clientbot.netheberg.fr Open in urlscan Pro
217.182.116.210  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response clientbot.netheberg.fr/	33 KB 33 KB	81ms 34ms	Document text/html	217.182.116.210 OVH
General Check archive.org Show headers Download Go to Full URL https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.182.116.210 , France, ASN16276 (OVH, FR), Reverse DNS myplesk.fr Software nginx / PleskLin Resource Hash 2f7d7f5e96c1cc5d74ca02249487ccdd644f262ec8d1a3cdbe7ebf7ba6195819 Request headers :method GET :authority clientbot.netheberg.fr :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx date Mon, 20 Jul 2020 04:00:48 GMT content-type text/html content-length 33648 last-modified Mon, 20 Jul 2020 03:11:56 GMT etag "5f150b7c-8370" x-powered-by PleskLin accept-ranges bytes
GET H2	200	0.2d737cc92c807c265e1f.css discord.com/assets/	1 MB 196 KB	85ms 38ms	Stylesheet text/css	162.159.138.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/assets/0.2d737cc92c807c265e1f.css Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1784e9baa97ab89c7eff52ebc50f68dc0a71d1564cdbb6121c9f3bd5eeeb9a67 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:48 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding x-xss-protection 1; mode=block last-modified Thu, 04 Jun 2020 22:49:35 GMT server cloudflare x-frame-options DENY etag W/"ec58df4511f59177a23ebb23992ffdd1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin https://discord.com cache-control public, max-age=2592000 cf-request-id 040bfab1be0000bdaa86853200000001 cf-ray 5b59c6fc6a62bdaa-AMS
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	25ms 8ms	Script application/javascript	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:48 GMT content-encoding gzip last-modified Mon, 04 May 2020 23:02:39 GMT server nginx status 200 etag W/"5eb09f0f-15d84" vary Accept-Encoding x-hw 1595217648.dop124.fr8.t,1595217648.cds231.fr8.hn,1595217648.cds142.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	e1180c171e5a54377584.js Show response cors.flam3rboy.workers.dev/assets/	6 KB 3 KB	88ms 41ms	Fetch application/javascript	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/e1180c171e5a54377584.js Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fee1eec3111071ea6fb8d5605715ae29d9ed78c0f9a5db2be9001c38e91da68 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfab26c000005b38c37d200000001 last-modified Thu, 04 Jun 2020 23:13:28 GMT server cloudflare x-frame-options DENY etag W/"cd03b0702af0808a130a752d302aa9ff" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c6fd7cd705b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	07ca8d15cc9ad4ffc0f6.js Show response cors.flam3rboy.workers.dev/assets/	268 KB 78 KB	93ms 46ms	Fetch application/javascript	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/07ca8d15cc9ad4ffc0f6.js Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00d2008ce6e24ccb5446bfc817baf5f8ccd50c553617ac514e054c1eed210ad5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfab26c000005b38c37e200000001 last-modified Thu, 04 Jun 2020 22:49:35 GMT server cloudflare x-frame-options DENY etag W/"3c3348d7e00a2650144c72246b944d40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c6fd7cd905b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	c05bdc0c5c3c90e28c77.js Show response cors.flam3rboy.workers.dev/assets/	156 KB 47 KB	96ms 49ms	Fetch application/javascript	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/c05bdc0c5c3c90e28c77.js Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a54dfbd23e8e5430f9f5dd464a9eff92cb1bfc18bce64380da20765dc6927eb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfab26c000005b38c37f200000001 last-modified Thu, 04 Jun 2020 23:13:28 GMT server cloudflare x-frame-options DENY etag W/"89aeee783a0f8e4cb7c2606913a54205" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c6fd7cda05b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	7288c77130c62ff8aa82.js cors.flam3rboy.workers.dev/assets/	12 MB 3 MB	90ms 43ms	Fetch application/javascript	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/7288c77130c62ff8aa82.js Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfab26c000005b38c380200000001 last-modified Thu, 04 Jun 2020 23:13:29 GMT server cloudflare x-frame-options DENY etag W/"d6818644e03cff2f7f3fcd88d8560fe7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c6fd7cdb05b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	d957722319139c2c6f69.worker.js Show response cors.flam3rboy.workers.dev/assets/	8 KB 3 KB	23ms 23ms	Fetch application/javascript	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/d957722319139c2c6f69.worker.js Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ef5e9455163a0f87d6abfad825678756b6425129888db186d310df76d08ebe5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfab417000005b38c391200000001 last-modified Tue, 05 May 2020 21:00:20 GMT server cloudflare x-frame-options DENY etag W/"777996320962cf134f8cf2c538a06724" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c7002a0705b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	experiments Show response discord.com/api/v6/	1 KB 821 B	122ms 121ms	XHR application/json	162.159.138.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/v6/experiments Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d312bf75e4146aa610443391030b17057bb9427015694925c14d1308a05d3bc0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers X-Super-Properties eyJvcyI6Ik1hYyBPUyBYIiwiYnJvd3NlciI6IkNocm9tZSIsImRldmljZSI6IiIsImJyb3dzZXJfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3dzZXJfdmVyc2lvbiI6IjgzLjAuNDEwMy42MSIsIm9zX3ZlcnNpb24iOiIxMC4xNC41IiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjYxMTUxLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ== Referer X-Context-Properties eyJsb2NhdGlvbiI6Ii8ifQ== User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept-Language en-US Authorization undefined Response headers date Mon, 20 Jul 2020 04:00:50 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC access-control-allow-origin https://clientbot.netheberg.fr status 200 x-envoy-upstream-service-time 6 cf-request-id 040bfab93600000b33c61de200000001 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload access-control-allow-methods POST, GET, PUT, PATCH, DELETE content-type application/json via 1.1 google access-control-allow-credentials true cf-ray 5b59c7085a740b33-AMS access-control-allow-headers Content-Type, Authorization, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Debug-Options, x-client-trace-id, If-None-Match, X-RateLimit-Precision
GET H2	200	0.2d737cc92c807c265e1f.css cors.flam3rboy.workers.dev/assets/	1 MB 185 KB	79ms 58ms	Stylesheet text/css	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1784e9baa97ab89c7eff52ebc50f68dc0a71d1564cdbb6121c9f3bd5eeeb9a67 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfab8c60000649166293200000001 last-modified Thu, 04 Jun 2020 22:49:35 GMT server cloudflare x-frame-options DENY etag W/"ec58df4511f59177a23ebb23992ffdd1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin https://discordclient.com x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c707adae6491-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET BLOB	200 OK	c2a019ed-59cb-462a-9596-ab950483d4f4 https://clientbot.netheberg.fr/	8 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://clientbot.netheberg.fr/c2a019ed-59cb-462a-9596-ab950483d4f4 Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9ef5e9455163a0f87d6abfad825678756b6425129888db186d310df76d08ebe5 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 7837 Content-Type application/javascript
GET H2	200	507500d442ffd04ff63c.js Show response cors.flam3rboy.workers.dev/assets/	11 KB 4 KB	21ms 21ms	Fetch application/javascript	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/507500d442ffd04ff63c.js Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf15a74e05b3a1a0300e242eef8ab16ed2af0d09d929a0956d4a0d42a88ca33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfab930000005b38c3d7200000001 last-modified Thu, 04 Jun 2020 20:47:17 GMT server cloudflare x-frame-options DENY etag W/"c1d456669cdb43ff0b5c56ec8d8926f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c7084a4a05b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET BLOB	200 OK	b7da48d4-86bd-4985-80d8-0660c8134ae0 Show response https://clientbot.netheberg.fr/	11 KB 0		Script application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://clientbot.netheberg.fr/b7da48d4-86bd-4985-80d8-0660c8134ae0 Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash ccf15a74e05b3a1a0300e242eef8ab16ed2af0d09d929a0956d4a0d42a88ca33 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 11532 Content-Type application/javascript
POST H2	204	science Show response discord.com/api/v6/	0 181 B	120ms 120ms	XHR text/plain	162.159.138.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/v6/science Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers X-Super-Properties eyJvcyI6Ik1hYyBPUyBYIiwiYnJvd3NlciI6IkNocm9tZSIsImRldmljZSI6IiIsImJyb3dzZXJfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3dzZXJfdmVyc2lvbiI6IjgzLjAuNDEwMy42MSIsIm9zX3ZlcnNpb24iOiIxMC4xNC41IiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjYxMTUxLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ== Referer X-Fingerprint 734620811381571694.D5bRKQ3rD-3rUgvf0BWGVLv14SA User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept-Language en-US Authorization undefined Content-Type application/json Response headers date Mon, 20 Jul 2020 04:00:50 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-origin https://clientbot.netheberg.fr strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 5b59c709dc2f0b33-AMS cf-request-id 040bfaba2900000b33c61e7200000001
GET H2	200	eaa33f3c20d20e5d912d.js Show response cors.flam3rboy.workers.dev/assets/	1 MB 260 KB	25ms 25ms	Fetch application/javascript	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/eaa33f3c20d20e5d912d.js Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46361595879e57ec7e80b3e0469aef94cb7cb03dc5f816c1f78dc1030b6c5ce9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfab9b0000005b38c3de200000001 last-modified Thu, 04 Jun 2020 23:13:28 GMT server cloudflare x-frame-options DENY etag W/"684fa32141977755895273881efb567f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c7091c0b05b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET BLOB	200 OK	0d3d9421-360b-4051-8e5e-ca0b0f976960 Show response https://clientbot.netheberg.fr/	1 MB 0		Script application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://clientbot.netheberg.fr/0d3d9421-360b-4051-8e5e-ca0b0f976960 Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash ab99ac1bd681a5b3b56e1c34baa290ceaabece99a9476cac441f56a48736ad37 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 1441793 Content-Type application/javascript
GET H2	200	4f004ac9be168ac6ee18fc442a52ab53.svg cors.flam3rboy.workers.dev/assets/	2 KB 1 KB	23ms 23ms	Image image/svg+xml	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cors.flam3rboy.workers.dev/assets/4f004ac9be168ac6ee18fc442a52ab53.svg Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbf36b2b2e321feebbfd92930ca921ccd2f6831c56e012bc049b41d260b0903f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfaba810000649166298200000001 last-modified Wed, 26 Jun 2019 04:16:06 GMT server cloudflare x-frame-options DENY etag W/"4f004ac9be168ac6ee18fc442a52ab53" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/svg+xml access-control-allow-origin https://discordclient.com x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c70a6e4e6491-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	e8acd7d9bf6207f99350ca9f9e23b168.woff cors.flam3rboy.workers.dev/assets/	76 KB 33 KB	20ms 20ms	Font application/font-woff	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css Origin https://clientbot.netheberg.fr Response headers date Mon, 20 Jul 2020 04:00:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfaba87000005b38c3e8200000001 last-modified Fri, 13 Sep 2019 18:44:29 GMT server cloudflare x-frame-options DENY etag W/"e8acd7d9bf6207f99350ca9f9e23b168" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/font-woff access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c70a7ecf05b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	be0060dafb7a0e31d2a1ca17c0708636.woff cors.flam3rboy.workers.dev/assets/	81 KB 34 KB	20ms 20ms	Font application/font-woff	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/be0060dafb7a0e31d2a1ca17c0708636.woff Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css Origin https://clientbot.netheberg.fr Response headers date Mon, 20 Jul 2020 04:00:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfaba97000005b38c3e9200000001 last-modified Wed, 26 Jun 2019 04:16:05 GMT server cloudflare x-frame-options DENY etag W/"be0060dafb7a0e31d2a1ca17c0708636" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/font-woff access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c70a8efa05b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	3bdef1251a424500c1b3a78dea9b7e57.woff cors.flam3rboy.workers.dev/assets/	75 KB 32 KB	29ms 29ms	Font application/font-woff	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cors.flam3rboy.workers.dev/assets/3bdef1251a424500c1b3a78dea9b7e57.woff Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cors.flam3rboy.workers.dev/assets/0.2d737cc92c807c265e1f.css Origin https://clientbot.netheberg.fr Response headers date Mon, 20 Jul 2020 04:00:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding cf-request-id 040bfaba97000005b38c3ea200000001 last-modified Wed, 26 Jun 2019 04:16:17 GMT server cloudflare x-frame-options DENY etag W/"3bdef1251a424500c1b3a78dea9b7e57" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/font-woff access-control-allow-origin https://clientbot.netheberg.fr x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true cf-ray 5b59c70a8efc05b3-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
POST H2	204	science Show response discord.com/api/v6/	0 64 B	117ms 117ms	XHR text/plain	162.159.138.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/v6/science Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers X-Super-Properties eyJvcyI6Ik1hYyBPUyBYIiwiYnJvd3NlciI6IkNocm9tZSIsImRldmljZSI6IiIsImJyb3dzZXJfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3dzZXJfdmVyc2lvbiI6IjgzLjAuNDEwMy42MSIsIm9zX3ZlcnNpb24iOiIxMC4xNC41IiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjYxMTUxLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ== Referer X-Fingerprint 734620811381571694.D5bRKQ3rD-3rUgvf0BWGVLv14SA User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept-Language en-US Authorization undefined Content-Type application/json Response headers date Mon, 20 Jul 2020 04:00:50 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-origin https://clientbot.netheberg.fr strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 5b59c70bae8f0b33-AMS cf-request-id 040bfabb4500000b33c61f3200000001
GET H2	200	fd91131ea693096d6be5e8aa99d18f9e.jpg cors.flam3rboy.workers.dev/assets/	363 KB 364 KB	24ms 23ms	Image image/jpeg	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cors.flam3rboy.workers.dev/assets/fd91131ea693096d6be5e8aa99d18f9e.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a54311ff26fac801ea1a33e0acca8276f13626ba9a9ae631bdc673f22f9f2729 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:50 GMT x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding content-length 372085 cf-request-id 040bfabacc0000649166299200000001 last-modified Wed, 26 Jun 2019 04:16:27 GMT server cloudflare x-frame-options DENY etag "fd91131ea693096d6be5e8aa99d18f9e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/jpeg access-control-allow-origin https://discordclient.com x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true accept-ranges bytes cf-ray 5b59c70aee626491-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
GET H2	200	c8f0b54f79a9fd1ef60ad74c73a1ee1a.png cors.flam3rboy.workers.dev/assets/	47 KB 47 KB	30ms 30ms	Image image/png	2606:4700:3037::681f:4fac CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cors.flam3rboy.workers.dev/assets/c8f0b54f79a9fd1ef60ad74c73a1ee1a.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4fac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ae8119962b9358ab934ffb612e634fa23ca462c720c8915a8306c4c984d1cba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 20 Jul 2020 04:00:50 GMT x-content-type-options nosniff cf-cache-status HIT status 200 vary Origin, Accept-Encoding content-length 48168 cf-request-id 040bfabacc000064916629a200000001 last-modified Wed, 26 Jun 2019 04:16:26 GMT server cloudflare x-frame-options DENY etag "c8f0b54f79a9fd1ef60ad74c73a1ee1a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png access-control-allow-origin https://discordclient.com x-xss-protection 1; mode=block cache-control public, max-age=2592000 access-control-allow-credentials true accept-ranges bytes cf-ray 5b59c70aee636491-FRA access-control-allow-headers cookie,authorization,content-type,x-failed-requests,x-fingerprint,x-super-properties,if-none-match,x-context-properties access-control-allow-method POST, GET, OPTIONS, DELETE, PUT
POST H2	204	science Show response discord.com/api/v6/	0 64 B	113ms 113ms	XHR text/plain	162.159.138.232 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord.com/api/v6/science Requested by Host: clientbot.netheberg.fr URL: https://clientbot.netheberg.fr/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.138.232 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers X-Super-Properties eyJvcyI6Ik1hYyBPUyBYIiwiYnJvd3NlciI6IkNocm9tZSIsImRldmljZSI6IiIsImJyb3dzZXJfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImJyb3dzZXJfdmVyc2lvbiI6IjgzLjAuNDEwMy42MSIsIm9zX3ZlcnNpb24iOiIxMC4xNC41IiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjYxMTUxLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ== Referer X-Fingerprint 734620811381571694.D5bRKQ3rD-3rUgvf0BWGVLv14SA User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept-Language en-US Authorization undefined Content-Type application/json Response headers date Mon, 20 Jul 2020 04:00:50 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare status 204 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin access-control-allow-origin https://clientbot.netheberg.fr strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 5b59c70cd8280b33-AMS cf-request-id 040bfabc0b00000b33c61fa200000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| __OVERLAY__ boolean| __BILLING_STANDALONE__ object| GLOBAL_ENV object| assets object| unavailableGuilds function| findModule function| findModules function| findRawModule function| monkeyPatch function| $ function| jQuery object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ object| DiscordSentry function| _ object| platform object| IntlPolyfill

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://clientbot.netheberg.fr/(Line 80) Message: null
console-api	log	URL: https://clientbot.netheberg.fr/(Line 156) Message: loaded /assets/e1180c171e5a54377584.js
console-api	log	URL: https://clientbot.netheberg.fr/(Line 156) Message: loaded /assets/07ca8d15cc9ad4ffc0f6.js
console-api	log	URL: https://clientbot.netheberg.fr/(Line 156) Message: loaded /assets/c05bdc0c5c3c90e28c77.js
console-api	log	(Line 16) Message: loaded /assets/7288c77130c62ff8aa82.js
console-api	log	(Line 16) Message: worker
console-api	log	(Line 16) Message: [object Object]
console-api	log	(Line 16) Message: varname ie
console-api	log	(Line 16) Message: [BUILD INFO] Release Channel: stable, Build Number: 61151, Version Hash: d9b3bbf67efa3616b831ec73a7cb92be04c2675f
console-api	log	(Line 16) Message: patch login screen
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [0ms] connecting to wss://remote-auth-gateway.discord.gg/?v=1
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [291ms] got hello, auth timeout=120000ms
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [337ms] connected, handshaking with fingerprint: pkhWuWRvn_bl333zxPmAV9v4HFPOmBvF02f1hMwf81w
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [481ms] computed nonce proof
console-api	info	(Line 16) Message: %c[LoginQRSocket] font-weight: bold; color: purple; [604ms] handshake complete awaiting remote auth.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clientbot.netheberg.fr
code.jquery.com
cors.flam3rboy.workers.dev
discord.com
162.159.138.232
2001:4de0:ac19::1:b:1b
217.182.116.210
2606:4700:3037::681f:4fac
00d2008ce6e24ccb5446bfc817baf5f8ccd50c553617ac514e054c1eed210ad5
0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4
1784e9baa97ab89c7eff52ebc50f68dc0a71d1564cdbb6121c9f3bd5eeeb9a67
2f7d7f5e96c1cc5d74ca02249487ccdd644f262ec8d1a3cdbe7ebf7ba6195819
3a54dfbd23e8e5430f9f5dd464a9eff92cb1bfc18bce64380da20765dc6927eb
46361595879e57ec7e80b3e0469aef94cb7cb03dc5f816c1f78dc1030b6c5ce9
8ae8119962b9358ab934ffb612e634fa23ca462c720c8915a8306c4c984d1cba
9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff
9ef5e9455163a0f87d6abfad825678756b6425129888db186d310df76d08ebe5
9fee1eec3111071ea6fb8d5605715ae29d9ed78c0f9a5db2be9001c38e91da68
a54311ff26fac801ea1a33e0acca8276f13626ba9a9ae631bdc673f22f9f2729
ab99ac1bd681a5b3b56e1c34baa290ceaabece99a9476cac441f56a48736ad37
ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae
ccf15a74e05b3a1a0300e242eef8ab16ed2af0d09d929a0956d4a0d42a88ca33
d312bf75e4146aa610443391030b17057bb9427015694925c14d1308a05d3bc0
dbf36b2b2e321feebbfd92930ca921ccd2f6831c56e012bc049b41d260b0903f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d