ScamLens
Cached < 6hAnonymous (3/day)

Security Report for onlyfans.com

ScamLens analyzed onlyfans.com using 90+ threat intelligence sources and assigned a trust score of 88/100, classifying it as safe.

Trust Score: 88/100

Risk Level: Trusted

There is no strongest risk signal at the moment, but that does not automatically clear the case. Continue by checking the actual transaction scenario, company identity, and communication method.

Site Title
Attention Required! | Cloudflare
Website meta information unavailable
en-US HTTPS ✓
1
Checked 1 times

Quick Answer

There is no strongest risk signal at the moment, but that does not automatically clear the case. Continue by checking the actual transaction scenario, company identity, and communication method.

Positive Signals

  • + Domain has been active for 13 year
  • + Google Safe Browsing: Safe
  • + HTTPS encryption supported

Concerns

  • - 2 security sources flagged as suspicious

Score Breakdown

Domain Reputation 80
13 years old
Threat Intelligence 100
19/21 safeSafeBrowsing OK
Technical Security 68
HTTPSHSTS
Community Reputation 50
No community data yet

Was this assessment accurate?
0 say Safe0 say Suspicious
What do you think?
What to do next

onlyfans.com looks legitimate

No threat feeds have flagged this domain. Use standard online-safety habits.

Confidence:High
  1. Bookmark the official URL
    Scammers often clone legitimate brands at look-alike domains. A saved bookmark protects you from typos.
  2. Watch for unexpected payment requests
    Even legitimate sites can be hijacked. Treat unsolicited 'urgent payment' prompts as suspicious.
  3. Verify HTTPS + the exact spelling
    Confirm the lock icon, and inspect the domain letter-by-letter before entering passwords or card details.
Cross-check with independent scanners

Trust but verify — open this domain on unrelated security services and compare the verdict.

VirusTotalurlscan.ioGoogle Safe Browsing
How we decide this

AI Risk Assessment

Safe
Based on 5 sourcesUpdated 1d ago

What matters right now

This is better handled as a scenario-verification case, not as a neutral result that automatically clears the domain.

[FACT] Safe Browsing shows no malicious activity 1, and 25 of 27 threat feeds responded clean 3. However, two threat intelligence feeds have flagged this domain: shodan_internetdb reported SUSPICIOUS_PORTS and maltiverse marked it BLACKLISTED 2. [FACT] The domain is well-established, registered in 2013 with 4884 days of history 4, uses a low-risk .com TLD 5, has valid SSL and security headers, and shows no brand impersonation []. [INFERENCE] The conflicting signals—Google's clean verdict versus two threat feed flags—suggest either legacy flagging or infrastructure-level concerns (open ports) rather than active malicious content delivery. The SUSPICIOUS_PORTS flag typically indicates exposed services, not phishing or malware hosting. [UNVERIFIED] The nature and recency of the maltiverse blacklist entry cannot be confirmed without additional threat feed metadata.

Recommendation

[FACT] No community reports exist []. If you are the legitimate domain operator, investigate the shodan_internetdb and maltiverse flags to confirm whether exposed ports or legacy listings need remediation. If you are a user, this domain's age, SSL presence, and Google clearance suggest low immediate risk, but verify you are on the official site before entering credentials.

Sources

  1. Google Safe BrowsingThreat intel

    clean

    Verify at source
  2. Threat intelligence feeds (2 flagged)Threat intel

    shodan_internetdb (SUSPICIOUS_PORTS); maltiverse (BLACKLISTED)

  3. 25/27 threat feeds responded cleanThreat intel
  4. WHOIS registration dataWHOIS

    Registered 2013-01-29T19:10:56Z (4884 days ago), registrar: GoDaddy Corporate Domains, LLC

  5. TLD risk classification: .com (low risk)Analysis

    Based on APWG / Spamhaus / Interisle 2024 abuse rankings

Powered by ScamLens AI· Check sources to verify important claims

Threat-intelligence sources

Checked across 27 sources — 2 flagged this domain

Show source breakdown
  • safe_browsing clean
  • urlhaus clean
  • cloudflare_radar clean
  • cert_transparency clean
  • alienvault_otx clean
  • phishstats clean
  • virustotal clean
  • ipqs clean
  • abuseipdb clean
  • securitytrails clean
  • phishdestroy clean
  • threatfox clean
  • shodan_internetdb flagged
  • phishtank clean
  • urlscan clean
  • rdap clean
  • maltiverse flagged
  • dns_security clean
  • wanted_domains clean
  • darkweb clean
  • openphish clean
  • scam_blocklist clean
  • maltrail clean
  • crypto_scam_feed clean
  • phishing_army clean
  • hagezi_tif clean
  • red_flag_domains clean

ScamLens aggregates real-time signals from 90+ commercial and open-source threat-intelligence providers including Google Safe Browsing, VirusTotal, PhishTank, URLhaus, ThreatFox, Cloudflare Radar, OTX, IPQS, GoPlus, Honeypot.is, and more. A flagged signal is evidence; the absence of flags is not proof of safety. Use the signals below alongside community reports to decide.

Advanced Scan

Comprehensive data lookup across premium sources

$2.99one-time payment
  • Website history verification
  • Detailed WHOIS information
  • Reverse WHOIS association
  • Traffic rank analysis
  • Company registration check
Recommended

AI Deep Investigation

Cross-check the story, claims, and supporting evidence before you decide

$4.99one-time payment
  • Everything in Advanced Scan
  • AI website content analysis
  • AI cross-reference verification
  • Claim authenticity validation
  • Detailed report with evidence
Most Thorough

Comprehensive Investigation

Full-spectrum investigation with company deep search & social intelligence

$14.99one-time payment
  • Everything in Deep Investigation
  • AI company background search
  • Social media intelligence
  • Detailed suspicious point analysis
  • Event timeline & entity connections

This analysis is for informational purposes only and does not constitute a legal determination.

Security Sources

Google Safe Browsing
Safe
Cloudflare Radar
Safe
URLhaus (abuse.ch) Confidence: Medium
Not Listed
Certificate Transparency Confidence: Low
Not Listed
AlienVault OTX Confidence: Medium
Not Listed
PhishStats Confidence: Low
Not Listed
VirusTotal Confidence: High
Not Listed
IPQualityScore Confidence: Low
Not Listed
AbuseIPDB Confidence: Medium
Not Listed
SecurityTrails Confidence: Low
Not Listed
PhishDestroy Confidence: Medium
Not Listed
ThreatFox (abuse.ch) Confidence: Low
Not Listed
Shodan InternetDB Confidence: Medium
Unsafe
PhishTank Confidence: Low
Not Listed
URLScan.io Confidence: Low
Not Listed
RDAP Domain Registration Confidence: Medium
Not Listed
Maltiverse Confidence: Medium
Unsafe
DNS Security Confidence: Medium
Not Listed
Law Enforcement Confidence: Low
Not Listed
darkweb Confidence: Low
Not Listed
OpenPhish Confidence: Low
Not Listed
Scam Blocklist (Jarelllama) Confidence: Low
Not Listed
Maltrail (stamparm) Confidence: Low
Not Listed
Crypto Scam Feed Confidence: Low
Not Listed
Phishing Army Confidence: Low
Not Listed
HaGeZi Threat Intelligence Confidence: Low
Not Listed
Red Flag Domains Confidence: Low
Not Listed

Domain Information

Registrar
GoDaddy Corporate Domains, LLC
Created
January 29, 2013
Expires
January 29, 2035
Domain Age
13 years
DNSSEC
Disabled
Nameservers
NS-1381.AWSDNS-44.ORG, NS-158.AWSDNS-19.COM, NS-1697.AWSDNS-20.CO.UK, NS-713.AWSDNS-25.NET
Domain Status
client transfer prohibited server delete prohibited server transfer prohibited server update prohibited

SSL/TLS Certificate

No data available

Server Information

IP Address
162.159.140.146
Hosting Provider
Cloudflare, Inc.
ASN
AS13335 Cloudflare, Inc.
Server Location
Toronto, Canada
Organization
Cloudflare, Inc.

Related Intelligence
Technical Details (DNS / Headers / Subdomains)

DNS Records

Email Security

SPF Configured DMARC Configured
Type Value
A 162.159.140.146
A 172.66.0.144
MX 10 inbound-smtp.us-east-1.amazonaws.com
NS ns-1381.awsdns-44.org
NS ns-158.awsdns-19.com
NS ns-1697.awsdns-20.co.uk
NS ns-713.awsdns-25.net
TXT MS=A1ABFEB5CA2E639421538B196FFF5EB1DBAE0FB7
TXT MS=ms58770879
TXT \":
TXT _globalsign-domain-verification=eemA9F_UsK0bGrGGm2wfKCLw_pen3ByIq06fk2SjZe
TXT atlassian-domain-verification=puayH7wgeQrYnWGVFbP9PHjbcqrPuVh2JmVvjT7a4pgg9wKALoU310Xj2E2PxMm2

HTTP Security Headers

Security header detection was blocked by the target website (e.g. rate limiting or access restriction). Results may be inaccurate.

Channels / Subdomains

No data available

Community Reports

Log in to report and share your experience

...

Proceed with Caution

There is no strongest risk signal yet, but the domain alone is not enough to clear the case

If the case still involves shopping, investment, recovery, or branded support claims, a scenario-based review is usually more valuable than just refreshing the result.

Recommended First

Open the matching scenario guide

Continue by the actual scenario such as an investment platform, online store, or recovery service.

Verify the company or brand identity

Confirm whether the business or brand behind the domain is real.

Review the chat or direct-message script

Many otherwise normal-looking sites become risky because of the pitch, pressure, and payment instructions behind them.

If already affected, move into the action plan

If money or account data were already exposed, do not stay in the normal verification flow.

The results are based on multiple third-party data sources and AI models. False positives or negatives may occur. This report should not be used as the sole basis for any decision. Please verify with additional sources.

Continue with the actual scenario check

If this is a store, investment platform, or recovery service, do not rely on the domain alone. Continue with the matching scenario guide.

Open a scenario guide

If you already paid, logged in, or downloaded files, move into the action plan immediately.

Related Security Guides

Learn more about how to protect yourself from this type of threat.

How to Check if a Website Is Safe Phishing Scams Guide

FAQ

Is onlyfans.com safe to visit?

onlyfans.com received a trust score of 88/100 from ScamLens, based on analysis of 30+ threat intelligence sources. No significant threats were detected. The site appears safe and trustworthy.

Was onlyfans.com flagged by any threat databases?

onlyfans.com was flagged by 1 out of 30+ threat intelligence sources. Specifically flagged by: maltiverse. The detected threat categories include: general threat.

How old is onlyfans.com?

onlyfans.com was first registered on January 29, 2013, making it approximately 13 years old. This is an established domain with a history of operation.

Does onlyfans.com use HTTPS and have a valid SSL certificate?

ScamLens could not verify the SSL certificate details for onlyfans.com during this scan. Treat this as unavailable evidence, not as proof that the site is safe or unsafe.

What security headers does onlyfans.com implement?

No security header information was available for onlyfans.com.

What does the ScamLens community think about onlyfans.com?

No community votes or reports have been submitted for onlyfans.com yet. You can be the first to share your experience.

Where is onlyfans.com hosted?

onlyfans.com is hosted by Cloudflare, Inc. in Toronto, Canada (ASN: ASAS13335 Cloudflare, Inc.).

What should I do about onlyfans.com?

[FACT] No community reports exist []. If you are the legitimate domain operator, investigate the shodan_internetdb and maltiverse flags to confirm whether exposed ports or legacy listings need remediation. If you are a user, this domain's age, SSL presence, and Google clearance suggest low immediate risk, but verify you are on the official site before entering credentials.

Is this report useful?

Use this report to remind others to verify the shopping, investment, or support scenario instead of treating it as full clearance.

Forward to your parents — they deserve to browse safely too.

About this analysis

This report is generated from real-time data across 90+ threat intelligence sources, combined with AI analysis and community feedback.

Learn about our scoring methodology | Last analyzed: June 15, 2026

All GoDaddy Corporate Domains, LLC domains All Cloudflare, Inc. domains