urlscan.io logo urlscan.io
SecurityTrails logo

b2-scripts.tebex.io Open in urlscan Pro
172.64.150.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://b2-scripts.tebex.io/
Effective URL: https://b2-scripts.tebex.io/
Submission: On December 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 27 HTTP transactions. The main IP is 172.64.150.67, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is b2-scripts.tebex.io.
TLS certificate: Issued by WE1 on December 3rd 2024. Valid for: 3 months.
This is the only time b2-scripts.tebex.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 172.64.150.67 13335 (CLOUDFLAR...)
1 142.250.186.106 15169 (GOOGLE)
1 13.33.216.226 16509 (AMAZON-02)
4 7 104.18.34.171 13335 (CLOUDFLAR...)
2 185.172.148.132 44239 (PROINITY ...)
1 18.245.46.94 16509 (AMAZON-02)
2 13.107.246.45 8075 (MICROSOFT...)
1 142.250.186.67 15169 (GOOGLE)
2 20.119.174.243 8075 (MICROSOFT...)
27 9
14    172.64.150.67 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
b2-scripts.tebex.io
js.tebex.io
webstore-template-assets.tebex.io
1    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
1    13.33.216.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-216-226.fra60.r.cloudfront.net
dunb17ur4ymx4.cloudfront.net
7    104.18.34.171 (None, )

ASN13335 (CLOUDFLARENET, US)
forum.cfx.re
2    185.172.148.132 (Germany)

ASN44239 (PROINITY proinity GmbH, CH)
avatars.discourse.org
1    18.245.46.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-94.fra56.r.cloudfront.net
nsure.tebex.io
2    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
2    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
Apex Domain
Subdomains		 Transfer
15 tebex.io
b2-scripts.tebex.io
js.tebex.io
webstore-template-assets.tebex.io
nsure.tebex.io
360 KB
7 cfx.re
forum.cfx.re — Cisco Umbrella Rank: 294910
136 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
r.clarity.ms — Cisco Umbrella Rank: 9018
30 KB
2 discourse.org
avatars.discourse.org — Cisco Umbrella Rank: 470310
3 KB
1 gstatic.com
fonts.gstatic.com
35 KB
1 cloudfront.net
dunb17ur4ymx4.cloudfront.net
77 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
27 7
Domain Requested by
7 forum.cfx.re 4 redirects b2-scripts.tebex.io
7 webstore-template-assets.tebex.io b2-scripts.tebex.io
6 b2-scripts.tebex.io b2-scripts.tebex.io
2 r.clarity.ms www.clarity.ms
2 www.clarity.ms b2-scripts.tebex.io
www.clarity.ms
2 avatars.discourse.org b2-scripts.tebex.io
1 fonts.gstatic.com fonts.googleapis.com
1 nsure.tebex.io b2-scripts.tebex.io
1 dunb17ur4ymx4.cloudfront.net b2-scripts.tebex.io
1 fonts.googleapis.com b2-scripts.tebex.io
1 js.tebex.io b2-scripts.tebex.io
27 11

This site contains links to these domains. Also see Links.

Domain
discord.com
Subject Issuer Validity Valid
tebex.io
WE1		 2024-12-03 -
2025-03-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
avatars.discourse.org
R11		 2024-11-06 -
2025-02-04		 3 months crt.sh
nsure.tebex.io
Amazon RSA 2048 M02		 2024-09-16 -
2025-10-15		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://b2-scripts.tebex.io/
Frame ID: 40AEBA5DC84DF8C5AC8451285646FADD
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

B2 Scripts · Welcome

Page URL History Show full URLs

  1. http://b2-scripts.tebex.io/ HTTP 307
    https://b2-scripts.tebex.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

27
Requests

89 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

9
IPs

3
Countries

639 kB
Transfer

1012 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://b2-scripts.tebex.io/ HTTP 307
    https://b2-scripts.tebex.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://forum.cfx.re/user_avatar/forum.cfx.re/outlaw.rp/256/4220872_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/outlaw.rp/288/4220872_2.png
Request Chain 8
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xzeldachickx/256/2910585_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xzeldachickx/288/2910585_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xzeldachickx/288/4809819_2.png
Request Chain 9
  • https://forum.cfx.re/user_avatar/forum.cfx.re/hrdbdy/256/4532224_2.png HTTP 302
  • https://forum.cfx.re/user_avatar/forum.cfx.re/hrdbdy/288/4532224_2.png

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
b2-scripts.tebex.io/
Redirect Chain
  • http://b2-scripts.tebex.io/
  • https://b2-scripts.tebex.io/
25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb3aef0579992f5f2ddbc6f541c4dd183e77f3d3d570a67878517246ad24be2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0, s-maxage=90
cf-cache-status
DYNAMIC
cf-ray
8f27529408a99070-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 15 Dec 2024 15:03:49 GMT
server
cloudflare
tb-cache-country
DE
tb-cache-group
webstore
vary
Accept-Encoding
x-infra
new
x-vat-mode
inclusive

Redirect headers

Location
https://b2-scripts.tebex.io/
Non-Authoritative-Reason
HttpsUpgrades
1.js
js.tebex.io/v/ 		206 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.tebex.io/v/1.js
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e058d4221ef43eec9085dfa8326f1036858426d913f85a7bc8bf5fb3cf66441f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

x-amz-server-side-encryption
AES256
content-encoding
gzip
cf-cache-status
HIT
etag
W/"7eb9774886d647e117fdb9ab3c30a74c"
age
1410619
cf-ray
8f2752977b5a9070-FRA
x-amz-request-id
2T9V8KBVVX3FBE2E
date
Sun, 15 Dec 2024 15:03:49 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Thu, 10 Oct 2024 08:53:48 GMT
x-amz-id-2
DtJI4lik1S4vbwRrQKfWtutsDlvVMQkluE+Do3/d+0eyivc+xY1YMUBBBFdseOHOt6tNQg7OJZE=
main.js
b2-scripts.tebex.io/template-assets/ 		41 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2-scripts.tebex.io/template-assets/main.js?updated=9d4c46781621200fadf3aeacc2e8464c03a04028b10ea499328f07e239ac900e
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802fcaff4690e04da731ec447b14dd548589cce2ef94b5523d63c6c7a616d90e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

server
cloudflare
cache-control
public
content-encoding
gzip
cf-cache-status
MISS
pragma
public
x-worker-called
1
x-infra
new
cf-ray
8f2752976b549070-FRA
expires
Sun, 15 Dec 2024 15:23:49 GMT
tb-cache-group
webstore
date
Sun, 15 Dec 2024 15:03:49 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Sun, 15 Dec 2024 15:03:49 GMT
vary
Accept-Encoding
x-vat-mode
inclusive
shared.css
b2-scripts.tebex.io/template-assets/ 		48 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b2-scripts.tebex.io/template-assets/shared.css?updated=f2da8017ea03e61eb98ce614dc4943e15968036c7c49f67ced89b3e55462bb79
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c96caad3079e7dba80a7751d61598aa484378e106a1d41ba2da46ee8881d99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

server
cloudflare
cache-control
public
content-encoding
gzip
cf-cache-status
MISS
pragma
public
x-worker-called
1
x-infra
new
cf-ray
8f2752976b539070-FRA
expires
Sun, 15 Dec 2024 15:23:49 GMT
tb-cache-group
webstore
date
Sun, 15 Dec 2024 15:03:49 GMT
content-type
text/css;charset=UTF-8
last-modified
Sun, 15 Dec 2024 15:03:49 GMT
vary
Accept-Encoding
x-vat-mode
inclusive
css2
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wdth,wght@0,62.5..100,100..900;1,62.5..100,100..900&family=Rubik:ital,wght@0,300..900;1,300..900&display=swap
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
f823c233a28f282c946bd837516d62c11bd1965db0b49cc6e3178820cada3a1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 15 Dec 2024 15:03:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 15:03:49 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 15 Dec 2024 15:03:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
0a8c14155a19dfc34517b247d42d3df714fa6d88.png
dunb17ur4ymx4.cloudfront.net/webstore/logos/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dunb17ur4ymx4.cloudfront.net/webstore/logos/0a8c14155a19dfc34517b247d42d3df714fa6d88.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.216.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-216-226.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03a71d29c0d911e694108cc65f13dc1370ea2ddffcf05e48584cb6416a7561c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

ETag
"969c3ba784a7a58c47239cc1a0ebfb00"
Connection
keep-alive
Via
1.1 b8f260e966cae470dbec70a43fd5e0ca.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
77934
X-Amz-Cf-Id
qE124s6qfXEQOxDUThUWRkZt3sxKy7-lt9l_zZ-Rbal_HJ9RsuJpSw==
Date
Sun, 15 Dec 2024 15:03:50 GMT
Content-Type
image/png
Last-Modified
Thu, 31 Oct 2024 16:09:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P10
x-amz-server-side-encryption
AES256
discord.svg
webstore-template-assets.tebex.io/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/discord.svg
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
025bf1760da830c58b17eff107fd689aa9ad6479a0026c4fd94f6b0b29e72b76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"a5845c759d87c97df89eba4e5ab9ecaf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmWSIHlA5xdkyAcb6ZDmWyT04z%2BhqA9EdvqSFER7Ucw1rrLm9OdDPVG8D0ieMzmuGTNVEK7cdpJoOwl3ZFM6RUuc1vPcIzUx70qSlZtpeY3akcj%2BbxlUggvWVAZWqjQYTZpKA%2FvJHXw9PhCCf3nzic6lh6Y%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f2752978b5d9070-FRA
access-control-allow-origin
*
date
Sun, 15 Dec 2024 15:03:49 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
empty.png
b2-scripts.tebex.io/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2-scripts.tebex.io/assets/img/empty.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b80a62c4586d1c78d51e63cb4cc88203fcfdff40226bb566f20bf00ecedb4ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, s-maxage=90
cf-cache-status
MISS
etag
"673767ea-7a0"
tb-cache-country
DE
x-infra
new
cf-ray
8f2752982bf99070-FRA
accept-ranges
bytes
tb-cache-group
webstore
content-length
1952
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
image/png
last-modified
Fri, 15 Nov 2024 15:25:30 GMT
vary
Accept-Encoding
server
cloudflare
4220872_2.png
forum.cfx.re/user_avatar/forum.cfx.re/outlaw.rp/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/outlaw.rp/256/4220872_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/outlaw.rp/288/4220872_2.png
38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/outlaw.rp/288/4220872_2.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Server
104.18.34.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bfed00f6a0ab8faa9987f811e3d17d642837b86e4f2a21f22fdfa3eda76ab6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-cache-status
HIT
age
191464
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-38bd83cb9379707a1079a905fb0350a1-04ec2be69849e6d0-00
expires
Mon, 15 Dec 2025 20:53:02 GMT
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
image/png
last-modified
Thu, 21 Mar 2024 21:35:38 GMT
vary
Accept-Encoding
x-cloud-trace-context
38bd83cb9379707a1079a905fb0350a1/354706740052879056
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
content-transfer-encoding
binary
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
access-control-allow-credentials
true
cf-ray
8f275299fb12367b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
38727
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-4dc1c417e029ade2a144c5d78377ee15-d7fd9fc2fd83b4e4-00
expires
Sun, 15 Dec 2024 19:03:50 GMT
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
4dc1c417e029ade2a144c5d78377ee15/15563771547088041188
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/outlaw.rp/288/4220872_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8f2752994a62367b-FRA
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
4809819_2.png
forum.cfx.re/user_avatar/forum.cfx.re/xzeldachickx/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xzeldachickx/256/2910585_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xzeldachickx/288/2910585_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/xzeldachickx/288/4809819_2.png
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/xzeldachickx/288/4809819_2.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Server
104.18.34.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc7994dc206c1c1ad420610dc24d6bda797d0001627a92270ad0084b45ec13d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-47759325afb57329ddab27726d3e5d2e-6e886652c2e2cd4d-00
expires
Mon, 15 Dec 2025 20:53:04 GMT
date
Sun, 15 Dec 2024 15:03:52 GMT
content-type
image/jpeg
last-modified
Mon, 09 Dec 2024 23:52:31 GMT
vary
Accept-Encoding
x-cloud-trace-context
47759325afb57329ddab27726d3e5d2e/7964728446647717197
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
content-transfer-encoding
binary
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
access-control-allow-credentials
true
cf-ray
8f2752a1dbb4367b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
30731
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-a4a1ccb37fecfdf0ab4d5cf2f9646e68-8f345db96657b428-00
expires
Sun, 15 Dec 2024 19:03:51 GMT
date
Sun, 15 Dec 2024 15:03:51 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
a4a1ccb37fecfdf0ab4d5cf2f9646e68/10318975697080005672
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/xzeldachickx/288/4809819_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8f27529cbdbd367b-FRA
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
4532224_2.png
forum.cfx.re/user_avatar/forum.cfx.re/hrdbdy/288/
Redirect Chain
  • https://forum.cfx.re/user_avatar/forum.cfx.re/hrdbdy/256/4532224_2.png
  • https://forum.cfx.re/user_avatar/forum.cfx.re/hrdbdy/288/4532224_2.png
65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cfx.re/user_avatar/forum.cfx.re/hrdbdy/288/4532224_2.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Server
104.18.34.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc60784fadf02263c6f2cfc5aa1cf26daa6f350da5323b47efe43ab1d296087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

access-control-max-age
7200
cf-cache-status
HIT
age
191298
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-d0ea264268e3f200e1647624e159efa9-41472520142c0f44-00
expires
Mon, 15 Dec 2025 20:53:02 GMT
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
image/png
last-modified
Sun, 18 Aug 2024 02:24:35 GMT
vary
Accept-Encoding
x-cloud-trace-context
d0ea264268e3f200e1647624e159efa9/4703769155519385412
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31556952
content-transfer-encoding
binary
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
access-control-allow-credentials
true
cf-ray
8f27529a3b4f367b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
66668
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare

Redirect headers

access-control-max-age
7200
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
access-control-allow-methods
POST, PUT, GET, OPTIONS, DELETE
traceparent
00-a3940d1a520c1a893882ee91a4613410-29c7e0a7f7ddb5a2-00
expires
Sun, 15 Dec 2024 19:03:50 GMT
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
text/html; charset=utf-8
x-cloud-trace-context
a3940d1a520c1a893882ee91a4613410/3010621887943128482
vary
Accept-Encoding
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
x-frame-options
SAMEORIGIN
cache-control
public, max-age=14400
location
https://forum.cfx.re/user_avatar/forum.cfx.re/hrdbdy/288/4532224_2.png
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
cf-ray
8f2752994a65367b-FRA
access-control-allow-origin
*
content-length
0
x-discourse-route
user_avatars/show
x-xss-protection
0
server
cloudflare
256.png
avatars.discourse.org/v4/letter/r/7933a0/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.discourse.org/v4/letter/r/7933a0/256.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.148.132 , Germany, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
35efd6269d9fc20cea9cb882f8da25239fa35275a337aab90b5828154883bf58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cdck-proxy-id
corp-router-tiehunter02.corp1, corp-balancer-tieinterceptor1a.corp1
cache-control
public, max-age=157788000
x-edge-location
defr
etag
"66553290-5c9"
expires
Fri, 19 Jun 2026 00:00:00 GMT
accept-ranges
bytes
x-cache
HIT
content-length
1481
date
Sun, 15 Dec 2024 15:03:49 GMT
x-shield
active
content-type
image/png
last-modified
Tue, 28 May 2024 01:25:36 GMT
server
keycdn
256.png
avatars.discourse.org/v4/letter/t/7933a0/ 		650 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.discourse.org/v4/letter/t/7933a0/256.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.148.132 , Germany, ASN44239 (PROINITY proinity GmbH, CH),
Reverse DNS
Software
keycdn /
Resource Hash
fd2348755d4b0607b55b717a9ff05fb487819bdda0b33a2bf03955a2959b26c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cdck-proxy-id
corp-router-tiehunter02.corp1, corp-balancer-tieinterceptor1a.corp1
cache-control
public, max-age=157788000
x-edge-location
defr
etag
"66597b10-28a"
expires
Fri, 19 Jun 2026 00:00:00 GMT
accept-ranges
bytes
x-cache
HIT
content-length
650
date
Sun, 15 Dec 2024 15:03:49 GMT
x-shield
active
content-type
image/png
last-modified
Fri, 31 May 2024 07:24:00 GMT
server
keycdn
apple.svg
webstore-template-assets.tebex.io/images/we-accept/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/apple.svg
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff58b35cabe92e445fa6cd1d7c01bcbcfbe5f9324f14ad19fa1f6d0d4645762
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"306c4ec4920efa4cc0d832cd77cf3b08"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbQVw1rHtxuY4qBmNF6XO5HW1NsrQ6Ftjm%2Fm%2Bzsx35UXHzXRSVOjhxydSbkthcSBwat%2Fgb4ZTxNaFulcP3cT16C2vSBSE%2F%2B1JR4ghZW1ue2v%2B099DkCXAZrCHmiuv3oL438rqBdfQowbCwsVekOszbCvpwY%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f275298fcb19070-FRA
access-control-allow-origin
*
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
google.png
webstore-template-assets.tebex.io/images/we-accept/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/google.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3404fdeb6caba6b32a91af2fac323f2855317425d3660bc5f59649bcaf00e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"df9429e23517b1b6b60c6d2e01ac9768"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pU5miBpqhjKr1RVJove95tq%2BlaCxHd9qnjeJFko4aki7akd0DomTGDb%2BbE5%2BPhLNXY1wefBA6lQjAFIVr2RUxWsJRYk4UWjzzog0mibzIX8ivMTS%2B969dZ2hXKiipmiSa4crbF2dE9kRr574%2FYwNhN1aWKo%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f275298fcb39070-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5107
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
mastercard.png
webstore-template-assets.tebex.io/images/we-accept/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/mastercard.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9833444e53e652d24c2734cf4393cdaf3c8ac3fabe9c59af2b036e8efdb48d02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"ffafecd0a6ea9668ae79fd5588dc9a5f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7tvFSeUkHGLaJOagP0CFx6UoIDD1tXncK6KX3qqDudSsQOFvCsfwPbG0k%2FAj6wqsxfRKHzoTcCUWsZzTAR7OacS0r4SjZwtT0hSN57UhDSGByyJYJZv7QvPFA%2FaMgH%2BIbZCrQ01nU%2FfKwggEWNiR0Tnhp%2B0%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f275298fcb69070-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1226
date
Sun, 15 Dec 2024 15:03:49 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
visa.png
webstore-template-assets.tebex.io/images/we-accept/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/visa.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295aefa18597037b07e8eee3a6e1144c3110d822bf8f38387ff8937f2a5e6866
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"4772dd3776bc839b74be97f87d5c453d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uq3hhGCLik0VNrhnKUDeRG44q74eRGGV4rgOR%2FfZPX8aOpFAlKSnco9DOtVAH%2FFKDTdeoWaq9IVW%2BM3AZ5%2B12Rb6ajhld%2BjqIWqm4rR663PfUMC6Jhf1BuY31bDaC6SyVwEymmuzjTxepubPHe1UqybTUXk%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f2752990cc69070-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2046
date
Sun, 15 Dec 2024 15:03:49 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
amex.png
webstore-template-assets.tebex.io/images/we-accept/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/we-accept/amex.png
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2892c2641a4c6200094a696e486c8670ad71c7cb16d63dec00ff461de8a7654b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cf-cache-status
HIT
etag
"48614017e2e9cbb328a50a70aebae4c7"
age
4311
cf-bgj
imgq:100,h2pri
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BnfS3zX011cU%2Fcdj99gJTlV4FKN2ndBmwFcTVuJNwiPCT79qBD4%2FR1%2FwndfQgEgopqFbbsmmbSzAmDKz2ou2zf6QCyTuI8P97tdxiAdLlF3qxI3ZEYOk9vhyAtuhCsiS6sKP7xbY49u3qZj0TIp9YuB0%2Bg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=3585
date
Sun, 15 Dec 2024 15:03:49 GMT
content-type
image/png
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f2752990cc89070-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3538
server
cloudflare
discord.js
b2-scripts.tebex.io/assets/js/ 		1 KB
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b2-scripts.tebex.io/assets/js/discord.js
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, s-maxage=90
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"673767ea-5dc"
tb-cache-country
DE
x-infra
new
cf-ray
8f275298fcb09070-FRA
tb-cache-group
webstore
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 15:25:30 GMT
vary
Accept-Encoding
server
cloudflare
sdk.js
nsure.tebex.io/ 		136 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsure.tebex.io/sdk.js
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-94.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac69e3a94e59b688ef53197dc37354ee2d8f3d6c947b654b5dcf132cf4670fd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

x-nsure-canary
false
content-encoding
gzip
etag
W/"d8936b83840dbe9439d6e59d0c0b9f6d"
age
50757
via
1.1 aa6c36522a23788dfef1fae9af9fd5e0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
TKzb9K1nUhJ0q3NyUBx9xmat5P-pILtUJQ3eJmv2MTET2H3M1W9xVA==
date
Sun, 15 Dec 2024 02:33:32 GMT
content-type
application/javascript
last-modified
Mon, 25 Nov 2024 09:05:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
vary
Accept-Encoding, Origin
fxlepb8eap
www.clarity.ms/tag/ 		603 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fxlepb8eap
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf1c4222f2d1c18b7d632cffbe37e7d81df2681381f16be6b61f1c7390b71e92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
603
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
application/x-javascript
x-azure-ref
20241215T150350Z-17964fc66b7bvhp7hC1DUS3pys0000000e8000000000sfg2
page-header-bg-fivem.jpg
webstore-template-assets.tebex.io/images/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webstore-template-assets.tebex.io/images/page-header-bg-fivem.jpg
Requested by
Host: b2-scripts.tebex.io
URL: https://b2-scripts.tebex.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d906d3ea9f12d956683a21748758cd767d56ee02775b86874ab2105c5925389
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cf-cache-status
HIT
etag
"1bb3c65c0b4a57928b4c19ba5894b6f6"
age
2178
cf-bgj
imgq:100,h2pri
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44ZptESmTe5d87cZuSV9zNY1TZAH%2FwcC9q%2B1naxgYlB%2FIlUiYESnn1Hlc6NpcuRvc6052XGyNarymusk3DtRfzMOyCKl6bGMGj6Tj8vW5%2BtvoTO1Vm5GikLF73j3mZZXl%2BfhZUAv1IZh3HiJmGMiK4NPvZk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-polished
origSize=219462
date
Sun, 15 Dec 2024 15:03:49 GMT
content-type
image/jpeg
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f2752990cc49070-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
208600
server
cloudflare
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:ital,wdth,wght@0,62.5..100,100..900;1,62.5..100,100..900&family=Rubik:ital,wght@0,300..900;1,300..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://b2-scripts.tebex.io
Referer
https://fonts.googleapis.com/

Response headers

age
133851
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 01:52:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 01:52:58 GMT
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35448
x-xss-protection
0
server
sffe
clarity.js
www.clarity.ms/s/0.7.59/ 		67 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fxlepb8eap
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

x-azure-ref
20241215T150350Z-17964fc66b7bvhp7hC1DUS3pys0000000e8000000000sfgh
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD1CF2DB0ECDD3"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
e0e08e88-701e-003e-12de-4eb9a4000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sun, 15 Dec 2024 15:03:50 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Sun, 15 Dec 2024 10:25:53 GMT
collect
r.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://b2-scripts.tebex.io/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://b2-scripts.tebex.io
Date
Sun, 15 Dec 2024 15:03:50 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
favicon.ico
b2-scripts.tebex.io/templates/209/img/ 		5 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b2-scripts.tebex.io/templates/209/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.67 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81feaa409faf70e753bfb53888585e6c8e30ea0921857534a048fe3fb5bdafe5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://b2-scripts.tebex.io/

Response headers

cache-control
public, max-age=0, s-maxage=90
content-encoding
gzip
cf-cache-status
MISS
etag
W/"673767ea-1205"
tb-cache-country
DE
x-infra
new
cf-ray
8f2752a9ea7d9070-FRA
tb-cache-group
webstore
date
Sun, 15 Dec 2024 15:03:52 GMT
content-type
image/x-icon
last-modified
Fri, 15 Nov 2024 15:25:30 GMT
vary
Accept-Encoding
server
cloudflare
collect
r.clarity.ms/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://b2-scripts.tebex.io/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://b2-scripts.tebex.io
Date
Sun, 15 Dec 2024 15:03:53 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| __ function| clarity function| nSureAsyncInit object| nSureCoreSdk object| nSureSDK object| Tebex function| init function| onDOMLoaded function| fixUserMenuWidth function| maybeOpenOptionsPopupAfterLogin function| maybeAddPackageAfterLogin function| maybeGiftPackageAfterLogin function| isPopupUrl function| isLoginUrl function| isBasketUrl function| isProductUrl function| setListeners function| setCountdown function| updateCountdown function| setCountdowns function| initCopyText function| copyText function| toggleMenuItem function| openNavigation function| closeNavigation function| initNavigation function| setPopupListeners function| setBasketOpenListeners function| handleAddToBasketClick function| updatePackageActionsState function| handleIncreaseQuantity function| handleDecreaseQuantity function| handlePackageQuantityChange function| handleBasketQuantityChange function| onPackageStateChanged function| openOptionsFormPopup function| openGiftFormPopup function| openProductPopup function| openBasket function| openLoginPopup function| handlePopState function| pushHistoryState function| getBySelectorFromHTML function| makeEmptyBasketContent function| openUrlPopup function| closePopup function| copyToClipboard function| initTebexCheckout function| setPackageActionsListeners function| setPackageActionsListener function| addToBasket function| addToBasketWithOptions function| updateBasketQuantities function| removeFromBasket function| isBasketOpen function| updateBasketContent function| setBasketEventListeners function| getBasketIdent function| openCheckout function| padNumber function| debounce function| newToast function| closeToast function| initPresetToast function| sanitizePurchaseType

5 Cookies

Domain/Path Name / Value
b2-scripts.tebex.io/ Name: regional_country_code
Value: DE
b2-scripts.tebex.io/ Name: regional_currency_code
Value: GBP
b2-scripts.tebex.io/ Name: buycraft_currency
Value: GBP
.tebex.io/ Name: __cf_bm
Value: GTrpXC6_TLg3gOI3zjhRrv3bk26RKJA899KGWQQd8dU-1734275029-1.0.1.1-p6DMKl6gmgXTklC9cbbS.Vy_s3hEAHkiyZWGYi3ZCIVT2HT7Ln3HesblbrNqik782T1yQTEfkxWRHIlLvc_fxQ
.cfx.re/ Name: __cf_bm
Value: M5a7m2KUx_XYj16ohHtK2WltkX4fs1nCTxi2IgO6P0s-1734275030-1.0.1.1-fdHLc1aQNc3v6DHeKScXqhy67RJRSebqqyCezlft.NH4_sJnJnDtGhwaPDQTZ9PHWcpMCrHQVtXB.yn5.iErCA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avatars.discourse.org
b2-scripts.tebex.io
dunb17ur4ymx4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forum.cfx.re
js.tebex.io
nsure.tebex.io
r.clarity.ms
webstore-template-assets.tebex.io
www.clarity.ms
104.18.34.171
13.107.246.45
13.33.216.226
142.250.186.106
142.250.186.67
172.64.150.67
18.245.46.94
185.172.148.132
20.119.174.243
025bf1760da830c58b17eff107fd689aa9ad6479a0026c4fd94f6b0b29e72b76
03a71d29c0d911e694108cc65f13dc1370ea2ddffcf05e48584cb6416a7561c2
0b80a62c4586d1c78d51e63cb4cc88203fcfdff40226bb566f20bf00ecedb4ba
0bfed00f6a0ab8faa9987f811e3d17d642837b86e4f2a21f22fdfa3eda76ab6a
2892c2641a4c6200094a696e486c8670ad71c7cb16d63dec00ff461de8a7654b
295aefa18597037b07e8eee3a6e1144c3110d822bf8f38387ff8937f2a5e6866
35c96caad3079e7dba80a7751d61598aa484378e106a1d41ba2da46ee8881d99
35efd6269d9fc20cea9cb882f8da25239fa35275a337aab90b5828154883bf58
3a3404fdeb6caba6b32a91af2fac323f2855317425d3660bc5f59649bcaf00e0
3ff58b35cabe92e445fa6cd1d7c01bcbcfbe5f9324f14ad19fa1f6d0d4645762
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
5d906d3ea9f12d956683a21748758cd767d56ee02775b86874ab2105c5925389
802fcaff4690e04da731ec447b14dd548589cce2ef94b5523d63c6c7a616d90e
81feaa409faf70e753bfb53888585e6c8e30ea0921857534a048fe3fb5bdafe5
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
9833444e53e652d24c2734cf4393cdaf3c8ac3fabe9c59af2b036e8efdb48d02
ac69e3a94e59b688ef53197dc37354ee2d8f3d6c947b654b5dcf132cf4670fd9
afc7994dc206c1c1ad420610dc24d6bda797d0001627a92270ad0084b45ec13d
c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c
cf1c4222f2d1c18b7d632cffbe37e7d81df2681381f16be6b61f1c7390b71e92
dcb3aef0579992f5f2ddbc6f541c4dd183e77f3d3d570a67878517246ad24be2
dcc60784fadf02263c6f2cfc5aa1cf26daa6f350da5323b47efe43ab1d296087
e058d4221ef43eec9085dfa8326f1036858426d913f85a7bc8bf5fb3cf66441f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f823c233a28f282c946bd837516d62c11bd1965db0b49cc6e3178820cada3a1a
fd2348755d4b0607b55b717a9ff05fb487819bdda0b33a2bf03955a2959b26c0