offinder.live Open in urlscan Pro
162.240.78.12  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response offinder.live/	41 KB 41 KB	571ms 440ms	Document text/html	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://offinder.live/ Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash cab7bcdd1d1ef3924516f0d7a17bf96df467ddae85f6426922b320e3e0eb92ef Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 14 Mar 2023 15:13:04 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	bootstrap.min.css offinder.live/stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/	138 KB 138 KB	260ms 112ms	Stylesheet text/css	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://offinder.live/stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css Requested by Host: offinder.live URL: http://offinder.live/ Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 15:13:05 GMT Last-Modified Sat, 27 Feb 2021 04:30:02 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 140936
GET H2	200	2fa1f045a7.js Show response kit.fontawesome.com/	11 KB 4 KB	154ms 76ms	Script text/javascript	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/2fa1f045a7.js Requested by Host: offinder.live URL: http://offinder.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74fcdf8a9a0a804615421d206d092100a1a1da91d0e429b118cf7a2c4b645b8e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer http://offinder.live/ Origin http://offinder.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:05 GMT strict-transport-security max-age=31536000; preload content-encoding gzip cf-cache-status MISS server cloudflare access-control-max-age 3000 access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control max-age=60, public, must-revalidate vary origin, accept-encoding, access-control-request-headers, access-control-request-method cf-ray 7a7d75669f4509c6-MIA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F0xR4FeLevvcQIw0vYgB
GET H/1.1	200 OK	main.css offinder.live/grabcodes.co/onlyfans/	8 KB 8 KB	254ms 105ms	Stylesheet text/css	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://offinder.live/grabcodes.co/onlyfans/main.css Requested by Host: offinder.live URL: http://offinder.live/ Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash 709b01872fa669cc4f637752e7e369fa6ee875843c1549f07d5a35b390f48556 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 15:13:05 GMT Last-Modified Tue, 24 Jan 2023 08:32:51 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7750
GET H2	200	53bae1e.js Show response db81lfl43r06.cloudfront.net/	23 KB 7 KB	779ms 569ms	Script application/javascript	2600:9000:24f0:f000:0:a5b4:dd80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://db81lfl43r06.cloudfront.net/53bae1e.js Requested by Host: offinder.live URL: http://offinder.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f0:f000:0:a5b4:dd80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d212a5a732e0632cb7a63412830a021c8c0a4aaa835a604ef008c1b0e4b00300 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 07:45:01 GMT content-encoding br via 1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront) last-modified Wed, 11 Jan 2023 21:50:46 GMT server AmazonS3 x-amz-cf-pop JFK50-P3 age 26885 etag W/"8ab72c4473621e1b30a24ec89af90bcf" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id OoaDwVJLG-vibcBrN2LHdYvQHfVWMTWRyojU0EQ1LTATC8d7CJGeng==
GET H/1.1	200 OK	logo.png offinder.live/images/	34 KB 35 KB	230ms 112ms	Image image/png	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://offinder.live/images/logo.png Requested by Host: offinder.live URL: http://offinder.live/ Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash 1b16f870993ee1f651220251e515779b30e8025e0d38f691294ead663a90e0b8 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 15:13:05 GMT Last-Modified Sat, 27 Feb 2021 04:30:02 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 35239
GET H/1.1	200 OK	icon5.png offinder.live/images/	15 KB 15 KB	231ms 113ms	Image image/png	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://offinder.live/images/icon5.png Requested by Host: offinder.live URL: http://offinder.live/ Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash f9cd1861d70c6f4227b2cb85c888a4b1c0a8f517ac8f3d2ebf1c7dcd8b214f82 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 15:13:05 GMT Last-Modified Tue, 09 Nov 2021 05:35:33 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 15003
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v6.3.0/css/	100 KB 23 KB	150ms 69ms	Fetch text/css	2606:4700:e4::ac40:a916 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.3.0/css/free.min.css?token=2fa1f045a7 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/2fa1f045a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aee930d9c63ac5f13c26ea50472e6d6dcdab908aafc18687886c7fba33e0c9e8 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:05 GMT via 1.1 d1c64d10e2bd86b43a04bfb63e7766c2.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MIA3-C3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 31 Jan 2023 18:17:21 GMT server cloudflare etag W/"b7d524a460c5ceb6420db3aec0be8c92" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VK97ZsrS8vuaqe7JY%2BOhRXF%2Fm2zhfuwQodKq5KsJGyUl7uDQPlN4nbBN7r6M7ZZeQtk1z%2BTYAqskkRYRbNZhizf4%2F%2BrRD4HrNknUqudRpJnmmFg32DMMFBoftSj3Zh3xexuERTR6Ksth7VLOPEwtqJNt2A%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7a7d7567bf283371-MIA access-control-allow-headers fa-kit-token x-amz-cf-id Eb7spvO1EaTUpicma8f5bfYxs5LpfhN4KLdk4qSFt8z2fRexNycP2A==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v6.3.0/css/	27 KB 5 KB	146ms 65ms	Fetch text/css	2606:4700:e4::ac40:a916 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-shims.min.css?token=2fa1f045a7 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/2fa1f045a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c6d23efa8a723d5c117df0ac6f77441a66d960cf4e9cf4cf20aabd1ac984ef3 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:05 GMT via 1.1 72aa1f6d307a536bbaffdcdb498b124c.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MIA3-C3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 31 Jan 2023 18:17:21 GMT server cloudflare etag W/"3a57f9df341838cc106903c71730d13b" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CmGEmc9Symjk0apYlvW5jwTns9DalztbNzWVPSigYP627%2Fq872krsuYCDyRY1AOOWAMWq95eOcsQDzZHBg8k3A4ORfZIEX0aFRlixMY9pwMBWJawaResuQVdTJJ8g6iKCzUWCy5BgPEQF0n0dfE0kv%2Baw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7a7d7567bf293371-MIA access-control-allow-headers fa-kit-token x-amz-cf-id KoOmclEgbEj0bphPcAY3fizLB3qODnmaQLY5naJl-_kc53aYMJA-Vw==
GET H2	200	free-v5-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.3.0/css/	823 B 1 KB	141ms 61ms	Fetch text/css	2606:4700:e4::ac40:a916 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v5-font-face.min.css?token=2fa1f045a7 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/2fa1f045a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbfc1a27b2f37bb5758305f7d7633b07f9dd08c9c42658e695c8fa9716967545 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:05 GMT via 1.1 5556637e65d0995f53bff72f94be18a6.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop BOG50-P1 age 54433 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 31 Jan 2023 18:17:21 GMT server cloudflare etag W/"fdedb74e19e1bffdcab908079cabd49a" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LKdONKLbHoWRGRV0%2BJDEOZ%2FA1nRkLjcJQW8JSWRS2dsV5NIjspUwllatUOAQ1enEhcYpMWyVyQ82LwGWehqNh23ku5RF1EZg0h3LI2lSStoyS8baxToPXpYH5XLnkWt3g3lUAJDrtKtQqfgz7E6yDaavw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7a7d7567bf2a3371-MIA access-control-allow-headers fa-kit-token x-amz-cf-id s9uCWzwI4RTLp2I2YDurnIrkJ9oRXdfHr7Y6gIzhWsYPduySAAmJfA==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.3.0/css/	2 KB 1 KB	143ms 63ms	Fetch text/css	2606:4700:e4::ac40:a916 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.3.0/css/free-v4-font-face.min.css?token=2fa1f045a7 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/2fa1f045a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 852db4d1e3c440deaa05229fa8beb300bc959f16d0f9c2be168173a26c68e1a9 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:05 GMT via 1.1 b3fa6483b226ef7cc87d8bab653f621c.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop MIA3-C3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 31 Jan 2023 18:17:21 GMT server cloudflare etag W/"00bb3d26f3fee308e5747eb9f5760b48" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xrJD389MbqHp1E5mIwAEROtWRr2F7MR92fp2TLtDl%2F%2Ft9jNFGMEtsrl%2BduqPQTw3hC7RAcVZsI7ByGDkROkOZLPnfhDLooOCCZF3szKjUqz8ZbddsVKF4SEs0OO2gaqw53exWDHicGu2TRBLMZllFffPw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7a7d7567bf2b3371-MIA access-control-allow-headers fa-kit-token x-amz-cf-id rI_QLGzMz3aw-GTwxiZU4bTKyUk-sM0zSwoM-ekFGy0nErPLA643xg==
GET H/1.1	200 OK	jquery-3.3.1.js Show response offinder.live/code.jquery.com/	265 KB 266 KB	188ms 149ms	Script application/javascript	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://offinder.live/code.jquery.com/jquery-3.3.1.js Requested by Host: offinder.live URL: http://offinder.live/ Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 15:13:05 GMT Last-Modified Sat, 27 Feb 2021 04:30:02 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 271751
GET H/1.1	200 OK	popper.min.js Show response offinder.live/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/	20 KB 20 KB	113ms 112ms	Script application/javascript	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://offinder.live/cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js Requested by Host: offinder.live URL: http://offinder.live/ Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 15:13:05 GMT Last-Modified Sat, 27 Feb 2021 04:30:02 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 20337
GET H/1.1	200 OK	bootstrap.min.js Show response offinder.live/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	50 KB 50 KB	118ms 114ms	Script application/javascript	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://offinder.live/stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js Requested by Host: offinder.live URL: http://offinder.live/ Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 15:13:05 GMT Last-Modified Sat, 27 Feb 2021 04:30:02 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 51039
GET H2	200	typed.js@2.0.9 Show response cdn.jsdelivr.net/npm/	11 KB 4 KB	534ms 48ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/typed.js@2.0.9 Requested by Host: offinder.live URL: http://offinder.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1a868cad4a0420be9dc3c4736e51184ea77dc1bf49c00b48f8433c74aa06ce25 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 14 Mar 2023 15:13:06 GMT x-content-type-options nosniff content-encoding gzip age 1752745 x-jsd-version 2.0.9 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 3492 x-served-by cache-fra-eddf8230137-FRA, cache-fty21367-FTY x-jsd-version-type version etag W/"2db4-6Y23FxrejlVyhqxAU4ZwlmuL4Sc" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	main.js Show response offinder.live/grabcodes.co/onlyfans/	10 KB 11 KB	228ms 110ms	Script application/javascript	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://offinder.live/grabcodes.co/onlyfans/main.js Requested by Host: offinder.live URL: http://offinder.live/ Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash 55875dcba4f721c8f7833968adcb60c6f0f1324f8dd1dc27fecae3bbeb12b31d Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 15:13:05 GMT Last-Modified Tue, 02 Mar 2021 11:46:15 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10576
GET H2	200	counter.js Show response www.statcounter.com/counter/	43 KB 15 KB	519ms 45ms	Script application/javascript	104.20.218.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.statcounter.com/counter/counter.js Requested by Host: offinder.live URL: http://offinder.live/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:06 GMT content-encoding br cf-cache-status HIT last-modified Mon, 13 Mar 2023 09:43:40 GMT server cloudflare age 21491 etag W/"640ef04c-aba5" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 cf-ray 7a7d756e1a0fdb21-MIA expires Tue, 14 Mar 2023 21:14:55 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	229ms 80ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|PT+Sans:400,700 Requested by Host: offinder.live URL: http://offinder.live/grabcodes.co/onlyfans/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 83e98e9d119083e860ff642ae71eeca2d727345c613b62170da73c80697bce22 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 14 Mar 2023 15:13:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 14 Mar 2023 15:13:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 14 Mar 2023 15:13:05 GMT
GET H2	200	html.1512461.2ea3e.0.js Show response d2punpeg7vtjci.cloudfront.net/public/external/v2/	26 KB 26 KB	724ms 233ms	Script application/javascript	2600:9000:21da:f200:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/external/v2/html.1512461.2ea3e.0.js Requested by Host: db81lfl43r06.cloudfront.net URL: https://db81lfl43r06.cloudfront.net/53bae1e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:f200:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 3ed30bf1c15f93296615db6c12a45c70821d20c66c52d7fc0006d3f8c2352595 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:06 GMT via 1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id k8wtdwiJsSpzD4NNk1DdvqciUlEdVU9BIIptVwjegetEqwJaMKjwDg==
GET H2	200	css_front.css d2punpeg7vtjci.cloudfront.net/public/external/	6 KB 7 KB	647ms 152ms	Stylesheet text/css	2600:9000:21da:f200:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/external/css_front.css Requested by Host: db81lfl43r06.cloudfront.net URL: https://db81lfl43r06.cloudfront.net/53bae1e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:f200:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:06 GMT via 1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C1 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id O6U9XTttwEsCo51k7H12J9dyMvUTRu8gyoyQbqFOL65cRut_Ls4n5Q==
GET H/1.1	200 OK	bg.jpg offinder.live/grabcodes.co/onlyfans/	2 KB 2 KB	141ms 101ms	Image image/jpeg	162.240.78.12 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://offinder.live/grabcodes.co/onlyfans/bg.jpg Requested by Host: offinder.live URL: http://offinder.live/grabcodes.co/onlyfans/main.css Protocol HTTP/1.1 Server 162.240.78.12 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS server.nitheeshpv.online Software Apache / Resource Hash c398b58dbd38f69f80648957097e2f535715de19d28f77252ab668359cbf892c Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/grabcodes.co/onlyfans/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 15:13:05 GMT Last-Modified Sat, 27 Feb 2021 04:30:02 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2114
GET H2	200	jizfRExUiTo99u79B_mh0O6tLQ.woff2 fonts.gstatic.com/s/ptsans/v17/	46 KB 46 KB	611ms 145ms	Font font/woff2	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|PT+Sans:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://offinder.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 09 Mar 2023 06:16:06 GMT x-content-type-options nosniff age 464220 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47048 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:55:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Mar 2024 06:16:06 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	540ms 74ms	Font font/woff2	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600|PT+Sans:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://offinder.live accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 09 Mar 2023 04:26:47 GMT x-content-type-options nosniff age 470779 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Mar 2024 04:26:47 GMT
GET H2	200	/ Show response api.ipify.org/	13 B 96 B	438ms 104ms	XHR text/plain	173.231.16.76 WEBNX
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/ Requested by Host: offinder.live URL: http://offinder.live/code.jquery.com/jquery-3.3.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.231.16.76 , United States, ASN18450 (WEBNX, US), Reverse DNS 173-231-16-76.static.webnx.com Software / Resource Hash b3a4a74b49206e7203f8aafc7e2b0d90203e950621d8897973cc148f7e68deb3 Request headers Accept */* Referer http://offinder.live/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin http://offinder.live date Tue, 14 Mar 2023 15:13:06 GMT content-length 13 vary Origin content-type text/plain
GET H2	200	p.php Show response bootstraplugin.com/	0 488 B	225ms 133ms	Script text/html	2606:4700:3031::6815:a18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bootstraplugin.com/p.php?id=1040 Requested by Host: offinder.live URL: http://offinder.live/grabcodes.co/onlyfans/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:06 GMT via 1.1 vegur content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjmBAd9bZD1lxn%2FXFIT64yftH9RDUTRbYpRwk6tueBg02vpR18iggS7qPiMtQjAsq7AsF2zNu2BULxHmPATbdKTYbEQXdy47rf7Rxn%2BXmktP2Cj%2BkXar6%2B1w5knsG6mMqRHisZ6LtFK41YLuGHGUBi8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-cache, private cf-ray 7a7d756f3b0adb1d-MIA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	t.php Show response c.statcounter.com/	192 B 567 B	101ms 88ms	XHR application/json	104.20.218.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=12487016&u1=65DBD582968C4F52254B3A190CF329BD&java=1&security=c906543e&sc_snum=1&sess=c5bd59&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//offinder.live/&t=OnlyFans%20Profile%20Finder%20-%20Find%20OnlyFans%20Profiles%20In%20Your%20Area&invisible=1&sc_rum_e_s=2026&sc_rum_e_e=2071&sc_rum_f_s=0&sc_rum_f_e=1921&get_config=true Requested by Host: www.statcounter.com URL: https://www.statcounter.com/counter/counter.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:06 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/json access-control-allow-origin http://offinder.live p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" access-control-allow-credentials true cf-ray 7a7d756f6d0ddb21-MIA expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	css.css d2punpeg7vtjci.cloudfront.net/public/clockers/PrimeApps/	1010 B 1 KB	154ms 153ms	Stylesheet text/css	2600:9000:21da:f200:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/clockers/PrimeApps/css.css Requested by Host: db81lfl43r06.cloudfront.net URL: https://db81lfl43r06.cloudfront.net/53bae1e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:f200:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:06 GMT via 1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C1 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id AczTaE6zGEsQIDSX7Q_eaiSOK6ZQx2oI_1Pw2eDtkqEiMx1SH6zK-w==
GET H2	200	guid Show response d2punpeg7vtjci.cloudfront.net/public/	0 276 B	226ms 221ms	Script text/html	2600:9000:21da:f200:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/guid?cpguid=t7tbku98z&e=ll&t=1678806786763 Requested by Host: db81lfl43r06.cloudfront.net URL: https://db81lfl43r06.cloudfront.net/53bae1e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:f200:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:06 GMT via 1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id LPBKck_AuiAZQVRG4qEj54PVPsRkqciqP77oEDbwrEtrNHp46GIlDg==
GET H2	200	check.php Show response d2punpeg7vtjci.cloudfront.net/public/external/	78 B 370 B	227ms 227ms	Script application/javascript	2600:9000:21da:f200:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/external/check.php?it=1512461&time=1678806788604 Requested by Host: db81lfl43r06.cloudfront.net URL: https://db81lfl43r06.cloudfront.net/53bae1e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21da:f200:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language en-US,en;q=0.9 Referer http://offinder.live/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 15:13:08 GMT via 1.1 978e367a2ce2a1259e8f24bc2370ca50.cloudfront.net (CloudFront) server Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id fbDCe8QbeJqEOrWRGAWfec7IqQ9EIMOQJmY3IF12bfO27Sc2lcPE1A==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| FontAwesomeKitConfig object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery function| Popper object| bootstrap function| Typed string| R1V string| R2V string| R111 string| R222 string| R1N string| R2N string| PS string| GN function| GSW string| SSS4 function| getIP object| SSS function| SHF number| Dx function| SHH function| set_platform function| ccc object| NAMES object| SEN string| s_IP number| s_AAA string| s_DATE number| sc_project number| sc_invisible string| sc_security function| _statcounter

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			offinder.live/	1970-01-20 10:34:30	Name: _cpguid Value: t7tbku98z
			.offinder.live/	1970-01-20 19:56:06	Name: sc_is_visitor_unique Value: rx12487016.1678806786.65DBD582968C4F52254B3A190CF329BD.1.1.1.1.1.1.1.1.1
			.statcounter.com/	1970-01-20 19:56:06	Name: is_unique Value: sc12487016.1678806786.0
			.statcounter.com/	1970-01-20 19:56:06	Name: is_visitor_unique Value: 1678806786375975720

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
bootstraplugin.com
c.statcounter.com
cdn.jsdelivr.net
d2punpeg7vtjci.cloudfront.net
db81lfl43r06.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
offinder.live
www.statcounter.com
104.20.218.77
162.240.78.12
173.231.16.76
2600:9000:21da:f200:1c:8de0:8c80:21
2600:9000:24f0:f000:0:a5b4:dd80:21
2606:4700:3031::6815:a18
2606:4700::6812:1734
2606:4700:e4::ac40:a916
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::2003
2a04:4e42:400::485
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1a868cad4a0420be9dc3c4736e51184ea77dc1bf49c00b48f8433c74aa06ce25
1b16f870993ee1f651220251e515779b30e8025e0d38f691294ead663a90e0b8
3ed30bf1c15f93296615db6c12a45c70821d20c66c52d7fc0006d3f8c2352595
4c6d23efa8a723d5c117df0ac6f77441a66d960cf4e9cf4cf20aabd1ac984ef3
4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259
55875dcba4f721c8f7833968adcb60c6f0f1324f8dd1dc27fecae3bbeb12b31d
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
709b01872fa669cc4f637752e7e369fa6ee875843c1549f07d5a35b390f48556
74fcdf8a9a0a804615421d206d092100a1a1da91d0e429b118cf7a2c4b645b8e
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
83e98e9d119083e860ff642ae71eeca2d727345c613b62170da73c80697bce22
852db4d1e3c440deaa05229fa8beb300bc959f16d0f9c2be168173a26c68e1a9
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
aee930d9c63ac5f13c26ea50472e6d6dcdab908aafc18687886c7fba33e0c9e8
b3a4a74b49206e7203f8aafc7e2b0d90203e950621d8897973cc148f7e68deb3
c398b58dbd38f69f80648957097e2f535715de19d28f77252ab668359cbf892c
cab7bcdd1d1ef3924516f0d7a17bf96df467ddae85f6426922b320e3e0eb92ef
d212a5a732e0632cb7a63412830a021c8c0a4aaa835a604ef008c1b0e4b00300
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f9cd1861d70c6f4227b2cb85c888a4b1c0a8f517ac8f3d2ebf1c7dcd8b214f82
fbfc1a27b2f37bb5758305f7d7633b07f9dd08c9c42658e695c8fa9716967545