5a7016dd356a06694f07a3231/invoke.js	ScriptElement	25 kB	2025-01-03	2025-01-05
Pretty URL condemnfundraiserjune.com/b4832ec5a7016dd356a06694f07a3231/invoke.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-03 16:35 Last Seen2025-01-05 21:37 Times Seen3 Hash 9e3cf271221faa8e3da2b69263739e27 3d24e31172b535e09caf7a4d9c373c066d2c2970 f87108dc31672bc2be1e9f4ccd3b7568e43a7164ddf38930be77d7ced2a5e049 Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	140 B	2024-12-20	2025-06-13
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-20 05:10 Last Seen2025-06-13 16:58 Times Seen5 Hash 88baf9c39f9a04e3e4b56dbb559a701b 836f8681411b8059bf4244e0090a5732ef3d646e b974f0aa9dfb1a7f09b1409c9294579a01f1d95cbb33ecd2ddaf3591c4b11906 Loading...

	nxbrew.net/wp-content/cache/minify/4c41e.js	ScriptElement	331 kB	2025-01-03	2025-01-05
Pretty URL nxbrew.net/wp-content/cache/minify/4c41e.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-03 16:35 Last Seen2025-01-05 21:37 Times Seen3 Hash d8e3bfee9a5e8c29deeb34511aa06033 a9ac8ad16cec2847bf171be65beed9041ecbbe98 3b16f4e45c111d32d96f7ee5a8aa8432eb27bd94b143bb7842eb6c8aeb5a76c4 Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	87 B	2023-03-07	2025-07-17
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06 Last Seen2025-07-17 02:53 Times Seen9012 Hash bd5f648f4fa75f28b17faffe66049687 c9c2791b295684a919a2bfd7b7e2ef5aab3c178a 1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4 Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	87 B	2023-03-07	2025-07-16
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06 Last Seen2025-07-16 23:50 Times Seen1872 Hash 3aac713f749c28a846ca71512f718efe 2092afddd8bb589a2f7d064c042d9da48fec27c3 4819226a6f302e8570bbe8027c0dc59ad0edb45705e83fe9791045692e8ffa6b Loading...

	unknown	ScriptElement	3.8 kB	2025-01-05	2025-01-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 21:37 Last Seen2025-01-05 21:37 Times Seen1 Hash 531f0521cb5a369f9fd34f9e9cf9d54c 8a324e7645102f596687d3e521d27fd21ad19b8b fa4f3a4cab5a29264bbe401b8ef8d12731c1191f09141a4472043de59e3b96bc Loading...

	unknown	ScriptElement	145 B	2024-12-20	2025-06-13
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-20 05:10 Last Seen2025-06-13 16:58 Times Seen5 Hash 00f3998759b1ce70ac59ea871b017926 c8941bf15189db38fd89f19aa3f65c7d1c119ce0 23ede2ce42a0fdc781e212c04e7131962ba1917f2b6832d036d4fdff7fe53f25 Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	140 B	2024-12-04	2025-07-13
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-04 08:44 Last Seen2025-07-13 16:35 Times Seen16 Hash 6d551fcc858a396f957bedf9f0b33d90 7f590dfd89bc99b5e190bd9e7805bf140492aaeb ea7e24335d33cc45ddcf8967f7654a6d5a28009654f327a607ad7b352df0cbf6 Loading...

	nxbrew.net/wp-content/cache/minify/0a549.js	ScriptElement	5.5 kB	2025-01-03	2025-01-05
Pretty URL nxbrew.net/wp-content/cache/minify/0a549.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-03 16:35 Last Seen2025-01-05 21:37 Times Seen3 Hash 812d0d0018aa3111413684e1b826c780 1d25b510b347e2ada72112a666a191c9826ef421 230564d9907fd21d67162985f2690ce07111ffb0a1ec58908ac07367995139b1 Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	430 B	2024-12-04	2025-07-13
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-04 08:44 Last Seen2025-07-13 16:35 Times Seen16 Hash d29333cee8a0ff53ffb616526085c594 e03af92c816a512f4732d159b4d636cb94bfd2c2 b846923e791db293d9c498f15c4a0cdd31cfaba61aecd5c0a124e8f7982bdaea Loading...

	nxbrew.net/wp-includes/js/wp-emoji-release.min.js?ver=af50bf64941c922d11c920cd5c7149d4	ScriptElement	19 kB	2024-03-13	2025-07-17
Pretty URL nxbrew.net/wp-includes/js/wp-emoji-release.min.js?ver=af50bf64941c922d11c920cd5c7149d4 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02 Last Seen2025-07-17 07:23 Times Seen54376 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-07-17
Pretty URL capaciousdrewreligion.com/advertisers.js IP 185.196.197.72 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-17 07:34 Times Seen5443087 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	nxbrew.net/wp-content/cache/minify/818c0.js	ScriptElement	101 kB	2023-11-23	2025-07-17
Pretty URL nxbrew.net/wp-content/cache/minify/818c0.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 10:06 Last Seen2025-07-17 06:49 Times Seen232 Hash f87b0555dd4b879bc78b109789de5601 52b33d2897658dc25df79edf33fddb7e750aed76 fbb5f2ccde427720073f4757673dfc6912f94de36841444083b4da740fef9576 Loading...

	nxbrew.net/wp-content/cache/minify/ce980.js	ScriptElement	18 kB	2025-01-03	2025-07-13
Pretty URL nxbrew.net/wp-content/cache/minify/ce980.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-03 16:35 Last Seen2025-07-13 16:35 Times Seen6 Hash aa673e4295a395f94f4a7aa4bf152022 f913b7187580eeb578302d51a5050e9c3fe6c510 2b8f51b2bee17d3b427df3d37eb7a6007bb710e1e67cd0586cf6e55dbef5575a Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	5.3 kB	2025-01-05	2025-01-05
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-05 21:37 Last Seen2025-01-05 21:37 Times Seen1 Hash 312c00f22dd8259edcefc8978e2a5260 bea91c29f1c72d5d0f4e335c876e7b9afbf236a5 3267159466b76372040c9467ea1b75bc9ce5c67e86d8150c4eb934af6fcf50f9 Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	466 B	2024-12-20	2025-06-13
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-20 05:10 Last Seen2025-06-13 16:58 Times Seen5 Hash 4ca8e683c3c858da7499052201d0ef58 b09a90cc5f1b31707347a8d94c3a5628657f6d4a 1d40e9567400ad952f6368b868315c857c009d07ff507e1cb905a7a6071ed29d Loading...

	www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js	ScriptElement	95 kB	2024-12-31	2025-01-05
Pretty URL www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-31 13:37 Last Seen2025-01-05 21:37 Times Seen3 Hash b9ee518b16c49bfdaddc03f090463e77 d929d2d5f5a23acd87d51dd0d20a812759260934 e56143022531fb06c88377c212fa03a8efbcaf65288491bcdf6092cb2db4467f Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	209 B	2024-12-04	2025-07-13
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-04 08:44 Last Seen2025-07-13 16:35 Times Seen16 Hash ec2d06bb695de1e6e12a9bf25d98db4b 8167b5eafba98631576049cf92d1751790d70c22 feef4f9279980937d25389a09fcc9f205896f980bdcf783fbff2425d8f81cf78 Loading...

	nxbrew.net/wp-content/cache/minify/61214.js	ScriptElement	5.2 kB	2024-10-06	2025-07-13
Pretty URL nxbrew.net/wp-content/cache/minify/61214.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-06 09:16 Last Seen2025-07-13 16:35 Times Seen16 Hash f4788baeef0e6393e2cd3518c253b775 40054d7fc3e63be3449c86b718fbeb1cf5a2e669 b04991bdc57e292f03391a171f2cfeb9ac57f1999012008a1c76aa7041f9244a Loading...

	nxbrew.net/oddballers-switch-nsp-eshop/	ScriptElement	329 B	2023-03-07	2025-07-17
Pretty URL nxbrew.net/oddballers-switch-nsp-eshop/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-17 04:22 Times Seen3417 Hash 03d6d38af8c34d50a7d4f77919f3f6c7 90e18129a2b50addce02c98c923534d242233216 9f7a87d73cf34cd5d76d600a5ce326ac1ce32a021067b1bb50587fa488b13444 Loading...

	nxbrew.net/wp-content/cache/minify/45ffb.js	ScriptElement	6.3 kB	2024-01-20	2025-07-15
Pretty URL nxbrew.net/wp-content/cache/minify/45ffb.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 22:49 Last Seen2025-07-15 06:55 Times Seen278 Hash 51ac6e07041e19625a64b4cab5a52fd6 57054a9c78a32e9bcb2f1e0b5f09111350e82de9 1a1b9ae60c527ccefdbbc092245aa6c85aedcaa6ebb4c69d22060ece8ade180d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 956c29fe6ac694ea20599cf60878863b	2.1 kB	2025-01-05 21:37	2025-01-05 21:37
Pretty Observations First Seen2025-01-05 21:37 Last Seen2025-01-05 21:37 Times Seen1 Hash 956c29fe6ac694ea20599cf60878863b 31efe04a013784d99d280f9f378b7a73c8ce698b c2ab000d51123a5f546109805b0da1d3cdcb4d5eee7c2663b28345213a266558 Loading...

	#2 Eval - a416b4d3718234edecc05edb6b223c32	2.1 kB	2025-01-05 21:37	2025-01-05 21:37
Pretty Observations First Seen2025-01-05 21:37 Last Seen2025-01-05 21:37 Times Seen1 Hash a416b4d3718234edecc05edb6b223c32 bac974e80f028e637a99555c54e3a5ff07efb70b ad82b104de39d4dd11bfe40a3adc23548e0a8cb0988488f470e6798b86031993 Loading...

HTTP Transactions (75)

URL IP Response Size

GET nxbrew.net/wp-content/uploads/2019/05/cropped-NXbrewlogo-1.png

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2019/05/cropped-NXbrewlogo-1.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
PNG image data, 350 x 94, 8-bit/color RGBA, non-interlaced
Size
16 kB (15644 bytes)
Hash
d95da88edf41829d3279912c98376de9
f6e7213833075e4165165d7d630ec4362aaf83bf
254469c049b149ca9e58cd158ff7ebc97b6792a6ce329a6acc82e45316d0b91e

HTTP Headers

GET /wp-content/uploads/2019/05/cropped-NXbrewlogo-1.png HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/png
content-length: 15644
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Wed, 12 May 2021 09:26:08 GMT
etag: "3d1c-5c21e99ca1c67"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:06 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyXAVg%2Bt72rGY8Td5NfX8D4PfWq4TFocmm9fNosyshogNaWMxlzW8XLz4iK%2Blc75Ka4U0YpjL64Vg6ZfePTSdjh0cea%2FmlTsrF80K9hV6%2BxH85R3g3uJmvrTnvkL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03bf585688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6971&min_rtt=1076&rtt_var=6518&sent=133&recv=19&lost=0&retrans=0&sent_bytes=134477&recv_bytes=4229&delivery_rate=3804892&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=357&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2019/07/qCFlSeOoPNem-64x64.jpg

188.114.97.1

200 OK

2.9 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2019/07/qCFlSeOoPNem-64x64.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 64x64, components 3
Size
2.9 kB (2899 bytes)
Hash
3e8c6aaf1438117ec708f1861a975778
fa3fdcba3afab9f261c50014b8fe59e52ecf658a
c8c7dc432981abf62ac4ee44b01a025c407f7be1c60ef2767906197bc9abc187

HTTP Headers

GET /wp-content/uploads/2019/07/qCFlSeOoPNem-64x64.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 2899
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Thu, 18 Jul 2019 20:31:55 GMT
etag: "b53-58dfa802804c0"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:48:59 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2354
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktux0ztcmvt2uO70haUJpd9Kv4%2F330yvCAYM8IiAJ%2B5QoLHBfCcfW%2FbMoG9nQll5yzL1thXI4SMIrlh%2BkYs5hPfIT9Bt3gEGfAwstv17JpiV8ImXJqe%2FYT8lT9ab"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03df805688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5396&min_rtt=1076&rtt_var=5124&sent=152&recv=25&lost=0&retrans=0&sent_bytes=153696&recv_bytes=5351&delivery_rate=579688&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=371&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/Victory-Heat-Rally-switch-NSP-200x200.jpg

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/Victory-Heat-Rally-switch-NSP-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
13 kB (13379 bytes)
Hash
031c0f41932191ef6be26c0a45b24b5a
7bebceb2cc04b84a4ea1cb47b018397e4e7ca25f
b90c3aca61e27f7a7f384ef0d100e016d3fd5032770fef4be09897ec5a168ead

HTTP Headers

GET /wp-content/uploads/2025/01/Victory-Heat-Rally-switch-NSP-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 13379
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 18:02:16 GMT
etag: "3443-62af94fed9a1a"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 18:34:32 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTh7udosqPrun%2BJHB5iiNlZ9KRzGfgyxICyqZO%2F%2FQqK0%2BIfZs%2BVLKfm8Ysgn2i%2BG%2BMXWe%2B90rPVxp9EeExj%2BHWFRoGAseBwk366tONzlgloNkqR3m8Ayq2HK5Hj3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03ef955688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4860&min_rtt=1076&rtt_var=4914&sent=159&recv=29&lost=0&retrans=0&sent_bytes=157557&recv_bytes=6404&delivery_rate=634319&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=376&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/Hone-Hone-Zaurus-X-Chogattai-Build-and-Battle-Switch-XCI-200x200.jpg

188.114.97.1

200 OK

18 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/Hone-Hone-Zaurus-X-Chogattai-Build-and-Battle-Switch-XCI-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
18 kB (18141 bytes)
Hash
8521b94d24663f0b9f422370850c8a43
807d10cca87630b8a2975357a238bd9382c23cb4
c9da9e261ae3b7f72a7c929f7f1a548cfd56e3f4b8e2cbc588ad1526e0ffe4c8

HTTP Headers

GET /wp-content/uploads/2025/01/Hone-Hone-Zaurus-X-Chogattai-Build-and-Battle-Switch-XCI-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 18141
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 17:37:24 GMT
etag: "46dd-62af8f704d66b"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 18:32:58 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JD417EXm%2F0GMAXDxUWqvQEMG8zQ9i3P0FFOkgHSu%2FCL4aLvK41cinf49uGSk3uSIkzBgySnafxuILDrhunA%2Fm2H9bm7zd4Wbn98xx1tHL%2FWUOTF62HnM%2Fnzl8zzU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03ef9f5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4860&min_rtt=1076&rtt_var=4914&sent=172&recv=30&lost=0&retrans=0&sent_bytes=172078&recv_bytes=6767&delivery_rate=634319&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=379&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/Apathy-Danshikou-de-Atta-Kowai-Hanashi-Switch-XCI-NSP-200x200.jpg

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/Apathy-Danshikou-de-Atta-Kowai-Hanashi-Switch-XCI-NSP-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
12 kB (12330 bytes)
Hash
b5ecbbc42d1079a6f1f221da94d1595d
3da9eacee9390f0c8c056647cb37c20b361443fd
e98c0f55c8f4a1a47ea962d5a44ce9351b28aaa76d695451ecfa352ba49f071a

HTTP Headers

GET /wp-content/uploads/2025/01/Apathy-Danshikou-de-Atta-Kowai-Hanashi-Switch-XCI-NSP-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 12330
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 17:24:33 GMT
etag: "302a-62af8c904abe4"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 18:32:01 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xVejWU0AkHCRIgg5fEetT7%2FycUTgObwe6SOD9qyfrjWBA0eq3Dq74MtFbF4a6UK1Yn1Kp4FB2gKPtBIlJ%2FrHvkjMj%2FwDgF%2BnVngl2mGVHJiYrlaMzHAYiA6NQ1GX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03efa15688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4860&min_rtt=1076&rtt_var=4914&sent=182&recv=30&lost=0&retrans=0&sent_bytes=184078&recv_bytes=6767&delivery_rate=634319&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=379&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/Air-Missions-HIND-Switch-XCI-NSP-200x200.jpg

188.114.97.1

200 OK

10 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/Air-Missions-HIND-Switch-XCI-NSP-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
10 kB (10137 bytes)
Hash
151cc73e07333b72b82e3ddee6d8c968
a234e3ae94accb4db3f01b5fa23bb0d8d14fc057
99898f8204fb5aae97f4480f5f84f07e9887b63f45bf2cbb7377ebb568d5443b

HTTP Headers

GET /wp-content/uploads/2025/01/Air-Missions-HIND-Switch-XCI-NSP-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 10137
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 18:00:09 GMT
etag: "2799-62af948587355"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 18:30:30 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2rKr38Sh2Olr0fqit5TzzOumQlFNKQk%2BrqNhYERt59XcNQJGOeN5EbNMTqn5A7J%2BhiZ90qBQNyvQHXezkjKkJ7RewWsKFIrzA2MsW8vgOrAbm9b0JqU%2BUmRtIZ9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03ffa25688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4860&min_rtt=1076&rtt_var=4914&sent=201&recv=30&lost=0&retrans=0&sent_bytes=204898&recv_bytes=6767&delivery_rate=634319&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=380&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/Slime-3K-Rise-Against-Despot-Switch-NSP-200x200.jpg

188.114.97.1

200 OK

18 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/Slime-3K-Rise-Against-Despot-Switch-NSP-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
18 kB (17567 bytes)
Hash
406924347c3b2fa96fcc0da394381d6a
a93151e3876bb1351baee25c34d526e4990188ff
cbc7177d8df8673073aff5a53216b158c6b018c9e17acf2a5cc216794bcd335a

HTTP Headers

GET /wp-content/uploads/2025/01/Slime-3K-Rise-Against-Despot-Switch-NSP-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 17567
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 18:08:11 GMT
etag: "449f-62af96511c444"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 18:29:47 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=641TQr%2BXqEwD7mtxSHesYp6UFumyNUvb3NxQb5cPvaPQa6G9oU4BKqSlf7DVEwwpdHFz80zMwg6JBmZ5QoRKhH%2BvCK5Do6W1SSfWHUI%2FiKU%2FxeaLuba1B0imdc5%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03ffa55688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4860&min_rtt=1076&rtt_var=4914&sent=211&recv=30&lost=0&retrans=0&sent_bytes=216082&recv_bytes=6767&delivery_rate=634319&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=384&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/Detective-Conan-Skateboard-Run-Kaitou-Kid-and-the-Mysterious-Treasure-Switch-NSP-200x200.png

188.114.97.1

200 OK

82 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/Detective-Conan-Skateboard-Run-Kaitou-Kid-and-the-Mysterious-Treasure-Switch-NSP-200x200.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Size
82 kB (81970 bytes)
Hash
eee9029fb5fa6a43f22310aead243af3
2d6bd7f101cc30ff40a233929dbc8c938cdb6ed3
40874ef30b9527ef8cb5d2a907dc2ebc31246c7bba66b85ff1b1bb0e8f04b4f2

HTTP Headers

GET /wp-content/uploads/2025/01/Detective-Conan-Skateboard-Run-Kaitou-Kid-and-the-Mysterious-Treasure-Switch-NSP-200x200.png HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/png
content-length: 81970
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 18:23:43 GMT
etag: "14032-62af99c9f12a0"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 18:28:59 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N4nPNUykWJ1M%2BUTjOhNzumpsPOwHf6Qq5mdWTJbIVxRacXByXoLTBWAG8bz4kq8OpueZAeP8vKF9AwTst%2FLuhFU4XBgIVv8ndEelfmtF1B1c%2FZnLvz5o%2F64ungk3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03ffa75688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4860&min_rtt=1076&rtt_var=4914&sent=227&recv=30&lost=0&retrans=0&sent_bytes=234882&recv_bytes=6767&delivery_rate=634319&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=385&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/Santas-Chimney-Quest-Switch-NSP-200x200.jpg

188.114.97.1

200 OK

10 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/Santas-Chimney-Quest-Switch-NSP-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
10 kB (10536 bytes)
Hash
7858a24f9c23286e7eea01e655f20577
1bf8f0db37a32831e1c2908ad590e0f79ba6861b
4424496f2802dd1ac2df8f506708de3d9e2aa432993199c24c496c287c71daff

HTTP Headers

GET /wp-content/uploads/2025/01/Santas-Chimney-Quest-Switch-NSP-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 10536
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 09:06:03 GMT
etag: "2928-62af1d243ce4f"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:07 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1A5DyYpB361L2f9sopYeEeEWHSuaptUotsHAFT%2BmssVpKdfdMgcnoHjUF4qjJK9KFBl%2FmuOp4zgSxxFYSgah40VQuTN1pIb%2BRXQbQDO6wNtKtQ%2FNM2AUP%2BQ3d2W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b040fbe5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4451&min_rtt=1076&rtt_var=4504&sent=299&recv=33&lost=0&retrans=0&sent_bytes=319784&recv_bytes=7772&delivery_rate=5868464&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=400&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/Pick-My-Heart-Chapter-2-Switch-NSP-200x200.jpg

188.114.97.1

200 OK

14 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/Pick-My-Heart-Chapter-2-Switch-NSP-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
14 kB (13768 bytes)
Hash
c41082f34d98540a61507c006e20d811
f79c9c063b5543855ba081e692bfd484b1e497d8
90df3cd003c699429205ffbc981ca021144797b7ef7ffa4f3390a2b5f53d3493

HTTP Headers

GET /wp-content/uploads/2025/01/Pick-My-Heart-Chapter-2-Switch-NSP-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 13768
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 09:05:54 GMT
etag: "35c8-62af1d1b608fc"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:07 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPHk3091LQ2HPD2CAhXjgoDGqydUiga4b8WbTwhhGB%2FwCsr%2BPn3k5Yv3%2F4ke%2B%2BSzHj0KLmK2Lk9gzq56NJ0LVU3VoqySWb%2BYh3O50Voyc1E5mcQOV3ahaODskaIn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b040fc35688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4451&min_rtt=1076&rtt_var=4504&sent=309&recv=33&lost=0&retrans=0&sent_bytes=331378&recv_bytes=7772&delivery_rate=5868464&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=401&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/Parking-Tycoon-Business-Simulator-Switch-NSP-200x200.jpg

188.114.97.1

200 OK

14 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/Parking-Tycoon-Business-Simulator-Switch-NSP-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
14 kB (13554 bytes)
Hash
a5b309d6b4d33003cd9c45c946a6c6a5
866c8625e7955d4f3c6fde62ba40070cc264cad2
0c27f0114f753af923d13e9a6dad69ca9a30c8f30634b370ca3052a5b6b5a2db

HTTP Headers

GET /wp-content/uploads/2025/01/Parking-Tycoon-Business-Simulator-Switch-NSP-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 13554
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 09:05:45 GMT
etag: "34f2-62af1d12ce344"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:07 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5DZuujVroY11K3XreMRbrgQyUh9%2BrS1LjOVv%2F7929a5uS24OO0KcAUWLGsJGlncDsBlFUnOkl3Rxdr9PKybe31PGc5a%2B82DjZgh71y9oCNgYBxVjouwp8D6dq9d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b040fc55688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4451&min_rtt=1076&rtt_var=4504&sent=322&recv=33&lost=0&retrans=0&sent_bytes=346291&recv_bytes=7772&delivery_rate=5868464&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=402&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2025/01/NoReload-Heroes-Enhanced-Edition-Switch-NSP-200x200.jpg

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2025/01/NoReload-Heroes-Enhanced-Edition-Switch-NSP-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
12 kB (12180 bytes)
Hash
fde74e614d7bc67adff56d46a2ed34fd
6ffa2b9eb041ee133d8c3599f2bc7959a47a323f
4d0c9e887d2ba9fd3cf2f6441fd66f539b75b63bb13361d4388c9d434e7dd83c

HTTP Headers

GET /wp-content/uploads/2025/01/NoReload-Heroes-Enhanced-Edition-Switch-NSP-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 12180
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sun, 05 Jan 2025 09:05:36 GMT
etag: "2f94-62af1d0a6cace"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:07 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FwwZkNRTvJUmt0nr6RBqciLysKbDTg5hp%2F8GBI6KhqRzx3xkPgccntNZ2RnT4g7p2teMjhi6VPNXU2pW%2BwJdEsC4Fde2qtDMAdxUPv2dAVzUrle9dGpSRckI45hi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b042fda5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4045&min_rtt=1076&rtt_var=3344&sent=337&recv=38&lost=0&retrans=0&sent_bytes=361037&recv_bytes=9246&delivery_rate=2353777&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=417&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2019/07/qCFlSeOoPNem-96x96.jpg

188.114.97.1

200 OK

5.1 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2019/07/qCFlSeOoPNem-96x96.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 96x96, components 3
Size
5.1 kB (5062 bytes)
Hash
cf7ca0da9e962fef6d4a3872cc987cf1
8cd5b6d6a2043697884594232a9b0be3899880d6
7559a2effcbcab9e7f874c768bf7062bc931aae1c578d25ec9b4d19164771530

HTTP Headers

GET /wp-content/uploads/2019/07/qCFlSeOoPNem-96x96.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 5062
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Thu, 18 Jul 2019 20:31:51 GMT
etag: "13c6-58dfa7feafbc0"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:19 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTwBKKjntgpA4XPBWw0PcCevrgDbIvLqqcosHVoBz2Zav%2FO2ElZxO%2FfQNlquje6EwUcwFnd0mdIO6fcXy1UfLbleEyQEIQbaWYWBAXJeAUqcw3WcJZ6QTs%2FtyE0E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b042fdc5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4045&min_rtt=1076&rtt_var=3344&sent=347&recv=38&lost=0&retrans=0&sent_bytes=373037&recv_bytes=9246&delivery_rate=2353777&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=417&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2023/01/OddBallers-NSP.jpg

188.114.97.1

200 OK

35 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2023/01/OddBallers-NSP.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 600x337, components 3
Size
35 kB (35250 bytes)
Hash
bf7b5beec601d6c50325d5a5a769e89d
f9a2994b1a51eb1d918967d2b9732347aecc433a
6594ee16cd85a9aeda4f795b44755a02ab1f258c6540d4ce0b7ea45ac30f3c35

HTTP Headers

GET /wp-content/uploads/2023/01/OddBallers-NSP.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 35250
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 28 Jan 2023 18:48:26 GMT
etag: "89b2-5f3576d600f6a"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 21:30:13 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBl%2FdFRQe4G3pMbdNQGsTaHUtOjHtGcD7niRe3%2Filnn2nIXL3bghhIUmoaLE%2BfZWrw2QzyvXGv6iqQAnD3i74D4rTekj%2BxmZM39BYaMRvW65KI7nEeGGogjLd9WA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03cf675688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3847&min_rtt=1076&rtt_var=2199&sent=425&recv=40&lost=0&retrans=0&sent_bytes=463837&recv_bytes=9338&delivery_rate=7720117&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=503&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2023/01/OddBallers-Switch-NSP.jpg

188.114.97.1

200 OK

43 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2023/01/OddBallers-Switch-NSP.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 250x410, components 3
Size
43 kB (42970 bytes)
Hash
9b3ccc7194fba3071082d8a2f4296876
5f37b477e6d590f1be5ce231a140847004f37c7f
1084ae3c099cf77b8183917db2dbbece520f6474c8ec7d6530f45b55d147763e

HTTP Headers

GET /wp-content/uploads/2023/01/OddBallers-Switch-NSP.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 42970
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 28 Jan 2023 18:48:27 GMT
etag: "a7da-5f3576d7427fe"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 21:30:13 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXVg%2BpFPoktj9B5OosHKiMbwOXErc0lR0kD97FsChS2BDW2uO0t1DPVKtk6ZyoejsZKh98pCmhPNiREVX7ekaFlTzxkRE1vCeRLQmuqua9MzCn1yJ7Ni1XwasXZK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03cf5e5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3291&min_rtt=1076&rtt_var=2179&sent=456&recv=42&lost=0&retrans=0&sent_bytes=500739&recv_bytes=9429&delivery_rate=24542415&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=535&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2023/01/Switch-OddBallers-NSP.jpg

188.114.97.1

200 OK

55 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2023/01/Switch-OddBallers-NSP.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95", baseline, precision 8, 600x337, components 3
Size
55 kB (55327 bytes)
Hash
ef4f479d37a521d54ac8cf035015d1af
247c3dd0f4da72d11d07f76d8e8c7a3880f44c50
7d9aa1ccfd259efbe172441bc1ef3346b393817a8feed8f321e2cbd7e42d7a6b

HTTP Headers

GET /wp-content/uploads/2023/01/Switch-OddBallers-NSP.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/jpeg
content-length: 55327
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 28 Jan 2023 18:48:28 GMT
etag: "d81f-5f3576d895204"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 21:30:13 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2vRofz62osv5GzVwJPKtBJqNTRhpDTx6deaAGH8t8mNkoBHtr4Rai3V8jz1QOkQQ7CGeSgt0168M9JiX6K2fsXoJKfiti0LyiyThhmf0ErGhFy3v4wenDmVXjuT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03cf695688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2429&min_rtt=869&rtt_var=1860&sent=494&recv=46&lost=0&retrans=0&sent_bytes=545558&recv_bytes=9610&delivery_rate=12262491&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=575&x=1", cfExtPri, cfHdrFlush;dur=0

GET uv.uncotorture.com/t2KVHpY0H2mIp/87978

23.109.170.27

200 OK

25 B

URL GET HTTP/1.1
uv.uncotorture.com/t2KVHpY0H2mIp/87978
IP
23.109.170.27:443
ASN
#7979 SERVERS-COM

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectuv.uncotorture.com
Fingerprint2C:86:2F:94:15:E0:C4:7E:73:DD:87:6A:BB:98:D6:CE:CF:32:EA:FC
ValidityWed, 20 Nov 2024 04:01:34 GMT - Tue, 18 Feb 2025 04:01:33 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /t2KVHpY0H2mIp/87978 HTTP/1.1
Host: uv.uncotorture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Jan 2025 21:36:44 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nxbrew.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Mon, 06-Jan-2025 21:36:44 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Mon, 06-Jan-2025 21:36:44 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET nxbrew.net/wp-content/themes/boxstyle/img/sidebar/s-left.png

188.114.97.1

200 OK

946 B

URL GET HTTP/3
nxbrew.net/wp-content/themes/boxstyle/img/sidebar/s-left.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
PNG image data, 320 x 2, 8-bit/color RGBA, non-interlaced
Size
946 B (946 bytes)
Hash
87d8352dce397fb5a0f9000d2dc21b77
9c0574188bf394187deb96079dda22873a843b19
48def2cd2d15fe21c66d57507132539043702d57c47c942ece1bde08fee0fa52

HTTP Headers

GET /wp-content/themes/boxstyle/img/sidebar/s-left.png HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/wp-content/cache/minify/37c1a.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: image/png
content-length: 946
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 18 Nov 2023 17:15:50 GMT
etag: "3b2-60a706797b11b"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:19 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8T0A1Drsy1NbHnL2In2xz%2BnyC%2FJEWv9lqDKtKKbxWvhl5d7cgq%2Bt88VDX7TzdW3zSVxfVKthGRmT7GxBjYKg1OwrJHcvPc5fM6lkltkkapheX1ptjdceOeTHaz3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b077b845688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2359&min_rtt=869&rtt_var=1536&sent=543&recv=48&lost=0&retrans=0&sent_bytes=603051&recv_bytes=9972&delivery_rate=10946109&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=950&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/themes/boxstyle/fonts/fa-solid-900.woff2

188.114.97.1

200 OK

150 kB

URL GET HTTP/3
nxbrew.net/wp-content/themes/boxstyle/fonts/fa-solid-900.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150020, version 772.1280
Size
150 kB (150020 bytes)
Hash
d5e647388e2415268b700d3df2e30a0d
97f0942c6627ddd89fb62170e5cac9a2cbd6c98c
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

HTTP Headers

GET /wp-content/themes/boxstyle/fonts/fa-solid-900.woff2 HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/wp-content/cache/minify/bbe5c.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: application/font-woff2
content-length: 150020
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
last-modified: Sat, 18 Nov 2023 17:15:50 GMT
etag: "24a04-60a7067974b8b"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:19 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tiVK9c0Mh6EY9HtF%2FXwS%2BVQLzqIkzzgulnAbKMXrprwlmrhiDydulgFZo96HF8L9js8hS2ukVBCDTVlc9GjEk7EhDuD3Kybyxp2ZnjuCP3aUfVCXER73K%2FmcDmhC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b07ab9e5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2204&min_rtt=869&rtt_var=1462&sent=546&recv=50&lost=0&retrans=0&sent_bytes=604856&recv_bytes=10370&delivery_rate=172921&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=974&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/cache/minify/61214.js

188.114.97.1

200 OK

26 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/61214.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (1091)
Size
26 kB (26020 bytes)
Hash
f4788baeef0e6393e2cd3518c253b775
40054d7fc3e63be3449c86b718fbeb1cf5a2e669
b04991bdc57e292f03391a171f2cfeb9ac57f1999012008a1c76aa7041f9244a

HTTP Headers

GET /wp-content/cache/minify/61214.js HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: application/x-javascript; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:48:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Thu, 19 Dec 2024 17:32:08 GMT
etag: W/"pub1734629528"
cf-cache-status: HIT
age: 2373
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpdnEvLSQqpMmOkdPNVpaQSYWz2HwEs6R9Ud9C%2FXbKbQx86VLWFRqWMkOTOwTOEvzdogoZUwrWPfFu80ntntymf3KBJ5UtzUj8gRJ1OrF0BQT42fJHVoZ2lNoeAh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03bf515688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5858&min_rtt=1076&rtt_var=5601&sent=148&recv=22&lost=0&retrans=0&sent_bytes=151304&recv_bytes=4634&delivery_rate=15534119&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=363&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/cache/minify/ce980.js

188.114.97.1

200 OK

6.1 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/ce980.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (594), with CRLF, LF line terminators
Size
6.1 kB (6111 bytes)
Hash
aa673e4295a395f94f4a7aa4bf152022
f913b7187580eeb578302d51a5050e9c3fe6c510
2b8f51b2bee17d3b427df3d37eb7a6007bb710e1e67cd0586cf6e55dbef5575a

HTTP Headers

GET /wp-content/cache/minify/ce980.js HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: application/x-javascript; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:48:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Sat, 18 Nov 2023 17:15:50 GMT
etag: W/"pub1700327750"
cf-cache-status: HIT
age: 2373
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kSEHnKjSvo%2Fi6rsAOFS4G6BTSEcH2DvcCdWIWYFC5IxZVtsP2oPPBH1H19PeDcTfse6ITJZOSD%2Bdh%2FpznQRIcaLH%2F3GFSYOnFkRH745v7245cpbZBMtb%2BVho%2FtJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03bf545688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7808&min_rtt=1076&rtt_var=6461&sent=96&recv=18&lost=0&retrans=0&sent_bytes=92528&recv_bytes=4184&delivery_rate=16614693&cwnd=96000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=355&x=1", cfExtPri, cfHdrFlush;dur=0

GET uv.uncotorture.com/t2KVHpY0H2mIp/87978

23.109.170.27

200 OK

25 B

URL GET HTTP/1.1
uv.uncotorture.com/t2KVHpY0H2mIp/87978
IP
23.109.170.27:443
ASN
#7979 SERVERS-COM

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectuv.uncotorture.com
Fingerprint2C:86:2F:94:15:E0:C4:7E:73:DD:87:6A:BB:98:D6:CE:CF:32:EA:FC
ValidityWed, 20 Nov 2024 04:01:34 GMT - Tue, 18 Feb 2025 04:01:33 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /t2KVHpY0H2mIp/87978 HTTP/1.1
Host: uv.uncotorture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Jan 2025 21:36:44 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nxbrew.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET nxbrew.net/wp-content/cache/minify/818c0.js

188.114.97.1

200 OK

36 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/818c0.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
36 kB (35750 bytes)
Hash
f87b0555dd4b879bc78b109789de5601
52b33d2897658dc25df79edf33fddb7e750aed76
fbb5f2ccde427720073f4757673dfc6912f94de36841444083b4da740fef9576

HTTP Headers

GET /wp-content/cache/minify/818c0.js HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: application/x-javascript; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:48:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 08:59:03 GMT
etag: W/"pub1699433943"
cf-cache-status: HIT
age: 2373
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvGu4hU3%2FvzPPlagvh%2Fc9f6sDs5pHpX4NxN3XTCmHgZD4avi6ZY2un9vErW2ljWaN4HlHV%2F930KVXrGiY058ziZsVAGCRsMXDk9nbf5haUWVoBgDuSMr52ecA3A1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03bf505688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9195&min_rtt=1076&rtt_var=7019&sent=51&recv=16&lost=0&retrans=0&sent_bytes=40272&recv_bytes=4094&delivery_rate=37544&cwnd=24000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=350&x=1", cfExtPri, cfHdrFlush;dur=2

GET condemnfundraiserjune.com/b4832ec5a7016dd356a06694f07a3231/invoke.js

192.243.61.225

200 OK

11 kB

URL GET HTTP/1.1
condemnfundraiserjune.com/b4832ec5a7016dd356a06694f07a3231/invoke.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectcondemnfundraiserjune.com
Fingerprint56:62:E2:7C:BD:96:99:8E:AE:00:D6:93:84:7F:DE:6E:04:F8:1D:AB
ValidityTue, 17 Dec 2024 20:51:37 GMT - Mon, 17 Mar 2025 20:51:36 GMT

File type
JavaScript source, ASCII text, with very long lines (25160), with no line terminators
Size
11 kB (11314 bytes)
Hash
9e3cf271221faa8e3da2b69263739e27
3d24e31172b535e09caf7a4d9c373c066d2c2970
f87108dc31672bc2be1e9f4ccd3b7568e43a7164ddf38930be77d7ced2a5e049

HTTP Headers

GET /b4832ec5a7016dd356a06694f07a3231/invoke.js HTTP/1.1
Host: condemnfundraiserjune.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Jan 2025 21:36:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: condemnfundraiserjune.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0c3484ccd23e950c49268f53cff43b07
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET condemnfundraiserjune.com/060d8f743e909da8c28a6535c4eec811/invoke.js

192.243.61.225

200 OK

11 kB

URL GET HTTP/1.1
condemnfundraiserjune.com/060d8f743e909da8c28a6535c4eec811/invoke.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectcondemnfundraiserjune.com
Fingerprint56:62:E2:7C:BD:96:99:8E:AE:00:D6:93:84:7F:DE:6E:04:F8:1D:AB
ValidityTue, 17 Dec 2024 20:51:37 GMT - Mon, 17 Mar 2025 20:51:36 GMT

File type
JavaScript source, ASCII text, with very long lines (25191), with no line terminators
Size
11 kB (11338 bytes)
Hash
4622ec0009a4e0d9154472ac8e0d96c2
3e42b358fc63d2413f0c080615299d4b571d03b8
c89415a5737b147bafcc2191149135ea7f52c2dcb0f1fcc02d6affaf30c22b9d

HTTP Headers

GET /060d8f743e909da8c28a6535c4eec811/invoke.js HTTP/1.1
Host: condemnfundraiserjune.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Jan 2025 21:36:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: condemnfundraiserjune.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a1c24a9b5630fe5ecb775d2a921d49a0
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.163

200 OK

51 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 51404, version 1.0
Size
51 kB (51404 bytes)
Hash
b904fcdf1c4c6059fadd6893a7bc7619
f41d1674f02616f03ef77d4e84b3ad8ba28a36fc
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

HTTP Headers

GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nxbrew.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Jan 2025 20:34:43 GMT
expires: Sat, 03 Jan 2026 20:34:43 GMT
cache-control: public, max-age=31536000
age: 176521
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET nxbrew.net/wp-content/cache/minify/bbe5c.css

188.114.97.1

200 OK

76 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/bbe5c.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
ASCII text, with very long lines (46721)
Size
76 kB (76168 bytes)
Hash
3a08466748acadc942f1e7b389d167c6
3a0358000d066e7218efa9e2ee3343e7dc66243f
61799a0143bf73a87dac4d7da71f0f8fa974d4ed929c2b0cf2c2ffbc6d93cf89

HTTP Headers

GET /wp-content/cache/minify/bbe5c.css HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: text/css; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:48:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Sat, 18 Nov 2023 17:15:50 GMT
etag: W/"pub1700327750"
cf-cache-status: HIT
age: 2373
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=josD7BxqsYd70P3l%2BkZl%2F7F5wOipEWZfoLb1ytDKW4bUVE7w6NPmFwQbA%2BLeRvjMndIWx9ffnjaLcF6Sn5VOHypqV9XmaewxmV3xUwCyaQxjI6UJ3DFkDYGgC7Ap"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03bf495688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10129&min_rtt=1076&rtt_var=6869&sent=29&recv=14&lost=0&retrans=0&sent_bytes=16245&recv_bytes=3463&delivery_rate=551891&cwnd=12000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=345&x=1", cfExtPri, cfHdrFlush;dur=7

GET fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.74.163

200 OK

51 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 51404, version 1.0
Size
51 kB (51404 bytes)
Hash
b904fcdf1c4c6059fadd6893a7bc7619
f41d1674f02616f03ef77d4e84b3ad8ba28a36fc
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

HTTP Headers

GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nxbrew.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Jan 2025 20:34:43 GMT
expires: Sat, 03 Jan 2026 20:34:43 GMT
cache-control: public, max-age=31536000
age: 176521
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET uv.uncotorture.com/t2KVHpY0H2mIp/87978

23.109.170.27

200 OK

25 B

URL GET HTTP/1.1
uv.uncotorture.com/t2KVHpY0H2mIp/87978
IP
23.109.170.27:443
ASN
#7979 SERVERS-COM

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectuv.uncotorture.com
Fingerprint2C:86:2F:94:15:E0:C4:7E:73:DD:87:6A:BB:98:D6:CE:CF:32:EA:FC
ValidityWed, 20 Nov 2024 04:01:34 GMT - Tue, 18 Feb 2025 04:01:33 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /t2KVHpY0H2mIp/87978 HTTP/1.1
Host: uv.uncotorture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Jan 2025 21:36:44 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nxbrew.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET nxbrew.net/wp-content/themes/boxstyle/fonts/fa-brands-400.woff2

188.114.97.1

200 OK

110 kB

URL GET HTTP/3
nxbrew.net/wp-content/themes/boxstyle/fonts/fa-brands-400.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
Web Open Font Format (Version 2), TrueType, length 109808, version 772.1280
Size
110 kB (109808 bytes)
Hash
005c9aa92b564b73b7582cc4f1fa49cb
373361ed756b1fe68ce2f5968d467826b6973bb5
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

HTTP Headers

GET /wp-content/themes/boxstyle/fonts/fa-brands-400.woff2 HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/wp-content/cache/minify/bbe5c.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: application/font-woff2
content-length: 109808
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
last-modified: Sat, 18 Nov 2023 17:15:50 GMT
etag: "1acf0-60a70679747a3"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:49 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2354
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvP2ABVXwRH9UQdOCqe5fAUVsEDK5%2F31jfsXo1R%2BMFNbIjRTNEFqT61lTVBpLavVM9c6G6pSaPKzV0CbrkapXVVncPhFzjuW9s%2FLC%2FImjpMCM%2Bb3YL6j1MnRGW1V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b096d9f5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2164&min_rtt=869&rtt_var=894&sent=699&recv=54&lost=0&retrans=0&sent_bytes=785526&recv_bytes=11169&delivery_rate=1964629&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=1253&x=1", cfExtPri, cfHdrFlush;dur=0

GET fonts.gstatic.com/s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2

142.250.74.163

200 OK

57 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 56996, version 1.0
Size
57 kB (56996 bytes)
Hash
d5547aea79a622cb2b4d18c905ab22c2
3d69fb0712097f39bd7bf057866fcc4448a37008
4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792

HTTP Headers

GET /s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nxbrew.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 56996
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Jan 2025 00:30:05 GMT
expires: Sun, 04 Jan 2026 00:30:05 GMT
cache-control: public, max-age=31536000
age: 162400
last-modified: Wed, 18 Oct 2023 17:53:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

3.127.100.141

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.127.100.141:443
ASN
#16509 AMAZON-02

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5fae815b298c423d248d5d78a5ed5001
65544ee2f9da911a4e07e56a67e4ca9e1121ea18
6deb2d2d5f90139f0a6718ff3819bc085510ba8a5ae8c38edf6e41f4e39f2a13

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.net
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=54471989-5e35-40fd-90ba-213eb46bcea7:1:1; expires=Wed, 03 Jan 2035 21:36:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET proftrafficcounter.com/stats

3.127.100.141

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.127.100.141:443
ASN
#16509 AMAZON-02

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9fc3c489b2840dfe600973e20833e771
75c06adff4ec07ebbd48e5b0f1430ba1cbdd2fa7
261ae98e127f04e719037258c39788b07a1e67601ab8c68723c61c041351ac03

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.net
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=c670d3ab-cf4f-468b-b480-568aa8f3ba4f:2:1; expires=Wed, 03 Jan 2035 21:36:45 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET nxbrew.net/wp-content/themes/boxstyle/img/curve-color.png

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
nxbrew.net/wp-content/themes/boxstyle/img/curve-color.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
PNG image data, 2892 x 80, 8-bit/color RGBA, non-interlaced
Size
12 kB (12245 bytes)
Hash
6da4f1d91d31ebbd8c247cd59eb3fc7b
029c1e38de16b2d3456906f6d1a20bd8a463dcd2
837c8965bebc7ed9bad16af824d1d29d16bfdbd5648839817045157ca03d93ea

HTTP Headers

GET /wp-content/themes/boxstyle/img/curve-color.png HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/wp-content/cache/minify/37c1a.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 12245
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 18 Nov 2023 17:15:50 GMT
etag: "2fd5-60a706797b11b"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:07 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2374
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bh0tZi7mq%2FRgxpD07TezUavRglkES9D7R0tkDZZt29YYAkI7WoeRTmugAI7AmXcon3%2Bt81BeDrVsEkxFmv%2BVaMcYL8niCynm49CXaHXntVfdAkb4EKiKYCphFUls"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b0a8f1c5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2154&min_rtt=869&rtt_var=690&sent=795&recv=56&lost=0&retrans=0&sent_bytes=899008&recv_bytes=11529&delivery_rate=6907922&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=1436&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-includes/js/wp-emoji-release.min.js?ver=af50bf64941c922d11c920cd5c7149d4

188.114.97.1

200 OK

5.4 kB

URL GET HTTP/3
nxbrew.net/wp-includes/js/wp-emoji-release.min.js?ver=af50bf64941c922d11c920cd5c7149d4
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
5.4 kB (5445 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=af50bf64941c922d11c920cd5c7149d4 HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: application/x-javascript
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
last-modified: Thu, 10 Oct 2024 08:17:17 GMT
etag: W/"4926-6241affb3b8e3"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:19 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2374
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBbQTvNX4seS8oKdnvLN%2FtJeLG7UzL%2FTX4aJ01EqsixK2QNEaHrPJeQOu9JfmFP%2BNl%2F7CnA9dZ%2FY%2BMstsjfNSJPmWb6qPaI0RMbfxLc0So7%2B7LCP%2BGYWZEpVpI8%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b0aff875688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2054&min_rtt=869&rtt_var=719&sent=808&recv=58&lost=0&retrans=0&sent_bytes=912393&recv_bytes=11875&delivery_rate=1266518&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=1509&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2019/05/cropped-nxbrewfavicon-200x200.jpg

188.114.97.1

200 OK

5.6 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2019/05/cropped-nxbrewfavicon-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
5.6 kB (5557 bytes)
Hash
bdec6f6d7cf37ab75424a88fff373e27
b43865a9c59c8151438933b61cf0650d4d60f63f
5cfaf6f2baead7a11568ede4d2abb87e5c8d3f743d33f8897d868666c3dbc7cf

HTTP Headers

GET /wp-content/uploads/2019/05/cropped-nxbrewfavicon-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/jpeg
content-length: 5557
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Mon, 20 May 2019 00:34:39 GMT
etag: "15b5-58946e5c285c0"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:07 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7EsYjMPK3G3FaM8U%2BqNKE8OEpAmVpA8qGUOemR2dKmIfCCg5xNpwzG7Z%2BHGLK%2B%2BlwznWmCSYlO%2BzviI18SZZHf49sijPuV7pvwyBFalQuFDpkLUx1VVROjHZgKr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b0c18ae5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2250&min_rtt=869&rtt_var=932&sent=814&recv=60&lost=0&retrans=0&sent_bytes=918310&recv_bytes=12242&delivery_rate=366869&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=1688&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/uploads/2019/05/cropped-nxbrewfavicon-200x200.jpg

188.114.97.1

200 OK

5.6 kB

URL GET HTTP/3
nxbrew.net/wp-content/uploads/2019/05/cropped-nxbrewfavicon-200x200.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x200, components 3
Size
5.6 kB (5557 bytes)
Hash
bdec6f6d7cf37ab75424a88fff373e27
b43865a9c59c8151438933b61cf0650d4d60f63f
5cfaf6f2baead7a11568ede4d2abb87e5c8d3f743d33f8897d868666c3dbc7cf

HTTP Headers

GET /wp-content/uploads/2019/05/cropped-nxbrewfavicon-200x200.jpg HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/jpeg
content-length: 5557
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Mon, 20 May 2019 00:34:39 GMT
etag: "15b5-58946e5c285c0"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:07 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ik3UxTxw4Y0qrBhPLhO6wPef07rCshKuIvM3fjyJN7Ojf2Qkc545wWUDsnVWDyfIl9KxbRy3mQ%2BrRGgy68B4IqmkYlyd%2FIoNXKpc5gSbZ4r0eriKkDWC9Qi5Cmk5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b0c28bb5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2116&min_rtt=869&rtt_var=966&sent=821&recv=62&lost=0&retrans=0&sent_bytes=924843&recv_bytes=12609&delivery_rate=560858&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=1696&x=1", cfExtPri, cfHdrFlush;dur=0

GET secure.gravatar.com/avatar/d10ca8d11301c2f4993ac2279ce4b930?s=64&d=wavatar&r=g

192.0.73.2

200 OK

3.9 kB

URL GET HTTP/2
secure.gravatar.com/avatar/d10ca8d11301c2f4993ac2279ce4b930?s=64&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
Size
3.9 kB (3914 bytes)
Hash
81c4129fba8fbaa6d0d7f481b8afad57
2c0e7af1e18df197521e4df6e5ba475177d99802
17d32ffddaa295e6744893911b14e0720f8ef9f8364a44ed4805a40f81caf0be

HTTP Headers

GET /avatar/d10ca8d11301c2f4993ac2279ce4b930?s=64&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 3914
last-modified: Fri, 29 Feb 2008 23:59:48 GMT
link: <https://gravatar.com/avatar/d10ca8d11301c2f4993ac2279ce4b930?s=64&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/554f308fa6e435ba756de8aa2792de79?s=64&d=wavatar&r=g

192.0.73.2

200 OK

2.8 kB

URL GET HTTP/2
secure.gravatar.com/avatar/554f308fa6e435ba756de8aa2792de79?s=64&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
Size
2.8 kB (2845 bytes)
Hash
40645512eb64f45177e4546a3d4e22b3
3b7b23aeed50c9835f1da0fd74e655e0464a4e68
b0fbac25284ba2509bb9ae42742e84b645b2fedcb5fabba70dd17649a542614e

HTTP Headers

GET /avatar/554f308fa6e435ba756de8aa2792de79?s=64&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 2845
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/554f308fa6e435ba756de8aa2792de79?s=64&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/9d3dfa06a5044449798e4c8b726af1ee?s=64&d=wavatar&r=g

192.0.73.2

200 OK

4.4 kB

URL GET HTTP/2
secure.gravatar.com/avatar/9d3dfa06a5044449798e4c8b726af1ee?s=64&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
Size
4.4 kB (4437 bytes)
Hash
513e706258923553acd1b897f24af18c
3401ab5022d54dbe9417597551715894fe84e31d
1c11826650775ffc762ff2339a2691168daebe4b729ae1b15a5a4a1f1b1e3df7

HTTP Headers

GET /avatar/9d3dfa06a5044449798e4c8b726af1ee?s=64&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 4437
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/9d3dfa06a5044449798e4c8b726af1ee?s=64&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/d42697599a173ffd1fd5ddc9aca5beab?s=96&d=wavatar&r=g

192.0.73.2

200 OK

10 kB

URL GET HTTP/2
secure.gravatar.com/avatar/d42697599a173ffd1fd5ddc9aca5beab?s=96&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced
Size
10 kB (10370 bytes)
Hash
5b64396fd63a244ba4f512355728fe77
c2a2d7399e20aebabf462aa1c5c8b581a3304bca
fd0b3febb129a57473cadad302044d376ca702957290696cc7dec06f35430348

HTTP Headers

GET /avatar/d42697599a173ffd1fd5ddc9aca5beab?s=96&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 10370
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/d42697599a173ffd1fd5ddc9aca5beab?s=96&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/ea794dedda358bf85e6e9fa765f47723?s=96&d=wavatar&r=g

192.0.73.2

200 OK

8.3 kB

URL GET HTTP/2
secure.gravatar.com/avatar/ea794dedda358bf85e6e9fa765f47723?s=96&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced
Size
8.3 kB (8308 bytes)
Hash
75c59f9c8af10826e9444f66eb70d203
735dd2e5e23bd523420b6a573e558d69dce7f713
5e41c7ab26066e399aa75e2e8b6d5034c1531c5ca2dba1f2b8cbd975cf04826a

HTTP Headers

GET /avatar/ea794dedda358bf85e6e9fa765f47723?s=96&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 8308
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/ea794dedda358bf85e6e9fa765f47723?s=96&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/7a52d48ea4ff90c1759644102b7a66a3?s=64&d=wavatar&r=g

192.0.73.2

200 OK

5.1 kB

URL GET HTTP/2
secure.gravatar.com/avatar/7a52d48ea4ff90c1759644102b7a66a3?s=64&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
Size
5.1 kB (5050 bytes)
Hash
842c6263954d26b23413ab5ba26cc26e
9dea1a2333bce3db1263c8cbd79614f91f7c923d
cb2a23b2000bfb5222c9911ebf197707a8b7dd8070d87ec91a38423fac8e69d3

HTTP Headers

GET /avatar/7a52d48ea4ff90c1759644102b7a66a3?s=64&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 5050
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/7a52d48ea4ff90c1759644102b7a66a3?s=64&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET s.w.org/images/core/emoji/15.0.3/svg/2705.svg

192.0.77.48

200 OK

482 B

URL GET HTTP/2
s.w.org/images/core/emoji/15.0.3/svg/2705.svg
IP
192.0.77.48:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjects.w.org
Fingerprint96:F6:1C:CC:BA:CE:51:9F:4A:3E:0A:7B:45:8B:91:CA:28:0C:36:EF
ValidityMon, 30 Dec 2024 18:11:04 GMT - Sun, 30 Mar 2025 18:11:03 GMT

File type
SVG Scalable Vector Graphics image
Size
482 B (482 bytes)
Hash
212e30e47232be03033a87dc58edaa95
4d69c4a3dc57503e08b76c774135bfe83e8b1f51
1f026beb67630abcdbc341651b1c17591aa76261296a9fb118793765964eb4e9

HTTP Headers

GET /images/core/emoji/15.0.3/svg/2705.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/svg+xml
content-length: 482
last-modified: Tue, 30 Jan 2024 01:21:10 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/61168929218955bec303cf568efb23a9?s=64&d=wavatar&r=g

192.0.73.2

200 OK

2.3 kB

URL GET HTTP/2
secure.gravatar.com/avatar/61168929218955bec303cf568efb23a9?s=64&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 64x64, components 3
Size
2.3 kB (2288 bytes)
Hash
93e5d42952f7b86dcb157a1d5b4824c0
d9cd42d92a8bc098383a25bc02cea9bb20f51f11
5c6b84f4a8e39a126bc8dfd88740728efd4efdfd8f2b247ce0a1f4e5a032ae5a

HTTP Headers

GET /avatar/61168929218955bec303cf568efb23a9?s=64&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/jpeg
content-length: 2288
last-modified: Wed, 29 Dec 2010 19:18:51 GMT
link: <https://gravatar.com/avatar/61168929218955bec303cf568efb23a9?s=64&d=wavatar&r=g>; rel="canonical"
content-disposition: inline; filename="61168929218955bec303cf568efb23a9.jpeg"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/d57f2d5394353dd10d33c8de34d41f71?s=64&d=wavatar&r=g

192.0.73.2

200 OK

4.8 kB

URL GET HTTP/2
secure.gravatar.com/avatar/d57f2d5394353dd10d33c8de34d41f71?s=64&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
Size
4.8 kB (4849 bytes)
Hash
f7c9e8459d3cb5dbec9e0685442ea3e0
9d51680487d6c4d918810332373ce673bb738bc7
3db566600b04c4161ed3176cf8c76ebc911675129387faf150b4ed89f9a28b91

HTTP Headers

GET /avatar/d57f2d5394353dd10d33c8de34d41f71?s=64&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 4849
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/d57f2d5394353dd10d33c8de34d41f71?s=64&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: MISS arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/1814aed7d4cd5e04ea8326e5a1f45559?s=64&d=wavatar&r=g

192.0.73.2

200 OK

4.2 kB

URL GET HTTP/2
secure.gravatar.com/avatar/1814aed7d4cd5e04ea8326e5a1f45559?s=64&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
Size
4.2 kB (4165 bytes)
Hash
4ff4ad57bc31a000a189d8e6ba634f12
bba44c8d20613fda962183adf18ca51ddbf8dfa6
da4178fd745c6c5ced0beb41418da45534ae80ba3449b0f89a1a63b9c401ff49

HTTP Headers

GET /avatar/1814aed7d4cd5e04ea8326e5a1f45559?s=64&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 4165
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/1814aed7d4cd5e04ea8326e5a1f45559?s=64&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: MISS arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/58a6dca3eac8685e36824f2afb7515a7?s=64&d=wavatar&r=g

192.0.73.2

200 OK

4.5 kB

URL GET HTTP/2
secure.gravatar.com/avatar/58a6dca3eac8685e36824f2afb7515a7?s=64&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
Size
4.5 kB (4518 bytes)
Hash
a5c3c932a98ad4d97b013ee67c97bb08
d6d3fc0b14bef2a38d0acfe87ed412dda80d7436
c32f1b7ff001fa46e5f828819cccb2d5f26eb1515d556d7d1320a27285c3a2e4

HTTP Headers

GET /avatar/58a6dca3eac8685e36824f2afb7515a7?s=64&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 4518
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/58a6dca3eac8685e36824f2afb7515a7?s=64&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: MISS arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/25a1d107d954c907e71344bbd4539510?s=56&d=wavatar&r=g

192.0.73.2

200 OK

2.5 kB

URL GET HTTP/2
secure.gravatar.com/avatar/25a1d107d954c907e71344bbd4539510?s=56&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 56 x 56, 8-bit/color RGB, non-interlaced
Size
2.5 kB (2535 bytes)
Hash
55a259eb21dd1bae83f70ecaf46aceae
0888d50e197667434f003ebe23472b87f1392f69
df5d0f62f2cf49e0eff7aec4dafe7caecd6a659bfe86a975ac2258aa1fdde14d

HTTP Headers

GET /avatar/25a1d107d954c907e71344bbd4539510?s=56&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 2535
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/25a1d107d954c907e71344bbd4539510?s=56&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: MISS arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/320bd2e44b4798e7c3dc5fda773e8a58?s=56&d=wavatar&r=g

192.0.73.2

200 OK

4.9 kB

URL GET HTTP/2
secure.gravatar.com/avatar/320bd2e44b4798e7c3dc5fda773e8a58?s=56&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 56 x 56, 8-bit/color RGB, non-interlaced
Size
4.9 kB (4936 bytes)
Hash
d3c08b3d092dc79672a53448c7675b7d
5b53cb27da4d1791674b6757a5a759012d58ed3f
b41b86d2e095e9d79c7baf6b3dea241e1c805e9b6211d787ef6ab8a146d71390

HTTP Headers

GET /avatar/320bd2e44b4798e7c3dc5fda773e8a58?s=56&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 4936
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/320bd2e44b4798e7c3dc5fda773e8a58?s=56&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: MISS arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js

192.243.59.20

200 OK

34 kB

URL GET HTTP/1.1
www.profitabledisplaycontent.com/d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
FingerprintD9:93:9C:DB:45:EB:09:71:07:04:67:99:DB:C4:BB:61:78:3D:67:20
ValidityTue, 26 Nov 2024 22:12:19 GMT - Mon, 24 Feb 2025 22:12:18 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33716 bytes)
Hash
b9ee518b16c49bfdaddc03f090463e77
d929d2d5f5a23acd87d51dd0d20a812759260934
e56143022531fb06c88377c212fa03a8efbcaf65288491bcdf6092cb2db4467f

HTTP Headers

GET /d7/4c/47/d74c471df98f24d6d2b36726cb88ad0f.js HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Jan 2025 21:36:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: www.profitabledisplaycontent.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: efd3a4941cbfacdf57697bf752704ed6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET proftrafficcounter.com/stats

3.127.100.141

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.127.100.141:443
ASN
#16509 AMAZON-02

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9fc3c489b2840dfe600973e20833e771
75c06adff4ec07ebbd48e5b0f1430ba1cbdd2fa7
261ae98e127f04e719037258c39788b07a1e67601ab8c68723c61c041351ac03

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.net
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Cookie: uid_id2=c670d3ab-cf4f-468b-b480-568aa8f3ba4f:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

GET secure.gravatar.com/avatar/e88c20a0a2db3828c78c0ce98f69952f?s=64&d=wavatar&r=g

192.0.73.2

200 OK

5.1 kB

URL GET HTTP/2
secure.gravatar.com/avatar/e88c20a0a2db3828c78c0ce98f69952f?s=64&d=wavatar&r=g
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectgravatar.com
Fingerprint64:D7:69:B4:39:40:3E:2B:AF:99:16:4D:D8:6E:E8:0F:65:F9:C1:FC
ValidityMon, 16 Dec 2024 09:36:48 GMT - Sun, 16 Mar 2025 09:36:47 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced
Size
5.1 kB (5054 bytes)
Hash
ad871622b7a873b382f98efb1ebb1284
0448736116261745ea84023237a69e65653b0e07
b4055b6806fd269c82c4be56cb8cabc376f35ba0dae6d46c398d50c67278cbbf

HTTP Headers

GET /avatar/e88c20a0a2db3828c78c0ce98f69952f?s=64&d=wavatar&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/png
content-length: 5054
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://gravatar.com/avatar/e88c20a0a2db3828c78c0ce98f69952f?s=64&d=wavatar&r=g>; rel="canonical"
access-control-allow-origin: *
accept-ranges: bytes
expires: Sun, 05 Jan 2025 21:41:45 GMT
cache-control: max-age=300
x-nc: MISS arn 1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET recordedthereby.com/sfp.js

185.196.197.71

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Jan 2025 21:36:45 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 68e7ab264d950d6d3834969c4b99f261
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.profitabledisplaycontent.com/watch.1006744386309.js?key=b4832ec5a7016dd356a06694f07a3231&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&tz=0&dev=e&res=14.2071&rb=&uuid=

192.243.59.20

307 Temporary Redirect

0 B

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.1006744386309.js?key=b4832ec5a7016dd356a06694f07a3231&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&tz=0&dev=e&res=14.2071&rb=&uuid=
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
FingerprintD9:93:9C:DB:45:EB:09:71:07:04:67:99:DB:C4:BB:61:78:3D:67:20
ValidityTue, 26 Nov 2024 22:12:19 GMT - Mon, 24 Feb 2025 22:12:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1006744386309.js?key=b4832ec5a7016dd356a06694f07a3231&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&tz=0&dev=e&res=14.2071&rb=&uuid= HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.net
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Jan 2025 21:36:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nxbrew.net
Access-Control-Allow-Origin: https://nxbrew.net
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.1006744386309.js?dev=e&key=b4832ec5a7016dd356a06694f07a3231&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&pst=1736113066&rb=&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&res=14.2071&rmtc=t&shu=8e8be0eca667837f646b5b0652a45dd2616f13b4258a5af55681f18813d521cdbb5be97480bd404583a195724b3de0f7279d67c4bd208ecb8c5d88fd73365a447cd229c44ecc88dc321bcf9256fcdd5edc53cdbd54ff680ae46a&tz=0&uuid=
Set-Cookie: u_pl15120056=1; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMDA1NiwiayI6ImI0ODMyZWM1YTcwMTZkZDM1NmEwNjY5NGYwN2EzMjMxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDQ3MDUsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InZ5dTRoNjEzcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL254YnJldy5uZXQvb2RkYmFsbGVycy1zd2l0Y2gtbnNwLWVzaG9wLyIsImFyIjpbXX19.H-iA5CWonvD21VATULJ49OVSECymoo22K7UQNU7fIUI; expires=Sun, 05 Jan 2025 21:37:46 GMT; path=/; secure; SameSite=None
Host: www.profitabledisplaycontent.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 834ac3114a398f51198474d24de50ca5
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET capaciousdrewreligion.com/advertisers.js

185.196.197.72

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
Fingerprint82:0B:0F:77:DF:40:9E:C3:7A:54:6C:86:AF:95:22:CC:F0:E5:98:44
ValidityThu, 02 Jan 2025 20:58:03 GMT - Wed, 02 Apr 2025 20:58:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 Jan 2025 21:36:46 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7d6af6a72e153cbb3236d8f28280f3ba
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET www.profitabledisplaycontent.com/watch.217102611374.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&tz=0&dev=e&res=14.2071&rb=&uuid=

192.243.59.20

307 Temporary Redirect

0 B

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.217102611374.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&tz=0&dev=e&res=14.2071&rb=&uuid=
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
FingerprintD9:93:9C:DB:45:EB:09:71:07:04:67:99:DB:C4:BB:61:78:3D:67:20
ValidityTue, 26 Nov 2024 22:12:19 GMT - Mon, 24 Feb 2025 22:12:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.217102611374.js?key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&tz=0&dev=e&res=14.2071&rb=&uuid= HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.net
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Jan 2025 21:36:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nxbrew.net
Access-Control-Allow-Origin: https://nxbrew.net
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.217102611374.js?dev=e&key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&pst=1736113066&rb=&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&res=14.2071&rmtc=t&shu=0563e428098968c5b28cdb2aa15432f544e4e3d3d17da229d1d0ce4d8302871eca96a1167992699a7a389a29751e0b9a510329e879133b45a7a2b9834c27ac65d3c085cadde212bcc00f3fc4bbc810ada186ef3b4011fc925af5&tz=0&uuid=
Set-Cookie: u_pl15120059=1; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMDA1OSwiayI6IjA2MGQ4Zjc0M2U5MDlkYThjMjhhNjUzNWM0ZWVjODExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDQ3MDUsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJza2N0ZTRibiIsImNwa3MiOnsiMjgiOiJkNzRjNDcxZGY5OGYyNGQ2ZDJiMzY3MjZjYjg4YWQwZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ueGJyZXcubmV0L29kZGJhbGxlcnMtc3dpdGNoLW5zcC1lc2hvcC8iLCJhciI6W119fQ.GaaFX2FMw6sTqy4Jy-hu-JKjHoajC8oXNkXovDLIjTY; expires=Sun, 05 Jan 2025 21:37:46 GMT; path=/; secure; SameSite=None
Host: www.profitabledisplaycontent.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 48bac63838d2485e6f0d791e649272b6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET stereospoutfireextinguisher.com/pixel/purst?dl=0&th=0&sc=0&rs=2211&rd=2211&fd=642&bv=24.12.6652&tmpl=136

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
stereospoutfireextinguisher.com/pixel/purst?dl=0&th=0&sc=0&rs=2211&rd=2211&fd=642&bv=24.12.6652&tmpl=136
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectstereospoutfireextinguisher.com
FingerprintC5:2E:10:49:A7:54:62:C2:76:32:76:44:BB:73:B5:4E:C2:01:2C:0F
ValidityWed, 18 Dec 2024 21:16:38 GMT - Tue, 18 Mar 2025 21:16:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2211&rd=2211&fd=642&bv=24.12.6652&tmpl=136 HTTP/1.1
Host: stereospoutfireextinguisher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Jan 2025 21:36:46 GMT
Content-Length: 0
Connection: keep-alive
Host: stereospoutfireextinguisher.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET www.profitabledisplaycontent.com/watch.217102611374.js?dev=e&key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&pst=1736113066&rb=&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&res=14.2071&rmtc=t&shu=0563e428098968c5b28cdb2aa15432f544e4e3d3d17da229d1d0ce4d8302871eca96a1167992699a7a389a29751e0b9a510329e879133b45a7a2b9834c27ac65d3c085cadde212bcc00f3fc4bbc810ada186ef3b4011fc925af5&tz=0&uuid=

192.243.59.20

200 OK

2.3 kB

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.217102611374.js?dev=e&key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&pst=1736113066&rb=&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&res=14.2071&rmtc=t&shu=0563e428098968c5b28cdb2aa15432f544e4e3d3d17da229d1d0ce4d8302871eca96a1167992699a7a389a29751e0b9a510329e879133b45a7a2b9834c27ac65d3c085cadde212bcc00f3fc4bbc810ada186ef3b4011fc925af5&tz=0&uuid=
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
FingerprintD9:93:9C:DB:45:EB:09:71:07:04:67:99:DB:C4:BB:61:78:3D:67:20
ValidityTue, 26 Nov 2024 22:12:19 GMT - Mon, 24 Feb 2025 22:12:18 GMT

File type
JavaScript source, ASCII text, with very long lines (2927)
Size
2.3 kB (2320 bytes)
Hash
f1bd8d48f0d6a5661609d1af0c5fc1fb
44e1f08ce4ae781924c9065b0be8bf3906dab461
7c1196e49940f85160e59203fa6b7dfb304fe6036b15fbe32cfefedd3c3495e8

HTTP Headers

GET /watch.217102611374.js?dev=e&key=060d8f743e909da8c28a6535c4eec811&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&pst=1736113066&rb=&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&res=14.2071&rmtc=t&shu=0563e428098968c5b28cdb2aa15432f544e4e3d3d17da229d1d0ce4d8302871eca96a1167992699a7a389a29751e0b9a510329e879133b45a7a2b9834c27ac65d3c085cadde212bcc00f3fc4bbc810ada186ef3b4011fc925af5&tz=0&uuid= HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.net
Referer: https://nxbrew.net/
DNT: 1
Connection: keep-alive
Cookie: u_pl15120056=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMDA1OSwiayI6IjA2MGQ4Zjc0M2U5MDlkYThjMjhhNjUzNWM0ZWVjODExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDQ3MDUsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJza2N0ZTRibiIsImNwa3MiOnsiMjgiOiJkNzRjNDcxZGY5OGYyNGQ2ZDJiMzY3MjZjYjg4YWQwZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9ueGJyZXcubmV0L29kZGJhbGxlcnMtc3dpdGNoLW5zcC1lc2hvcC8iLCJhciI6W119fQ.GaaFX2FMw6sTqy4Jy-hu-JKjHoajC8oXNkXovDLIjTY; u_pl15120059=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Jan 2025 21:36:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nxbrew.net
Access-Control-Allow-Origin: https://nxbrew.net
Access-Control-Allow-Credentials: true
Set-Cookie: pdhtkv=true; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
pdhtkv25=true; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
uncs25=1; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
Host: www.profitabledisplaycontent.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 500ef3a716374b87953eb5fd01ad0727
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET proftrafficcounter.com/stats

3.127.100.141

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.127.100.141:443
ASN
#16509 AMAZON-02

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9fc3c489b2840dfe600973e20833e771
75c06adff4ec07ebbd48e5b0f1430ba1cbdd2fa7
261ae98e127f04e719037258c39788b07a1e67601ab8c68723c61c041351ac03

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.net
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Cookie: uid_id2=c670d3ab-cf4f-468b-b480-568aa8f3ba4f:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Jan 2025 21:36:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nxbrew.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

GET www.profitabledisplaycontent.com/watch.1006744386309.js?dev=e&key=b4832ec5a7016dd356a06694f07a3231&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&pst=1736113066&rb=&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&res=14.2071&rmtc=t&shu=8e8be0eca667837f646b5b0652a45dd2616f13b4258a5af55681f18813d521cdbb5be97480bd404583a195724b3de0f7279d67c4bd208ecb8c5d88fd73365a447cd229c44ecc88dc321bcf9256fcdd5edc53cdbd54ff680ae46a&tz=0&uuid=

192.243.59.13

200 OK

2.3 kB

URL GET HTTP/1.1
www.profitabledisplaycontent.com/watch.1006744386309.js?dev=e&key=b4832ec5a7016dd356a06694f07a3231&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&pst=1736113066&rb=&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&res=14.2071&rmtc=t&shu=8e8be0eca667837f646b5b0652a45dd2616f13b4258a5af55681f18813d521cdbb5be97480bd404583a195724b3de0f7279d67c4bd208ecb8c5d88fd73365a447cd229c44ecc88dc321bcf9256fcdd5edc53cdbd54ff680ae46a&tz=0&uuid=
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subject*.profitabledisplaycontent.com
FingerprintD9:93:9C:DB:45:EB:09:71:07:04:67:99:DB:C4:BB:61:78:3D:67:20
ValidityTue, 26 Nov 2024 22:12:19 GMT - Mon, 24 Feb 2025 22:12:18 GMT

File type
JavaScript source, ASCII text, with very long lines (2916)
Size
2.3 kB (2311 bytes)
Hash
7d1537fc91ebacbe4df5d11ca71620bc
df2c4c0ed11659e426427a03efe142e98c7830e9
c94fdc867a67a35066b437dc842a00c34b2c82231217c7894249de72c2af9e69

HTTP Headers

GET /watch.1006744386309.js?dev=e&key=b4832ec5a7016dd356a06694f07a3231&kw=%5B%22oddballers%22%2C%22switch%22%2C%22nsp%22%2C%22%2B%22%2C%22update%22%2C%22eshop%22%2C%22nxbrew%22%2C%22net%22%5D&pst=1736113066&rb=&refer=https%3A%2F%2Fnxbrew.net%2Foddballers-switch-nsp-eshop%2F&res=14.2071&rmtc=t&shu=8e8be0eca667837f646b5b0652a45dd2616f13b4258a5af55681f18813d521cdbb5be97480bd404583a195724b3de0f7279d67c4bd208ecb8c5d88fd73365a447cd229c44ecc88dc321bcf9256fcdd5edc53cdbd54ff680ae46a&tz=0&uuid= HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nxbrew.net
Referer: https://nxbrew.net/
DNT: 1
Connection: keep-alive
Cookie: u_pl15120056=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTEyMDA1NiwiayI6ImI0ODMyZWM1YTcwMTZkZDM1NmEwNjY5NGYwN2EzMjMxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDQ3MDUsInBpZCI6MTA4Njk1LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InZ5dTRoNjEzcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL254YnJldy5uZXQvb2RkYmFsbGVycy1zd2l0Y2gtbnNwLWVzaG9wLyIsImFyIjpbXX19.H-iA5CWonvD21VATULJ49OVSECymoo22K7UQNU7fIUI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Jan 2025 21:36:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nxbrew.net
Access-Control-Allow-Origin: https://nxbrew.net
Access-Control-Allow-Credentials: true
Set-Cookie: pdhtkv=true; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Mon, 06 Jan 2025 21:36:46 GMT; path=/; secure; SameSite=None
Host: www.profitabledisplaycontent.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1a28093fae08a9f89cdc0b49c2c31977
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET cdn.storageimagedisplay.com/cti/5f/1f/0d/5f1f0d0dee35a1547e1dd8934b9ac87b/1722091946.jpg

45.133.44.2

200 OK

50 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/5f/1f/0d/5f1f0d0dee35a1547e1dd8934b9ac87b/1722091946.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, progressive, precision 8, 160x600, components 3
Size
50 kB (49801 bytes)
Hash
68277c7cbe64fbdf2f1567206845d485
bd24ec92432f83d3630663a740bebb6c594cd2b3
7d5a851d1aae955d8a81f037934b730f3fcf937f0f2e1746d8669be133632495

HTTP Headers

GET /cti/5f/1f/0d/5f1f0d0dee35a1547e1dd8934b9ac87b/1722091946.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 Jan 2025 21:36:46 GMT
content-type: image/jpeg
content-length: 49801
server: nginx/1.21.6
last-modified: Sat, 27 Jul 2024 14:52:26 GMT
etag: "66a509aa-c289"
expires: Tue, 07 Jan 2025 21:36:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdn.storageimagedisplay.com/cti/d5/a3/12/d5a312abfdfa9ee20e1f48212f48cae1/1722092076.jpg

45.133.44.2

200 OK

53 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/d5/a3/12/d5a312abfdfa9ee20e1f48212f48cae1/1722092076.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, progressive, precision 8, 300x250, components 3
Size
53 kB (53117 bytes)
Hash
fbcdfdb3ce4255e61104b2001d97dd66
93a76f55d716c3cc097648a3d86999889548b5b5
ac583640fff0c325cb5b2e65b0047953139ee94ddef253a7161fb305c6f58da1

HTTP Headers

GET /cti/d5/a3/12/d5a312abfdfa9ee20e1f48212f48cae1/1722092076.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 Jan 2025 21:36:46 GMT
content-type: image/jpeg
content-length: 53117
server: nginx/1.21.6
last-modified: Sat, 27 Jul 2024 14:54:36 GMT
etag: "66a50a2c-cf7d"
expires: Tue, 07 Jan 2025 21:36:46 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

GET unseenreport.com/pxf.gif?uuid=c670d3ab-cf4f-468b-b480-568aa8f3ba4f&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d74c471df98f24d6d2b36726cb88ad0f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=c670d3ab-cf4f-468b-b480-568aa8f3ba4f&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d74c471df98f24d6d2b36726cb88ad0f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74
ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=c670d3ab-cf4f-468b-b480-568aa8f3ba4f&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=d74c471df98f24d6d2b36726cb88ad0f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Jan 2025 21:36:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9a8e112d751afeeee135bc0b08096cc6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

GET nxbrew.net/wp-content/cache/minify/4c41e.js

188.114.97.1

200 OK

331 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/4c41e.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (62919)
Size
331 kB (331401 bytes)
Hash
d8e3bfee9a5e8c29deeb34511aa06033
a9ac8ad16cec2847bf171be65beed9041ecbbe98
3b16f4e45c111d32d96f7ee5a8aa8432eb27bd94b143bb7842eb6c8aeb5a76c4

HTTP Headers

GET /wp-content/cache/minify/4c41e.js HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: application/x-javascript; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:49:23 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Wed, 13 Nov 2024 10:02:00 GMT
etag: W/"pub1731492120"
cf-cache-status: HIT
age: 2353
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fSJW6OCd24PrGa3ZGoX0AKdbMo289wSwoIs%2BjBhnj9bfaA1M%2FYTCo8RvycrU7s1p0434v5AVqOw857%2FKC30S1PTQ8Nk9XjkTmTFL%2FEKwyezpSOurIJM5hGANvrJe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b042fdd5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4045&min_rtt=1076&rtt_var=3344&sent=359&recv=38&lost=0&retrans=0&sent_bytes=385377&recv_bytes=9246&delivery_rate=2353777&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=425&x=1", cfExtPri, cfHdrFlush;dur=0

GET s.w.org/images/core/emoji/15.0.3/svg/1f642.svg

192.0.77.48

200 OK

525 B

URL GET HTTP/2
s.w.org/images/core/emoji/15.0.3/svg/1f642.svg
IP
192.0.77.48:443
ASN
#2635 AUTOMATTIC

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerLet's Encrypt
Subjects.w.org
Fingerprint96:F6:1C:CC:BA:CE:51:9F:4A:3E:0A:7B:45:8B:91:CA:28:0C:36:EF
ValidityMon, 30 Dec 2024 18:11:04 GMT - Sun, 30 Mar 2025 18:11:03 GMT

File type
SVG Scalable Vector Graphics image
Size
525 B (525 bytes)
Hash
9dc58a06e658a2c74d1f38a2d400f887
8f5f1ee6990f14dbcb49dcdf3618c1764a4a73e2
ceae8f4c7d80fbc063d5a46f85e819b32a6f4f5985330bb3bea83c7e2174a793

HTTP Headers

GET /images/core/emoji/15.0.3/svg/1f642.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 05 Jan 2025 21:36:45 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Jan 2024 01:18:13 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.7.1

142.250.74.10

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.7.1
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
ASCII text
Size
12 kB (12260 bytes)
Hash
bac7e7d19d79d4f254d7f750d8cc4f2a
beb3afef6ee6082d1078fe1fa54e236c9076a67a
146da00e67084badca55b06f2258d742cd54466e37eb09aaaf68bddc7c848131

HTTP Headers

GET /css?family=Roboto+Condensed%3A400%2C300italic%2C300%2C400italic%2C700&subset=latin%2Clatin-ext&ver=6.7.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Jan 2025 21:36:44 GMT
date: Sun, 05 Jan 2025 21:36:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET nxbrew.net/wp-content/cache/minify/dcd31.css

188.114.97.1

200 OK

110 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/dcd31.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
ASCII text, with very long lines (1852)
Size
110 kB (109961 bytes)
Hash
f4d41b60c8892d7f6c8b710e60bd2469
318c8ca97b1562aeb999796a10d0088b069acafc
5b374e93f059363ddd57f9c516a62df3ae5dabd3dff5ec01e642f49182c2f474

HTTP Headers

GET /wp-content/cache/minify/dcd31.css HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: text/css; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:49:23 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Sun, 05 Jan 2025 09:53:01 GMT
etag: W/"pub1736070781"
cf-cache-status: HIT
age: 2354
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtFiHjUURhw%2FhEo4XHweVRGWTDJMpToxaB5hPrNtq3%2B%2BCvMFXEUIeZ6EeW4pRDbJepSwjp3neHy1MCYvRU1CbyKMvLUmJQ1pFEM9A7j0InTQrW6LSjpPvl%2BEUDtm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03bf465688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10129&min_rtt=1076&rtt_var=6869&sent=29&recv=14&lost=0&retrans=0&sent_bytes=16245&recv_bytes=3463&delivery_rate=551891&cwnd=12000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=345&x=1", cfExtPri, cfHdrFlush;dur=3

GET nxbrew.net/wp-content/cache/minify/45ffb.js

188.114.97.1

200 OK

6.3 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/45ffb.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (6350), with no line terminators
Size
6.3 kB (6317 bytes)
Hash
438574a3642583157b3abfac63e8d11a
e1189b927722205599c903421eee3c19d56c224c
c54de40c0433c45a0edec52bbc9b474b8911c8ea8e50657fe6ccece4c544a67b

HTTP Headers

GET /wp-content/cache/minify/45ffb.js HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: application/x-javascript; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:49:23 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Tue, 19 Nov 2024 15:31:25 GMT
etag: W/"pub1732030285"
cf-cache-status: HIT
age: 2353
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWS2ddU20Mbz9A7Ia06jQnIlnK3Ior%2Fs6u5bRIwBI9sPqUQPiQMbXrzTMF7DuH3wMQjNsWePdGLNAYM%2FhKbt9uLWCtc7K8rPwY8ZnpZMkeZ2Y18fS0NWq7WO5Jib"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b043fe85688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4045&min_rtt=1076&rtt_var=3344&sent=354&recv=38&lost=0&retrans=0&sent_bytes=380306&recv_bytes=9246&delivery_rate=2353777&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=422&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/cache/minify/37c1a.css

188.114.97.1

200 OK

119 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/37c1a.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
ASCII text, with very long lines (22067)
Size
119 kB (118995 bytes)
Hash
69b41171f381e19c663774efbbe6fcec
aa302e2f722bd65c707807df29f8483fc16e2733
0c81a802be71df668e1646af4a2729b7bb135ea80d3b492dba7a99b47842c381

HTTP Headers

GET /wp-content/cache/minify/37c1a.css HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: text/css; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:49:23 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Thu, 17 Oct 2024 08:47:32 GMT
etag: W/"pub1729154852"
cf-cache-status: HIT
age: 2354
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uwM9s7fEGWcT7oz45wlo5HjvlN9jldwcTVBeqDQIHmpVXLbUJDE7TyDvfwLeI7DtGiCaLKlr96nu2Zsw%2ByNA1Tlq28ckIxHCF6om5zLQdSvgxJOkY8R6muRAr3Wv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03bf475688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10129&min_rtt=1076&rtt_var=6869&sent=29&recv=14&lost=0&retrans=0&sent_bytes=16245&recv_bytes=3463&delivery_rate=551891&cwnd=12000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=346&x=1", cfExtPri, cfHdrFlush;dur=2

GET nxbrew.net/wp-content/cache/minify/0a549.js

188.114.97.1

200 OK

5.5 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/0a549.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
JavaScript source, ASCII text, with very long lines (5545), with no line terminators
Size
5.5 kB (5525 bytes)
Hash
c9bac5d79c5b54b5a91a832c5b48c461
1550403ae28dd69c35b9ca8c81b2becf22631a4f
6cf4f6e2fb9ba19422c7847f8c3ed62c767c529f77097ff925dc5978d4468007

HTTP Headers

GET /wp-content/cache/minify/0a549.js HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: application/x-javascript; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:49:17 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Sat, 18 Nov 2023 17:15:50 GMT
etag: W/"pub1700327750"
cf-cache-status: HIT
age: 2368
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJRsag79z9DsWozq6H6gzMGwU6x3HPZ9qD%2FFtJVn4lD4lD5tTy0XQXNByMLQzHI%2FBD%2B8XFG0svxegc6Q09QtIRnpLOKNcyop6ZXj3BMsBXboq%2FRzVeB6HUtVOmP2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b043fe75688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4045&min_rtt=1076&rtt_var=3344&sent=357&recv=38&lost=0&retrans=0&sent_bytes=382980&recv_bytes=9246&delivery_rate=2353777&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=423&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/wp-content/themes/boxstyle/fonts/fa-regular-400.woff2

188.114.97.1

200 OK

24 kB

URL GET HTTP/3
nxbrew.net/wp-content/themes/boxstyle/fonts/fa-regular-400.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24488, version 772.1280
Size
24 kB (24488 bytes)
Hash
747442fa76f1d9a31f9a54a2e8a4b448
07fc0ae14bb3187839082aed3bca11dfb1e04524
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

HTTP Headers

GET /wp-content/themes/boxstyle/fonts/fa-regular-400.woff2 HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/wp-content/cache/minify/bbe5c.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: application/font-woff2
content-length: 24488
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
last-modified: Sat, 18 Nov 2023 17:15:50 GMT
etag: "5fa8-60a70679747a3"
cache-control: public, max-age=31536000
expires: Mon, 05 Jan 2026 12:49:19 GMT
referrer-policy: no-referrer-when-downgrade
pragma: public
x-powered-by: W3 Total Cache/2.8.2
cf-cache-status: HIT
age: 2373
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBAqfx7yChfGRZJF9%2BIwdoMPXMWDmjCi9NyW2dDMgxSPD%2FqppttSoomwqPcPC%2F9k5Ou11wUn%2FwwbXdDkYUaM1m1XdE25OSXSWOnLQuJCQxjYs8YMc49mRkbxiBqH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b07dbca5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2190&min_rtt=869&rtt_var=1125&sent=676&recv=52&lost=0&retrans=0&sent_bytes=759570&recv_bytes=10770&delivery_rate=8206324&cwnd=192000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=1002&x=1", cfExtPri, cfHdrFlush;dur=0

GET nxbrew.net/oddballers-switch-nsp-eshop/

188.114.97.1

200 OK

165 kB

URL User Request GET HTTP/2
nxbrew.net/oddballers-switch-nsp-eshop/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type

Size
165 kB (164610 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /oddballers-switch-nsp-eshop/ HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 Jan 2025 21:36:43 GMT
content-type: text/html; charset=UTF-8
link: <https://nxbrew.net/wp-json/>; rel="https://api.w.org/", <https://nxbrew.net/wp-json/wp/v2/posts/79474>; rel="alternate"; title="JSON"; type="application/json", <https://nxbrew.net/?p=79474>; rel=shortlink
expires: Sun, 05 Jan 2025 22:30:12 GMT
pragma: public
cache-control: max-age=3600, public
x-powered-by: W3 Total Cache/2.8.2
last-modified: Sun, 05 Jan 2025 21:30:12 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqiLPtAfl2Xes2PwAg1bEX4IovMgnMN7OAbLxUaYy%2BktdY8paxIcdl%2Fs94JkcJRxYfv8M7hpTOsb9eqM2qql%2BHu2uOa3mO5Hb0T4u7UMyiq8I64LLzSvqZvWhvQw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b006858568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5701&min_rtt=449&rtt_var=10492&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3193&recv_bytes=1134&delivery_rate=6906200&cwnd=254&unsent_bytes=0&cid=59c5c4f189545bb0&ts=209&x=0"
X-Firefox-Spdy: h2

GET nxbrew.net/wp-content/cache/minify/a5ff7.css

188.114.97.1

200 OK

115 kB

URL GET HTTP/3
nxbrew.net/wp-content/cache/minify/a5ff7.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectnxbrew.net
Fingerprint9C:87:45:92:6F:31:00:62:D4:5C:99:70:A2:5C:DA:5B:C8:4A:B9:AE
ValidityFri, 08 Nov 2024 09:18:52 GMT - Thu, 06 Feb 2025 09:18:51 GMT

File type

Size
115 kB (114689 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-content/cache/minify/a5ff7.css HTTP/1.1
Host: nxbrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/oddballers-switch-nsp-eshop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: text/css; charset=utf-8
x-powered-by: W3 Total Cache/2.8.2
pragma: public
expires: Mon, 05 Jan 2026 12:48:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Wed, 13 Nov 2024 10:01:59 GMT
etag: W/"pub1731492119"
cf-cache-status: HIT
age: 2373
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7j80h7Ug4083xJ5pJD6WEd1KfbLUbnm2Lywja0cb69MZ59NVtnXoo3dHOrOUrDu3lPsyrLU5xdrcNrhQvQEth2smDOwEQr6N3Q8o0l7P50ioAYt3Ehbpz2oJfbrm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd69b03bf425688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10129&min_rtt=1076&rtt_var=6869&sent=19&recv=14&lost=0&retrans=0&sent_bytes=4245&recv_bytes=3463&delivery_rate=551891&cwnd=12000&unsent_bytes=0&cid=893f72a5ef1b5ca6&ts=345&x=1", cfExtPri, cfHdrFlush;dur=0

GET cdn.ouo.io/js/full-page-script.js

104.22.22.162

200 OK

24 kB

URL GET HTTP/2
cdn.ouo.io/js/full-page-script.js
IP
104.22.22.162:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nxbrew.net/oddballers-switch-nsp-eshop/
Certificate
IssuerGoogle Trust Services
Subjectouo.io
Fingerprint80:35:8E:98:AE:95:47:FD:68:D1:50:7A:ED:94:3F:C6:3A:65:28:BF
ValiditySun, 08 Dec 2024 06:00:47 GMT - Sat, 08 Mar 2025 06:00:46 GMT

File type
JavaScript source, ASCII text, with very long lines (24222), with no line terminators
Size
24 kB (24222 bytes)
Hash
96bba75cededac75702ba6ac716d4973
775243f4de23825c140308e8f2c4cac797e5a750
5b373b36e3314ce0f7096a491c4a5b951aeb87dabca29702406e8b9bc28e0a0f

HTTP Headers

GET /js/full-page-script.js HTTP/1.1
Host: cdn.ouo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nxbrew.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 Jan 2025 21:36:44 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
etag: W/"5a17d83f-5e9e"
expires: Mon, 06 Jan 2025 02:51:46 GMT
last-modified: Fri, 24 Nov 2017 08:28:47 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 24298
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fd69b045cbc7130-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (34)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by