www.rofaccount.com Open in urlscan Pro
162.0.229.5  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.rofaccount.com/	75 KB 19 KB	720ms 320ms	Document text/html	162.0.229.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.229.5 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium111-3.web-hosting.com Software Apache / Resource Hash 9a6803386ac7feaae6929a2a680fdf1503b9377cf24889a294d5d2394df9673b Request headers :method GET :authority www.rofaccount.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 16 May 2020 10:01:08 GMT server Apache last-modified Sat, 16 May 2020 09:58:35 GMT accept-ranges bytes vary Accept-Encoding content-encoding gzip content-length 19429 content-type text/html
GET H2	200	css fonts.googleapis.com/	9 KB 879 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 16 May 2020 10:01:08 GMT server ESF date Sat, 16 May 2020 10:01:08 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 16 May 2020 10:01:08 GMT
GET H2	200	LOGO_PNG.png www.rofaccount.com/img/	277 KB 277 KB	173ms 172ms	Image image/png	162.0.229.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.rofaccount.com/img/LOGO_PNG.png Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.229.5 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium111-3.web-hosting.com Software Apache / Resource Hash e49666e02abfd7f357a91404b778cffa64680dd53af447d431880c3280e3a640 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 16 May 2020 10:01:08 GMT last-modified Sat, 16 May 2020 09:59:21 GMT server Apache accept-ranges bytes content-length 283372 content-type image/png
GET H2	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/	52 KB 4 KB	16ms 12ms	Stylesheet text/css	2606:4700::6810:84e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:08 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 8559791 status 200 alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 cf-request-id 02be873cb9000017829faff200000001 served-in-seconds 0.002 timing-allow-origin * last-modified Thu, 17 May 2018 09:15:36 GMT server cloudflare etag W/"5afd4838-ce35" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type text/css access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 594441745adc1782-FRA expires Thu, 06 May 2021 10:01:08 GMT
GET H2	200	TweenMax.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/	112 KB 36 KB	20ms 16ms	Script application/javascript	2606:4700::6810:84e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/TweenMax.min.js Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:08 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 1921930 status 200 alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 cf-request-id 02be873cb9000017829fb00200000001 served-in-seconds 0.008 timing-allow-origin * last-modified Thu, 17 May 2018 09:19:23 GMT server cloudflare etag W/"5afd491b-1be2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 594441745ade1782-FRA expires Thu, 06 May 2021 10:01:08 GMT
GET H/1.1	200 OK	jquery-3.2.1.min.js Show response code.jquery.com/	85 KB 30 KB	22ms 7ms	Script application/javascript	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.min.js Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.rofaccount.com/ Origin https://www.rofaccount.com Response headers Date Sat, 16 May 2020 10:01:08 GMT Content-Encoding gzip Last-Modified Mon, 20 Mar 2017 19:01:15 GMT Server nginx ETag W/"58d026fb-15283" Vary Accept-Encoding X-HW 1589623268.dop051.fr8.shc,1589623268.dop051.fr8.t,1589623268.cds133.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 30125
GET H2	200	TweenLite.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/	27 KB 10 KB	18ms 14ms	Script application/javascript	2606:4700::6810:84e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/TweenLite.min.js Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bab287b99efbdaaf426598db37981e5a1d0e6cdbc82f820d7904d2424642dbf3 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:08 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 8559785 status 200 alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 cf-request-id 02be873cb9000017829fb01200000001 served-in-seconds 0.002 timing-allow-origin * last-modified Thu, 17 May 2018 09:19:23 GMT server cloudflare etag W/"5afd491b-6d28" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 594441745ae21782-FRA expires Thu, 06 May 2021 10:01:08 GMT
GET H2	200	Draggable.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/utils/	37 KB 13 KB	24ms 21ms	Script application/javascript	2606:4700::6810:84e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/utils/Draggable.min.js Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 304c9fe8323094a29d056a0aef1a4c161e2b75fcae9cf3e584b151d241c292bb Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:08 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 8559776 status 200 alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 cf-request-id 02be873cb9000017829fb02200000001 served-in-seconds 0.002 timing-allow-origin * last-modified Thu, 17 May 2018 09:19:23 GMT server cloudflare etag W/"5afd491b-9430" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 594441745ae41782-FRA expires Thu, 06 May 2021 10:01:08 GMT
GET H2	200	CSSPlugin.min.js Show response cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/plugins/	42 KB 16 KB	18ms 15ms	Script application/javascript	2606:4700::6810:84e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/plugins/CSSPlugin.min.js Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d57d2ca73d97f307631c6b711e6c8b7650999c41f7963ed51ed3e4e086fe1c7 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:08 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 8559785 status 200 alt-svc h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400 cf-request-id 02be873cba000017829fb03200000001 served-in-seconds 0.002 timing-allow-origin * last-modified Thu, 17 May 2018 09:20:03 GMT server cloudflare etag W/"5afd4943-a694" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 594441745ae61782-FRA expires Thu, 06 May 2021 10:01:08 GMT
GET H2	200	locker.js Show response cpabuild.com/public/external/	22 KB 6 KB	51ms 20ms	Script application/javascript	2606:4700:20::681a:caf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cpabuild.com/public/external/locker.js Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:caf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6e8d166b5ad43c05334f28d92b9679349171e628266016553563f0246a20297 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:08 GMT content-encoding br cf-cache-status HIT last-modified Tue, 21 Apr 2020 07:30:58 GMT server cloudflare age 5361 etag W/"57ac-5a3c7ff28f976" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=691200 cf-ray 594441748ba5325c-FRA cf-request-id 02be873cd60000325c3f228200000001
GET H2	200	GEN-FULL.png www.rofaccount.com/img/	123 KB 124 KB	1216ms 1214ms	Image image/png	162.0.229.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.rofaccount.com/img/GEN-FULL.png Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.229.5 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium111-3.web-hosting.com Software Apache / Resource Hash f421ec75691915ea029e895794491e252a783e0ba003ce555f456124cc4daf0f Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 16 May 2020 10:01:08 GMT last-modified Sat, 16 May 2020 09:59:27 GMT server Apache accept-ranges bytes content-length 126325 content-type image/png
GET H2	200	gta-logo.png www.rofaccount.com/img/	48 KB 48 KB	1512ms 1510ms	Image image/png	162.0.229.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.rofaccount.com/img/gta-logo.png Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.229.5 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium111-3.web-hosting.com Software Apache / Resource Hash 0a8a73616fcc9d76bc696b167d665f50723f5a43aef640b5233439d3ac80219f Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 16 May 2020 10:01:08 GMT last-modified Sat, 16 May 2020 10:00:07 GMT server Apache accept-ranges bytes content-length 49304 content-type image/png
GET H2	200	chevron-down.svg ogcdn.co/fifacoins18.com/css/img/	833 B 695 B	197ms 47ms	Image image/svg+xml	78.142.29.171 VERDINA
General Check archive.org Show headers Download Go to Show image Full URL https://ogcdn.co/fifacoins18.com/css/img/chevron-down.svg Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 78.142.29.171 , Bulgaria, ASN201133 (VERDINA, BZ), Reverse DNS Software LiteSpeed / Resource Hash 55aa087dca294d05a1be7357c7f5121fbd09c650b158401631be07c314a96730 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:07 GMT content-encoding br last-modified Thu, 26 Oct 2017 21:44:36 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=604800 alt-svc quic=":443"; ma=2592000; v="35,39,43" content-length 494 expires Sat, 23 May 2020 10:01:07 GMT
GET H2	200	bruh.png www.rofaccount.com/img/	9 KB 9 KB	1215ms 1213ms	Image image/png	162.0.229.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.rofaccount.com/img/bruh.png Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.229.5 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium111-3.web-hosting.com Software Apache / Resource Hash 26c0c7729feefababb3d5957117de313ce5711edaa0b4efb5cbc70c5f781a024 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sat, 16 May 2020 10:01:08 GMT last-modified Sat, 16 May 2020 09:59:37 GMT server Apache accept-ranges bytes content-length 8714 content-type image/png
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/utils/Draggable.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Origin https://www.rofaccount.com Response headers date Tue, 14 Apr 2020 23:26:59 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:50 GMT server sffe age 2716449 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11016 x-xss-protection 0 expires Wed, 14 Apr 2021 23:26:59 GMT
GET H2	200	html.878420.e2cb4.0.js Show response cldoffers.net/public/external/v2/	9 KB 3 KB	385ms 334ms	Script application/javascript	2606:4700:3037::6812:34f7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cldoffers.net/public/external/v2/html.878420.e2cb4.0.js Requested by Host: cpabuild.com URL: https://cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6812:34f7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.28 Resource Hash 2501a5b5e1bff478630917d8ea14d7c517b5a1081482e4f92b98a99e2c41c67a Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:09 GMT content-encoding br cf-cache-status MISS server cloudflare x-powered-by PHP/7.2.28 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 5944417549c7dfc3-FRA cf-request-id 02be873d4c0000dfc3b12ab200000001
GET H2	200	css_front.css cldoffers.net/public/external/	6 KB 2 KB	63ms 12ms	Stylesheet text/css	2606:4700:3037::6812:34f7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cldoffers.net/public/external/css_front.css Requested by Host: cpabuild.com URL: https://cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6812:34f7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:08 GMT content-encoding br cf-cache-status HIT last-modified Fri, 10 Apr 2020 22:28:56 GMT server cloudflare age 5352 etag W/"19c4-5a2f742516a35" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5944417549c3dfc3-FRA cf-request-id 02be873d4c0000dfc3b12aa200000001
GET H2	200	backgr.png i.ibb.co/gJkvvkc/	1 MB 1 MB	205ms 119ms	Image image/jpeg	51.178.88.195 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/gJkvvkc/backgr.png Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.178.88.195 , France, ASN16276 (OVH, FR), Reverse DNS i.ibb.co Software nginx / Resource Hash 0bed1e73c02bf46ace7952888be1f01b585a740f0d9543083092a41e4bb6c3fc Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:08 GMT last-modified Sun, 26 Apr 2020 21:34:19 GMT server nginx status 200 access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 1051085 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	404	.png www.rofaccount.com/img/	315 B 315 B	1415ms 1415ms	Image text/html	162.0.229.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.rofaccount.com/img/.png Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.229.5 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium111-3.web-hosting.com Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Sat, 16 May 2020 10:01:08 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2 Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Origin https://www.rofaccount.com Response headers date Mon, 13 Apr 2020 13:00:06 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:52 GMT server sffe age 2840462 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11180 x-xss-protection 0 expires Tue, 13 Apr 2021 13:00:06 GMT
GET H2	404	abc3.png www.rofaccount.com/img/	315 B 315 B	1405ms 1404ms	Image text/html	162.0.229.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.rofaccount.com/img/abc3.png Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.229.5 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium111-3.web-hosting.com Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Sat, 16 May 2020 10:01:08 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	404	abc2.png www.rofaccount.com/img/	315 B 315 B	1405ms 1405ms	Image text/html	162.0.229.5 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.rofaccount.com/img/abc2.png Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.229.5 , Canada, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium111-3.web-hosting.com Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 404 date Sat, 16 May 2020 10:01:08 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v20/	11 KB 11 KB	17ms 5ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:300,400,500,700 Origin https://www.rofaccount.com Response headers date Wed, 15 Apr 2020 00:22:14 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:58 GMT server sffe age 2713134 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11020 x-xss-protection 0 expires Thu, 15 Apr 2021 00:22:14 GMT
GET H2	200	p.php Show response bootstraplugin.com/	0 571 B	505ms 467ms	Script text/html	2606:4700:3033::681c:1def CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bootstraplugin.com/p.php?id=176 Requested by Host: www.rofaccount.com URL: https://www.rofaccount.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:1def , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:09 GMT via 1.1 vegur cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 594441758d3d05cc-FRA content-type text/html; charset=UTF-8 status 200 cache-control no-cache, private content-encoding br cf-request-id 02be873d71000005cca2a7a200000001
GET H2	200	css.css cldoffers.net/public/clockers/PrimeApps/	1010 B 526 B	14ms 13ms	Stylesheet text/css	2606:4700:3037::6812:34f7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cldoffers.net/public/clockers/PrimeApps/css.css Requested by Host: cpabuild.com URL: https://cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6812:34f7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:09 GMT content-encoding br cf-cache-status HIT last-modified Fri, 10 Apr 2020 22:29:00 GMT server cloudflare age 4346 etag W/"3f2-5a2f7428ae907" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 594441776ecfdfc3-FRA cf-request-id 02be873e9d0000dfc3b12c8200000001
GET H2	200	check.php Show response cldoffers.net/public/external/	0 200 B	348ms 340ms	Script application/javascript	2606:4700:3037::6812:34f7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cldoffers.net/public/external/check.php?time=1589623271021&it=878420 Requested by Host: cpabuild.com URL: https://cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6812:34f7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.28 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.rofaccount.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 16 May 2020 10:01:11 GMT cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.2.28 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript status 200 cf-ray 594441842df2dfc3-FRA content-length 0 cf-request-id 02be87469b0000dfc3b1367200000001

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| $ function| jQuery function| Draggable object| $jscomp$this function| anime object| Roblox object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker number| screenCount string| platform

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bootstraplugin.com
cdnjs.cloudflare.com
cldoffers.net
code.jquery.com
cpabuild.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
ogcdn.co
www.rofaccount.com
162.0.229.5
2001:4de0:ac19::1:b:1b
2606:4700:20::681a:caf
2606:4700:3033::681c:1def
2606:4700:3037::6812:34f7
2606:4700::6810:84e5
2a00:1450:4001:800::200a
2a00:1450:4001:809::2003
51.178.88.195
78.142.29.171
0a8a73616fcc9d76bc696b167d665f50723f5a43aef640b5233439d3ac80219f
0bed1e73c02bf46ace7952888be1f01b585a740f0d9543083092a41e4bb6c3fc
0d57d2ca73d97f307631c6b711e6c8b7650999c41f7963ed51ed3e4e086fe1c7
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
2501a5b5e1bff478630917d8ea14d7c517b5a1081482e4f92b98a99e2c41c67a
26c0c7729feefababb3d5957117de313ce5711edaa0b4efb5cbc70c5f781a024
304c9fe8323094a29d056a0aef1a4c161e2b75fcae9cf3e584b151d241c292bb
55aa087dca294d05a1be7357c7f5121fbd09c650b158401631be07c314a96730
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9a6803386ac7feaae6929a2a680fdf1503b9377cf24889a294d5d2394df9673b
a6e8d166b5ad43c05334f28d92b9679349171e628266016553563f0246a20297
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
bab287b99efbdaaf426598db37981e5a1d0e6cdbc82f820d7904d2424642dbf3
c5a1af3f56b4294252d7c75144ae9d0ac198e9229952b7e11cbb31f17f138123
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49666e02abfd7f357a91404b778cffa64680dd53af447d431880c3280e3a640
f421ec75691915ea029e895794491e252a783e0ba003ce555f456124cc4daf0f