URL: https://client.secure-rfi.com/
Submission: On February 20 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 26 HTTP transactions. The main IP is 76.76.21.98, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is client.secure-rfi.com.
TLS certificate: Issued by R3 on February 20th 2024. Valid for: 3 months.
This is the only time client.secure-rfi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 76.76.21.98 16509 (AMAZON-02)
4 52.222.236.47 16509 (AMAZON-02)
1 52.23.36.186 14618 (AMAZON-AES)
26 4
Apex Domain
Subdomains
Transfer
20 secure-rfi.com
client.secure-rfi.com
317 KB
5 userback.io
static.userback.io — Cisco Umbrella Rank: 63407
api.userback.io — Cisco Umbrella Rank: 53243
230 KB
26 2
Domain Requested by
20 client.secure-rfi.com client.secure-rfi.com
4 static.userback.io client.secure-rfi.com
static.userback.io
1 api.userback.io client.secure-rfi.com
26 3

This site contains no links.

Subject Issuer Validity Valid
client.secure-rfi.com
R3
2024-02-20 -
2024-05-20
3 months crt.sh
*.userback.io
Amazon RSA 2048 M02
2023-08-24 -
2024-09-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://client.secure-rfi.com/
Frame ID: 5FFCC1C9690794E654198B4354AFDA4F
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Create Next App

Page Statistics

26
Requests

96 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

547 kB
Transfer

1577 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
client.secure-rfi.com/
8 KB
3 KB
Document
General
Full URL
https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
40a7871cf994ef8c4d2613d7c14be69fdd8c37a18bbd96d49f5a14067b25127c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
2
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 07:28:05 GMT
etag
W/"0b245d555fc34fc159a5a05544ce7c17"
server
Vercel
strict-transport-security
max-age=63072000
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-matched-path
/
x-vercel-cache
HIT
x-vercel-id
fra1::mjt8n-1708414085604-0905e86038ee
c9a5bc6a7c948fb0-s.p.woff2
client.secure-rfi.com/_next/static/media/
45 KB
46 KB
Font
General
Full URL
https://client.secure-rfi.com/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://client.secure-rfi.com/
Origin
https://client.secure-rfi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::mjt8n-1708414085633-5bfecfcf3242
age
0
x-matched-path
/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
etag
"74c3556b9dad12fb76f84af53ba69410"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="c9a5bc6a7c948fb0-s.p.woff2"
accept-ranges
bytes
content-length
46552
c27f396701256cbf.css
client.secure-rfi.com/_next/static/css/
26 KB
7 KB
Stylesheet
General
Full URL
https://client.secure-rfi.com/_next/static/css/c27f396701256cbf.css
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d627244c6f90fc46f4b037b02ed67f1a11a36e1a6668179a6909166e647db0ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://client.secure-rfi.com/
Origin
https://client.secure-rfi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::mjt8n-1708414085633-091edc83c6fa
age
0
x-matched-path
/_next/static/css/c27f396701256cbf.css
etag
W/"9994d35fbbebd80dc9ef32e60012f0c5"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="c27f396701256cbf.css"
webpack-a5aaa90816554b0e.js
client.secure-rfi.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/webpack-a5aaa90816554b0e.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ea6f781dfe80258bd0c09e72db55aabf059ce059f75d5676e999c01eccfd4100
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://client.secure-rfi.com/
Origin
https://client.secure-rfi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::74bh5-1708414085650-6c6d4a574be9
age
0
x-matched-path
/_next/static/chunks/webpack-a5aaa90816554b0e.js
etag
W/"2469d4f87c6ec73bb8b0ced56bea6ecd"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="webpack-a5aaa90816554b0e.js"
fd9d1056-ca36bd033b0e9acf.js
client.secure-rfi.com/_next/static/chunks/
168 KB
54 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/fd9d1056-ca36bd033b0e9acf.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3f5c53b72daa51dc8d63cd0c3f20c39dc301b819d3dbcc717554261a3391481b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://client.secure-rfi.com/
Origin
https://client.secure-rfi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::pwntn-1708414085649-54fe699577a4
age
0
x-matched-path
/_next/static/chunks/fd9d1056-ca36bd033b0e9acf.js
etag
W/"0d225318bcb8e4c20e8b1166af471778"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="fd9d1056-ca36bd033b0e9acf.js"
396464d2-fa69bbf1f7c5be9f.js
client.secure-rfi.com/_next/static/chunks/
117 KB
38 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/396464d2-fa69bbf1f7c5be9f.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b87584333e0176f30cb51e7ef83e9519bba24b56ff0f2ec6bb1d36fa36b35aba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://client.secure-rfi.com/
Origin
https://client.secure-rfi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::gz47m-1708414085649-3c7c38503abf
age
0
x-matched-path
/_next/static/chunks/396464d2-fa69bbf1f7c5be9f.js
etag
W/"fbe785f8647a1e11b9a05fb2cacf00df"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="396464d2-fa69bbf1f7c5be9f.js"
833-918e8093a912e222.js
client.secure-rfi.com/_next/static/chunks/
318 KB
94 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/833-918e8093a912e222.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f2c9b33871fc2af0e87c23fcbfb48c11d36be31045d1798aa72932f2f9bbd00e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://client.secure-rfi.com/
Origin
https://client.secure-rfi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::2kksr-1708414085650-dddb61032b1e
age
0
x-matched-path
/_next/static/chunks/833-918e8093a912e222.js
etag
W/"5ab77837663a4d72b572a6c83912ba9d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="833-918e8093a912e222.js"
main-app-b3c6a402946130b2.js
client.secure-rfi.com/_next/static/chunks/
951 B
1 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/main-app-b3c6a402946130b2.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8efbab09082af666eafbea990449441ff31b8f7aa79509694af03be67ed364b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://client.secure-rfi.com/
Origin
https://client.secure-rfi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::dvnn7-1708414085650-0631ac26dd64
age
0
x-matched-path
/_next/static/chunks/main-app-b3c6a402946130b2.js
etag
"37f619b355d6ca9a8c0357496e1fe8f4"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="main-app-b3c6a402946130b2.js"
accept-ranges
bytes
content-length
951
749-1604d0efed4f5f9e.js
client.secure-rfi.com/_next/static/chunks/
12 KB
5 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/749-1604d0efed4f5f9e.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ea180865f3e783c4ca58389ae45ec624c00c77940017ca265aa446e65178ea2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::x5w8h-1708414085652-4dacc58c3fca
age
0
x-matched-path
/_next/static/chunks/749-1604d0efed4f5f9e.js
etag
W/"70d640283b5bcbf0846b4dcae8df3758"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="749-1604d0efed4f5f9e.js"
page-3fc99dd8eb6492b4.js
client.secure-rfi.com/_next/static/chunks/app/
216 B
387 B
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/app/page-3fc99dd8eb6492b4.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8ae7f75835a4eb5e5bd6f67a7fd1cf034ffe50abe2f2ae7032f20773d0945362
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::mjt8n-1708414085650-40b07ab351af
age
0
x-matched-path
/_next/static/chunks/app/page-3fc99dd8eb6492b4.js
etag
"0de02a92ff14a308bd3ab3a96b73c1ee"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="page-3fc99dd8eb6492b4.js"
accept-ranges
bytes
content-length
216
150-11d1fab275b00fbb.js
client.secure-rfi.com/_next/static/chunks/
20 KB
7 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/150-11d1fab275b00fbb.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
06f33f42bb5957180eb8d1a07fa7513b27541310fe8f68e3b2e3ea0e74767908
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::dqhfx-1708414085653-3984dfc27083
age
0
x-matched-path
/_next/static/chunks/150-11d1fab275b00fbb.js
etag
W/"4e9aa645b59e1cdfcec0290a7dc9c385"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="150-11d1fab275b00fbb.js"
286-00602c3384d94db8.js
client.secure-rfi.com/_next/static/chunks/
9 KB
3 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/286-00602c3384d94db8.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
22e5a279d8473938b79c845731a83c12cceac9b377195d8d304839b772334b2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::xk5nc-1708414085653-b595a8700ac2
age
0
x-matched-path
/_next/static/chunks/286-00602c3384d94db8.js
etag
W/"cc9492ca89b1a081e44dc2bf297a017a"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="286-00602c3384d94db8.js"
369-7d0cae42c7dc95e6.js
client.secure-rfi.com/_next/static/chunks/
9 KB
3 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/369-7d0cae42c7dc95e6.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
59d6e1df38c5105500b95840d54c46a4d325ea6cf169b8a699d2756300ca7e53
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::h4s78-1708414085653-93b03e82ee90
age
0
x-matched-path
/_next/static/chunks/369-7d0cae42c7dc95e6.js
etag
W/"eadce333c68219b85469390055c5eaf0"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="369-7d0cae42c7dc95e6.js"
15-737315a858c08582.js
client.secure-rfi.com/_next/static/chunks/
41 KB
13 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/15-737315a858c08582.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3042958b5b7d5e8aa15cbe8b32326a0e157566c025efd3e6e5f3c489e9233d3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::szqgp-1708414085653-b32c0b646fab
age
0
x-matched-path
/_next/static/chunks/15-737315a858c08582.js
etag
W/"52a6339534a108b57531c3f886c97131"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="15-737315a858c08582.js"
layout-bbde39628ee12f6b.js
client.secure-rfi.com/_next/static/chunks/app/
6 KB
2 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/app/layout-bbde39628ee12f6b.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
85815643bbb0f3a8e35cb1124361c18fdeb145bd5b9fea563077ce82bd06e8de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::szqgp-1708414085653-84ef44d9103a
age
0
x-matched-path
/_next/static/chunks/app/layout-bbde39628ee12f6b.js
etag
W/"528a3d61bb1e147cd265a00dc25d2714"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="layout-bbde39628ee12f6b.js"
global-error-cfc13c2598c3e1ee.js
client.secure-rfi.com/_next/static/chunks/app/
6 KB
3 KB
Script
General
Full URL
https://client.secure-rfi.com/_next/static/chunks/app/global-error-cfc13c2598c3e1ee.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2338db4a0d36830c788cb7d4d00636a77f22d31b5d8283924ece0015aec41080
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:05 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::vhzjs-1708414085653-91eee3deecc5
age
0
x-matched-path
/_next/static/chunks/app/global-error-cfc13c2598c3e1ee.js
etag
W/"2fcb68b821ee5220d94450d8da7aefec"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="global-error-cfc13c2598c3e1ee.js"
elipsis.png
client.secure-rfi.com/images/
26 KB
27 KB
Image
General
Full URL
https://client.secure-rfi.com/images/elipsis.png
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/_next/static/css/c27f396701256cbf.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d9eed0072f64124c90b475ac20ba29a8c77fe92b97ea3e01540faa71fb5e38ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/_next/static/css/c27f396701256cbf.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:06 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::dvnn7-1708414085886-d7e3ba7868fd
age
0
x-matched-path
/images/elipsis.png
etag
"456fd0e19392127d925362bf735234a7"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="elipsis.png"
accept-ranges
bytes
content-length
27112
image
client.secure-rfi.com/_next/
7 KB
7 KB
Image
General
Full URL
https://client.secure-rfi.com/_next/image?url=%2Flogo-rfi-2.png&w=256&q=75
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f9d93ddb615638ab99fb91c385edc277d60b0f7b85eef00c2cfa54f79eb7dc5d
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
date
Tue, 20 Feb 2024 07:28:06 GMT
strict-transport-security
max-age=63072000
age
612545
content-disposition
inline; filename="logo-rfi-2.webp"
content-length
7312
last-modified
Tue, 13 Feb 2024 05:19:00 GMT
server
Vercel
x-vercel-id
fra1::pwntn-1708414085889-e3d24d919801
x-matched-path
/logo-rfi-2.png
x-vercel-cache
HIT
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
monitoring
client.secure-rfi.com/
2 B
254 B
Fetch
General
Full URL
https://client.secure-rfi.com/monitoring?o=947560&p=4506692380262400
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/_next/static/chunks/833-918e8093a912e222.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://client.secure-rfi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 07:28:06 GMT
strict-transport-security
max-age=63072000
via
1.1 google
server
Vercel
x-vercel-id
fra1::2kksr-1708414086028-e36548b0d514
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cache-control
public, max-age=0, must-revalidate
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
content-length
2
c23e0b5f-4d9f-4ea5-ae46-06ea57310bf1
https://client.secure-rfi.com/
10 KB
0
Other
General
Full URL
blob:https://client.secure-rfi.com/c23e0b5f-4d9f-4ea5-ae46-06ea57310bf1
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
10285
Content-Type
v1.js
static.userback.io/widget/
534 KB
157 KB
Script
General
Full URL
https://static.userback.io/widget/v1.js
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/_next/static/chunks/15-737315a858c08582.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51042a863c5cce28f5f9a4af4654416a37e36a7ad862a3147a09cd3bc39b4c8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
75PQa5gZtb2CR.mVxcCtOUG_1uyQ6y4F
content-encoding
gzip
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
date
Mon, 19 Feb 2024 18:39:34 GMT
last-modified
Sat, 03 Feb 2024 21:16:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
46113
x-amz-server-side-encryption
AES256
etag
W/"2c6077761189c8aea41d6f0bd67fbb51"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
vY4S3XxoTsOrWeeWftO6jHyRAinsAkNIB_DGEhEvCu86gL0iOU5HiQ==
/
api.userback.io/
5 KB
2 KB
XHR
General
Full URL
https://api.userback.io/?loadWidgetConfig
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/_next/static/chunks/833-918e8093a912e222.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.36.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-36-186.compute-1.amazonaws.com
Software
nginx/1.22.1 / PHP/8.1.23
Resource Hash
7ef4a3973fb7f98cc10bf990ee396dd1b4281ea4b2c8e557b20abaf0e84bfa49

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://client.secure-rfi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 07:28:06 GMT
content-encoding
gzip
server
nginx/1.22.1
x-powered-by
PHP/8.1.23
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
record-1.1.3.min.js
static.userback.io/widget/
61 KB
20 KB
Script
General
Full URL
https://static.userback.io/widget/record-1.1.3.min.js
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3134f5adb5ccccc275ec284030659fbb554ee493361628ebd73ab6d1872bdf3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.secure-rfi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
FL_PaziTFkvQgQlOWxl2mFBq9JDvb6fV
content-encoding
gzip
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
date
Mon, 19 Feb 2024 09:08:24 GMT
last-modified
Tue, 19 Apr 2022 22:18:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
80383
x-amz-server-side-encryption
AES256
etag
W/"8a775bae767dc2410c1c936f813f5f98"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
REPLICA
x-amz-cf-id
HrngmCNdRpq2h6NnMmGRG_DmQeBAhLjxvr8WPwpk37wrUydObpRAcA==
v1.css
static.userback.io/widget/
106 KB
14 KB
Stylesheet
General
Full URL
https://static.userback.io/widget/v1.css
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10d4162829d7b55204b2c2e89a3795d416045c2c268c4254523b3b1d54f36c21

Request headers

Referer
https://client.secure-rfi.com/
Origin
https://client.secure-rfi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:07 GMT
x-amz-version-id
MnY5YbdMj3JiO497Nuu5YMtBa0Y3zxhN
content-encoding
gzip
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Sat, 03 Feb 2024 21:16:03 GMT
server
AmazonS3
etag
W/"abed1ab4f91d6728bc1f2e113431090c"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
dF6frbY4aqk1kp0JXDRSO6yykB1_i4D8OqyxnId5kVMO3m5PFSZccg==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
static.userback.io/fonts/inter/v12/
37 KB
37 KB
Font
General
Full URL
https://static.userback.io/fonts/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Request headers

Referer
https://static.userback.io/widget/v1.css
Origin
https://client.secure-rfi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:28:08 GMT
x-amz-version-id
JK3dQ2l_.pOziSBHmkh.gj8Jqw2MS70R
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
REPLICA
content-length
37780
last-modified
Wed, 19 Apr 2023 06:58:55 GMT
server
AmazonS3
etag
"e1b9f0ecaaebb12c93064cd3c406f82b"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
lshAAEWBYRljT5bfPIAf7HUdW1C3dCxd3nqWoN58aYQbEV4ZnIcXbA==
monitoring
client.secure-rfi.com/
41 B
159 B
Fetch
General
Full URL
https://client.secure-rfi.com/monitoring?o=947560&p=4506692380262400
Requested by
Host: client.secure-rfi.com
URL: https://client.secure-rfi.com/_next/static/chunks/833-918e8093a912e222.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2e71df86d4d6863779029d088af2c52866cfd045556beb85cfca40579d170f29
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://client.secure-rfi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 20 Feb 2024 07:28:07 GMT
strict-transport-security
max-age=63072000
via
1.1 google
server
Vercel
x-vercel-id
fra1::2kksr-1708414087558-cf4bc1a846bd
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cache-control
public, max-age=0, must-revalidate
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
content-length
41

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunk_N_E undefined| _N_E object| __next_f object| __SENTRY__ string| __sentryRewritesTunnelPath__ object| SENTRY_RELEASE undefined| __sentryBasePath string| __rewriteFramesAssetPrefixPath__ object| next object| Userback object| webpackChunkapp_userback_io function| eve function| mina function| Snap function| rrwebRecord object| rrwebConsoleRecord

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userback.io
client.secure-rfi.com
static.userback.io
52.222.236.47
52.23.36.186
76.76.21.98
06f33f42bb5957180eb8d1a07fa7513b27541310fe8f68e3b2e3ea0e74767908
10d4162829d7b55204b2c2e89a3795d416045c2c268c4254523b3b1d54f36c21
22e5a279d8473938b79c845731a83c12cceac9b377195d8d304839b772334b2e
2338db4a0d36830c788cb7d4d00636a77f22d31b5d8283924ece0015aec41080
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b
2e71df86d4d6863779029d088af2c52866cfd045556beb85cfca40579d170f29
3042958b5b7d5e8aa15cbe8b32326a0e157566c025efd3e6e5f3c489e9233d3a
3134f5adb5ccccc275ec284030659fbb554ee493361628ebd73ab6d1872bdf3a
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3f5c53b72daa51dc8d63cd0c3f20c39dc301b819d3dbcc717554261a3391481b
40a7871cf994ef8c4d2613d7c14be69fdd8c37a18bbd96d49f5a14067b25127c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
51042a863c5cce28f5f9a4af4654416a37e36a7ad862a3147a09cd3bc39b4c8b
59d6e1df38c5105500b95840d54c46a4d325ea6cf169b8a699d2756300ca7e53
7ef4a3973fb7f98cc10bf990ee396dd1b4281ea4b2c8e557b20abaf0e84bfa49
85815643bbb0f3a8e35cb1124361c18fdeb145bd5b9fea563077ce82bd06e8de
8ae7f75835a4eb5e5bd6f67a7fd1cf034ffe50abe2f2ae7032f20773d0945362
8efbab09082af666eafbea990449441ff31b8f7aa79509694af03be67ed364b8
b87584333e0176f30cb51e7ef83e9519bba24b56ff0f2ec6bb1d36fa36b35aba
d627244c6f90fc46f4b037b02ed67f1a11a36e1a6668179a6909166e647db0ec
d9eed0072f64124c90b475ac20ba29a8c77fe92b97ea3e01540faa71fb5e38ff
ea180865f3e783c4ca58389ae45ec624c00c77940017ca265aa446e65178ea2e
ea6f781dfe80258bd0c09e72db55aabf059ce059f75d5676e999c01eccfd4100
f2c9b33871fc2af0e87c23fcbfb48c11d36be31045d1798aa72932f2f9bbd00e
f9d93ddb615638ab99fb91c385edc277d60b0f7b85eef00c2cfa54f79eb7dc5d