rtfkt-x-airforce1.com Open in urlscan Pro
34.141.103.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rtfkt-x-airforce1.com/
Submission: On June 24 via api (June 24th 2023, 7:07:55 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 34.141.103.251, located in Frankfurt am Main, Germany and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is rtfkt-x-airforce1.com.
TLS certificate: Issued by R3 on May 29th 2023. Valid for: 3 months.

This is the only time rtfkt-x-airforce1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	34.141.103.251 34.141.103.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3035::6815:5aa6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:1::... 2606:4700:1::6813:8560	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	6

8 34.141.103.251 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.103.141.34.bc.googleusercontent.com

rtfkt-x-airforce1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:5aa6 (United States)

ASN13335 (CLOUDFLARENET, US)

bundle.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:8560 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.rtfkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	rtfkt-x-airforce1.com rtfkt-x-airforce1.com	688 KB
5	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1035	906 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	59 KB
1	rtfkt.com cdn.rtfkt.com	5 MB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	124 KB
1	bundle.run bundle.run — Cisco Umbrella Rank: 144514	11 KB
16	6

	Domain	Requested by
8	rtfkt-x-airforce1.com	rtfkt-x-airforce1.com
5	unpkg.com	2 redirects rtfkt-x-airforce1.com
2	cdn.jsdelivr.net	rtfkt-x-airforce1.com
1	cdn.rtfkt.com	rtfkt-x-airforce1.com
1	cdnjs.cloudflare.com	rtfkt-x-airforce1.com
1	bundle.run	rtfkt-x-airforce1.com
16	6

This site contains no links.

Subject Issuer	Validity	Valid
*.rtfkt-x-airforce1.com R3	`2023-05-29` - `2023-08-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
bundle.run E1	`2023-06-08` - `2023-09-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://rtfkt-x-airforce1.com/
Frame ID: B3C79722B5E5BD5242435CDAB4D32865
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RTFKT

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

16
Requests

88 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

7307 kB
Transfer

14341 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://unpkg.com/web3@latest/dist/web3.min.js HTTP 302
https://unpkg.com/web3@4.0.1/dist/web3.min.js

Request Chain 7

https://unpkg.com/moralis-v1@latest/dist/moralis.js HTTP 302
https://unpkg.com/moralis-v1@1.13.0/dist/moralis.js

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rtfkt-x-airforce1.com/ 4 KB
1 KB 195ms
11ms Document
text/html 34.141.103.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.141.103.251 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.103.141.34.bc.googleusercontent.com

Software

Netlify /

Resource Hash

5ffda1b1c153ba9aa73bcd5b480ebe2bf4f6b9f6e3c3248c4c5816c07bc5d864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 123441
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 1228
content-type: text/html; charset=UTF-8
date: Sat, 24 Jun 2023 19:07:50 GMT
etag: "4f3ba2e9efae97e3690df6669e57c12a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01H3QCWCBN5PDEDX2HKSGQRZ4X

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/css/ 226 KB
34 KB 65ms
8ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/css/bootstrap.min.css

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6b6aa6018aa6ea3ae4027e02236405fbfa0b9de70a9029165572ddbb2de1c7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rtfkt-x-airforce1.com/
Origin: https://rtfkt-x-airforce1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 24 Jun 2023 19:07:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1610478
x-jsd-version: 5.3.0-alpha2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34681
x-served-by: cache-fra-eddf8230068-FRA
x-jsd-version-type: version
etag: W/"387e0-kol8xBxbCwiMXO4drK1nrE++qEQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 styles.css
rtfkt-x-airforce1.com/ 3 KB
1001 B 381ms
380ms Stylesheet
text/css 34.141.103.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtfkt-x-airforce1.com/styles.css

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.141.103.251 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.103.141.34.bc.googleusercontent.com

Software

Netlify /

Resource Hash

0cbefe9738b57543ed4c985ffe5eeb589bfd91cb3f9fd028c002e89b5fa5413d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H3QCWCCG6JWQP7N9H6NJN478
date: Sat, 24 Jun 2023 19:07:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 0
etag: "ca5f64db555f70202ce8ff67e445d14d-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 892

GET
H2 200 frame-24@2x.png
rtfkt-x-airforce1.com/images/ 2 KB
2 KB 394ms
391ms Image
image/png 34.141.103.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtfkt-x-airforce1.com/images/frame-24@2x.png

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.141.103.251 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.103.141.34.bc.googleusercontent.com

Software

Netlify /

Resource Hash

3c0753632aee1b80f1abac4d31a0227fef15074db63722122abcd6bd5a34fe0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H3QCWCCVW3N8HXQJQ27S905R
date: Sat, 24 Jun 2023 19:07:50 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 0
etag: "e97b885c3713225adab10b4f872690bc-ssl"
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 1969

GET
H2 200 buffer@6.0.3 Show response
bundle.run/ 50 KB
11 KB 100ms
36ms Script
application/javascript 2606:4700:3035::6815:5aa6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bundle.run/buffer@6.0.3

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5aa6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / github.com/rich-harris/packd

Resource Hash

989fc3d36b4371b766b753dde670c8e845839af168e4b3985803fb006c42136d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:07:50 GMT
strict-transport-security: max-age=15552000; preload
access-control-request-method: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-request-id: 069622af4e00000d3e611eb000000001
age: 2923354
x-powered-by: github.com/rich-harris/packd
content-encoding: br
x-via: packd/cache
x-status: 200
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"c668-naiUT8ciFmhQElvei6IydCLV02Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuGpXilqgBCut658sWdMduvHUgyBGOmQWcObCDgnkaqrOhGnhyvGW6ezhAE%2FnuGhzIv56W4BAR9JNJ39nRhuNJeoRNWoIa6MurbcNu%2FcMeKnDkb4XHx50LrZR0ZkHfrbTa421tn6vJzD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7dc741894ddd9be9-FRA

GET
H2 200 ethers.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ 719 KB
124 KB 75ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20638388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 125841
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62ad87d5-1eb91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az0%2B1vzB4uWo52sSlGVx24jeEIE5PnslhJCRuzX9EH92nynm9gQsExGcQOhbISWXHB6EHWgbX%2BuJINYK%2FqqNhYP9TcVPMcD1mzvXJf%2Fsnx2Bt52naRp6zeKME9ctvv6h7FK2gpDHiMJZuoy1%2B%2Fr1Cwww"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7dc7418939bc8fee-FRA
expires: Thu, 13 Jun 2024 19:07:50 GMT

GET
H2 200 index.min.js Show response
unpkg.com/@walletconnect/web3-provider@1.7.5/dist/umd/ 730 KB
194 KB 95ms
37ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@walletconnect/web3-provider@1.7.5/dist/umd/index.min.js

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db31bd72954a6d0dd472016a4956d397f2002e8d95d941ae60ea178acfd2f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:07:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 12409657
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GR5J3N2S6Z37WN384TZMN2A3-fra
server: cloudflare
etag: W/"b660c-MTEbN9OFqURIn0SqyJJBl4qWSNk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7dc7418948e43810-FRA

GET
H2

200

web3.min.js Show response
unpkg.com/web3@4.0.1/dist/
Redirect Chain

https://unpkg.com/web3@latest/dist/web3.min.js
https://unpkg.com/web3@4.0.1/dist/web3.min.js

621 KB
171 KB

29ms
29ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web3@4.0.1/dist/web3.min.js

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a276235eff37ba9a3d6ead4044153216f8ffb52049dfa7d00843d02310b5a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:07:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1486188
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H2B3HH16GHX3ERYE33DZ25WB-fra
server: cloudflare
etag: W/"9b3a2-SvSvbNe7ExcK30QijyrUA9T2uxI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7dc7418979333810-FRA

Redirect headers

date: Sat, 24 Jun 2023 19:07:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H3QCBBMZVRRH4G7ERAZ86DVB-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 558
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web3@4.0.1/dist/web3.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7dc7418948e53810-FRA

GET
H2

200

moralis.js Show response
unpkg.com/moralis-v1@1.13.0/dist/
Redirect Chain

https://unpkg.com/moralis-v1@latest/dist/moralis.js
https://unpkg.com/moralis-v1@1.13.0/dist/moralis.js

3 MB
540 KB

29ms
28ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/moralis-v1@1.13.0/dist/moralis.js

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88397bc3b9cedb4775bf4f96f686452aee7c40ef2ee28392b3e30a24c267e339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:07:51 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2620886
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H199CZW1YZQ9HVVW2HPRBJE3-fra
server: cloudflare
etag: W/"2c16cf-vc9F7iIEpAHvUxMXAodDJbWRZnA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7dc7418ddece3810-FRA

Redirect headers

date: Sat, 24 Jun 2023 19:07:51 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: EXPIRED
fly-request-id: 01H3QCWCEX4ZD89X9SSHYVQZH8-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /moralis-v1@1.13.0/dist/moralis.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7dc7418948e63810-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/js/ 79 KB
24 KB 68ms
19ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha2/dist/js/bootstrap.bundle.min.js

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2925a1337f2046c1196fd30e6f3c2ff0cc68f11bd156d633ea169f2cd5dcfa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rtfkt-x-airforce1.com/
Origin: https://rtfkt-x-airforce1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 24 Jun 2023 19:07:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 924392
x-jsd-version: 5.3.0-alpha2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24716
x-served-by: cache-fra-eddf8230068-FRA
x-jsd-version-type: version
etag: W/"13ab0-zDkgqihecutKnzGqD/VTgB+CozY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 seaport.js Show response
rtfkt-x-airforce1.com/js/ 3 MB
403 KB 535ms
531ms Script
application/javascript 34.141.103.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtfkt-x-airforce1.com/js/seaport.js

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.141.103.251 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.103.141.34.bc.googleusercontent.com

Software

Netlify /

Resource Hash

5b21c0a5a0eaba1ff3614a65f4fd3394ad0991c1cd9174d256ebb9a6f3fc74b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H3QCWCCVFFY3VWAN93CJQ5TR
date: Sat, 24 Jun 2023 19:07:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 1
etag: "ab86a2fab8fcd98ce419b82fc94a3f68-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 eth-tx.js Show response
rtfkt-x-airforce1.com/js/ 646 KB
109 KB 402ms
398ms Script
application/javascript 34.141.103.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtfkt-x-airforce1.com/js/eth-tx.js

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.141.103.251 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.103.141.34.bc.googleusercontent.com

Software

Netlify /

Resource Hash

ab2daa461b707130adf57bbb9502b2ad46bb1606a766ac3923c2da354d1b0641

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H3QCWCCVRJENC2S0A844KCEQ
date: Sat, 24 Jun 2023 19:07:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 0
etag: "e64546529bfed87feb2a9bc541ff855a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 index.js Show response
rtfkt-x-airforce1.com/js/ 67 KB
10 KB 357ms
354ms Script
application/javascript 34.141.103.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtfkt-x-airforce1.com/js/index.js

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.141.103.251 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.103.141.34.bc.googleusercontent.com

Software

Netlify /

Resource Hash

27e06f2e19e6570fe520d541546f1415f3dbe57380f7233086ed732f09de37e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rtfkt-x-airforce1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H3QCWCCV16KQAG2FW6YTA79K
date: Sat, 24 Jun 2023 19:07:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 0
etag: "4742c2ad21f6335f93570557a4b1ad68-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 206 alldna.mp4
cdn.rtfkt.com/assets/products/af1/ 5 MB
5 MB 1316ms
1227ms Media
video/mp4 2606:4700:1::6813:8560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rtfkt.com/assets/products/af1/alldna.mp4

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:8560 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17575b489b5d7ee53d6243b9b5f6675343a81b3c983635c64b1a1c4ba89a6a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://rtfkt-x-airforce1.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 24 Jun 2023 19:07:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-amz-request-id: tx0000000000000277ec0e2-0064919671-6da147f5-nyc3c
x-envoy-upstream-healthchecked-cluster
surrogate-control: max-age=2929;hw-h2proxy
Content-Range: bytes 0-5646249/5646250
Content-Length: 5646250
last-modified: Tue, 14 Mar 2023 16:14:41 GMT
server: cloudflare
etag: "65fdc0be5df252689f97d263f5ff0c9e"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1687263504.cdn4-pxy205-jnb01.jb1.evs,1687263504.cds219.jb1.c
content-type: video/mp4
cache-control: max-age=2929
x-rgw-object-type: Normal
cf-ray: 7dc741899afb88aa-LHR

GET
H2 200 TT_Alientz_Var.ttf
rtfkt-x-airforce1.com/fonts/ 121 KB
121 KB 233ms
232ms Font
font/ttf 34.141.103.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtfkt-x-airforce1.com/fonts/TT_Alientz_Var.ttf

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.141.103.251 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.103.141.34.bc.googleusercontent.com

Software

Netlify /

Resource Hash

39683879743c0c7e88e9cb342223c58111e43d2d879f43704d23884ca63e9c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rtfkt-x-airforce1.com/styles.css
Origin: https://rtfkt-x-airforce1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H3QCWCRZMX2X7WH5CSMHRHY4
date: Sat, 24 Jun 2023 19:07:51 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 1
etag: "34642a8486dd425883ffe482a830608e-ssl"
content-type: font/ttf
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 123892

GET
H2 200 Sohne-Kraftig.otf
rtfkt-x-airforce1.com/ 108 KB
40 KB 206ms
206ms Font
application/vnd.oasis.opendocument.formula-template 34.141.103.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtfkt-x-airforce1.com/Sohne-Kraftig.otf

Requested by

Host: rtfkt-x-airforce1.com
URL: https://rtfkt-x-airforce1.com/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.141.103.251 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.103.141.34.bc.googleusercontent.com

Software

Netlify /

Resource Hash

7256706c43114d23a0ee0ffaa58a89f41664645cbe30391615ad03bc93b0b2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rtfkt-x-airforce1.com/styles.css
Origin: https://rtfkt-x-airforce1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H3QCWCRZ9KFGW69Y352ZSK63
date: Sat, 24 Jun 2023 19:07:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 1
etag: "69a226a9515f2026001095c8c80b5f61-ssl-df"
vary: Accept-Encoding
content-type: application/vnd.oasis.opendocument.formula-template
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rtfkt.com/	1970-01-20 12:47:15	Name: __cf_bm Value: NLhmzYvZP3xXI5Nau.25hwSukXUQd52wuNmJgLP8C.4-1687633671-0-AYwIaySut+KtggJR2TnRAWXWyoxJAUrNl8+suihVxj+oNk+qqF3HwV3jkvMRHMK6MENdlvtaHwyuNmxKUx7t0Cc=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bundle.run
cdn.jsdelivr.net
cdn.rtfkt.com
cdnjs.cloudflare.com
rtfkt-x-airforce1.com
unpkg.com
2606:4700:1::6813:8560
2606:4700:3035::6815:5aa6
2606:4700::6810:7eaf
2606:4700::6811:190e
2a04:4e42::485
34.141.103.251
0cbefe9738b57543ed4c985ffe5eeb589bfd91cb3f9fd028c002e89b5fa5413d
17575b489b5d7ee53d6243b9b5f6675343a81b3c983635c64b1a1c4ba89a6a8e
1db31bd72954a6d0dd472016a4956d397f2002e8d95d941ae60ea178acfd2f54
27e06f2e19e6570fe520d541546f1415f3dbe57380f7233086ed732f09de37e6
2925a1337f2046c1196fd30e6f3c2ff0cc68f11bd156d633ea169f2cd5dcfa5e
39683879743c0c7e88e9cb342223c58111e43d2d879f43704d23884ca63e9c74
3c0753632aee1b80f1abac4d31a0227fef15074db63722122abcd6bd5a34fe0a
5a276235eff37ba9a3d6ead4044153216f8ffb52049dfa7d00843d02310b5a68
5b21c0a5a0eaba1ff3614a65f4fd3394ad0991c1cd9174d256ebb9a6f3fc74b5
5ffda1b1c153ba9aa73bcd5b480ebe2bf4f6b9f6e3c3248c4c5816c07bc5d864
6b6aa6018aa6ea3ae4027e02236405fbfa0b9de70a9029165572ddbb2de1c7e1
7256706c43114d23a0ee0ffaa58a89f41664645cbe30391615ad03bc93b0b2f5
88397bc3b9cedb4775bf4f96f686452aee7c40ef2ee28392b3e30a24c267e339
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
989fc3d36b4371b766b753dde670c8e845839af168e4b3985803fb006c42136d
ab2daa461b707130adf57bbb9502b2ad46bb1606a766ac3923c2da354d1b0641

rtfkt-x-airforce1.com Open in urlscan Pro 34.141.103.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

88 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

7307 kBTransfer

14341 kBSize

1 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

rtfkt-x-airforce1.com Open in urlscan Pro
34.141.103.251 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

88 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

7307 kB
Transfer

14341 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions