onlyfriends.club Open in urlscan Pro
104.21.49.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://onlyfriends.club/s?fU2U
Submission: On February 28 via manual (February 28th 2024, 4:36:21 am UTC) from CA — Scanned from CA

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 15 HTTP transactions. The main IP is 104.21.49.74, located in and belongs to CLOUDFLARENET, US. The main domain is onlyfriends.club.
TLS certificate: Issued by E1 on January 18th 2024. Valid for: 3 months.

This is the only time onlyfriends.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.21.49.74 104.21.49.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
2	2600:9000:269... 2600:9000:269f:1800:a:3cd2:30c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::6815:d72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:21a... 2600:9000:21a2:3c00:1:22bf:b4c0:21	16509 (AMAZON-02) (AMAZON-02)
2	172.67.220.203 172.67.220.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.132.38 52.85.132.38	16509 (AMAZON-02) (AMAZON-02)
2	104.21.11.234 104.21.11.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.23.212 104.21.23.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	10

1 104.21.49.74 (None, )

ASN13335 (CLOUDFLARENET, US)

onlyfriends.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:269f:1800:a:3cd2:30c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1wzdj81h1hubn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:d72 (United States)

ASN13335 (CLOUDFLARENET, US)

dfdgfruitie.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21a2:3c00:1:22bf:b4c0:21 (United States)

ASN16509 (AMAZON-02, US)

d2oouw5449k1qr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.220.203 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.132.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-38.iad50.r.cloudfront.net

ourtshipanditlas.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.11.234 (None, )

ASN13335 (CLOUDFLARENET, US)

rbrightscarletcl.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.23.212 (None, )

ASN13335 (CLOUDFLARENET, US)

onasider.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	cloudfront.net d1wzdj81h1hubn.cloudfront.net d2oouw5449k1qr.cloudfront.net	240 KB
2	rbrightscarletcl.info rbrightscarletcl.info	801 B
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 32929	101 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	2 KB
1	onasider.top onasider.top — Cisco Umbrella Rank: 426502 Failed
1	ourtshipanditlas.info ourtshipanditlas.info	2 KB
1	dfdgfruitie.xyz dfdgfruitie.xyz — Cisco Umbrella Rank: 785904	493 B
1	onlyfriends.club onlyfriends.club	68 KB
15	8

	Domain	Requested by
2	rbrightscarletcl.info
2	pogothere.xyz	d2oouw5449k1qr.cloudfront.net
2	d2oouw5449k1qr.cloudfront.net	onlyfriends.club ourtshipanditlas.info
2	d1wzdj81h1hubn.cloudfront.net	onlyfriends.club
2	fonts.googleapis.com	onlyfriends.club d2oouw5449k1qr.cloudfront.net
1	onasider.top	d2oouw5449k1qr.cloudfront.net
1	ourtshipanditlas.info	d2oouw5449k1qr.cloudfront.net
1	dfdgfruitie.xyz	onlyfriends.club
1	onlyfriends.club
15	9

This site contains no links.

Subject Issuer	Validity	Valid
onlyfriends.club E1	`2024-01-18` - `2024-04-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
dfdgfruitie.xyz GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
pogothere.xyz GTS CA 1P5	`2024-01-27` - `2024-04-26`	3 months	crt.sh
ourtshipanditlas.info Amazon RSA 2048 M03	`2024-02-20` - `2025-03-20`	a year	crt.sh
rbrightscarletcl.info E1	`2024-02-04` - `2024-05-04`	3 months	crt.sh
onasider.top E1	`2024-01-10` - `2024-04-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://onlyfriends.club/s?fU2U
Frame ID: 13721C12E2619646837507EAC64C61C7
Requests: 12 HTTP requests in this frame

Frame: https://ourtshipanditlas.info/Z3h3WjQGGhQ3CwZFFXxBFRRKfwYhXUUcUFUXGC9DUkxDY19WCQV0VwsXAj5SFRcZLhoJHQN/BiE2Ig0BMBwyC00mLBAJUR4tPxdfC0EtNlgPKT8MByU7Ijh/Dj4jHU4qFy02Uz4wGRNlLAEiLnIwIj4TU1MfFR96Ei0ePUMmPDEQbQ0pNhRhC0kTLQwePhk2WDQ7Ph9/HQgjE0wIHzkbU0JKMR1dIkkkGXkxHSMtdis6RzVkNkENCFMtEyYdbjUcGhxzLipHK3o2PR8YBiESLzBTJiEgFFE9SCUrbTIMGxRZIRIvM3EDMxo+VQRIFB1QIQAaHnwtFCVpGSk/Ex51AjIfPVwtHwRqfB5IGwkGNgEUDX49HTI+TQM+DzdsJEBCHV4UIS4NeRMbRwAENykUY3EwPh0CXiIqPSBbJR5GHAY+KUd/BiU6HikMJEs5HXUKOhQAchdIEWtcDCkZDBFVPiAdDTUcGh9QKQA+Nn0QHA0IUy0TLw1yBhxFPn0uSBtrEg0LGDREWjUwNgNRNh1sdSILLgsD
Frame ID: 021376C2D270B82A54D4974D989672B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Riley Reid

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

93 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

414 kB
Transfer

586 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request s Show response
onlyfriends.club/ 93 KB
68 KB 7950ms
7665ms Document
text/html 104.21.49.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onlyfriends.club/s?fU2U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.49.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06ef02390f06cb8794342aac81fd0fa16437bcbbf3d1122a3a5f33505dd608ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c5f704eaa138e5-YYZ
content-encoding: br
content-type: text/html
date: Wed, 28 Feb 2024 04:36:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdQ%2BmXXKoemoDjX3NMhuhpTa%2BFrXMLBLO%2BZiuhfFkl0hyE4EkiLfqIsmMDkOi3rulwhY1PA4dvAYUyoOS40Cb0tymVlCP30UtwAHuBLxx47FgLbOavnLP%2FMy3kU6fPh6mKN%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 522ms
141ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Requested by

Host: onlyfriends.club
URL: https://onlyfriends.club/s?fU2U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Feb 2024 04:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 03:28:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Feb 2024 04:36:17 GMT

GET
H2 200 6ecea856563b3c1749b59fedf2c00079b47262f0db94090b3f148c8a0eacad94.png
d1wzdj81h1hubn.cloudfront.net/ 90 KB
90 KB 483ms
104ms Image
image/png 2600:9000:269f:1800:a:3cd2:30c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wzdj81h1hubn.cloudfront.net/6ecea856563b3c1749b59fedf2c00079b47262f0db94090b3f148c8a0eacad94.png
Requested by: Host: onlyfriends.club
URL: https://onlyfriends.club/s?fU2U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:1800:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e90ca20cf823d0a13e6d187f53cfcb2b7bae9dab4862233d02611a693360231

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 16:13:44 GMT
via: 1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Feb 2024 15:47:42 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 44554
x-amz-server-side-encryption: AES256
etag: "ed71035b78e4f20fe84958596a6d4cff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 92166
x-amz-cf-id: PfSGESwhQAwlKKgVXHa8Km23kYpOsMNzPTnouKiWRgnSvaECf95vzA==

GET
H2 200 cc0db32a138d46b88441bf925045e1808c20dcd4cc55f9278a7c0ffa23e4612a.png
d1wzdj81h1hubn.cloudfront.net/ 60 KB
60 KB 611ms
232ms Image
image/png 2600:9000:269f:1800:a:3cd2:30c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wzdj81h1hubn.cloudfront.net/cc0db32a138d46b88441bf925045e1808c20dcd4cc55f9278a7c0ffa23e4612a.png
Requested by: Host: onlyfriends.club
URL: https://onlyfriends.club/s?fU2U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:269f:1800:a:3cd2:30c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d18b73a437f346e213c3c4c5de6213da0b7a822037318cb01142957e6faf8c3a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 13:35:36 GMT
via: 1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
last-modified: Tue, 27 Feb 2024 11:42:42 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 54042
etag: "0a49e53d46abf381664b90301f90d439"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 61285
x-amz-cf-id: iY8e2UrVCQxNlSJFK7bGogkQhsQDT3ME3l-Z8-dtvGRsJBP0cTxyRw==

GET
H2 200 yzfdmoan.js Show response
dfdgfruitie.xyz/adserver/ 0
493 B 514ms
168ms Script
application/x-javascript 2606:4700:3034::6815:d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dfdgfruitie.xyz/adserver/yzfdmoan.js
Requested by: Host: onlyfriends.club
URL: https://onlyfriends.club/s?fU2U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 04:36:18 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 19:26:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1224
etag: "63dd5fe4-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlwvzxhe7HnTz4fpoWUa%2BXOyL54wb%2FjvKjCio0nZpVu1oyhpzFN88B%2BLO4jtOjieY8cGb3pnENb9wDxOE8bwlX%2FwIuKsZ92CWfmrsWWshBbO10Y9AtCM3nLa6XnWpuPmQzhEgk9s3%2FvLtPC%2Fj70%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85c5f73e6da2398a-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
d2oouw5449k1qr.cloudfront.net/ 224 KB
88 KB 625ms
210ms Script
text/plain 2600:9000:21a2:3c00:1:22bf:b4c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oouw5449k1qr.cloudfront.net/?tid=977741
Requested by: Host: onlyfriends.club
URL: https://onlyfriends.club/s?fU2U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:3c00:1:22bf:b4c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 86ccb70ae36059a9b712fa3d52d658d6426ff2d53aa5174c9f0599d6f5f7f16a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Feb 2024 04:36:18 GMT
content-encoding: gzip
via: 1.1 36310ef8e99083d179b2b187554670de.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 90161
x-amz-cf-id: a5Mko1h2IB8EKjQp2gOnHmE5WR92AEXdo6DDrhIhgLN7RpzeyF9NnQ==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 417ms
145ms Fetch
binary/octet-stream 172.67.220.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d2oouw5449k1qr.cloudfront.net
URL: https://d2oouw5449k1qr.cloudfront.net/?tid=977741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 04:36:19 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 28 Feb 2024 02:35:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://onlyfriends.club
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FwGMiG2cSrablEy0cHeDx6wNnXvTtTtKKgdM5dCVtiAOLza%2F5vZZxLblfDWNPlK4X7QzwHtuIh4sXJ1cMlH0DS5AmSxQv%2BYm%2FUrS3AK3CUEG%2BGnyXdh8gTA%2BE38%2BPHJ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 85c5f745d92f39f9-YYZ
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
pogothere.xyz/ 26 B
617 B 416ms
144ms Fetch
text/plain 172.67.220.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d2oouw5449k1qr.cloudfront.net
URL: https://d2oouw5449k1qr.cloudfront.net/?tid=977741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.220.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e53a5ff858d06ab2df6726a2a603ffb342517e1f7c395dccbfc35c5fff966eb8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 04:36:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zV%2B1eGSZzsRILDBVvqi3qUZc9blxqKqxbGqmOR91ObjsxJ3zcTJwe%2BqaxolA2iqGVZqGwuaRM7LNvHmrtWvQTL5ovnveR68u0zR3q9XqlSZqE9Rno%2FlW8Ndyp4CnkTy"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://onlyfriends.club
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 85c5f745d93139f9-YYZ
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 BiU6HikMJEs5HXUKOhQAchdIEWtcDCkZDBFVPiAdDTUcGh9QKQA+Nn0QHA0IUy0TLw1yBhxFPn0uSBtrEg0LGDREWjUwNgNRNh1sdSILLgsD Show response
ourtshipanditlas.info/Z3h3WjQGGhQ3CwZFFXxBFRRKfwYhXUUcUFUXGC9DUkxDY19WCQV0VwsXAj5SFRcZLhoJHQN/BiE2Ig0BMBwyC00mLBAJUR4tPxdfC0EtNlgPKT8MByU7Ijh/Dj4jHU4qFy02Uz4wGRNlLAEiLnIwIj4TU1MfFR96Ei0ePUMmPDEQbQ0... Frame 0213 3 KB
2 KB 424ms
119ms Document
text/html 52.85.132.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ourtshipanditlas.info/Z3h3WjQGGhQ3CwZFFXxBFRRKfwYhXUUcUFUXGC9DUkxDY19WCQV0VwsXAj5SFRcZLhoJHQN/BiE2Ig0BMBwyC00mLBAJUR4tPxdfC0EtNlgPKT8MByU7Ijh/Dj4jHU4qFy02Uz4wGRNlLAEiLnIwIj4TU1MfFR96Ei0ePUMmPDEQbQ0pNhRhC0kTLQwePhk2WDQ7Ph9/HQgjE0wIHzkbU0JKMR1dIkkkGXkxHSMtdis6RzVkNkENCFMtEyYdbjUcGhxzLipHK3o2PR8YBiESLzBTJiEgFFE9SCUrbTIMGxRZIRIvM3EDMxo+VQRIFB1QIQAaHnwtFCVpGSk/Ex51AjIfPVwtHwRqfB5IGwkGNgEUDX49HTI+TQM+DzdsJEBCHV4UIS4NeRMbRwAENykUY3EwPh0CXiIqPSBbJR5GHAY+KUd/BiU6HikMJEs5HXUKOhQAchdIEWtcDCkZDBFVPiAdDTUcGh9QKQA+Nn0QHA0IUy0TLw1yBhxFPn0uSBtrEg0LGDREWjUwNgNRNh1sdSILLgsD
Requested by: Host: d2oouw5449k1qr.cloudfront.net
URL: https://d2oouw5449k1qr.cloudfront.net/?tid=977741
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-38.iad50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 2db07d1fefcef903c6dfaaf92291f1897738880a2df575fcd647d87104afef88

Request headers

Referer: https://onlyfriends.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1238
content-type: text/html
date: Wed, 28 Feb 2024 04:36:19 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 e88b34dd0e6a8e6f16f12ba472ae0c12.cloudfront.net (CloudFront)
x-amz-cf-id: Q_OPXOSQ0IP2kQBedEwQkSKjGqnBNeIf8BNkl6jBcXRK_Qn140Zjhg==
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront

GET
H2 204 c3BwAHc
rbrightscarletcl.info/RElBOEZrdiJLex17LXwnECEgbygCLwB+BCIqLVcEER8xDx4VDGdMLyB0eA9xc31wHjYtLXwLc2I6NVkyMTp8CWAtJydXe2I/fAhocWd3FnZiPHwJYDA5IF97dW8xTDIodHAPdn15eAx/ 0
399 B 403ms
140ms Image
text/plain 104.21.11.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbrightscarletcl.info/RElBOEZrdiJLex17LXwnECEgbygCLwB+BCIqLVcEER8xDx4VDGdMLyB0eA9xc31wHjYtLXwLc2I6NVkyMTp8CWAtJydXe2I/fAhocWd3FnZiPHwJYDA5IF97dW8xTDIodHAPdn15eAx/c3BwAHc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.11.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 04:36:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NXtE6tBt6aacgYooMSFAqd%2FCnMHmYNSFvTjjhl56sMR4t%2BF%2FNEGsWlhCr9ZjBivSPjcqifG%2F7xDZIjMVsUGTYsQAhgECnMuSMgDhc4FH7kfO2Cf3zIB%2BEEMHy04aimihjXAQxL%2BJ1g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 85c5f7461cc654d9-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 popunder.gif
rbrightscarletcl.info/ 35 B
402 B 119ms
119ms Image
image/gif 104.21.11.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbrightscarletcl.info/popunder.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.11.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Feb 2024 04:36:19 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 17:08:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41278
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfvaixsyIKCEw4zstIHdwEUg3i%2BMjkcTjx5BFeT9DFrunON6OtgK0cKEs4UhRAH0cn3Nf1Va9ZFF4iN9WlqrQRZLesPNfaOVWxG7pZ%2Fqia4%2F2VV5dpxLzcWkoPh6wqHt3KG5JUVXOyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 85c5f746cd6854d9-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 WG9RdmEdNxIlIwdzRgJkXWFad2dII0l1 Show response
d2oouw5449k1qr.cloudfront.net/NUW5WdEQyATgSeyUHMkl9ZllhQHV3BCUbKiFTGzMoZlgYHnIQKyUtFWZIIg4gbENuUigwADFJYjQANUl1dw8yFnllSCIEKzpTIxogNAg/GiE1SCMVeTwBLB0oPQ9zRgJkQGZRdmFGIR0qNQEhB2FjXjgAYWNeZ0RqYUtlNm... Frame 0213 762 B
798 B 176ms
176ms Script
text/plain 2600:9000:21a2:3c00:1:22bf:b4c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oouw5449k1qr.cloudfront.net/NUW5WdEQyATgSeyUHMkl9ZllhQHV3BCUbKiFTGzMoZlgYHnIQKyUtFWZIIg4gbENuUigwADFJYjQANUl1dw8yFnllSCIEKzpTIxogNAg/GiE1SCMVeTwBLB0oPQ9zRgJkQGZRdmFGIR0qNQEhB2FjXjgAYWNeZ0RqYUtlNmFjXiEdKmdac0cGdFxmDHJlR3-NGdDAeJhghJgs0Hy0lS2QycWJZeEdydFxmXC85GjsYYWMtc0Z0PQc9EWFjXjERJzoBf1F2YQ0+Bis8C3NGAmBcZFp0f1hkQnV/WG9RdmEdNxIlIwdzRgJkXWFad2dII0l1
Requested by: Host: ourtshipanditlas.info
URL: https://ourtshipanditlas.info/Z3h3WjQGGhQ3CwZFFXxBFRRKfwYhXUUcUFUXGC9DUkxDY19WCQV0VwsXAj5SFRcZLhoJHQN/BiE2Ig0BMBwyC00mLBAJUR4tPxdfC0EtNlgPKT8MByU7Ijh/Dj4jHU4qFy02Uz4wGRNlLAEiLnIwIj4TU1MfFR96Ei0ePUMmPDEQbQ0pNhRhC0kTLQwePhk2WDQ7Ph9/HQgjE0wIHzkbU0JKMR1dIkkkGXkxHSMtdis6RzVkNkENCFMtEyYdbjUcGhxzLipHK3o2PR8YBiESLzBTJiEgFFE9SCUrbTIMGxRZIRIvM3EDMxo+VQRIFB1QIQAaHnwtFCVpGSk/Ex51AjIfPVwtHwRqfB5IGwkGNgEUDX49HTI+TQM+DzdsJEBCHV4UIS4NeRMbRwAENykUY3EwPh0CXiIqPSBbJR5GHAY+KUd/BiU6HikMJEs5HXUKOhQAchdIEWtcDCkZDBFVPiAdDTUcGh9QKQA+Nn0QHA0IUy0TLw1yBhxFPn0uSBtrEg0LGDREWjUwNgNRNh1sdSILLgsD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:3c00:1:22bf:b4c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 05c52dacf7ffdfff430fde3b0e02ae9bc6842c566290d5d3af4054e299c8bb6d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ourtshipanditlas.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 04:36:19 GMT
content-encoding: gzip
via: 1.1 36310ef8e99083d179b2b187554670de.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 520
x-amz-cf-id: 2fWX5DpF0EUxB7TQ_qXNlIvySr0rDQqKbSnFDBofwGONFAQvDD30-A==

GET
H2 200 css
fonts.googleapis.com/ 1 KB
549 B 119ms
118ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap

Requested by

Host: d2oouw5449k1qr.cloudfront.net
URL: https://d2oouw5449k1qr.cloudfront.net/?tid=977741

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f159402a8b2abf72c9cfef886efe2fc1abe0e54a32394dd0680a9411ce07815d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onlyfriends.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Feb 2024 04:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 04:36:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Feb 2024 04:36:19 GMT

POST tc
onasider.top/ 0
0

OPTIONS
H2 204 tc
onasider.top/ Frame 0
0 402ms
137ms Preflight 104.21.23.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onasider.top/tc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.23.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onlyfriends.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-origin: https://onlyfriends.club
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c5f7491a44a1f3-YYZ
date: Wed, 28 Feb 2024 04:36:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTLxqVHIbtlWqAox8qRXIAZVOJ79N5EL8SCyGBAcmHwUK5UWsTpJeKry8x0U2DI%2BmLQALiqQ9A%2BwIkD0MHhK%2Bpci%2BZZwR77nrqd89XdnPZnmUFwBCyN0VzKZO1Q84hM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onasider.top
URL: https://onasider.top/tc

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| conf_rew number| LAST_CORRECT_EVENT_TIME number| _4205150249 string| am_sid977741

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pogothere.xyz/	1970-01-21 03:23:18	Name: csu Value: 896767602166328@1@1709094979

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://onlyfriends.club/s?fU2U Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://onlyfriends.club/s?fU2U Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1wzdj81h1hubn.cloudfront.net
d2oouw5449k1qr.cloudfront.net
dfdgfruitie.xyz
fonts.googleapis.com
onasider.top
onlyfriends.club
ourtshipanditlas.info
pogothere.xyz
rbrightscarletcl.info
onasider.top
104.21.11.234
104.21.23.212
104.21.49.74
172.67.220.203
2600:9000:21a2:3c00:1:22bf:b4c0:21
2600:9000:269f:1800:a:3cd2:30c0:21
2606:4700:3034::6815:d72
2607:f8b0:4004:c09::5f
52.85.132.38
05c52dacf7ffdfff430fde3b0e02ae9bc6842c566290d5d3af4054e299c8bb6d
06ef02390f06cb8794342aac81fd0fa16437bcbbf3d1122a3a5f33505dd608ea
0e90ca20cf823d0a13e6d187f53cfcb2b7bae9dab4862233d02611a693360231
2db07d1fefcef903c6dfaaf92291f1897738880a2df575fcd647d87104afef88
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86ccb70ae36059a9b712fa3d52d658d6426ff2d53aa5174c9f0599d6f5f7f16a
d18b73a437f346e213c3c4c5de6213da0b7a822037318cb01142957e6faf8c3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53a5ff858d06ab2df6726a2a603ffb342517e1f7c395dccbfc35c5fff966eb8
f159402a8b2abf72c9cfef886efe2fc1abe0e54a32394dd0680a9411ce07815d
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

onlyfriends.club Open in urlscan Pro 104.21.49.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

44 %IPv6

8 Domains

9 Subdomains

10 IPs

2 Countries

414 kBTransfer

586 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

onlyfriends.club Open in urlscan Pro
104.21.49.74 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

414 kB
Transfer

586 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions