www.clientbot.netheberg.fr Open in urlscan Pro
217.182.116.210  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.clientbot.netheberg.fr/	33 KB 33 KB	173ms 42ms	Document text/html	217.182.116.210 OVH
General Check archive.org Show headers Download Go to Full URL https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.182.116.210 , France, ASN16276 (OVH, FR), Reverse DNS myplesk.fr Software nginx / PleskLin Resource Hash 2f7d7f5e96c1cc5d74ca02249487ccdd644f262ec8d1a3cdbe7ebf7ba6195819 Request headers :method GET :authority www.clientbot.netheberg.fr :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx date Mon, 20 Jul 2020 03:14:09 GMT content-type text/html content-length 33648 last-modified Mon, 20 Jul 2020 03:11:56 GMT etag "5f150b7c-8370" x-powered-by PleskLin accept-ranges bytes
GET H2	200	0.2d737cc92c807c265e1f.css discord.com/assets/	1 MB 196 KB	88ms 32ms	Stylesheet text/css	162.159.135.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/assets/0.2d737cc92c807c265e1f.css Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1784e9baa97ab89c7eff52ebc50f68dc0a71d1564cdbb6121c9f3bd5eeeb9a67 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:09 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding x-xss-protection 1; mode=block last-modified Thu, 04 Jun 2020 22:49:35 GMT server cloudflare x-frame-options DENY etag W/"ec58df4511f59177a23ebb23992ffdd1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin https://discord.com cache-control public, max-age=2592000 cf-request-id 040bcffdce00000c759f9c0200000001 cf-ray 5b5982a94f0d0c75-AMS
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	23ms 8ms	Script application/javascript	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:09 GMT content-encoding gzip last-modified Mon, 04 May 2020 23:02:39 GMT server nginx status 200 etag W/"5eb09f0f-15d84" vary Accept-Encoding x-hw 1595214849.dop002.fr8.t,1595214849.cds226.fr8.hn,1595214849.cds142.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	e1180c171e5a54377584.js Show response cors.flam3rboy.workers.dev/assets/	6 KB 3 KB	97ms 50ms	Fetch application/javascript	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/e1180c171e5a54377584.js Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fee1eec3111071ea6fb8d5605715ae29d9ed78c0f9a5db2be9001c38e91da68 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bcffe660000d6d169321200000001 last-modified Thu, 04 Jun 2020 23:13:28 GMT server cloudflare x-frame-options DENY etag W/"cd03b0702af0808a130a752d302aa9ff" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982aa3c73d6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	07ca8d15cc9ad4ffc0f6.js Show response cors.flam3rboy.workers.dev/assets/	268 KB 78 KB	98ms 51ms	Fetch application/javascript	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/07ca8d15cc9ad4ffc0f6.js Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00d2008ce6e24ccb5446bfc817baf5f8ccd50c553617ac514e054c1eed210ad5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bcffe660000d6d169322200000001 last-modified Thu, 04 Jun 2020 22:49:35 GMT server cloudflare x-frame-options DENY etag W/"3c3348d7e00a2650144c72246b944d40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982aa3c75d6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	c05bdc0c5c3c90e28c77.js Show response cors.flam3rboy.workers.dev/assets/	156 KB 47 KB	100ms 54ms	Fetch application/javascript	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/c05bdc0c5c3c90e28c77.js Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a54dfbd23e8e5430f9f5dd464a9eff92cb1bfc18bce64380da20765dc6927eb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bcffe660000d6d169323200000001 last-modified Thu, 04 Jun 2020 23:13:28 GMT server cloudflare x-frame-options DENY etag W/"89aeee783a0f8e4cb7c2606913a54205" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982aa3c76d6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	7288c77130c62ff8aa82.js cors.flam3rboy.workers.dev/assets/	12 MB 3 MB	98ms 52ms	Fetch application/javascript	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/7288c77130c62ff8aa82.js Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bcffe660000d6d169324200000001 last-modified Thu, 04 Jun 2020 23:13:29 GMT server cloudflare x-frame-options DENY etag W/"d6818644e03cff2f7f3fcd88d8560fe7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982aa3c77d6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	d957722319139c2c6f69.worker.js Show response cors.flam3rboy.workers.dev/assets/	8 KB 3 KB	25ms 25ms	Fetch application/javascript	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/d957722319139c2c6f69.worker.js Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ef5e9455163a0f87d6abfad825678756b6425129888db186d310df76d08ebe5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bd000a50000d6d169356200000001 last-modified Tue, 05 May 2020 21:00:20 GMT server cloudflare x-frame-options DENY etag W/"777996320962cf134f8cf2c538a06724" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982add8ded6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	experiments Show response discord.com/api/v6/	1 KB 797 B	132ms 132ms	XHR application/json	162.159.135.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/v6/experiments Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0242841d6af4eb7cef423663351e0db91a24cfa7f08bbd1038e77f4f17783b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers X-Super-Properties eyJvcyI6Ik1hYyBPUyBYIiwiYnJvd3NlciI6IkNocm9tZSIsImRldmljZSI6IiIsImJyb3dzZXJfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3dzZXJfdmVyc2lvbiI6IjgzLjAuNDEwMy42MSIsIm9zX3ZlcnNpb24iOiIxMC4xNC41IiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjYxMTUxLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ== Referer X-Context-Properties eyJsb2NhdGlvbiI6Ii8ifQ== User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept-Language en-US Authorization undefined Response headers date Mon, 20 Jul 2020 03:14:11 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC access-control-allow-origin https://www.clientbot.netheberg.fr status 200 x-envoy-upstream-service-time 12 cf-request-id 040bd0067c0000c78da217b200000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload access-control-allow-methods POST, GET, PUT, PATCH, DELETE content-type application/json via 1.1 google access-control-allow-credentials true cf-ray 5b5982b72c27c78d-AMS access-control-allow-headers Content-Type, Authorization, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Debug-Options, x-client-trace-id, If-None-Match, X-RateLimit-Precision
GET H2	200	0.2d737cc92c807c265e1f.css cors.flam3rboy.workers.dev/assets/	1 MB 185 KB	83ms 67ms	Stylesheet text/css	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1784e9baa97ab89c7eff52ebc50f68dc0a71d1564cdbb6121c9f3bd5eeeb9a67 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:11 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bd005f80000dfff552f7200000001 last-modified Thu, 04 Jun 2020 22:49:35 GMT server cloudflare x-frame-options DENY etag W/"ec58df4511f59177a23ebb23992ffdd1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin https://discordclient.com x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982b65a11dfff-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET BLOB	200 OK	6e7991d9-c451-4925-b9e9-455ce36100a7 https://www.clientbot.netheberg.fr/	8 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.clientbot.netheberg.fr/6e7991d9-c451-4925-b9e9-455ce36100a7 Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9ef5e9455163a0f87d6abfad825678756b6425129888db186d310df76d08ebe5 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 7837 Content-Type application/javascript
GET H2	200	507500d442ffd04ff63c.js Show response cors.flam3rboy.workers.dev/assets/	11 KB 4 KB	23ms 22ms	Fetch application/javascript	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/507500d442ffd04ff63c.js Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf15a74e05b3a1a0300e242eef8ab16ed2af0d09d929a0956d4a0d42a88ca33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:11 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bd006910000d6d169396200000001 last-modified Thu, 04 Jun 2020 20:47:17 GMT server cloudflare x-frame-options DENY etag W/"c1d456669cdb43ff0b5c56ec8d8926f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982b74c14d6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET BLOB	200 OK	89283c80-2105-45d1-abdf-b8b3a97a701c Show response https://www.clientbot.netheberg.fr/	11 KB 0		Script application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.clientbot.netheberg.fr/89283c80-2105-45d1-abdf-b8b3a97a701c Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash ccf15a74e05b3a1a0300e242eef8ab16ed2af0d09d929a0956d4a0d42a88ca33 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 11532 Content-Type application/javascript
POST H2	204	science Show response discord.com/api/v6/	0 182 B	117ms 117ms	XHR text/plain	162.159.135.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/v6/science Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers X-Super-Properties eyJvcyI6Ik1hYyBPUyBYIiwiYnJvd3NlciI6IkNocm9tZSIsImRldmljZSI6IiIsImJyb3dzZXJfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3dzZXJfdmVyc2lvbiI6IjgzLjAuNDEwMy42MSIsIm9zX3ZlcnNpb24iOiIxMC4xNC41IiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjYxMTUxLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ== Referer X-Fingerprint 734609074485854269.TNQuTibuXdRFg8m_GGbWLaEW2mM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept-Language en-US Authorization undefined Content-Type application/json Response headers date Mon, 20 Jul 2020 03:14:12 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-origin https://www.clientbot.netheberg.fr strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 5b5982b8ce43c78d-AMS cf-request-id 040bd0077d0000c78da2183200000001
GET H2	200	eaa33f3c20d20e5d912d.js Show response cors.flam3rboy.workers.dev/assets/	1 MB 260 KB	24ms 24ms	Fetch application/javascript	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/eaa33f3c20d20e5d912d.js Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46361595879e57ec7e80b3e0469aef94cb7cb03dc5f816c1f78dc1030b6c5ce9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:11 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bd007000000d6d16939a200000001 last-modified Thu, 04 Jun 2020 23:13:28 GMT server cloudflare x-frame-options DENY etag W/"684fa32141977755895273881efb567f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982b80ce4d6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET BLOB	200 OK	52d04bc6-913d-4877-8f8c-05dcc5382de5 Show response https://www.clientbot.netheberg.fr/	1 MB 0		Script application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.clientbot.netheberg.fr/52d04bc6-913d-4877-8f8c-05dcc5382de5 Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash ab99ac1bd681a5b3b56e1c34baa290ceaabece99a9476cac441f56a48736ad37 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 1441793 Content-Type application/javascript
GET H2	200	4f004ac9be168ac6ee18fc442a52ab53.svg cors.flam3rboy.workers.dev/assets/	2 KB 1 KB	21ms 20ms	Image image/svg+xml	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cors.flam3rboy.workers.dev/assets/4f004ac9be168ac6ee18fc442a52ab53.svg Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbf36b2b2e321feebbfd92930ca921ccd2f6831c56e012bc049b41d260b0903f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bd008010000dfff55306200000001 last-modified Wed, 26 Jun 2019 04:16:06 GMT server cloudflare x-frame-options DENY etag W/"4f004ac9be168ac6ee18fc442a52ab53" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/svg+xml access-control-allow-origin https://discordclient.com x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982b99e81dfff-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	e8acd7d9bf6207f99350ca9f9e23b168.woff cors.flam3rboy.workers.dev/assets/	76 KB 33 KB	25ms 25ms	Font application/font-woff	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css Origin https://www.clientbot.netheberg.fr Response headers date Mon, 20 Jul 2020 03:14:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bd008060000d6d1693aa200000001 last-modified Fri, 13 Sep 2019 18:44:29 GMT server cloudflare x-frame-options DENY etag W/"e8acd7d9bf6207f99350ca9f9e23b168" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/font-woff access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982b9aeb1d6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	be0060dafb7a0e31d2a1ca17c0708636.woff cors.flam3rboy.workers.dev/assets/	81 KB 34 KB	20ms 20ms	Font application/font-woff	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/be0060dafb7a0e31d2a1ca17c0708636.woff Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css Origin https://www.clientbot.netheberg.fr Response headers date Mon, 20 Jul 2020 03:14:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bd008100000d6d1693ab200000001 last-modified Wed, 26 Jun 2019 04:16:05 GMT server cloudflare x-frame-options DENY etag W/"be0060dafb7a0e31d2a1ca17c0708636" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/font-woff access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982b9bec0d6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	3bdef1251a424500c1b3a78dea9b7e57.woff cors.flam3rboy.workers.dev/assets/	75 KB 32 KB	21ms 20ms	Font application/font-woff	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/3bdef1251a424500c1b3a78dea9b7e57.woff Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css Origin https://www.clientbot.netheberg.fr Response headers date Mon, 20 Jul 2020 03:14:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bd008100000d6d1693ac200000001 last-modified Wed, 26 Jun 2019 04:16:17 GMT server cloudflare x-frame-options DENY etag W/"3bdef1251a424500c1b3a78dea9b7e57" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/font-woff access-control-allow-origin https://www.clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b5982b9bec1d6d1-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
POST H2	204	science Show response discord.com/api/v6/	0 175 B	117ms 117ms	XHR text/plain	162.159.135.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/v6/science Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers X-Super-Properties eyJvcyI6Ik1hYyBPUyBYIiwiYnJvd3NlciI6IkNocm9tZSIsImRldmljZSI6IiIsImJyb3dzZXJfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3dzZXJfdmVyc2lvbiI6IjgzLjAuNDEwMy42MSIsIm9zX3ZlcnNpb24iOiIxMC4xNC41IiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjYxMTUxLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ== Referer X-Fingerprint 734609074485854269.TNQuTibuXdRFg8m_GGbWLaEW2mM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept-Language en-US Authorization undefined Content-Type application/json Response headers date Mon, 20 Jul 2020 03:14:12 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-origin https://www.clientbot.netheberg.fr strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 5b5982bab85bc78d-AMS cf-request-id 040bd008b70000c78da218c200000001
GET H2	200	14c037b7102f18b2d2ccf065a52bb595.jpg cors.flam3rboy.workers.dev/assets/	297 KB 298 KB	22ms 22ms	Image image/jpeg	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cors.flam3rboy.workers.dev/assets/14c037b7102f18b2d2ccf065a52bb595.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89eaf02c4520463e568cf6aaf99f30e35c253f004db7dd7a37965a14e51657a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:12 GMT x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding content-length 304219 cf-request-id 040bd0083d0000dfff5530a200000001 last-modified Wed, 26 Jun 2019 04:16:07 GMT server cloudflare x-frame-options DENY etag "14c037b7102f18b2d2ccf065a52bb595" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/jpeg access-control-allow-origin https://discordclient.com x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true accept-ranges bytes cf-ray 5b5982b9ff04dfff-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	c8f0b54f79a9fd1ef60ad74c73a1ee1a.png cors.flam3rboy.workers.dev/assets/	47 KB 47 KB	28ms 28ms	Image image/png	2606:4700:3033::681f:4eac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cors.flam3rboy.workers.dev/assets/c8f0b54f79a9fd1ef60ad74c73a1ee1a.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681f:4eac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ae8119962b9358ab934ffb612e634fa23ca462c720c8915a8306c4c984d1cba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 03:14:12 GMT x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding content-length 48168 cf-request-id 040bd0083d0000dfff5530b200000001 last-modified Wed, 26 Jun 2019 04:16:26 GMT server cloudflare x-frame-options DENY etag "c8f0b54f79a9fd1ef60ad74c73a1ee1a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png access-control-allow-origin https://discordclient.com x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true accept-ranges bytes cf-ray 5b5982b9ff06dfff-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
POST H2	204	science Show response discord.com/api/v6/	0 64 B	136ms 136ms	XHR text/plain	162.159.135.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/v6/science Requested by Host: www.clientbot.netheberg.fr URL: https://www.clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers X-Super-Properties eyJvcyI6Ik1hYyBPUyBYIiwiYnJvd3NlciI6IkNocm9tZSIsImRldmljZSI6IiIsImJyb3dzZXJfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3dzZXJfdmVyc2lvbiI6IjgzLjAuNDEwMy42MSIsIm9zX3ZlcnNpb24iOiIxMC4xNC41IiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjYxMTUxLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ== Referer X-Fingerprint 734609074485854269.TNQuTibuXdRFg8m_GGbWLaEW2mM User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept-Language en-US Authorization undefined Content-Type application/json Response headers date Mon, 20 Jul 2020 03:14:12 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-origin https://www.clientbot.netheberg.fr strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 5b5982bbb963c78d-AMS cf-request-id 040bd0094f0000c78da2190200000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| __OVERLAY__ boolean| __BILLING_STANDALONE__ object| GLOBAL_ENV object| assets object| unavailableGuilds function| findModule function| findModules function| findRawModule function| monkeyPatch function| $ function| jQuery object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ object| DiscordSentry function| _ object| platform object| IntlPolyfill

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.clientbot.netheberg.fr/(Line 80) Message: null
console-api	log	URL: https://www.clientbot.netheberg.fr/(Line 156) Message: loaded /assets/e1180c171e5a54377584.js
console-api	log	URL: https://www.clientbot.netheberg.fr/(Line 156) Message: loaded /assets/c05bdc0c5c3c90e28c77.js
console-api	log	(Line 16) Message: loaded /assets/07ca8d15cc9ad4ffc0f6.js
console-api	log	(Line 16) Message: loaded /assets/7288c77130c62ff8aa82.js
console-api	log	(Line 16) Message: worker
console-api	log	(Line 16) Message: [object Object]
console-api	log	(Line 16) Message: varname ie
console-api	log	(Line 16) Message: [BUILD INFO] Release Channel: stable, Build Number: 61151, Version Hash: d9b3bbf67efa3616b831ec73a7cb92be04c2675f
console-api	log	(Line 16) Message: patch login screen
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [0ms] connecting to wss://remote-auth-gateway.discord.gg/?v=1
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [288ms] got hello, auth timeout=120000ms
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [322ms] connected, handshaking with fingerprint: U10nuvXkr7og_Xf9raEPC1_Zw53mqo8E-6kFx14mRBM
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [508ms] computed nonce proof
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [643ms] handshake complete awaiting remote auth.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
cors.flam3rboy.workers.dev
discord.com
www.clientbot.netheberg.fr
162.159.135.232
2001:4de0:ac19::1:b:1a
217.182.116.210
2606:4700:3033::681f:4eac
00d2008ce6e24ccb5446bfc817baf5f8ccd50c553617ac514e054c1eed210ad5
0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4
1784e9baa97ab89c7eff52ebc50f68dc0a71d1564cdbb6121c9f3bd5eeeb9a67
2f7d7f5e96c1cc5d74ca02249487ccdd644f262ec8d1a3cdbe7ebf7ba6195819
3a54dfbd23e8e5430f9f5dd464a9eff92cb1bfc18bce64380da20765dc6927eb
46361595879e57ec7e80b3e0469aef94cb7cb03dc5f816c1f78dc1030b6c5ce9
89eaf02c4520463e568cf6aaf99f30e35c253f004db7dd7a37965a14e51657a5
8ae8119962b9358ab934ffb612e634fa23ca462c720c8915a8306c4c984d1cba
9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff
9ef5e9455163a0f87d6abfad825678756b6425129888db186d310df76d08ebe5
9fee1eec3111071ea6fb8d5605715ae29d9ed78c0f9a5db2be9001c38e91da68
ab99ac1bd681a5b3b56e1c34baa290ceaabece99a9476cac441f56a48736ad37
ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae
ccf15a74e05b3a1a0300e242eef8ab16ed2af0d09d929a0956d4a0d42a88ca33
d0242841d6af4eb7cef423663351e0db91a24cfa7f08bbd1038e77f4f17783b5
dbf36b2b2e321feebbfd92930ca921ccd2f6831c56e012bc049b41d260b0903f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d