onnifans.com - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3031::6815:4867, located in United States and belongs to CLOUDFLARENET, US. The main domain is onnifans.com.
TLS certificate: Issued by WE1 on November 9th 2024. Valid for: 3 months.

This is the only time onnifans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:303... 2606:4700:3031::6815:4867	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2

4 2606:4700:3031::6815:4867 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onnifans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

api.lanyard.rest	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	onnifans.com 1 redirects onnifans.com	5 KB
1	lanyard.rest api.lanyard.rest	1 KB
4	2

	Domain	Requested by
4	onnifans.com	1 redirects onnifans.com
1	api.lanyard.rest	onnifans.com
4	2

This site contains no links.

Subject Issuer	Validity	Valid
onnifans.com WE1	`2024-11-09` - `2025-02-07`	3 months	crt.sh
lanyard.rest WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://onnifans.com/
Frame ID: B0232F93EA639A162E19B50D53BA8723
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OnniFans

Page URL History Show full URLs

http://onnifans.com/ HTTP 307
https://onnifans.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

4
Requests

75 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

5 kB
Transfer

5 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://onnifans.com/ HTTP 307
https://onnifans.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://onnifans.com/favicon.ico HTTP 302
https://onnifans.com/404/

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response onnifans.com/ Redirect Chain http://onnifans.com/ https://onnifans.com/	3 KB 2 KB	176ms 145ms	Document text/html	2606:4700:3031::6815:4867 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onnifans.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4867 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `aa31c910cf3782850962e8b2b66bf3f73c28107fa697049ab0ee2297e7dea7ba` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f07461ee88ed3a0-FRA content-encoding zstd content-type text/html date Wed, 11 Dec 2024 17:42:54 GMT last-modified Thu, 02 Nov 2023 12:57:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=afUnfjOhtTCP0FCPwIWcXXaeljTV4V%2Bx012maOE8zeRsO%2FcvquYkMFUMZ0ioo2ydGfBtXMvJ0zpjX9f1RTiUNsHXt9gYCbBubspOEYxQzAyv0NKX9zeEcYBuyX8N%2BcMIYQ5L%2FS3HUi93yIk%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=9683&min_rtt=6289&rtt_var=7573&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4201&recv_bytes=4471&delivery_rate=895&cwnd=12000&unsent_bytes=0&cid=3804dc2aa55cf0b3&ts=152&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding Redirect headers Location https://onnifans.com/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	style.css onnifans.com/	899 B 1 KB	132ms 131ms	Stylesheet text/css	2606:4700:3031::6815:4867 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onnifans.com/style.css Requested by Host: onnifans.com URL: https://onnifans.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:4867 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f0950e92fd8adcb4be49a57ab74938233f066ec354c09ad85b48aa8504622b8c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://onnifans.com/ Response headers content-encoding gzip cf-cache-status MISS etag "383-5fd7c76078289-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cKv4D0oUJgYrEsh7p4o%2Bh69DEeJQkHYhfw19y1SMVztyGWPkxAOI8YeOMK4BrPdJgOeHWC8ioH%2F5Z%2BhRhni82P2zdzVDTB8Fphjp%2FfHlyfRku8Wp3oDmal%2BvlOckgutyWcr5Rj2u84zqWBY%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=9249&min_rtt=6210&rtt_var=6548&sent=15&recv=13&lost=0&retrans=0&sent_bytes=6199&recv_bytes=4811&delivery_rate=317867&cwnd=12000&unsent_bytes=0&cid=3804dc2aa55cf0b3&ts=290&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 17:42:54 GMT content-type text/css last-modified Tue, 06 Jun 2023 21:11:21 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f07461fdc10d3a0-FRA accept-ranges bytes content-length 374 server cloudflare
GET H3	200	/ Show response api.lanyard.rest/v1/users/398423836951052291/	472 B 1 KB	166ms 140ms	Fetch application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.lanyard.rest/v1/users/398423836951052291/ Requested by Host: onnifans.com URL: https://onnifans.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6f177088e212ad6720944d7e183b2c064524da3c3f04bfd6fa10dfdc6d2a22f3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://onnifans.com/ Response headers cache-control max-age=0, private, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DBEG9o5gfjLzezYSpH6c%2BMbE%2FC1WWy7SKl74G6gCcRVYaYsjPIAJu3a%2FZPjJEfbfD0U6T6LkWsWC0Ja89dE5qCGoX1cTdanDAGXK%2B9bFHNj7tdH9YkKXuld3DREBAknEzpuRRqxXJhqziaY6%2BDmX"}],"group":"cf-nel","max_age":604800} cf-ray 8f074620de57d385-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 287 server-timing cfL4;desc="?proto=QUIC&rtt=6740&min_rtt=6159&rtt_var=1925&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4279&recv_bytes=4409&delivery_rate=830&cwnd=12000&unsent_bytes=0&cid=657816497c0f48aa&ts=145&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 17:42:54 GMT content-type application/json; charset=utf-8 x-railway-request-id iWGA-bbzQ7qOrq5loEsbJw_2207837401 server cloudflare priority u=1,i
GET H3	200	/ onnifans.com/404/ Redirect Chain https://onnifans.com/favicon.ico https://onnifans.com/404/	932 B 1 KB	57ms 57ms	Other text/html	2606:4700:3031::6815:4867 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onnifans.com/404/ Protocol H3 Server 2606:4700:3031::6815:4867 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0868dcb033302289cb81a7dd780b8dbb98766db35f657a1891f8b29a4ee02f99` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://onnifans.com/ Response headers server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dauanr4Ldm39uDyHiJvWbCB1f5emEAICvQLFVX247HdbXptjhl%2FPfbbCWpl1i6oVv3vXPvPxM%2FaMrhsNju5IOzBleJlMNs3PLYBM5aDiQ3jj6edHwLDOaZwnwJ7EtJqpMQ62KCw3jfKCk2s%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f07462189efd3a0-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8488&min_rtt=6210&rtt_var=3817&sent=20&recv=17&lost=0&retrans=0&sent_bytes=8339&recv_bytes=5590&delivery_rate=903&cwnd=12000&unsent_bytes=0&cid=3804dc2aa55cf0b3&ts=487&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 17:42:55 GMT content-type text/html last-modified Thu, 11 May 2023 16:06:58 GMT vary Accept-Encoding priority u=1,i Redirect headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} location https://onnifans.com/404/ cf-cache-status BYPASS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WQH8mquoQu8CkRc0CsZu60DVJcAhlPzb6HqDn4xwkTVXwwLlhchtXpg6dzJgY2o8g8ANne1M7i%2F2MSSK2Ya1Mb3KCtnLBuk4MbUcVYF0uA7nzNEtjHqUlSY7yPJzfygJARS3O1rmh%2FDPHo%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f074620bf35d3a0-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8876&min_rtt=6210&rtt_var=5657&sent=17&recv=14&lost=0&retrans=0&sent_bytes=7310&recv_bytes=5157&delivery_rate=7928&cwnd=12000&unsent_bytes=0&cid=3804dc2aa55cf0b3&ts=429&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 17:42:54 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare priority u=1,i

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| updateTime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lanyard.rest
onnifans.com
2606:4700:3031::6815:4867
2a06:98c1:3120::3
0868dcb033302289cb81a7dd780b8dbb98766db35f657a1891f8b29a4ee02f99
6f177088e212ad6720944d7e183b2c064524da3c3f04bfd6fa10dfdc6d2a22f3
aa31c910cf3782850962e8b2b66bf3f73c28107fa697049ab0ee2297e7dea7ba
f0950e92fd8adcb4be49a57ab74938233f066ec354c09ad85b48aa8504622b8c

onnifans.com Open in urlscan Pro 2606:4700:3031::6815:4867 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

75 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

5 kBTransfer

5 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

onnifans.com Open in urlscan Pro
2606:4700:3031::6815:4867 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

5 kB
Transfer

5 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions