rbxforget.com Open in urlscan Pro
13.32.27.120 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rbxforget.com/
Submission Tags: phishingrod
Submission: On July 29 via api (July 29th 2024, 4:42:18 am UTC) from DE — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 13.32.27.120, located in United States and belongs to AMAZON-02, US. The main domain is rbxforget.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on July 28th 2024. Valid for: a year.

This is the only time rbxforget.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	13.32.27.120 13.32.27.120	16509 (AMAZON-02) (AMAZON-02)
1	13.35.58.22 13.35.58.22	16509 (AMAZON-02) (AMAZON-02)
1 8	2606:4700::68... 2606:4700::6812:165	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.35.58.79 13.35.58.79	16509 (AMAZON-02) (AMAZON-02)
15	5

4 13.32.27.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-120.fra56.r.cloudfront.net

rbxforget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-22.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:165 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

driven-bulldog-86.clerk.accounts.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.58.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-79.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	accounts.dev 1 redirects driven-bulldog-86.clerk.accounts.dev	222 KB
4	rbxforget.com rbxforget.com	112 KB
3	stripe.com js.stripe.com — Cisco Umbrella Rank: 2856	174 KB
15	3

	Domain	Requested by
8	driven-bulldog-86.clerk.accounts.dev	1 redirects rbxforget.com driven-bulldog-86.clerk.accounts.dev
4	rbxforget.com	rbxforget.com
3	js.stripe.com	rbxforget.com js.stripe.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
rbxforget.com Amazon RSA 2048 M03	`2024-07-28` - `2025-08-26`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-07-23` - `2024-10-24`	3 months	crt.sh
clerk.accounts.dev E6	`2024-06-27` - `2024-09-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://rbxforget.com/
Frame ID: A7F98F644B980E5B9058BDF34915CBEE
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-26a75181d4a3a79f82a9a79bf4d5295b.html
Frame ID: 86E9167B6C818D8A99CD6B35CBCEB710
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 905AF34177877C8AE30D42FB76F9DD0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RBX Forget

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

15
Requests

87 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

5
IPs

1
Countries

508 kB
Transfer

1749 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js HTTP 307
https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/clerk.browser.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rbxforget.com/ 483 B
840 B 205ms
7ms Document
text/html 13.32.27.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rbxforget.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-120.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e111458adf9ccff56874b969bbb51d4a2029bc13eeb91fa9fd7269a64f97180c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 39674
content-length: 483
content-type: text/html
date: Sun, 28 Jul 2024 17:40:59 GMT
etag: "bf56bebf565396e399d30b1fcd3f24a8"
last-modified: Sun, 28 Jul 2024 16:15:48 GMT
server: AmazonS3
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
x-amz-cf-id: Brka38ZG5B2YceInujkDV7T6OTYhBQhEcX5cd-ZkJbrpi-NTc368Kg==
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 index-BNOTLM4Y.js Show response
rbxforget.com/static/assets/ 324 KB
101 KB 20ms
19ms Script
application/javascript 13.32.27.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rbxforget.com/static/assets/index-BNOTLM4Y.js
Requested by: Host: rbxforget.com
URL: https://rbxforget.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-120.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 501a41616a82116ee73e873d06e7933067db1b52dae7e9deab6f1669a3e5028a

Request headers

Referer: https://rbxforget.com/
Origin: https://rbxforget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 17:41:14 GMT
content-encoding: gzip
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
last-modified: Sun, 28 Jul 2024 16:15:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 39659
etag: W/"0d2675100adb85745c32561c33471339"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6VrW_r31_qZhIHoVvP6OChHx4qqhWYfXpX8c4ZR0e-APb5z-TlyePw==

GET
H2 200 index-BuQWUJoP.css
rbxforget.com/static/assets/ 61 KB
10 KB 421ms
421ms Stylesheet
text/css 13.32.27.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rbxforget.com/static/assets/index-BuQWUJoP.css
Requested by: Host: rbxforget.com
URL: https://rbxforget.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-120.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e66e2c0dfdae2b071fe7a2384e27e21a18ba3d903f0af42083748ccdd6ab86d0

Request headers

Referer: https://rbxforget.com/
Origin: https://rbxforget.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 04:42:14 GMT
content-encoding: br
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
last-modified: Sun, 28 Jul 2024 16:15:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: W/"20be09e167241049b7367cb8016c716b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: eU5bKdxGpb-xacztpQgchypKdteXGgxis1t9Z9aH5s-XH_Ssne7zYw==

GET
H2 200 v3 Show response
js.stripe.com/ 629 KB
174 KB 34ms
9ms Script
text/javascript 13.35.58.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: rbxforget.com
URL: https://rbxforget.com/static/assets/index-BNOTLM4Y.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-22.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7e148ed76615ce1b2cfd6cad1c90d445b7994feb8093ebc2cf70c5c2d9df0ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 04:42:13 GMT
content-encoding: gzip
via: 1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 15
x-amz-cf-pop: FRA60-P10
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Jul 2024 20:40:29 GMT
server: Cloudfront
etag: W/"22924dff9a490015e5c65852479ba3f3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: hq6laqJo7oOnRX2N07IUqZ4QYjk1GhtIAQNOB6cF5NlBZm-KLBd1HQ==

GET
H3

200

clerk.browser.js Show response
driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/
Redirect Chain

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js
https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/clerk.browser.js

217 KB
62 KB

34ms
34ms

Script
application/javascript

2606:4700::6812:165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/clerk.browser.js

Requested by

Host: rbxforget.com
URL: https://rbxforget.com/

Protocol

Server

2606:4700::6812:165 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40f85666db130911723d10f635547b3c9e85588d406a382b945277ce4656bff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 04:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 462604
x-jsd-version: 5.10.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 63054
x-served-by: cache-fra-etou8220120-FRA, cache-lga21981-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"36336-kUqh6FhD+wcAZhKl5bmzFnSD0zU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 8aaa70ebaca81e6c-FRA
timing-allow-origin: *

Redirect headers

date: Mon, 29 Jul 2024 04:42:13 GMT
server: cloudflare
vary: Accept-Encoding
location: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/clerk.browser.js
access-control-allow-origin: *
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8aaa70eb5c6b1e6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 controller-with-preconnect-26a75181d4a3a79f82a9a79bf4d5295b.html
js.stripe.com/v3/ Frame 86E9 0
0 19ms
7ms Document
text/html 13.35.58.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-26a75181d4a3a79f82a9a79bf4d5295b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.58.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-79.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 46
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-length: 651
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 29 Jul 2024 04:41:27 GMT
etag: "26a75181d4a3a79f82a9a79bf4d5295b"
last-modified: Fri, 26 Jul 2024 20:06:37 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d6f0ad3267f72bf9b59a5eb61f811fe2.cloudfront.net (CloudFront)
x-amz-cf-id: ncK1FVvwljDW48ecJEA4aZWVGkpK-u3kRJwUU4v69S8uP1h64aOiBg==
x-amz-cf-pop: FRA60-P10
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 dev_browser Show response
driven-bulldog-86.clerk.accounts.dev/v1/ 663 B
1 KB 173ms
173ms Fetch
application/json 2606:4700::6812:165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://driven-bulldog-86.clerk.accounts.dev/v1/dev_browser?_clerk_js_version=5.10.1
Requested by: Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e6907a205f9ef4f1ae282c5d9bddc664972f89463c30d186edde242561d63de

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

clerk-api-version: 2021-02-05
date: Mon, 29 Jul 2024 04:42:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-clerk-trace-id: 2fda70fb132de1aba9ebfc1755a6753d
x-cfworker: 1
vary: Origin, Accept-Encoding
content-type: application/json
x-country: DE
access-control-allow-origin: https://rbxforget.com
x-cloud-trace-context: 2fda70fb132de1aba9ebfc1755a6753d
access-control-expose-headers: Authorization, X-Country, Clerk-Cookie, Clerk-Db-Jwt
access-control-allow-credentials: true
cf-ray: 8aaa70ec1d121e6c-FRA
x-robots-tag: noindex, nofollow

GET
BLOB 200
OK 5d9310ff-f76e-4e99-a888-a245930a7fa5
https://rbxforget.com/ 527 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rbxforget.com/5d9310ff-f76e-4e99-a888-a245930a7fa5
Requested by: Host: rbxforget.com
URL: https://rbxforget.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b99cfa967e2b8519539505694f76bffd212ab664ed3404643e9cf2a0d3380662

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 527
Content-Type: application/javascript; charset=utf-8

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 905A 0
0 8ms
8ms Document
text/html 13.35.58.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

13.35.58.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-58-79.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1174
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 29 Jul 2024 04:22:50 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Wed, 24 Jul 2024 20:03:32 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-amz-cf-id: WDPOfCMhDcL-kHLf8rIpIROu_k3ndEzHE9t9f_pw-JCy4azcTuR6qQ==
x-amz-cf-pop: FRA60-P10
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 rbxforget.svg
rbxforget.com/static/ 543 B
893 B 432ms
431ms Other
image/svg+xml 13.32.27.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rbxforget.com/static/rbxforget.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-120.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c37e3484cdbd27ea4792c001f10b9a6f411116e2aa63f1154c5c0249fe6bd480

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 04:42:15 GMT
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
last-modified: Sun, 28 Jul 2024 16:15:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "1f75d6033ece4e5cfc27d241e1b47a42"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 543
x-amz-cf-id: GSJ84FNzTXSo4DQ1NIX8nm7-ON4HeEufDqeKl0SI50aiH_hs0_WMaw==

POST
H3 200 environment Show response
driven-bulldog-86.clerk.accounts.dev/v1/ 6 KB
3 KB 248ms
237ms Fetch
application/json 2606:4700::6812:165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://driven-bulldog-86.clerk.accounts.dev/v1/environment?_clerk_js_version=5.10.1&_method=PATCH&__clerk_db_jwt=dvb_2juDajXE9LImw1bhB2niXR7ISTi
Requested by: Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ff0f1037ca476bacaf14ca4e666cb55053799d6c0edd2904569d8c82d2791b8

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

clerk-api-version: 2021-02-05
date: Mon, 29 Jul 2024 04:42:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
clerk-db-jwt: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXYiOiJkdmJfMmp1RGFqWEU5TEltdzFiaEIybmlYUjdJU1RpIn0.U3hEBFNqL_jCd1oF3Z1dOQ9e_86qBB3giI8WCCgv4ExqgsWdr_EmvX7VepXKSr9F-ZmYIiYRTcma5iiOzny1Pul-SogWQfyGw7tUtUJeYLEm8j3dq4YJDhXm2-sSCnzhxyttWjyNebASLzkLjDMV92Mzd4rEgj2hpbYh5wgvqTaxfODn8EhXpk1yOVJMUSsu7tUQx2OhEwP8YvqUW0OWjdQRgAGR4I4kz2PM_yHUDcRnD1v9baZhe4PRnAlmN_AIQG9aUy6GoDmbJqZlOkSYKqt5DWZKjLMLeGlJOqUiCqyhNOD4vlQkqP2KxajbLOb_G8NFAUI4V4R4CeFhlXFf6g
server: cloudflare
x-clerk-trace-id: 0f95c9b9f9192143e3c91a7025153fb7
x-cfworker: 1
vary: Origin, Accept-Encoding
content-type: application/json
x-country: DE
access-control-allow-origin: https://rbxforget.com
access-control-expose-headers: Authorization, X-Country, Clerk-Cookie, Clerk-Db-Jwt
cache-control: private
access-control-allow-credentials: true
cf-ray: 8aaa70ed39f62c04-FRA
x-robots-tag: noindex, nofollow
expires: Mon, 29 Jul 2024 04:42:14 GMT

GET
H3 200 client Show response
driven-bulldog-86.clerk.accounts.dev/v1/ 31 B
1 KB 173ms
163ms Fetch
application/json 2606:4700::6812:165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://driven-bulldog-86.clerk.accounts.dev/v1/client?_clerk_js_version=5.10.1&__clerk_db_jwt=dvb_2juDajXE9LImw1bhB2niXR7ISTi
Requested by: Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d2f5462aefa4901181b92e71c95006c1ec2342de6fa1f4b6d44147fa214736

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

clerk-api-version: 2021-02-05
date: Mon, 29 Jul 2024 04:42:14 GMT
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
content-length: 31
clerk-db-jwt: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXYiOiJkdmJfMmp1RGFqWEU5TEltdzFiaEIybmlYUjdJU1RpIn0.U3hEBFNqL_jCd1oF3Z1dOQ9e_86qBB3giI8WCCgv4ExqgsWdr_EmvX7VepXKSr9F-ZmYIiYRTcma5iiOzny1Pul-SogWQfyGw7tUtUJeYLEm8j3dq4YJDhXm2-sSCnzhxyttWjyNebASLzkLjDMV92Mzd4rEgj2hpbYh5wgvqTaxfODn8EhXpk1yOVJMUSsu7tUQx2OhEwP8YvqUW0OWjdQRgAGR4I4kz2PM_yHUDcRnD1v9baZhe4PRnAlmN_AIQG9aUy6GoDmbJqZlOkSYKqt5DWZKjLMLeGlJOqUiCqyhNOD4vlQkqP2KxajbLOb_G8NFAUI4V4R4CeFhlXFf6g
server: cloudflare
x-clerk-trace-id: d8add5484c1885cbd5d54f97eb356575
x-cfworker: 1
vary: Origin, Accept-Encoding
content-type: application/json
x-country: DE
access-control-allow-origin: https://rbxforget.com
x-cloud-trace-context: d8add5484c1885cbd5d54f97eb356575
cache-control: no-store
access-control-allow-credentials: true
access-control-expose-headers: Authorization, X-Country, Clerk-Cookie, Clerk-Db-Jwt
cf-ray: 8aaa70ed39f82c04-FRA
x-robots-tag: noindex, nofollow
expires: Mon, 29 Jul 2024 04:42:14 GMT

GET
H3 200 vendors_13ac2b_5.10.1.js Show response
driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/ 203 KB
67 KB 33ms
33ms Script
application/javascript 2606:4700::6812:165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/vendors_13ac2b_5.10.1.js

Requested by

Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:165 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3800b73bcb9447b9d80c90253c8779956413fa3f4a5345b494198a6521f1ed32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 04:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 462602
x-jsd-version: 5.10.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 68466
x-served-by: cache-fra-eddf8230076-FRA, cache-lga21932-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"32a84-dyfuzx4GG4vBoNnyrhYYIVchFlA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 8aaa70eecb302c04-FRA
timing-allow-origin: *

GET
H3 200 ui-common_13ac2b_5.10.1.js Show response
driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/ 297 KB
84 KB 39ms
39ms Script
application/javascript 2606:4700::6812:165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/ui-common_13ac2b_5.10.1.js

Requested by

Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:165 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08b806003a1f08fea7224f42f058172b28b09ca64fd84c685e0c7e6a13b635c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 04:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 462603
x-jsd-version: 5.10.1
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85436
x-served-by: cache-fra-etou8220024-FRA, cache-lga21967-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"4a536-7f/ilP2tpMa/XrLChkcAS+C/yrY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 8aaa70eecb312c04-FRA
timing-allow-origin: *

GET
H3 200 userbutton_13ac2b_5.10.1.js Show response
driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/ 10 KB
3 KB 33ms
33ms Script
application/javascript 2606:4700::6812:165
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5.10.1/dist/userbutton_13ac2b_5.10.1.js

Requested by

Host: driven-bulldog-86.clerk.accounts.dev
URL: https://driven-bulldog-86.clerk.accounts.dev/npm/@clerk/clerk-js@5/dist/clerk.browser.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:165 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb7dc5a359b4bfa2815d3a4f5d6c45d2916becfd8c3ac595299af8095262a774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbxforget.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jul 2024 04:42:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 462584
x-jsd-version: 5.10.1
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230087-FRA, cache-lga21949-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"2675-tjxJJV2h4Dq0Sc9GjRbkQcmlFbs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 8aaa70ef6b812c04-FRA
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rbxforget.com/	1970-01-21 07:09:24	Name: __clerk_db_jwt_HyCEkCVW Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXYiOiJkdmJfMmp1RGFqWEU5TEltdzFiaEIybmlYUjdJU1RpIn0.U3hEBFNqL_jCd1oF3Z1dOQ9e_86qBB3giI8WCCgv4ExqgsWdr_EmvX7VepXKSr9F-ZmYIiYRTcma5iiOzny1Pul-SogWQfyGw7tUtUJeYLEm8j3dq4YJDhXm2-sSCnzhxyttWjyNebASLzkLjDMV92Mzd4rEgj2hpbYh5wgvqTaxfODn8EhXpk1yOVJMUSsu7tUQx2OhEwP8YvqUW0OWjdQRgAGR4I4kz2PM_yHUDcRnD1v9baZhe4PRnAlmN_AIQG9aUy6GoDmbJqZlOkSYKqt5DWZKjLMLeGlJOqUiCqyhNOD4vlQkqP2KxajbLOb_G8NFAUI4V4R4CeFhlXFf6g
rbxforget.com/	1970-01-21 07:09:24	Name: __clerk_db_jwt Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXYiOiJkdmJfMmp1RGFqWEU5TEltdzFiaEIybmlYUjdJU1RpIn0.U3hEBFNqL_jCd1oF3Z1dOQ9e_86qBB3giI8WCCgv4ExqgsWdr_EmvX7VepXKSr9F-ZmYIiYRTcma5iiOzny1Pul-SogWQfyGw7tUtUJeYLEm8j3dq4YJDhXm2-sSCnzhxyttWjyNebASLzkLjDMV92Mzd4rEgj2hpbYh5wgvqTaxfODn8EhXpk1yOVJMUSsu7tUQx2OhEwP8YvqUW0OWjdQRgAGR4I4kz2PM_yHUDcRnD1v9baZhe4PRnAlmN_AIQG9aUy6GoDmbJqZlOkSYKqt5DWZKjLMLeGlJOqUiCqyhNOD4vlQkqP2KxajbLOb_G8NFAUI4V4R4CeFhlXFf6g
.driven-bulldog-86.clerk.accounts.dev/	1970-01-20 22:23:49	Name: __cf_bm Value: JTOlONjhbuw2DQKcSc5CQMofZD7f98UenjDOTLciy6E-1722228134-1.0.1.1-mcbbMTK4uDJnG0tJTEdIWTRSfrewEIpXX_ox5nE5s.zWjMgn2sDcCNr9pseLipwxXRHhC.ab3iGJH6QKSXsGyw
.driven-bulldog-86.clerk.accounts.dev/	1969-12-31 23:59:59	Name: _cfuvid Value: Bl.0QTSEu8e0PIUWlVM9z91O6faOqUQssKXiK8T2unE-1722228134188-0.0.1.1-604800000
.rbxforget.com/	1970-01-21 07:09:24	Name: __client_uat_HyCEkCVW Value: 0
.rbxforget.com/	1970-01-21 07:09:24	Name: __client_uat Value: 0
m.stripe.com/	1970-01-21 07:59:48	Name: m Value: febb03c9-ebb4-4c8f-bd2e-3613b46ba27525892f
.rbxforget.com/	1970-01-21 07:09:24	Name: __stripe_mid Value: 24930a7d-548c-4417-a93c-93fe51472ee1c7e12e
.rbxforget.com/	1970-01-20 22:23:49	Name: __stripe_sid Value: 038b0173-34bd-4c0d-b01e-b4ec09e2fae735e5b3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

driven-bulldog-86.clerk.accounts.dev
js.stripe.com
rbxforget.com
13.32.27.120
13.35.58.22
13.35.58.79
2606:4700::6812:165
08b806003a1f08fea7224f42f058172b28b09ca64fd84c685e0c7e6a13b635c3
3800b73bcb9447b9d80c90253c8779956413fa3f4a5345b494198a6521f1ed32
40f85666db130911723d10f635547b3c9e85588d406a382b945277ce4656bff8
501a41616a82116ee73e873d06e7933067db1b52dae7e9deab6f1669a3e5028a
5e6907a205f9ef4f1ae282c5d9bddc664972f89463c30d186edde242561d63de
7e148ed76615ce1b2cfd6cad1c90d445b7994feb8093ebc2cf70c5c2d9df0ac3
9ff0f1037ca476bacaf14ca4e666cb55053799d6c0edd2904569d8c82d2791b8
b99cfa967e2b8519539505694f76bffd212ab664ed3404643e9cf2a0d3380662
c37e3484cdbd27ea4792c001f10b9a6f411116e2aa63f1154c5c0249fe6bd480
cb7dc5a359b4bfa2815d3a4f5d6c45d2916becfd8c3ac595299af8095262a774
d9d2f5462aefa4901181b92e71c95006c1ec2342de6fa1f4b6d44147fa214736
e111458adf9ccff56874b969bbb51d4a2029bc13eeb91fa9fd7269a64f97180c
e66e2c0dfdae2b071fe7a2384e27e21a18ba3d903f0af42083748ccdd6ab86d0

rbxforget.com Open in urlscan Pro 13.32.27.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

87 %HTTPS

25 %IPv6

3 Domains

3 Subdomains

5 IPs

1 Countries

508 kBTransfer

1749 kBSize

9 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

9 Cookies

Indicators

rbxforget.com Open in urlscan Pro
13.32.27.120 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

5
IPs

1
Countries

508 kB
Transfer

1749 kB
Size

9
Cookies

15 HTTP transactions
0 data transactions