urlscan.io logo urlscan.io
SecurityTrails logo

sw-scripts.tebex.io Open in urlscan Pro
104.18.37.189  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sw-scripts.tebex.io/
Effective URL: https://sw-scripts.tebex.io/
Submission: On November 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 57 HTTP transactions. The main IP is 104.18.37.189, located in and belongs to CLOUDFLARENET, US. The main domain is sw-scripts.tebex.io.
TLS certificate: Issued by WE1 on October 5th 2024. Valid for: 3 months.
This is the only time sw-scripts.tebex.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    104.18.37.189 (None, )

ASN13335 (CLOUDFLARENET, US)
sw-scripts.tebex.io
js.tebex.io
webstore-template-assets.tebex.io
3    18.154.230.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-230-4.iad55.r.cloudfront.net
dunb17ur4ymx4.cloudfront.net
2    2a0b:4d07:2::2 (Switzerland)

ASN44239 (PROINITY proinity GmbH, CH)
avatars.discourse.org
24    2606:4700:4400::6812:22ab (United States)

ASN13335 (CLOUDFLARENET, US)
forum.cfx.re
1    2600:9000:24bd:6c00:1c:fc15:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
nsure.tebex.io
1    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2600:9000:28a6:e400:d:b1e8:9040:93a1 (None, )

ASN- ()
sdk.nsureapi.com
2    2600:9000:28a6:6400:d:b1e8:9040:93a1 (None, )

ASN- ()
sdk.nsureapi.com
5    3.73.170.11 (None, )

ASN- ()
sdk-service.nsureapi.com
1    2606:4700:7::a29f:8716 (None, )

ASN- ()
device.maxmind.com
1    3.167.88.95 (None, )

ASN- ()
fpnpmcdn.net
2    52.223.49.99 (None, )

ASN- ()
metrics.nsureapi.com
1    2606:4700:4400::6812:22b2 (None, )

ASN- ()
d-ipv6.mmapiws.com
1    104.17.104.109 (None, )

ASN- ()
d-ipv4.mmapiws.com
Apex Domain
Subdomains		 Transfer
24 cfx.re
forum.cfx.re — Cisco Umbrella Rank: 294910
279 KB
15 tebex.io
sw-scripts.tebex.io
js.tebex.io
webstore-template-assets.tebex.io
nsure.tebex.io
502 KB
10 nsureapi.com
sdk.nsureapi.com
sdk-service.nsureapi.com
metrics.nsureapi.com
35 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
x.clarity.ms — Cisco Umbrella Rank: 8880
c.clarity.ms — Cisco Umbrella Rank: 1269
30 KB
3 gstatic.com
fonts.gstatic.com
68 KB
3 cloudfront.net
dunb17ur4ymx4.cloudfront.net
688 KB
2 mmapiws.com
d-ipv6.mmapiws.com
d-ipv4.mmapiws.com
658 B
2 discourse.org
avatars.discourse.org — Cisco Umbrella Rank: 470310
4 KB
1 fpnpmcdn.net
fpnpmcdn.net
55 KB
1 maxmind.com
device.maxmind.com
8 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
774 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
57 12
Domain Requested by
24 forum.cfx.re 12 redirects sw-scripts.tebex.io
7 sw-scripts.tebex.io sw-scripts.tebex.io
6 webstore-template-assets.tebex.io sw-scripts.tebex.io
5 sdk-service.nsureapi.com sdk.nsureapi.com
3 sdk.nsureapi.com nsure.tebex.io
3 x.clarity.ms www.clarity.ms
3 fonts.gstatic.com fonts.googleapis.com
3 dunb17ur4ymx4.cloudfront.net sw-scripts.tebex.io
2 metrics.nsureapi.com fpnpmcdn.net
2 c.clarity.ms 1 redirects
2 www.clarity.ms sw-scripts.tebex.io
www.clarity.ms
2 avatars.discourse.org sw-scripts.tebex.io
1 d-ipv4.mmapiws.com device.maxmind.com
1 d-ipv6.mmapiws.com device.maxmind.com
1 fpnpmcdn.net sdk.nsureapi.com
1 device.maxmind.com sdk.nsureapi.com
1 c.bing.com 1 redirects
1 fonts.googleapis.com sw-scripts.tebex.io
1 nsure.tebex.io sw-scripts.tebex.io
1 js.tebex.io sw-scripts.tebex.io
57 20

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
tebex.io
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
avatars.discourse.org
R11		 2024-11-06 -
2025-02-04		 3 months crt.sh
nsure.tebex.io
Amazon RSA 2048 M02		 2024-09-16 -
2025-10-15		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.nsureapi.com
Amazon RSA 2048 M03		 2024-10-26 -
2025-11-23		 a year crt.sh
maxmind.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
fpcdn.io
Amazon RSA 2048 M03		 2024-09-10 -
2025-10-09		 a year crt.sh
metrics.nsureapi.com
Amazon RSA 2048 M03		 2024-03-03 -
2025-04-01		 a year crt.sh
mmapiws.com
WE1		 2024-11-19 -
2025-02-17		 3 months crt.sh
d-ipv4.mmapiws.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://sw-scripts.tebex.io/
Frame ID: 5A465A3521B9E8CA04BBF828B146A6F8
Requests: 54 HTTP requests in this frame

Frame: https://sdk.nsureapi.com/sdkIframe.html
Frame ID: C5E38EAE8D4900F2FA94AC770C560CD5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SW-Scripts · Welcome

Page URL History Show full URLs

  1. http://sw-scripts.tebex.io/ HTTP 307
    https://sw-scripts.tebex.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Checkout
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

57
Requests

75 %
HTTPS

58 %
IPv6

12
Domains

20
Subdomains

19
IPs

3
Countries

1664 kB
Transfer

2214 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sw-scripts.tebex.io/ HTTP 307
    https://sw-scripts.tebex.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://forum.cfx.re/user_avatar/forum.cfx.re/vitalrg/256/4601146_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/vitalrg/288/4601146_2.png
Request Chain 9
  • https://forum.cfx.re/user_avatar/forum.cfx.re/dre4mers/256/4302011_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/dre4mers/288/4302011_2.png
Request Chain 10
  • https://forum.cfx.re/user_avatar/forum.cfx.re/nioscript/256/3847003_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/nioscript/288/3847003_2.png
Request Chain 11
  • https://forum.cfx.re/user_avatar/forum.cfx.re/csysr412/256/4699226_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/csysr412/288/4699226_2.png
Request Chain 12
  • https://forum.cfx.re/user_avatar/forum.cfx.re/arkam_developpement/256/4602118_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/arkam_developpement/288/4602118_2.png
Request Chain 13
  • https://forum.cfx.re/user_avatar/forum.cfx.re/rawforceone/256/3107069_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/rawforceone/288/3107069_2.png
Request Chain 15
  • https://forum.cfx.re/user_avatar/forum.cfx.re/william_keith/256/125476_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/william_keith/288/125476_2.png
Request Chain 16
  • https://forum.cfx.re/user_avatar/forum.cfx.re/cxsmicbunnie/256/3606000_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/cxsmicbunnie/288/3606000_2.png
Request Chain 17
  • https://forum.cfx.re/user_avatar/forum.cfx.re/shamadon14/256/4710539_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/shamadon14/288/4710539_2.png
Request Chain 18
  • https://forum.cfx.re/user_avatar/forum.cfx.re/exrayvizion/256/4259405_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/exrayvizion/288/4259405_2.png
Request Chain 19
  • https://forum.cfx.re/user_avatar/forum.cfx.re/the_man_mike/256/4135422_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/the_man_mike/288/4135422_2.png
Request Chain 20
  • https://forum.cfx.re/user_avatar/forum.cfx.re/atcwillson/256/4037860_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/atcwillson/288/4037860_2.png
Request Chain 36
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=AFDB10536E1A44A8A4537000AF4BCD08&RedC=c.clarity.ms&MXFR=1E6E9448B02D68460E3F810FB42D6684 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=AFDB10536E1A44A8A4537000AF4BCD08&MUID=0D6BB42FBDCF602D1A5CA168BCAD61AF

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sw-scripts.tebex.io/
Redirect Chain
  • http://sw-scripts.tebex.io/
  • https://sw-scripts.tebex.io/
32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98fdb4ba43b5e8f1b3b19f455ea6be285eccae8b0612546697759562e8e32a5c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0, s-maxage=90
cf-cache-status
DYNAMIC
cf-ray
8eabdca3eab04267-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 30 Nov 2024 15:27:31 GMT
server
cloudflare
tb-cache-country
US
tb-cache-group
webstore
vary
Accept-Encoding
x-infra
new
x-vat-mode
inclusive

Redirect headers

Location
https://sw-scripts.tebex.io/
Non-Authoritative-Reason
HttpsUpgrades
1.js
js.tebex.io/v/ 		206 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.tebex.io/v/1.js
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e058d4221ef43eec9085dfa8326f1036858426d913f85a7bc8bf5fb3cf66441f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

x-amz-server-side-encryption
AES256
content-encoding
gzip
cf-cache-status
HIT
etag
W/"7eb9774886d647e117fdb9ab3c30a74c"
age
28958
cf-ray
8eabdcab9cfb4267-EWR
x-amz-request-id
2T9V8KBVVX3FBE2E
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Thu, 10 Oct 2024 08:53:48 GMT
x-amz-id-2
DtJI4lik1S4vbwRrQKfWtutsDlvVMQkluE+Do3/d+0eyivc+xY1YMUBBBFdseOHOt6tNQg7OJZE=
main.js
sw-scripts.tebex.io/template-assets/ 		41 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw-scripts.tebex.io/template-assets/main.js?updated=1695d809d311f052b663115fc0b84786aa1a4e5e5a610d2a96e3a0ce6c9b1cd0
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb514b95e8abe730e748f6f3b861840dc774ed465dde7951010738c21c46881

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

server
cloudflare
cache-control
public
content-encoding
gzip
cf-cache-status
EXPIRED
pragma
public
x-worker-called
1
x-infra
new
cf-ray
8eabdcab5c914267-EWR
expires
Sat, 30 Nov 2024 15:47:31 GMT
tb-cache-group
webstore
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Sat, 30 Nov 2024 15:27:31 GMT
vary
Accept-Encoding
x-vat-mode
inclusive
shared.css
sw-scripts.tebex.io/template-assets/ 		48 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sw-scripts.tebex.io/template-assets/shared.css?updated=097d56005a1e8b694b833222b85822ba185ef2fa040185243c504b361c9adc9e
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e12ee8ab42db41a8bc3433121354004108cf726aca4ae035b0a54b861042ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

server
cloudflare
cache-control
public
content-encoding
gzip
cf-cache-status
EXPIRED
pragma
public
x-worker-called
1
x-infra
new
cf-ray
8eabdcab5c8d4267-EWR
expires
Sat, 30 Nov 2024 15:47:31 GMT
tb-cache-group
webstore
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/css;charset=UTF-8
last-modified
Sat, 30 Nov 2024 15:27:31 GMT
vary
Accept-Encoding
x-vat-mode
inclusive
generic.css
sw-scripts.tebex.io/template-assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sw-scripts.tebex.io/template-assets/generic.css?updated=0f503eefd63b041da23dec6bc3dabc124e9dbd44bc044f0f2d35472239bc7a30
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30bb3fe40316fe3e037d8725ab6f877e7ee91e08c2c5f3db2b012a24fc66372f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

server
cloudflare
cache-control
public
content-encoding
gzip
cf-cache-status
EXPIRED
pragma
public
x-worker-called
1
x-infra
new
cf-ray
8eabdcab5c8f4267-EWR
expires
Sat, 30 Nov 2024 15:47:31 GMT
tb-cache-group
webstore
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/css;charset=UTF-8
last-modified
Sat, 30 Nov 2024 15:27:31 GMT
vary
Accept-Encoding
x-vat-mode
inclusive
973ec73095d463e1c74fa6f0e71579c32da78f34.png
dunb17ur4ymx4.cloudfront.net/webstore/logos/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dunb17ur4ymx4.cloudfront.net/webstore/logos/973ec73095d463e1c74fa6f0e71579c32da78f34.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-4.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da743068c4fc0656b9adaa6f380aa39af387fcbaa69ac4d01d648ade8bead61d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

ETag
"a4f3aa4a0d898f4b9255cc0ee802590f"
Connection
keep-alive
Via
1.1 01b8e3a9ba527e97cf26e596dffabb8e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
19655
X-Amz-Cf-Id
U6Ewl_ArekBtOPX1qxvQYW9RyBBtZcHU5Fkv7KicZSul2HUzQcxLQA==
Date
Sat, 30 Nov 2024 15:27:32 GMT
Content-Type
image/png
Last-Modified
Sat, 01 Oct 2022 01:43:26 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD55-P5
x-amz-server-side-encryption
AES256
empty.png
sw-scripts.tebex.io/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sw-scripts.tebex.io/assets/img/empty.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ae4cd93369398f92128bf9b818afe45e5ec6084d1335ce322d1ff32483cb5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cf-cache-status
HIT
etag
"673767ea-7a0"
cf-bgj
imgq:100,h2pri
x-infra
new
tb-cache-group
webstore
cf-polished
origSize=1952
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
last-modified
Fri, 15 Nov 2024 15:25:30 GMT
vary
Accept-Encoding
cache-control
public, max-age=0, s-maxage=90
tb-cache-country
US
cf-ray
8eabdcab5c904267-EWR
accept-ranges
bytes
content-length
1094
server
cloudflare
79c4795aee8504c6247141864cc17b7b7c23bae4.png
dunb17ur4ymx4.cloudfront.net/packages/images/ 		663 KB
664 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dunb17ur4ymx4.cloudfront.net/packages/images/79c4795aee8504c6247141864cc17b7b7c23bae4.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-4.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e75c323f18c155f0ddaedb318000cacb5463d9039ec7b3800436b8056ceda2e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

ETag
"d0e39112738652e716c50f654148c2af"
Connection
keep-alive
Via
1.1 01b8e3a9ba527e97cf26e596dffabb8e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
679332
X-Amz-Cf-Id
fJO088Sl-mQID1XrlPl2VDqXAbNOtEErLNay6H2vkO6xU4CfimEzrg==
Date
Sat, 30 Nov 2024 15:27:32 GMT
Content-Type
image/png
Last-Modified
Sat, 05 Aug 2023 13:26:09 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD55-P5
x-amz-server-side-encryption
AES256
256.png
avatars.discourse.org/v4/letter/x/7933a0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.discourse.org/v4/letter/x/7933a0/256.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::2 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
190c12676fffabb3dfcea6df52daddb32c467119748a86e6ecf06e8d0179a6e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cdck-proxy-id
corp-router-tiehunter01.corp1, corp-balancer-tieinterceptor1a.corp1
cache-control
public, max-age=157788000
x-edge-location
usmi
etag
"6659796d-747"
expires
Tue, 09 Jun 2026 00:00:00 GMT
accept-ranges
bytes
x-cache
HIT
content-length
1863
date
Sat, 30 Nov 2024 15:27:31 GMT
x-shield
active
content-type
image/png
last-modified
Fri, 31 May 2024 07:17:01 GMT
server
keycdn
4601146_2.png
forum.cfx.re/user_avatar/forum.cfx.re/vitalrg/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/vitalrg/256/4601146_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/vitalrg/288/4601146_2.png
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/vitalrg/288/4601146_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f39b50dad33d9ce950b312421038bb5520be64064a255f90264cc03d150bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-cache-status
HIT
age
134504
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-64bb96d0a6f542f9e22c8e81576ff45c-d6147beecbfe1367-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
last-modified
Tue, 17 Sep 2024 23:32:29 GMT
vary
Accept-Encoding
x-cloud-trace-context
64bb96d0a6f542f9e22c8e81576ff45c/15426090889205650279
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
content-transfer-encoding
binary
access-control-allow-credentials
true
x-download-options
noopen
via
1.1 google
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5360
x-discourse-route
user_avatars/show
x-xss-protection
0
cf-ray
8eabdcaedc18f5f8-EWR
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-89a7be050e8f3db783f1969a41ab733c-a83bda03d8994d8a-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
89a7be050e8f3db783f1969a41ab733c/12122522532051504522
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/vitalrg/288/4601146_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcada8f5f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
4302011_2.png
forum.cfx.re/user_avatar/forum.cfx.re/dre4mers/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/dre4mers/256/4302011_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/dre4mers/288/4302011_2.png
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/dre4mers/288/4302011_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a49b89b4e66736d531f7746979294a065f8d9cd67729325efc71c377a1931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-cache-status
HIT
age
93810
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-2c25942110c2f2af54b3d989513b914f-9db23d633694d5fd-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
last-modified
Wed, 01 May 2024 06:29:56 GMT
vary
Accept-Encoding
x-cloud-trace-context
2c25942110c2f2af54b3d989513b914f/11363212306135963133
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
content-transfer-encoding
binary
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
access-control-allow-credentials
true
cf-ray
8eabdcaedc1df5f8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
20593
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-bcf9983cdec92511f9ffde5576db7c65-9457ab11fdd0485d-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
bcf9983cdec92511f9ffde5576db7c65/10689200334348240989
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/dre4mers/288/4302011_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcada8f1f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
3847003_2.png
forum.cfx.re/user_avatar/forum.cfx.re/nioscript/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/nioscript/256/3847003_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/nioscript/288/3847003_2.png
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/nioscript/288/3847003_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47c5124ce8240391d6139d4c42f3d2be7bcfbc93b94bde2c9573bea1e3d601e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-bgj
h2pri
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
x-content-type-options
nosniff
traceparent
00-b7ea4e0c698ce129ddfdbe7eb93e8fcb-a5b859e49d2b4f83-00
expires
Sun, 30 Nov 2025 21:16:44 GMT
date
Sat, 30 Nov 2024 15:27:32 GMT
content-type
image/jpeg
last-modified
Wed, 20 Sep 2023 00:42:08 GMT
vary
Accept-Encoding
x-cloud-trace-context
b7ea4e0c698ce129ddfdbe7eb93e8fcb/11941393250397147011
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
content-transfer-encoding
binary
cf-ray
8eabdcb0b912f5f8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
28578
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-1d01e623ff82227a9d49175468769165-2cbc4298b2a889f1-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
1d01e623ff82227a9d49175468769165/3223524656890284529
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/nioscript/288/3847003_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcada8f4f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
4699226_2.png
forum.cfx.re/user_avatar/forum.cfx.re/csysr412/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/csysr412/256/4699226_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/csysr412/288/4699226_2.png
20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/csysr412/288/4699226_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb228129c9706539a6edad86a7fe421db3093bec9450734094dba0bd5c7d3f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-bgj
h2pri
cf-cache-status
HIT
age
21327
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
x-content-type-options
nosniff
traceparent
00-b958b5661f2ba2f22e3f556b35ef1573-90f73ca7a97e5dea-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/jpeg
last-modified
Fri, 01 Nov 2024 16:51:33 GMT
vary
Accept-Encoding
x-cloud-trace-context
b958b5661f2ba2f22e3f556b35ef1573/10445884551509990890
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
content-transfer-encoding
binary
cf-ray
8eabdcaeec33f5f8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
20974
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-0f2da6da2cabf19a5aaed69326f33849-e88dd10a962f527c-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
0f2da6da2cabf19a5aaed69326f33849/16757279631915045500
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/csysr412/288/4699226_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcada8f8f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
4602118_2.png
forum.cfx.re/user_avatar/forum.cfx.re/arkam_developpement/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/arkam_developpement/256/4602118_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/arkam_developpement/288/4602118_2.png
41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/arkam_developpement/288/4602118_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a9c6ccf7999ecc09aebb9097f08c49dc8ab200c1e17fdac91f839be8acf16d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-bgj
h2pri
cf-cache-status
HIT
age
64466
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
x-content-type-options
nosniff
traceparent
00-b04ddbd2827b06dd1af6850f3e5e4bd4-cc2bda69ff81cd14-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/jpeg
last-modified
Wed, 18 Sep 2024 14:25:52 GMT
vary
Accept-Encoding
x-cloud-trace-context
b04ddbd2827b06dd1af6850f3e5e4bd4/14712092756528975124
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
content-transfer-encoding
binary
cf-ray
8eabdcb04fe3f5f8-EWR
x-download-options
noopen
accept-ranges
bytes
access-control-allow-origin
*
content-length
42168
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-9d54a960c4033207001a16064cb43088-bface102658c54f6-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
9d54a960c4033207001a16064cb43088/13811661557648348406
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/arkam_developpement/288/4602118_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcada8f7f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
3107069_2.png
forum.cfx.re/user_avatar/forum.cfx.re/rawforceone/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/rawforceone/256/3107069_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/rawforceone/288/3107069_2.png
26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/rawforceone/288/3107069_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0c1766b0c1c6d1b8fe29d6fc1d39184dd2af3cb406127c3fc20cd7dba46d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-bgj
h2pri
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
x-content-type-options
nosniff
traceparent
00-b6ae37d6b2979286a01278b4e1346d50-dd0d2badc3bcc495-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/jpeg
last-modified
Thu, 01 Dec 2022 17:57:28 GMT
vary
Accept-Encoding
x-cloud-trace-context
b6ae37d6b2979286a01278b4e1346d50/15928435482392577173
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
content-transfer-encoding
binary
cf-ray
8eabdcb04fe0f5f8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
26544
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-186f921f7d68d2d6e9174ff9c8cc7875-4763f978dcb01e44-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
186f921f7d68d2d6e9174ff9c8cc7875/5144229496881159748
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/rawforceone/288/3107069_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcada8fbf5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
256.png
avatars.discourse.org/v4/letter/n/7933a0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.discourse.org/v4/letter/n/7933a0/256.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:2::2 , Switzerland, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
3889368d123163780613d29ecc4af2ef8acd789fb35421e750398cc60422d180

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cdck-proxy-id
corp-router-tiehunter01.corp1, corp-balancer-tieinterceptor1a.corp1
cache-control
public, max-age=157788000
x-edge-location
usmi
etag
"65fa4f7c-598"
expires
Thu, 12 Mar 2026 00:00:00 GMT
accept-ranges
bytes
x-cache
HIT
content-length
1432
date
Sat, 30 Nov 2024 15:27:31 GMT
x-shield
active
content-type
image/png
last-modified
Wed, 20 Mar 2024 02:52:44 GMT
server
keycdn
125476_2.png
forum.cfx.re/user_avatar/forum.cfx.re/william_keith/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/william_keith/256/125476_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/william_keith/288/125476_2.png
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/william_keith/288/125476_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da9fa44f0ff508df78292da146522a175d0f1c0be7b5ed539f680d5d0ca5400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-53d71c557f0aa74b07037f6740cd4afc-44ada64a938b656c-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
last-modified
Sun, 07 Apr 2019 06:53:57 GMT
vary
Accept-Encoding
x-cloud-trace-context
53d71c557f0aa74b07037f6740cd4afc/4948794404783220076
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
content-transfer-encoding
binary
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
access-control-allow-credentials
true
cf-ray
8eabdcaf3ce9f5f8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
6342
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-1618493797f7a280ad1e5c0f2395d4e1-258a4c1532cdbe39-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
1618493797f7a280ad1e5c0f2395d4e1/2705058180119772729
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/william_keith/288/125476_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcadf9d0f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
3606000_2.png
forum.cfx.re/user_avatar/forum.cfx.re/cxsmicbunnie/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/cxsmicbunnie/256/3606000_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/cxsmicbunnie/288/3606000_2.png
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/cxsmicbunnie/288/3606000_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a472afec03ec5c656b42618ea19b2094bfd603ceda7fdbb7e653223ff0bcbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-cache-status
HIT
age
318743
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-2db5a7d457c8cecd1e151881f74d4735-deba4a712edb83e1-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
last-modified
Wed, 07 Jun 2023 20:48:27 GMT
vary
Accept-Encoding
x-cloud-trace-context
2db5a7d457c8cecd1e151881f74d4735/16049222072066081761
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
content-transfer-encoding
binary
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
access-control-allow-credentials
true
cf-ray
8eabdcaf3ce8f5f8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
7784
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-cf079029fced695933eb725ad332c683-734130f6048295b3-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
cf079029fced695933eb725ad332c683/8304973021043660211
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/cxsmicbunnie/288/3606000_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcadf9d1f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
4710539_2.png
forum.cfx.re/user_avatar/forum.cfx.re/shamadon14/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/shamadon14/256/4710539_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/shamadon14/288/4710539_2.png
50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/shamadon14/288/4710539_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046ce75b2f63a35a0dbb679974e0fb95f348f30982fe038f56eeff18eab083c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-bgj
h2pri
cf-cache-status
HIT
age
171090
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
x-content-type-options
nosniff
traceparent
00-137087097d9c1c7ac70f83b61e8f5600-c5d10f998cc322d9-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/jpeg
last-modified
Fri, 08 Nov 2024 03:49:27 GMT
vary
Accept-Encoding
x-cloud-trace-context
137087097d9c1c7ac70f83b61e8f5600/14254191447770342105
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
content-transfer-encoding
binary
cf-ray
8eabdcaf3cecf5f8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
50902
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-de0b1ed243d533fbfc1327f7a74100c1-0b5acd747efceb08-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
de0b1ed243d533fbfc1327f7a74100c1/818192182551571208
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/shamadon14/288/4710539_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcadf9d3f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
4259405_2.png
forum.cfx.re/user_avatar/forum.cfx.re/exrayvizion/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/exrayvizion/256/4259405_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/exrayvizion/288/4259405_2.png
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/exrayvizion/288/4259405_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45967a8510c639c8bce471a3e0e68961fd940540b5a1acbbf67cd56c4afe0a75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-bgj
h2pri
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
x-content-type-options
nosniff
traceparent
00-2b20c6d0bd26b08e5cabb4cc01d3f267-2125cfbf350bb8da-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/jpeg
last-modified
Mon, 08 Apr 2024 23:23:27 GMT
vary
Accept-Encoding
x-cloud-trace-context
2b20c6d0bd26b08e5cabb4cc01d3f267/2388543597525579994
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
content-transfer-encoding
binary
cf-ray
8eabdcaf7dbef5f8-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
16124
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-276b02227ae27627602586be73814fa6-fcf88c38b9afea04-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
276b02227ae27627602586be73814fa6/18228473667043453444
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/exrayvizion/288/4259405_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcadf9d5f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
4135422_2.png
forum.cfx.re/user_avatar/forum.cfx.re/the_man_mike/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/the_man_mike/256/4135422_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/the_man_mike/288/4135422_2.png
35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/the_man_mike/288/4135422_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
095a7f017de51e71e4a25b641c6b8976d3a5f9fb825a1d2410852ddf12e17f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-bgj
h2pri
cf-cache-status
HIT
age
332503
x-permitted-cross-domain-policies
none
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
x-content-type-options
nosniff
traceparent
00-1e99d0050dfe260829aba98c716b9a6a-48661075e534f044-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/jpeg
last-modified
Wed, 07 Feb 2024 18:13:57 GMT
vary
Accept-Encoding
x-cloud-trace-context
1e99d0050dfe260829aba98c716b9a6a/5216875316897968196
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
content-transfer-encoding
binary
cf-ray
8eabdcaf3cedf5f8-EWR
x-download-options
noopen
accept-ranges
bytes
access-control-allow-origin
*
content-length
35878
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-2c38165264e04b3ecfc564308f8cbc68-e7930629066c30d0-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
2c38165264e04b3ecfc564308f8cbc68/16686687817608999120
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/the_man_mike/288/4135422_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcadf9d7f5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
4037860_2.png
forum.cfx.re/user_avatar/forum.cfx.re/atcwillson/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/atcwillson/256/4037860_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/atcwillson/288/4037860_2.png
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/atcwillson/288/4037860_2.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Server
2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a617a2e99041b457a845dac775090f30948e90b5915bdfd2fe7e870dcfff65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-cache-status
HIT
age
332503
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-30a4ab64d470df19e56cb3f61f0dfd9a-063f062bb336f793-00
expires
Sun, 30 Nov 2025 21:16:43 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
last-modified
Fri, 29 Dec 2023 23:49:43 GMT
vary
Accept-Encoding
x-cloud-trace-context
30a4ab64d470df19e56cb3f61f0dfd9a/450085272520423315
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
content-transfer-encoding
binary
access-control-allow-credentials
true
x-download-options
noopen
via
1.1 google
referrer-policy
strict-origin-when-cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
14598
x-discourse-route
user_avatars/show
x-xss-protection
0
cf-ray
8eabdcb0b918f5f8-EWR
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-921d1eb8a709d1c647c1044735d8a589-a29a727edb0b410f-00
expires
Sat, 30 Nov 2024 19:27:31 GMT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
921d1eb8a709d1c647c1044735d8a589/11716803269724160271
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/atcwillson/288/4037860_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8eabdcadf9daf5f8-EWR
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
apple.svg
webstore-template-assets.tebex.io/images/we-accept/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/apple.svg
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff58b35cabe92e445fa6cd1d7c01bcbcfbe5f9324f14ad19fa1f6d0d4645762
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"306c4ec4920efa4cc0d832cd77cf3b08"
age
2707
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zygtZ2XSi6HyWhkJpBAjkLmXGTfiVH0mW3TAq4ImHb1zZZeqa7BN9U6yjBoU%2F5l2SBNlCU6X9IBC%2BpZR7naDMOM5t%2B1l8Tbv8i%2BDNIgHt5QwD6TM10CxNtzfw5pxs2dwVOR%2BwE735nBdPBr9kHbG8mhQqpk%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8eabdcacee894267-EWR
access-control-allow-origin
*
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
google.png
webstore-template-assets.tebex.io/images/we-accept/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/google.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3404fdeb6caba6b32a91af2fac323f2855317425d3660bc5f59649bcaf00e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"df9429e23517b1b6b60c6d2e01ac9768"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qAut8S3CHgeOOJxr1tTuMOFmRYSky5lwcGUNlQyc%2BiKHXE88fZt%2FyJ%2Fd96mn66uDzOgYYDHV972zgbO5B6JTyMndIfweImy%2BXeMFsLoCuBojh2QF9SEvU6%2FoC1NluIYhkJOBj5FEfD0%2BQMdgXF5JzAWp%2Fmw%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8eabdcacee934267-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
5107
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
mastercard.png
webstore-template-assets.tebex.io/images/we-accept/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/mastercard.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9833444e53e652d24c2734cf4393cdaf3c8ac3fabe9c59af2b036e8efdb48d02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"ffafecd0a6ea9668ae79fd5588dc9a5f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIGT31TSY80KnIcTV6TUpRjwDH8f%2FpejpFEGJdRcdD2xJVWLFvutyxGrb89rBBXJVc%2BUcO5Q2TY0cu5sWWgTily2cSmiNzuKcbXTP2U6Ay3Q2kCCqOzgS6cbxncp2vT%2FdeO7kDUP%2Fa4d%2Bi89zEDB2hfPcY4%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8eabdcad6f294267-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1226
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
visa.png
webstore-template-assets.tebex.io/images/we-accept/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/visa.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295aefa18597037b07e8eee3a6e1144c3110d822bf8f38387ff8937f2a5e6866
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"4772dd3776bc839b74be97f87d5c453d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bxu%2F30%2Bjmsf8kKsDFWWMs34FLaEsPTkPZ2eV58nVWPGLBtyOCO4cveExx6Wh8RmE8rPD0zDxoIYP%2BKmNfK2znTmMupmSQQSANz%2FYPL5DPHotdkE3sO%2F4Sh6EHdEOWUkq2dHfsPndI4FB7yD%2B5U9RO6d0EO0%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8eabdcad8f4f4267-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
2046
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
amex.png
webstore-template-assets.tebex.io/images/we-accept/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/amex.png
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
571feee5e5f8d7f96b7fc09bd3951386eff0707eb16ccb3cb958cadcf6e7fcf3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"48614017e2e9cbb328a50a70aebae4c7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=woI6rtXGQ1WoMAT45YxJS67p1kuZe0PdOqEu4i7cpGpz2Mz2fbYkb5h7MiyjSnTXzouQk5F60gUn%2BjOTC84WQm3Di7wbdNca5OSOrritzro2%2F01Eh8f4idgy7I%2BoKV%2Bvhmzf5kho80bNI4IqTo0ZJ280Kys%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8eabdcad8f524267-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3585
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
discord.js
sw-scripts.tebex.io/assets/js/ 		1 KB
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sw-scripts.tebex.io/assets/js/discord.js
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, s-maxage=90
content-encoding
gzip
cf-cache-status
HIT
etag
W/"673767ea-5dc"
tb-cache-country
US
x-infra
new
cf-ray
8eabdcabed734267-EWR
tb-cache-group
webstore
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 15:25:30 GMT
vary
Accept-Encoding
server
cloudflare
sdk.js
nsure.tebex.io/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsure.tebex.io/sdk.js
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24bd:6c00:1c:fc15:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac69e3a94e59b688ef53197dc37354ee2d8f3d6c947b654b5dcf132cf4670fd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

x-nsure-canary
false
content-encoding
gzip
etag
W/"d8936b83840dbe9439d6e59d0c0b9f6d"
age
71973
via
1.1 592c261b9cfaf6b108698873e1d16e28.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
MuQTaYwe1YOOYuvqqPVZc54jaBBy4g007JZ1CLjMntMoKVGRm4l6Qw==
date
Fri, 29 Nov 2024 19:27:59 GMT
content-type
application/javascript
last-modified
Mon, 25 Nov 2024 09:05:52 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P6
vary
Accept-Encoding, Origin
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/template-assets/generic.css?updated=0f503eefd63b041da23dec6bc3dabc124e9dbd44bc044f0f2d35472239bc7a30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b78976e0a15138b3b1bde71abfa5bbb603eff6bdf1fc4d4eaffaeeaab0abc26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 30 Nov 2024 15:27:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 30 Nov 2024 13:38:25 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
fxlepb8eap
www.clarity.ms/tag/ 		689 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fxlepb8eap
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
792326d9b11eb780370b53e290a8f062d05382ef08dbea56bd636f4c39e55b7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
application/x-javascript
x-azure-ref
20241130T152731Z-174f7845968kvnqxhC1EWRmf3g0000000nbg00000000cky1
page-bg.jpg
webstore-template-assets.tebex.io/images/ 		351 KB
351 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/page-bg.jpg
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/template-assets/generic.css?updated=0f503eefd63b041da23dec6bc3dabc124e9dbd44bc044f0f2d35472239bc7a30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863ab1ad2a8d46f51b4e204b760b10a8856b76cd5b73e864af5b0a8874946eb2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cf-cache-status
HIT
etag
"5aaee7507a407a3db2961685c6bf9717"
age
5013
cf-bgj
imgq:100,h2pri
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmuPpGp327eTSv%2BBSq8Ws%2BgqCpefBNA1Lp3RbhSrJYRrF7xIPQx8dmJDvEarvY0rMADf%2BmuabZ2vyZhZFrtd71CqxnVQsLYQNzeymFpC%2F026lw68sfHzTRUwtUKxZnptv3nvAuTVKWRl6IQnOTiwuJ5UZcE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=405801
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/jpeg
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8eabdcacee854267-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
359039
server
cloudflare
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sw-scripts.tebex.io
Referer
https://fonts.googleapis.com/

Response headers

age
38762
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 04:41:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 04:41:29 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sw-scripts.tebex.io
Referer
https://fonts.googleapis.com/

Response headers

age
68318
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 29 Nov 2025 20:28:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 20:28:53 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sw-scripts.tebex.io
Referer
https://fonts.googleapis.com/

Response headers

age
186509
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 11:39:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 11:39:02 GMT
last-modified
Tue, 02 May 2023 15:12:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22504
x-xss-protection
0
server
sffe
clarity.js
www.clarity.ms/s/0.7.56/ 		66 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fxlepb8eap
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

x-azure-ref
20241130T152731Z-174f7845968kvnqxhC1EWRmf3g0000000nbg00000000cky7
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD0EDC462F0477"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
87476dbc-601e-0050-52eb-40ec8b000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 12:08:58 GMT
collect
x.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://sw-scripts.tebex.io/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://sw-scripts.tebex.io
Date
Sat, 30 Nov 2024 15:27:32 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=AFDB10536E1A44A8A4537000AF4BCD08&RedC=c.clarity.ms&MXFR=1E6E9448B02D68460E3F810FB42D6684
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=AFDB10536E1A44A8A4537000AF4BCD08&MUID=0D6BB42FBDCF602D1A5CA168BCAD61AF
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=AFDB10536E1A44A8A4537000AF4BCD08&MUID=0D6BB42FBDCF602D1A5CA168BCAD61AF
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Sat, 30 Nov 2024 15:27:31 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=AFDB10536E1A44A8A4537000AF4BCD08&MUID=0D6BB42FBDCF602D1A5CA168BCAD61AF
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7F2A14C808344A8182C994674C84AD62 Ref B: EWR30EDGE1114 Ref C: 2024-11-30T15:27:32Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Sat, 30 Nov 2024 15:27:31 GMT
x-powered-by
ASP.NET
287daf8067591b4beda9603a1a9ffa103b91ff57.png
dunb17ur4ymx4.cloudfront.net/webstore/favicons/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dunb17ur4ymx4.cloudfront.net/webstore/favicons/287daf8067591b4beda9603a1a9ffa103b91ff57.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.154.230.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-230-4.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac4b462534db3d3066c031977886fc50c946b44ba49889c253c9909dd1f230eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

ETag
"100a68e94ebcaf7e43df6f96ce361fa6"
Connection
keep-alive
Via
1.1 01b8e3a9ba527e97cf26e596dffabb8e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
RefreshHit from cloudfront
Content-Length
4091
X-Amz-Cf-Id
1iVNMtovp7FE2A2LgOK9616zRqw5gdfjqAQOt1SJ9TgemH4m42mPdw==
Date
Sat, 30 Nov 2024 15:27:33 GMT
Content-Type
image/png
Last-Modified
Sat, 01 Oct 2022 01:43:22 GMT
Server
AmazonS3
X-Amz-Cf-Pop
IAD55-P5
x-amz-server-side-encryption
AES256
collect
x.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://sw-scripts.tebex.io/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://sw-scripts.tebex.io
Date
Sat, 30 Nov 2024 15:27:33 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
sdkIframe.html
sdk.nsureapi.com/ Frame C5E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sdk.nsureapi.com/sdkIframe.html
Requested by
Host: nsure.tebex.io
URL: https://nsure.tebex.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:28a6:e400:d:b1e8:9040:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://sw-scripts.tebex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
85448
content-length
636
content-type
text/html
date
Fri, 29 Nov 2024 15:43:32 GMT
etag
"587be1e29de4390543dda0e280e07c94"
last-modified
Tue, 18 Aug 2020 15:08:46 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 99b0065cfb4b4dc6315527aca56da7f2.cloudfront.net (CloudFront)
x-amz-cf-id
iij8iYWFvJRK-XKrZTZH47MAvpfdXFpXDas4hDs_Oz2TwcA1wzyXrA==
x-amz-cf-pop
IAD89-P4
x-cache
Hit from cloudfront
x-nsure-canary
false
config.json
sdk.nsureapi.com/core-config/ 		749 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.nsureapi.com/core-config/config.json
Requested by
Host: nsure.tebex.io
URL: https://nsure.tebex.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:28a6:6400:d:b1e8:9040:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d44f3f40403b7f6cb373c03245c6c23e75ca3caf9ff99d7f1687441c664d7988

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

x-nsure-canary
false
etag
"51a07787755fbc762ba75ef402c21349"
age
85447
via
1.1 20543c268d5f5f03956933e9ae54683e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
749
x-amz-cf-id
lpxoduRw33RAaM-GNMv3UJKXh7tVkNT1HuApdyi4UeR9tH2nE_4pfw==
date
Fri, 29 Nov 2024 15:43:30 GMT
content-type
application/json
last-modified
Mon, 25 Nov 2024 10:19:52 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P4
vary
Accept-Encoding
8df24bbd-7f49-4084-a452-23e1e016f6e1
sw-scripts.tebex.io/nsure/fingerprint/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sw-scripts.tebex.io/nsure/fingerprint/8df24bbd-7f49-4084-a452-23e1e016f6e1
Requested by
Host: sw-scripts.tebex.io
URL: https://sw-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://sw-scripts.tebex.io/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-infra
new
cf-ray
8eabdcd2daa64267-EWR
tb-cache-group
webstore
date
Sat, 30 Nov 2024 15:27:37 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-vat-mode
inclusive
server
cloudflare
sdk-core-v1.1.66.js
sdk.nsureapi.com/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.nsureapi.com/sdk-core-v1.1.66.js
Requested by
Host: nsure.tebex.io
URL: https://nsure.tebex.io/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:28a6:6400:d:b1e8:9040:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ef1a50a8ec7a9f0ff181185c3f12b53331a280ba2f2ac5dcfa02edd81163fb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

x-nsure-canary
false
content-encoding
br
etag
W/"43acd626feabd806e687671525e9ad52"
age
85448
via
1.1 c69aecd4ec24ee644e0ae55912f09bfe.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
StME0dHCDaN2WEy7MJJsT8a3r15j--qRukeevu4I6k395QIZDjDXgg==
date
Fri, 29 Nov 2024 15:43:30 GMT
content-type
application/javascript
last-modified
Mon, 25 Nov 2024 08:35:46 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P4
vary
Accept-Encoding, Origin
events
sdk-service.nsureapi.com/ 		11 B
164 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk-service.nsureapi.com/events
Requested by
Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.66.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.170.11 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

x-nsure-partner-id
undefined
Referer
https://sw-scripts.tebex.io/
x-nsure-sdk-client-type
web
x-nsure-sdk-client-version
1.1.66
x-nsure-app-id
Z620Q2525RT9DWKA
x-nsure-session-id
undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-nsure-app-context-id
246779
x-nsure-sdk-api-version
1.0.0

Response headers

access-control-allow-origin
*
content-length
11
date
Sat, 30 Nov 2024 15:27:38 GMT
etag
W/"b-Ai2R8hgEarLmHKwesT1qcY913ys"
content-type
application/json; charset=utf-8
x-powered-by
Express
session
sdk-service.nsureapi.com/ 		393 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk-service.nsureapi.com/session?timestamp=1732980457686&clientRequestId=2e1bd18f-4deb-4d35-9090-5d049b71bc7c&deviceId=8df24bbd-7f49-4084-a452-23e1e016f6e1&storeId=1523175&storeType=storeFront
Requested by
Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.66.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.170.11 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
22d3b15ffeb61379b9f642ad19b31dded9f3006bab4751dd89d7995d448453a5

Request headers

x-nsure-partner-id
undefined
Referer
https://sw-scripts.tebex.io/
x-nsure-sdk-client-type
web
x-nsure-sdk-client-version
1.1.66
x-nsure-app-id
Z620Q2525RT9DWKA
x-nsure-session-id
undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-nsure-app-context-id
246779
x-nsure-sdk-api-version
1.0.0

Response headers

access-control-allow-origin
*
content-length
326
content-encoding
gzip
date
Sat, 30 Nov 2024 15:27:38 GMT
etag
W/"189-vszE9FFKCw+oB4buB/bD2WTmJZc"
content-type
application/json; charset=utf-8
x-powered-by
Express
device.js
device.maxmind.com/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://device.maxmind.com/js/device.js
Requested by
Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.66.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8716 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
89bfc279f0ae1fe188f9708d9d63a4f0b28e1f7f9decda468341da170ad3c873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=14400
content-encoding
gzip
cf-cache-status
HIT
age
5189
cf-ray
8eabdcd4f8217cb2-EWR
expires
Sat, 30 Nov 2024 19:27:37 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 15:27:37 GMT
content-type
text/javascript; charset=utf-8
last-modified
Sat, 30 Nov 2024 12:29:07 GMT
vary
Accept-Encoding
priority
u=3,i=?0
loader_v3.10.1.js
fpnpmcdn.net/v3/KxV6sLn9nXBGBzPtzicI/ 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fpnpmcdn.net/v3/KxV6sLn9nXBGBzPtzicI/loader_v3.10.1.js
Requested by
Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.95 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
a1e85c4f775a5fa09c15646b01dde7be1a62990e72813a43b6cd4e4a06ff509f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

content-encoding
br
etag
W/"D5hhkBb/9tAJy9/WWBaV1iRp/co"
age
87953
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
NJVwjYcfKfpIDr7TLyIHSXdixCMG1Li1-D-PJhSIlIngofLNERaGag==
date
Fri, 29 Nov 2024 15:01:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=3669, s-maxage=619536
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
via
1.1 4182a074185cd4c9b91519add9c7edf6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD55-P6
server
CloudFront
events
sdk-service.nsureapi.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk-service.nsureapi.com/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.170.11 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-nsure-app-context-id,x-nsure-app-id,x-nsure-partner-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version,x-nsure-session-id
Access-Control-Request-Method
POST
Origin
https://sw-scripts.tebex.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-nsure-app-context-id,x-nsure-app-id,x-nsure-partner-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version,x-nsure-session-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Sat, 30 Nov 2024 15:27:38 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
session
sdk-service.nsureapi.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk-service.nsureapi.com/session?timestamp=1732980457686&clientRequestId=2e1bd18f-4deb-4d35-9090-5d049b71bc7c&deviceId=8df24bbd-7f49-4084-a452-23e1e016f6e1&storeId=1523175&storeType=storeFront
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.170.11 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-nsure-app-context-id,x-nsure-app-id,x-nsure-partner-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version,x-nsure-session-id
Access-Control-Request-Method
GET
Origin
https://sw-scripts.tebex.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-nsure-app-context-id,x-nsure-app-id,x-nsure-partner-id,x-nsure-sdk-api-version,x-nsure-sdk-client-type,x-nsure-sdk-client-version,x-nsure-session-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Sat, 30 Nov 2024 15:27:38 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
3s
metrics.nsureapi.com/KfqV/26T-Bs/n4Yy/ 		96 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.nsureapi.com/KfqV/26T-Bs/n4Yy/3s?q=KxV6sLn9nXBGBzPtzicI
Requested by
Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/KxV6sLn9nXBGBzPtzicI/loader_v3.10.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.49.99 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
269b09692584dc91fc044f3860a959a94ccb0d8b145d3fc5a6c98731e2bff380
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sw-scripts.tebex.io/

Response headers

strict-transport-security
max-age=63072000
x-robots-tag
noindex
content-security-policy
default-src 'none'; frame-ancestors 'none'
access-control-expose-headers
Retry-After
cache-control
max-age=31536000, immutable, private
timing-allow-origin
*
referrer-policy
no-referrer
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
96
date
Sat, 30 Nov 2024 15:27:38 GMT
content-type
text/plain; charset=utf-8
x-frame-options
DENY
ant_squire
d-ipv6.mmapiws.com/ 		88 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d-ipv6.mmapiws.com/ant_squire
Requested by
Host: device.maxmind.com
URL: https://device.maxmind.com/js/device.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ef015ea9dc34dce163021cf0df008c6a95ab02073c7cf7d943a9235ee864f9ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://sw-scripts.tebex.io/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8eabdcdaec2d3344-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 15:27:38 GMT
content-type
text/plain; charset=utf-8
server
cloudflare
priority
u=1,i
events
sdk-service.nsureapi.com/ 		11 B
164 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk-service.nsureapi.com/events
Requested by
Host: sdk.nsureapi.com
URL: https://sdk.nsureapi.com/sdk-core-v1.1.66.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.170.11 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

x-nsure-partner-id
undefined
Referer
https://sw-scripts.tebex.io/
x-nsure-sdk-client-type
web
x-nsure-sdk-client-version
1.1.66
x-nsure-app-id
Z620Q2525RT9DWKA
x-nsure-session-id
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0YXJnZXQiOiJaNjIwUTI1MjVSVDlEV0tBIiwia2V5SWQiOiJkZWZhdWx0IiwiaW5hY3Rpdml0eVRpbWVvdXQiOjkwMDAwMCwiZGV2aWNlSWQiOiI4ZGYyNGJiZC03ZjQ5LTQwODQtYTQ1Mi0yM2UxZTAxNmY2ZTEiLCJldHMiOiJjZTA0NmM3ODZmODAxNDBjMjhlMGNiZmQxZTUwZDYxNjo1NjZmNDUwODQzOGU4MDI0ZGFkYjhhODhkZGU5MzIxZSIsImlhdCI6MTczMjk4MDQ1OCwiZXhwIjoxNzMzMDY2ODU4fQ.1e-7snK761YopV-FQur3Isi4WQJM1D12jrAPGZZMOew
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-nsure-app-context-id
246779
x-nsure-sdk-api-version
1.0.0

Response headers

access-control-allow-origin
*
content-length
11
date
Sat, 30 Nov 2024 15:27:38 GMT
etag
W/"b-Ai2R8hgEarLmHKwesT1qcY913ys"
content-type
application/json; charset=utf-8
x-powered-by
Express
/
metrics.nsureapi.com/ 		530 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.nsureapi.com/?ci=js/3.11.4&q=KxV6sLn9nXBGBzPtzicI
Requested by
Host: fpnpmcdn.net
URL: https://fpnpmcdn.net/v3/KxV6sLn9nXBGBzPtzicI/loader_v3.10.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.49.99 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e21ed48070f7b03f47c0c9c2ac989948788b1f628a01b4bfe539c61fa624d88a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://sw-scripts.tebex.io/

Response headers

strict-transport-security
max-age=63072000
content-security-policy
default-src 'none'; frame-ancestors 'none'
access-control-expose-headers
Retry-After
timing-allow-origin
*
access-control-allow-credentials
true
referrer-policy
no-referrer
x-content-type-options
nosniff
access-control-allow-origin
https://sw-scripts.tebex.io
content-length
530
date
Sat, 30 Nov 2024 15:27:38 GMT
content-type
text/plain
vary
Origin
x-frame-options
DENY
ant_squire
d-ipv4.mmapiws.com/ 		86 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d-ipv4.mmapiws.com/ant_squire
Requested by
Host: device.maxmind.com
URL: https://device.maxmind.com/js/device.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.104.109 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1e015b75d19ca9efee2f5046aedd2ac4e6ca6c0694b21be114db85fc401bfabd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://sw-scripts.tebex.io/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8eabdcdb9bc27cf4-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 30 Nov 2024 15:27:38 GMT
content-type
text/plain; charset=utf-8
server
cloudflare
priority
u=1,i
events
sdk-service.nsureapi.com/ 		0
0
collect
x.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://sw-scripts.tebex.io/

Response headers

Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
Access-Control-Allow-Origin
https://sw-scripts.tebex.io
Date
Sat, 30 Nov 2024 15:27:39 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sdk-service.nsureapi.com
URL
https://sdk-service.nsureapi.com/events

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| __ function| clarity function| nSureAsyncInit object| nSureCoreSdk object| nSureSDK object| Tebex function| init function| onDOMLoaded function| fixUserMenuWidth function| maybeOpenOptionsPopupAfterLogin function| maybeAddPackageAfterLogin function| maybeGiftPackageAfterLogin function| isPopupUrl function| isLoginUrl function| isBasketUrl function| isProductUrl function| setListeners function| setCountdown function| updateCountdown function| setCountdowns function| initCopyText function| copyText function| toggleMenuItem function| openNavigation function| closeNavigation function| initNavigation function| setPopupListeners function| setBasketOpenListeners function| handleAddToBasketClick function| updatePackageActionsState function| handleIncreaseQuantity function| handleDecreaseQuantity function| handlePackageQuantityChange function| handleBasketQuantityChange function| onPackageStateChanged function| openOptionsFormPopup function| openGiftFormPopup function| openProductPopup function| openBasket function| openLoginPopup function| handlePopState function| pushHistoryState function| getBySelectorFromHTML function| makeEmptyBasketContent function| openUrlPopup function| closePopup function| copyToClipboard function| initTebexCheckout function| setPackageActionsListeners function| setPackageActionsListener function| addToBasket function| addToBasketWithOptions function| updateBasketQuantities function| removeFromBasket function| isBasketOpen function| updateBasketContent function| setBasketEventListeners function| getBasketIdent function| openCheckout function| padNumber function| debounce function| newToast function| closeToast function| initPresetToast function| sanitizePurchaseType

15 Cookies

Domain/Path Name / Value
sw-scripts.tebex.io/ Name: regional_country_code
Value: US
sw-scripts.tebex.io/ Name: regional_currency_code
Value: GBP
sw-scripts.tebex.io/ Name: buycraft_currency
Value: GBP
.tebex.io/ Name: __cf_bm
Value: XxsZ8Q2SAQKppmUd08zFWZEKr8ImJkYZMANQ8LR3188-1732980451-1.0.1.1-JQtzgKrv6CTqTPkAtBqEJpeDgFKHhG7Z7xvvV7g4Pmkn9bv_FIl6Z5TSQ2pQvGPG4vTTMiKHVd.IG6MJY6iqxg
www.clarity.ms/ Name: CLID
Value: b57e8c60ccc94db8be2aa4e154d86205.20241130.20251130
.cfx.re/ Name: __cf_bm
Value: dL5pXpJlI739lDvfqtD2Xbys.FvLYkF420RuHhusJsA-1732980451-1.0.1.1-_E4KAk6Mq3xKT5IC7NQvnklX9MDfRgYUHQS905QrGmmljeuMRT8PE_KBufoDmwB0.QbVmDVV4V5f44.OdAET4A
.tebex.io/ Name: _clck
Value: 1x8wapc%7C2%7Cfrb%7C0%7C1795
.tebex.io/ Name: _clsk
Value: 1h7d1u7%7C1732980452226%7C1%7C1%7Cx.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 0D6BB42FBDCF602D1A5CA168BCAD61AF
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0D6BB42FBDCF602D1A5CA168BCAD61AF
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0D6BB42FBDCF602D1A5CA168BCAD61AF
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

5 Console Messages

Source Level URL
Text
rendering warning URL: https://sw-scripts.tebex.io/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D00FC1C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://sw-scripts.tebex.io/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A080E200FC1C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://sw-scripts.tebex.io/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A050EB03FC1C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://sw-scripts.tebex.io/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F0EA03FC1C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://sw-scripts.tebex.io/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C0EA03FC1C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avatars.discourse.org
c.bing.com
c.clarity.ms
d-ipv4.mmapiws.com
d-ipv6.mmapiws.com
device.maxmind.com
dunb17ur4ymx4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forum.cfx.re
fpnpmcdn.net
js.tebex.io
metrics.nsureapi.com
nsure.tebex.io
sdk-service.nsureapi.com
sdk.nsureapi.com
sw-scripts.tebex.io
webstore-template-assets.tebex.io
www.clarity.ms
x.clarity.ms
sdk-service.nsureapi.com
104.17.104.109
104.18.37.189
18.154.230.4
20.110.205.119
20.114.190.119
2600:9000:24bd:6c00:1c:fc15:fb80:93a1
2600:9000:28a6:6400:d:b1e8:9040:93a1
2600:9000:28a6:e400:d:b1e8:9040:93a1
2606:4700:4400::6812:22ab
2606:4700:4400::6812:22b2
2606:4700:7::a29f:8716
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1d::5e
2620:1ec:bdf::40
2620:1ec:c11::237
2a0b:4d07:2::2
3.167.88.95
3.73.170.11
52.223.49.99
046ce75b2f63a35a0dbb679974e0fb95f348f30982fe038f56eeff18eab083c4
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
095a7f017de51e71e4a25b641c6b8976d3a5f9fb825a1d2410852ddf12e17f5f
0b0a49b89b4e66736d531f7746979294a065f8d9cd67729325efc71c377a1931
13ae4cd93369398f92128bf9b818afe45e5ec6084d1335ce322d1ff32483cb5d
190c12676fffabb3dfcea6df52daddb32c467119748a86e6ecf06e8d0179a6e1
1cb514b95e8abe730e748f6f3b861840dc774ed465dde7951010738c21c46881
1e015b75d19ca9efee2f5046aedd2ac4e6ca6c0694b21be114db85fc401bfabd
22d3b15ffeb61379b9f642ad19b31dded9f3006bab4751dd89d7995d448453a5
269b09692584dc91fc044f3860a959a94ccb0d8b145d3fc5a6c98731e2bff380
295aefa18597037b07e8eee3a6e1144c3110d822bf8f38387ff8937f2a5e6866
2a9c6ccf7999ecc09aebb9097f08c49dc8ab200c1e17fdac91f839be8acf16d7
30bb3fe40316fe3e037d8725ab6f877e7ee91e08c2c5f3db2b012a24fc66372f
3889368d123163780613d29ecc4af2ef8acd789fb35421e750398cc60422d180
3a3404fdeb6caba6b32a91af2fac323f2855317425d3660bc5f59649bcaf00e0
3ff58b35cabe92e445fa6cd1d7c01bcbcfbe5f9324f14ad19fa1f6d0d4645762
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
45967a8510c639c8bce471a3e0e68961fd940540b5a1acbbf67cd56c4afe0a75
47c5124ce8240391d6139d4c42f3d2be7bcfbc93b94bde2c9573bea1e3d601e9
571feee5e5f8d7f96b7fc09bd3951386eff0707eb16ccb3cb958cadcf6e7fcf3
6b78976e0a15138b3b1bde71abfa5bbb603eff6bdf1fc4d4eaffaeeaab0abc26
792326d9b11eb780370b53e290a8f062d05382ef08dbea56bd636f4c39e55b7e
863ab1ad2a8d46f51b4e204b760b10a8856b76cd5b73e864af5b0a8874946eb2
89bfc279f0ae1fe188f9708d9d63a4f0b28e1f7f9decda468341da170ad3c873
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95f39b50dad33d9ce950b312421038bb5520be64064a255f90264cc03d150bd6
9833444e53e652d24c2734cf4393cdaf3c8ac3fabe9c59af2b036e8efdb48d02
98fdb4ba43b5e8f1b3b19f455ea6be285eccae8b0612546697759562e8e32a5c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9da9fa44f0ff508df78292da146522a175d0f1c0be7b5ed539f680d5d0ca5400
9ef1a50a8ec7a9f0ff181185c3f12b53331a280ba2f2ac5dcfa02edd81163fb4
a1e85c4f775a5fa09c15646b01dde7be1a62990e72813a43b6cd4e4a06ff509f
ac4b462534db3d3066c031977886fc50c946b44ba49889c253c9909dd1f230eb
ac69e3a94e59b688ef53197dc37354ee2d8f3d6c947b654b5dcf132cf4670fd9
b4a472afec03ec5c656b42618ea19b2094bfd603ceda7fdbb7e653223ff0bcbd
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c
cb228129c9706539a6edad86a7fe421db3093bec9450734094dba0bd5c7d3f12
d44f3f40403b7f6cb373c03245c6c23e75ca3caf9ff99d7f1687441c664d7988
d5a617a2e99041b457a845dac775090f30948e90b5915bdfd2fe7e870dcfff65
da743068c4fc0656b9adaa6f380aa39af387fcbaa69ac4d01d648ade8bead61d
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
dd0c1766b0c1c6d1b8fe29d6fc1d39184dd2af3cb406127c3fc20cd7dba46d71
e058d4221ef43eec9085dfa8326f1036858426d913f85a7bc8bf5fb3cf66441f
e21ed48070f7b03f47c0c9c2ac989948788b1f628a01b4bfe539c61fa624d88a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75c323f18c155f0ddaedb318000cacb5463d9039ec7b3800436b8056ceda2e8
ef015ea9dc34dce163021cf0df008c6a95ab02073c7cf7d943a9235ee864f9ab
f3e12ee8ab42db41a8bc3433121354004108cf726aca4ae035b0a54b861042ec