rbxforget.com Open in urlscan Pro
18.245.46.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rbxforget.com/
Submission Tags: phishingrod
Submission: On August 09 via api (August 9th 2024, 4:37:49 am UTC) from DE — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 18.245.46.56, located in United States and belongs to AMAZON-02, US. The main domain is rbxforget.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 8th 2024. Valid for: a year.

This is the only time rbxforget.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	18.245.46.56 18.245.46.56	16509 (AMAZON-02) (AMAZON-02)
1	13.33.187.32 13.33.187.32	16509 (AMAZON-02) (AMAZON-02)
1 8	104.18.1.101 104.18.1.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.33.187.45 13.33.187.45	16509 (AMAZON-02) (AMAZON-02)
15	5

4 18.245.46.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-56.fra56.r.cloudfront.net

rbxforget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-32.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.1.101 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

driven-bulldog-86.clerk.accounts.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.187.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-45.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	accounts.dev 1 redirects driven-bulldog-86.clerk.accounts.dev	224 KB
4	rbxforget.com rbxforget.com	122 KB
3	stripe.com js.stripe.com — Cisco Umbrella Rank: 2856	156 KB
15	3

	Domain	Requested by
8	driven-bulldog-86.clerk.accounts.dev	1 redirects rbxforget.com driven-bulldog-86.clerk.accounts.dev
4	rbxforget.com	rbxforget.com
3	js.stripe.com	rbxforget.com js.stripe.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
rbxforget.com Amazon RSA 2048 M03	`2024-08-08` - `2025-09-06`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-07-23` - `2024-10-24`	3 months	crt.sh
clerk.accounts.dev E6	`2024-06-27` - `2024-09-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://rbxforget.com/
Frame ID: D765D55DB4CB639F3186775DB216931A
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-3b945024a570deea9eee1e507e0df695.html
Frame ID: 0D966B9B85D75910085AE25CC43AD8CF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 3ED73B839B49B4FA94CB2DD7D5077B78
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RBX Forget

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

15
Requests

87 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

502 kB
Transfer

1831 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js HTTP 307
https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/clerk.browser.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rbxforget.com/ 483 B
839 B 39ms
8ms Document
text/html 18.245.46.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rbxforget.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99df7cf5e9ca5d4c8421ec4a29aa09de046c21d53740d7b68a0ae23ca8a4192f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 38577
content-length: 483
content-type: text/html
date: Thu, 08 Aug 2024 17:54:46 GMT
etag: "3229c8c89da48b1dca79ff4668f0a303"
last-modified: Thu, 08 Aug 2024 16:21:31 GMT
server: AmazonS3
via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
x-amz-cf-id: aQY8TbCXfPXB4t4AYY_tO_Zx8X40vfXftRqZFa6Nikzs0jSo6Mslpw==
x-amz-cf-pop: FRA56-P9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 index-DCuktCzT.js Show response
rbxforget.com/static/assets/ 367 KB
108 KB 581ms
580ms Script
application/javascript 18.245.46.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rbxforget.com/static/assets/index-DCuktCzT.js
Requested by: Host: rbxforget.com
URL: https://rbxforget.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31d71abdf116fc720e55585aa5e1f14ebd42f4442de531addb6b6618a37c4615

Request headers

Referer: https://rbxforget.com/
Origin: https://rbxforget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 04:37:44 GMT
content-encoding: br
via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
last-modified: Thu, 08 Aug 2024 16:21:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: W/"e8ecade43d82abf546ac3647ba55a5f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: uMo4pvhopNQzbTDJxMBwOE--pfOohtE5Dsa_kJUP_aQFjILVaVsaCQ==

GET
H2 200 index-BV0H4c0Y.css
rbxforget.com/static/assets/ 83 KB
12 KB 503ms
503ms Stylesheet
text/css 18.245.46.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rbxforget.com/static/assets/index-BV0H4c0Y.css
Requested by: Host: rbxforget.com
URL: https://rbxforget.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 753e4206316410efa694bd0d1a1596cda46881396b7d8023a9dd9ad72f6e27a6

Request headers

Referer: https://rbxforget.com/
Origin: https://rbxforget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 04:37:44 GMT
content-encoding: br
via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
last-modified: Thu, 08 Aug 2024 16:21:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: W/"fdcbc3678040532014ce17d969b86172"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: 4RUiWmZ4_irDfhCGyiUo_FcYnFJ48MO4cM6KdX48SIDP8mNEozNu1w==

GET
H2 200 v3 Show response
js.stripe.com/ 637 KB
156 KB 80ms
9ms Script
text/javascript 13.33.187.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: rbxforget.com
URL: https://rbxforget.com/static/assets/index-DCuktCzT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-32.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

63357365ddf4539aeada6c5842c5b524ce5423ffa04edb2c3312c45c8cf6464f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 04:37:37 GMT
content-encoding: br
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 45
x-amz-cf-pop: FRA60-P9
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Aug 2024 17:49:23 GMT
server: Cloudfront
etag: W/"bf491ffe84c8439ffbe3b75be8234d2e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: Nxv1u_8vMB4gwrBrDdfRhuLkYyvMzsznVZ4R0-F9z_zNVvMorkcWlg==

GET
H3

200

clerk.browser.js Show response
driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/
Redirect Chain

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js
https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/clerk.browser.js

218 KB
63 KB

29ms
28ms

Script
application/javascript

104.18.1.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/clerk.browser.js

Requested by

Host: rbxforget.com
URL: https://rbxforget.com/

Protocol

Server

104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d850ac2424aae4d11df639b55066b68d9da77f5b65a9f80a7a5fcce16e0818a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 04:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 36750
x-jsd-version: 5.14.0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 63387
x-served-by: cache-fra-etou8220064-FRA, cache-lga21977-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"36801-w+wVPtjTlco1p1k4pC8IkrCug0M"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 8b050d75bfb19070-FRA
timing-allow-origin: *

Redirect headers

date: Fri, 09 Aug 2024 04:37:43 GMT
server: cloudflare
vary: Accept-Encoding
location: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/clerk.browser.js
access-control-allow-origin: *
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8b050d758f9d9070-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 controller-with-preconnect-3b945024a570deea9eee1e507e0df695.html
js.stripe.com/v3/ Frame 0D96 0
0 22ms
9ms Document
text/html 13.33.187.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-3b945024a570deea9eee1e507e0df695.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-45.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 49
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 651
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 09 Aug 2024 04:36:56 GMT
etag: "3b945024a570deea9eee1e507e0df695"
last-modified: Thu, 08 Aug 2024 17:07:21 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6b284415724869adc9db63c19e48e420.cloudfront.net (CloudFront)
x-amz-cf-id: axc-6ebdkNGjKb8mZylIhZ0hhPtKzn4ycDwCYptvSX2GVuQut4k3QQ==
x-amz-cf-pop: FRA60-P9
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 dev_browser Show response
driven-bulldog-86.clerk.accounts.dev/v1/ 663 B
1 KB 180ms
180ms Fetch
application/json 104.18.1.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://driven-bulldog-86.clerk.accounts.dev/v1/dev_browser?_clerk_js_version=5.14.0
Requested by: Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ecd06f4745f2937281203504c372a68a365bfea858fb6e2e5c33e7d07bc2549

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

clerk-api-version: 2021-02-05
date: Fri, 09 Aug 2024 04:37:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-clerk-trace-id: a171ccf9bc80fd975059ebd063bd2f8b
x-cfworker: 1
vary: Origin, Accept-Encoding
content-type: application/json
x-country: DE
access-control-allow-origin: https://rbxforget.com
x-cloud-trace-context: a171ccf9bc80fd975059ebd063bd2f8b
access-control-expose-headers: Authorization, X-Country, Clerk-Cookie, Clerk-Db-Jwt
access-control-allow-credentials: true
cf-ray: 8b050d761fde9070-FRA
x-robots-tag: noindex, nofollow

GET
BLOB 200
OK 649c5416-3ce0-4a18-9caf-39ba7d8e526f
https://rbxforget.com/ 527 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rbxforget.com/649c5416-3ce0-4a18-9caf-39ba7d8e526f
Requested by: Host: rbxforget.com
URL: https://rbxforget.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b99cfa967e2b8519539505694f76bffd212ab664ed3404643e9cf2a0d3380662

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 527
Content-Type: application/javascript; charset=utf-8

GET
H2 200 rbxforget.svg
rbxforget.com/static/ 543 B
892 B 433ms
433ms Other
image/svg+xml 18.245.46.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rbxforget.com/static/rbxforget.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c37e3484cdbd27ea4792c001f10b9a6f411116e2aa63f1154c5c0249fe6bd480

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 04:37:45 GMT
via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
last-modified: Thu, 08 Aug 2024 16:21:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "1f75d6033ece4e5cfc27d241e1b47a42"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 543
x-amz-cf-id: EYCKKMzXES9fWfEbo48ChneN7KKnt9ix-_4aFE6sBCmbEPrYhAFuEg==

POST
H3 200 environment Show response
driven-bulldog-86.clerk.accounts.dev/v1/ 6 KB
3 KB 191ms
180ms Fetch
application/json 104.18.1.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://driven-bulldog-86.clerk.accounts.dev/v1/environment?_clerk_js_version=5.14.0&_method=PATCH&__clerk_db_jwt=dvb_2kPHP6HrzSmQv4C6r6L03pzNBPp
Requested by: Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 004fecd84d7e6b88e4483354747a0fe4688b8bfbcf3f9cbec787a39312632598

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

clerk-api-version: 2021-02-05
date: Fri, 09 Aug 2024 04:37:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
clerk-db-jwt: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXYiOiJkdmJfMmtQSFA2SHJ6U21RdjRDNnI2TDAzcHpOQlBwIn0.d_TRt2DTXBiRjzsET7XctqOHvReSkX2xTf-piSap72a9DVcJ60ZCIvJmohnI3CkeNIAu1J09_ZsDr1xQxkoGDMu8bvMAuA8ktoVU5e8BNP2rvYC4uU-1WSt33f2AtWphET91VVTQLipQ-_Ekd9SdZNgiGQrfwI4e5fDy56Ydvr0lMkAKfNrm6cRkl8UIHQfxO9eJ95U0Jz92dxpMYniu_q6jU5zOmwPCHwB9PIEJbuc0Y6JctWa6V7edf7FTq_QpZQJTtx0f6DpJYN5BDc5UnDfg2dY67wh8dVkCnbT_6N9jBZisxIdLVFaF7WOKcEoYBhkkPMWWKongGTqJXIsnKg
server: cloudflare
x-clerk-trace-id: f9f2e6cc84b899923df2e2bbe2d48d79
x-cfworker: 1
vary: Origin, Accept-Encoding
content-type: application/json
x-country: DE
access-control-allow-origin: https://rbxforget.com
access-control-expose-headers: Authorization, X-Country, Clerk-Cookie, Clerk-Db-Jwt
cache-control: private
access-control-allow-credentials: true
cf-ray: 8b050d775efe9729-FRA
x-robots-tag: noindex, nofollow
expires: Fri, 09 Aug 2024 04:37:44 GMT

GET
H3 200 client Show response
driven-bulldog-86.clerk.accounts.dev/v1/ 31 B
1 KB 169ms
159ms Fetch
application/json 104.18.1.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://driven-bulldog-86.clerk.accounts.dev/v1/client?_clerk_js_version=5.14.0&__clerk_db_jwt=dvb_2kPHP6HrzSmQv4C6r6L03pzNBPp
Requested by: Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d2f5462aefa4901181b92e71c95006c1ec2342de6fa1f4b6d44147fa214736

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

clerk-api-version: 2021-02-05
date: Fri, 09 Aug 2024 04:37:44 GMT
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 31
clerk-db-jwt: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXYiOiJkdmJfMmtQSFA2SHJ6U21RdjRDNnI2TDAzcHpOQlBwIn0.d_TRt2DTXBiRjzsET7XctqOHvReSkX2xTf-piSap72a9DVcJ60ZCIvJmohnI3CkeNIAu1J09_ZsDr1xQxkoGDMu8bvMAuA8ktoVU5e8BNP2rvYC4uU-1WSt33f2AtWphET91VVTQLipQ-_Ekd9SdZNgiGQrfwI4e5fDy56Ydvr0lMkAKfNrm6cRkl8UIHQfxO9eJ95U0Jz92dxpMYniu_q6jU5zOmwPCHwB9PIEJbuc0Y6JctWa6V7edf7FTq_QpZQJTtx0f6DpJYN5BDc5UnDfg2dY67wh8dVkCnbT_6N9jBZisxIdLVFaF7WOKcEoYBhkkPMWWKongGTqJXIsnKg
server: cloudflare
x-clerk-trace-id: 512e279f241b5cfac7cbdfdc68c08ea7
x-cfworker: 1
vary: Origin, Accept-Encoding
content-type: application/json
x-country: DE
access-control-allow-origin: https://rbxforget.com
x-cloud-trace-context: 512e279f241b5cfac7cbdfdc68c08ea7
cache-control: no-store
access-control-allow-credentials: true
access-control-expose-headers: Authorization, X-Country, Clerk-Cookie, Clerk-Db-Jwt
cf-ray: 8b050d775f009729-FRA
x-robots-tag: noindex, nofollow
expires: Fri, 09 Aug 2024 04:37:44 GMT

GET
H3 200 vendors_79754e_5.14.0.js Show response
driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/ 203 KB
67 KB 64ms
64ms Script
application/javascript 104.18.1.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/vendors_79754e_5.14.0.js

Requested by

Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb65c46ab3a4c20ba1287bcdfc06c6decd9c0c67066c62f357528524fba6772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 04:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 36750
x-jsd-version: 5.14.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 68467
x-served-by: cache-fra-eddf8230077-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"32a84-d7OCVTaQb0DKqCoQ4CTEVin3o58"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b050d788fe89729-FRA
timing-allow-origin: *
expires: Sat, 09 Aug 2025 04:37:44 GMT

GET
H3 200 ui-common_79754e_5.14.0.js Show response
driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/ 302 KB
85 KB 46ms
46ms Script
application/javascript 104.18.1.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/ui-common_79754e_5.14.0.js

Requested by

Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca5b54dba06c9141884ce2a3d8254874847f38cf01fcc10de89a1575980150bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 04:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 36749
x-jsd-version: 5.14.0
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86670
x-served-by: cache-fra-etou8220111-FRA, cache-lga21972-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"4b69f-GVdquGObOar4sXszvp048fKWnNw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2m2SnYCPe2a6P3J6kQjwh6RlWxDPyh%2F%2FAdUvBBVQ060LXGG6TZ5hR5oxeZNxVlET1uPihWcwDEfa8SUcShA5bHFOChEZ7RLmIhwQ2Vb21qNrNpcWhS%2Fpjpc%2FCjDVAlrnCww%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b050d788fea9729-FRA
timing-allow-origin: *
expires: Sat, 09 Aug 2025 04:37:44 GMT

GET
H3 200 userbutton_79754e_5.14.0.js Show response
driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/ 12 KB
3 KB 30ms
30ms Script
application/javascript 104.18.1.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.14.0/dist/userbutton_79754e_5.14.0.js

Requested by

Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a175db1c6d8e4b63d671130102e57e3717a3bb76a71c617910bb189f1443b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 04:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 36741
x-jsd-version: 5.14.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2904
x-served-by: cache-fra-eddf8230131-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"30e1-FkFuGQxQ1gjae0vmE1vPdRJyJ2Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b050d79888f9729-FRA
timing-allow-origin: *
expires: Sat, 09 Aug 2025 04:37:44 GMT

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 3ED7 0
0 9ms
9ms Document
text/html 13.33.187.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

13.33.187.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-45.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3047
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 09 Aug 2024 03:47:03 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 06 Aug 2024 21:37:08 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
x-amz-cf-id: Z2IqhYHAFqYWJkBewQYfmc5cxPU6Yi7DVwE991OXhapHsTQU0cmMvA==
x-amz-cf-pop: FRA60-P9
x-cache: Hit from cloudfront
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rbxforget.com/	1970-01-21 07:25:14	Name: __clerk_db_jwt_HyCEkCVW Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXYiOiJkdmJfMmtQSFA2SHJ6U21RdjRDNnI2TDAzcHpOQlBwIn0.d_TRt2DTXBiRjzsET7XctqOHvReSkX2xTf-piSap72a9DVcJ60ZCIvJmohnI3CkeNIAu1J09_ZsDr1xQxkoGDMu8bvMAuA8ktoVU5e8BNP2rvYC4uU-1WSt33f2AtWphET91VVTQLipQ-_Ekd9SdZNgiGQrfwI4e5fDy56Ydvr0lMkAKfNrm6cRkl8UIHQfxO9eJ95U0Jz92dxpMYniu_q6jU5zOmwPCHwB9PIEJbuc0Y6JctWa6V7edf7FTq_QpZQJTtx0f6DpJYN5BDc5UnDfg2dY67wh8dVkCnbT_6N9jBZisxIdLVFaF7WOKcEoYBhkkPMWWKongGTqJXIsnKg
rbxforget.com/	1970-01-21 07:25:14	Name: __clerk_db_jwt Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXYiOiJkdmJfMmtQSFA2SHJ6U21RdjRDNnI2TDAzcHpOQlBwIn0.d_TRt2DTXBiRjzsET7XctqOHvReSkX2xTf-piSap72a9DVcJ60ZCIvJmohnI3CkeNIAu1J09_ZsDr1xQxkoGDMu8bvMAuA8ktoVU5e8BNP2rvYC4uU-1WSt33f2AtWphET91VVTQLipQ-_Ekd9SdZNgiGQrfwI4e5fDy56Ydvr0lMkAKfNrm6cRkl8UIHQfxO9eJ95U0Jz92dxpMYniu_q6jU5zOmwPCHwB9PIEJbuc0Y6JctWa6V7edf7FTq_QpZQJTtx0f6DpJYN5BDc5UnDfg2dY67wh8dVkCnbT_6N9jBZisxIdLVFaF7WOKcEoYBhkkPMWWKongGTqJXIsnKg
.driven-bulldog-86.clerk.accounts.dev/	1970-01-20 22:39:40	Name: __cf_bm Value: 0ohXEHZ17JHQA_kAMegotynf3Vb43z8loUTlemupK.8-1723178264-1.0.1.1-JbuXKA8Rps62fVdpelhgW4TxBR0vbKiHsqdbf.92Co9RIWV9skKBi_TJM1zCgQe.eqWbaRQSO3XBTajVOOmMxA
.driven-bulldog-86.clerk.accounts.dev/	1969-12-31 23:59:59	Name: _cfuvid Value: DzL655v8l5.Sp6uHdayepo8LTvJICEbsfZ6OzAU2l_s-1723178264383-0.0.1.1-604800000
.rbxforget.com/	1970-01-21 07:25:14	Name: __client_uat_HyCEkCVW Value: 0
.rbxforget.com/	1970-01-21 07:25:14	Name: __client_uat Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

driven-bulldog-86.clerk.accounts.dev
js.stripe.com
rbxforget.com
104.18.1.101
13.33.187.32
13.33.187.45
18.245.46.56
004fecd84d7e6b88e4483354747a0fe4688b8bfbcf3f9cbec787a39312632598
31d71abdf116fc720e55585aa5e1f14ebd42f4442de531addb6b6618a37c4615
3ecd06f4745f2937281203504c372a68a365bfea858fb6e2e5c33e7d07bc2549
5fb65c46ab3a4c20ba1287bcdfc06c6decd9c0c67066c62f357528524fba6772
63357365ddf4539aeada6c5842c5b524ce5423ffa04edb2c3312c45c8cf6464f
753e4206316410efa694bd0d1a1596cda46881396b7d8023a9dd9ad72f6e27a6
99df7cf5e9ca5d4c8421ec4a29aa09de046c21d53740d7b68a0ae23ca8a4192f
9a175db1c6d8e4b63d671130102e57e3717a3bb76a71c617910bb189f1443b1d
b99cfa967e2b8519539505694f76bffd212ab664ed3404643e9cf2a0d3380662
c37e3484cdbd27ea4792c001f10b9a6f411116e2aa63f1154c5c0249fe6bd480
ca5b54dba06c9141884ce2a3d8254874847f38cf01fcc10de89a1575980150bd
d850ac2424aae4d11df639b55066b68d9da77f5b65a9f80a7a5fcce16e0818a3
d9d2f5462aefa4901181b92e71c95006c1ec2342de6fa1f4b6d44147fa214736

rbxforget.com Open in urlscan Pro 18.245.46.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

87 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

5 IPs

2 Countries

502 kBTransfer

1831 kBSize

6 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

6 Cookies

Indicators

rbxforget.com Open in urlscan Pro
18.245.46.56 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

502 kB
Transfer

1831 kB
Size

6
Cookies

15 HTTP transactions
0 data transactions