offinder.live Open in urlscan Pro
162.214.80.94  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response offinder.live/	10 KB 3 KB	1035ms 445ms	Document text/html	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash 7ef84c93b7a57f88ad7f14334341aad6121684116b834536afb3e5b6d85c82ee Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers vary Accept-Encoding content-encoding gzip content-length 3416 content-type text/html; charset=UTF-8 date Wed, 16 Mar 2022 16:47:18 GMT server Apache
GET H2	200	bootstrap.min.css offinder.live/stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/	138 KB 31 KB	169ms 165ms	Stylesheet text/css	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://offinder.live/stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:18 GMT content-encoding gzip last-modified Sat, 27 Feb 2021 04:30:02 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css
GET H2	200	all.css offinder.live/use.fontawesome.com/releases/v5.6.3/css/	53 KB 11 KB	471ms 469ms	Stylesheet text/css	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://offinder.live/use.fontawesome.com/releases/v5.6.3/css/all.css Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash ecf6498b3d84b50d24bc4d81adf64be3abd34980343385d08c6358d33521404f Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:18 GMT content-encoding gzip last-modified Sat, 27 Feb 2021 04:30:02 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 11632
GET H2	200	main.css offinder.live/grabcodes.co/onlyfans/	5 KB 1 KB	163ms 161ms	Stylesheet text/css	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://offinder.live/grabcodes.co/onlyfans/main.css Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash f0efb6ccc5084329757323a8ddc2570d887f59b149d69803cc9ee1f9cc561148 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:18 GMT content-encoding gzip last-modified Sat, 27 Feb 2021 06:01:08 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1406
GET H2	200	cb14e0d.js Show response d13nu0oomnx5ti.cloudfront.net/	23 KB 23 KB	241ms 194ms	Script application/javascript	2600:9000:223d:4400:3:b5aa:ad80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d13nu0oomnx5ti.cloudfront.net/cb14e0d.js Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223d:4400:3:b5aa:ad80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 01:24:11 GMT via 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront) last-modified Mon, 03 May 2021 01:43:32 GMT server AmazonS3 age 55388 etag "6863f6e390060c097da580136d1dcaf2" x-cache Error from cloudfront content-type application/javascript x-amz-cf-pop FRA56-P3 content-length 23438 x-amz-cf-id Z09HtUsXOB5Nq6eBx2pQu9oBBKKCS_9iMCsilOIoN-ySvOGFB1wUMA==
GET H2	200	logo.png offinder.live/images/	34 KB 35 KB	195ms 194ms	Image image/png	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://offinder.live/images/logo.png Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash 1b16f870993ee1f651220251e515779b30e8025e0d38f691294ead663a90e0b8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT last-modified Sat, 27 Feb 2021 04:30:02 GMT server Apache accept-ranges bytes content-length 35239 content-type image/png
GET H2	200	icon5.png offinder.live/images/	15 KB 15 KB	303ms 302ms	Image image/png	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://offinder.live/images/icon5.png Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash f9cd1861d70c6f4227b2cb85c888a4b1c0a8f517ac8f3d2ebf1c7dcd8b214f82 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT last-modified Tue, 09 Nov 2021 05:35:33 GMT server Apache accept-ranges bytes content-length 15003 content-type image/png
GET H2	200	jquery-3.3.1.js Show response offinder.live/code.jquery.com/	265 KB 104 KB	166ms 166ms	Script application/javascript	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://offinder.live/code.jquery.com/jquery-3.3.1.js Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT content-encoding gzip last-modified Sat, 27 Feb 2021 04:30:02 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript
GET H2	200	popper.min.js Show response offinder.live/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/	20 KB 8 KB	311ms 310ms	Script application/javascript	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://offinder.live/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT content-encoding gzip last-modified Sat, 27 Feb 2021 04:30:02 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 8608
GET H2	200	bootstrap.min.js Show response offinder.live/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	50 KB 21 KB	304ms 303ms	Script application/javascript	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://offinder.live/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT content-encoding gzip last-modified Sat, 27 Feb 2021 04:30:02 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript
GET H2	200	typed.js@2.0.9 Show response cdn.jsdelivr.net/npm/	11 KB 4 KB	41ms 16ms	Script application/javascript	2606:4700::6810:5614 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/typed.js@2.0.9 Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a868cad4a0420be9dc3c4736e51184ea77dc1bf49c00b48f8433c74aa06ce25 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 155113 x-jsd-version 2.0.9 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19135-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"2db4-6Y23FxrejlVyhqxAU4ZwlmuL4Sc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 6ecef850ab0d9040-FRA
GET H2	200	main.js Show response offinder.live/grabcodes.co/onlyfans/	10 KB 5 KB	196ms 194ms	Script application/javascript	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://offinder.live/grabcodes.co/onlyfans/main.js Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash 55875dcba4f721c8f7833968adcb60c6f0f1324f8dd1dc27fecae3bbeb12b31d Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT content-encoding gzip last-modified Tue, 02 Mar 2021 11:46:15 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 5336
GET H2	200	counter.js Show response www.statcounter.com/counter/	42 KB 14 KB	69ms 19ms	Script application/x-javascript	104.20.229.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.statcounter.com/counter/counter.js Requested by Host: offinder.live URL: https://offinder.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0bd9bfaf4def6656a9233d93df518c01be681326e72cd9e00aa73fd29702b83 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT content-encoding br cf-cache-status HIT last-modified Mon, 14 Mar 2022 09:58:11 GMT server cloudflare age 23686 etag W/"622f11b3-a7ae" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=43200 cf-ray 6ecef850dcb08ff2-FRA expires Wed, 16 Mar 2022 22:12:32 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	60ms 33ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|PT+Sans:400,700 Requested by Host: offinder.live URL: https://offinder.live/grabcodes.co/onlyfans/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6ea18155ad173414c60e416ffeb09086d7fd444e806ba2c04fb49667064bc33a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 16 Mar 2022 16:47:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 16 Mar 2022 16:47:18 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 16 Mar 2022 16:47:18 GMT
GET H2	200	html.1512471.bd821.0.js Show response dgu9g3a2kzqx2.cloudfront.net/public/external/v2/	26 KB 26 KB	210ms 166ms	Script application/javascript	2600:9000:223c:2000:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/external/v2/html.1512471.bd821.0.js Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/cb14e0d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:2000:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash ed9a0b6e901c969012c638b9e05fb0d5a44afd3820fb63ec651f622e5c1f9ccd Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT via 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront) server Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P2 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id dYqPwfqpLjgXhUKjYlI59g3l1uT3ssF6k32r5Wo3HQkmrbZKixP0xg==
GET H2	200	css_front.css dgu9g3a2kzqx2.cloudfront.net/public/external/	6 KB 7 KB	200ms 156ms	Stylesheet text/css	2600:9000:223c:2000:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/external/css_front.css Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/cb14e0d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:2000:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT via 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P2 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id zhpD-RsKy59WgSjk0lFlPFsE4LWZOmTzTkJGOA-EH-qkkOzItRHJfQ==
GET H2	200	bg.jpg offinder.live/grabcodes.co/onlyfans/	2 KB 2 KB	299ms 299ms	Image image/jpeg	162.214.80.94 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://offinder.live/grabcodes.co/onlyfans/bg.jpg Requested by Host: offinder.live URL: https://offinder.live/grabcodes.co/onlyfans/main.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.214.80.94 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS sh039.webhostingservices.com Software Apache / Resource Hash c398b58dbd38f69f80648957097e2f535715de19d28f77252ab668359cbf892c Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/grabcodes.co/onlyfans/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT last-modified Sat, 27 Feb 2021 04:30:02 GMT server Apache accept-ranges bytes content-length 2114 content-type image/jpeg
GET H2	200	jizfRExUiTo99u79B_mh0O6tLQ.woff2 fonts.gstatic.com/s/ptsans/v16/	46 KB 46 KB	43ms 16ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|PT+Sans:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://offinder.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 19:33:58 GMT x-content-type-options nosniff age 594801 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47048 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:57:46 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 09 Mar 2023 19:33:58 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v28/	44 KB 44 KB	34ms 7ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|PT+Sans:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://offinder.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 22:45:30 GMT x-content-type-options nosniff age 64909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44656 x-xss-protection 0 last-modified Tue, 01 Mar 2022 22:03:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 15 Mar 2023 22:45:30 GMT
GET H/1.1	200 OK	/ Show response api.ipify.org/	14 B 238 B	318ms 102ms	XHR text/plain	52.20.78.240 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/ Requested by Host: offinder.live URL: https://offinder.live/code.jquery.com/jquery-3.3.1.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-78-240.compute-1.amazonaws.com Software Cowboy / Resource Hash 15365c14708bc62d9b7462a616f17cccc4e60bd55dcd5362a17bff3a1b724e90 Request headers Accept */* Referer https://offinder.live/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Wed, 16 Mar 2022 16:47:19 GMT Via 1.1 vegur Server Cowboy Vary Origin Content-Type text/plain Access-Control-Allow-Origin https://offinder.live Connection keep-alive Content-Length 14
GET H2	200	p.php Show response bootstraplugin.com/	0 762 B	332ms 235ms	Script text/html	2606:4700:3031::6815:a18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bootstraplugin.com/p.php?id=1040 Requested by Host: offinder.live URL: https://offinder.live/grabcodes.co/onlyfans/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT via 1.1 vegur cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6ecef8536b655caa-FRA report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf6zvEa3hQecbUGUNPsIZ40yzP4JU51RioHXzW8WryUENhP6Zq3HpQWDHyNLj7JinHFlOCAGZub01QR7g6YPcTGyzw2RVVt7quthnhIiH7WaOMwvOi5dBsxjsUujAFU2cH77qDGm08WiiCXMzlVE%2FsQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-cache, private content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	t.php Show response c.statcounter.com/	192 B 567 B	179ms 145ms	XHR application/json	104.20.229.67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=12487016&u1=B27E199844544FD4916B1B41B7B3E9DD&java=1&security=c906543e&sc_snum=1&sess=5e022a&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//offinder.live/&t=OnlyFans%20Profile%20Finder%20-%20Find%20OnlyFans%20Profiles%20In%20Your%20Area&invisible=1&sc_rum_e_s=1926&sc_rum_e_e=1933&sc_rum_f_s=0&sc_rum_f_e=1611&get_config=true Requested by Host: www.statcounter.com URL: https://www.statcounter.com/counter/counter.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 6ecef853485e8ff2-FRA p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" access-control-allow-origin https://offinder.live access-control-allow-credentials true content-type application/json expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	css.css dgu9g3a2kzqx2.cloudfront.net/public/clockers/PrimeApps/	1010 B 1 KB	162ms 161ms	Stylesheet text/css	2600:9000:223c:2000:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/clockers/PrimeApps/css.css Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/cb14e0d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:2000:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:19 GMT via 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P2 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id 1yQ9nXj6XHB8PqSgunW_6YYIZmDBFxdevtkrr_LPR1shc3cRuusNbg==
GET H2	200	guid Show response dgu9g3a2kzqx2.cloudfront.net/public/	0 286 B	305ms 305ms	Script text/html	2600:9000:223c:2000:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/guid?cpguid=y9yjpjk42&e=ll&t=1647449240120 Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/cb14e0d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:2000:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:20 GMT via 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P2 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id raqCK60_BUMj8E59O2oY9DLJvNjuRfogQAGJzIwOyIcpaY_3zzB1Ow==
GET H2	200	check.php Show response dgu9g3a2kzqx2.cloudfront.net/public/external/	78 B 371 B	227ms 180ms	Script application/javascript	2600:9000:223c:2000:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/external/check.php?it=1512471&time=1647449241530 Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/cb14e0d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:2000:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers Accept-Language de-DE,de;q=0.9 Referer https://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 16:47:21 GMT via 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront) server Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P2 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id soHi91XLa8jl3oc5__tJgwE1Pr6SBFHQqCeqwwvHC43langsDaswSA==
GET H2	200	jizaRExUiTo99u79D0KExQ.woff2 fonts.gstatic.com/s/ptsans/v16/	44 KB 44 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|PT+Sans:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://offinder.live Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Mar 2022 19:33:58 GMT x-content-type-options nosniff age 594806 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45300 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:57:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 09 Mar 2023 19:33:58 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery function| Popper object| bootstrap function| Typed string| R1V string| R2V string| R111 string| R222 string| R1N string| R2N string| PS string| GN function| GSW string| SSS4 function| getIP object| SSS function| SHF number| Dx function| SHH function| set_platform function| ccc object| NAMES object| SEN string| s_IP number| s_AAA string| s_DATE number| sc_project number| sc_invisible string| sc_security function| _statcounter

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			offinder.live/	1970-01-20 01:51:53	Name: _cpguid Value: y9yjpjk42
			.offinder.live/	1970-01-20 19:08:41	Name: sc_is_visitor_unique Value: rx12487016.1647449240.B27E199844544FD4916B1B41B7B3E9DD.1.1.1.1.1.1.1.1.1
			.statcounter.com/	1970-01-21 21:25:14	Name: is_unique Value: sc12487016.1647449239.0
			.statcounter.com/	1970-01-20 19:08:26	Name: is_visitor_unique Value: 1647449239190205132
			.bootstraplugin.com/	1970-01-20 01:37:31	Name: __cf_bm Value: 8q3cVy.LStB1kNim6JMpJ7oKXA_hIqP6N7XrEDrDV1I-1647449239-0-AWYOPuqNHINyAPWnxg7eIOFJR74LyiaTTcIiaG+411qIN8+ZdWx5CE60bFNCqatXTSK8MlAbrUeDJLBqkVP72h4=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
bootstraplugin.com
c.statcounter.com
cdn.jsdelivr.net
d13nu0oomnx5ti.cloudfront.net
dgu9g3a2kzqx2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
offinder.live
www.statcounter.com
104.20.229.67
162.214.80.94
2600:9000:223c:2000:13:652b:c180:21
2600:9000:223d:4400:3:b5aa:ad80:21
2606:4700:3031::6815:a18
2606:4700::6810:5614
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
52.20.78.240
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
15365c14708bc62d9b7462a616f17cccc4e60bd55dcd5362a17bff3a1b724e90
1a868cad4a0420be9dc3c4736e51184ea77dc1bf49c00b48f8433c74aa06ce25
1b16f870993ee1f651220251e515779b30e8025e0d38f691294ead663a90e0b8
55875dcba4f721c8f7833968adcb60c6f0f1324f8dd1dc27fecae3bbeb12b31d
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
6ea18155ad173414c60e416ffeb09086d7fd444e806ba2c04fb49667064bc33a
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7ef84c93b7a57f88ad7f14334341aad6121684116b834536afb3e5b6d85c82ee
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a0bd9bfaf4def6656a9233d93df518c01be681326e72cd9e00aa73fd29702b83
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
c398b58dbd38f69f80648957097e2f535715de19d28f77252ab668359cbf892c
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ecf6498b3d84b50d24bc4d81adf64be3abd34980343385d08c6358d33521404f
ed9a0b6e901c969012c638b9e05fb0d5a44afd3820fb63ec651f622e5c1f9ccd
f0efb6ccc5084329757323a8ddc2570d887f59b149d69803cc9ee1f9cc561148
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f9cd1861d70c6f4227b2cb85c888a4b1c0a8f517ac8f3d2ebf1c7dcd8b214f82