urlscan.io logo urlscan.io
SecurityTrails logo

jknlz.hotboys.biz Open in urlscan Pro
3.248.111.124  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.intercalatesstrombuses.store/f/da/gay-dating/iu4wwAxeLlduHrJdcad
Effective URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc...
Submission: On July 30 via manual from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main IP is 3.248.111.124, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is jknlz.hotboys.biz.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 22nd 2019. Valid for: 3 months.
This is the only time jknlz.hotboys.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 3.248.111.124 16509 (AMAZON-02)
10 2.16.186.115 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 6
2    2606:4700:30::681f:5ef9 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.intercalatesstrombuses.store
1    3.248.111.124 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-111-124.eu-west-1.compute.amazonaws.com
jknlz.hotboys.biz
10    2.16.186.115 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-115.deploy.static.akamaitechnologies.com
cdn-aimi.akamaized.net
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
10 cdn-aimi.akamaized.net jknlz.hotboys.biz
2 www.intercalatesstrombuses.store www.intercalatesstrombuses.store
1 fonts.gstatic.com jknlz.hotboys.biz
1 fonts.googleapis.com jknlz.hotboys.biz
1 jknlz.hotboys.biz www.intercalatesstrombuses.store
0 new-men-here.com Failed www.intercalatesstrombuses.store
16 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-07-27 -
2020-07-26		 a year crt.sh
*.hotboys.biz
Let's Encrypt Authority X3		 2019-06-22 -
2019-09-20		 3 months crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA		 2018-10-18 -
2019-10-18		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-07-02 -
2019-09-24		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-07-02 -
2019-09-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Frame ID: 72D415FB441A7467A65D69745D1682F2
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.intercalatesstrombuses.store/f/da/gay-dating/iu4wwAxeLlduHrJdcad Page URL
  2. https://www.intercalatesstrombuses.store/f/da/gay-dating/iu4wwAxeLlduHrJdcad?step2=1&subid=ba_rvV-Dc3GUzjTTdh-PLrc_Lhi Page URL
  3. https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

16
Requests

94 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

1293 kB
Transfer

1483 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.intercalatesstrombuses.store/f/da/gay-dating/iu4wwAxeLlduHrJdcad Page URL
  2. https://www.intercalatesstrombuses.store/f/da/gay-dating/iu4wwAxeLlduHrJdcad?step2=1&subid=ba_rvV-Dc3GUzjTTdh-PLrc_Lhi Page URL
  3. https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
iu4wwAxeLlduHrJdcad
www.intercalatesstrombuses.store/f/da/gay-dating/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.intercalatesstrombuses.store/f/da/gay-dating/iu4wwAxeLlduHrJdcad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5ef9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
458a3b70db96a1749ea8606d752a74184b2de9a52e3ee342f56a0c9cd4083b89
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.intercalatesstrombuses.store
:scheme
https
:path
/f/da/gay-dating/iu4wwAxeLlduHrJdcad
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
date
Tue, 30 Jul 2019 11:03:17 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=db1d7659a18d3f770a437c8a9f6e4c0a11564484597; expires=Wed, 29-Jul-20 11:03:17 GMT; path=/; domain=.intercalatesstrombuses.store; HttpOnly; Secure
vary
Accept-Encoding User-Agent
cache-control
private, max-age=86400, no-transform
referrer-policy
no-referrer
content-encoding
gzip
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4fe6d85ccdd1d6fd-FRA
iu4wwAxeLlduHrJdcad
www.intercalatesstrombuses.store/f/da/gay-dating/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.intercalatesstrombuses.store/f/da/gay-dating/iu4wwAxeLlduHrJdcad?step2=1&subid=ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Requested by
Host: www.intercalatesstrombuses.store
URL: https://www.intercalatesstrombuses.store/f/da/gay-dating/iu4wwAxeLlduHrJdcad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5ef9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6ff4aded47e6fef3f206919882b04cea71ad706c5bc58d52fc0fe1c4bfa03c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.intercalatesstrombuses.store
:scheme
https
:path
/f/da/gay-dating/iu4wwAxeLlduHrJdcad?step2=1&subid=ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
cookie
__cfduid=db1d7659a18d3f770a437c8a9f6e4c0a11564484597
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
date
Tue, 30 Jul 2019 11:03:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding User-Agent
cache-control
private, max-age=86400, no-transform
referrer-policy
no-referrer
content-encoding
gzip
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4fe6d85d3f5ad6fd-FRA
/
new-men-here.com/ 		0
0
Primary Request f82757e39b1a28a9
jknlz.hotboys.biz/c/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Requested by
Host: www.intercalatesstrombuses.store
URL: https://www.intercalatesstrombuses.store/f/da/gay-dating/iu4wwAxeLlduHrJdcad?step2=1&subid=ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.111.124 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-248-111-124.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8b7e129910bcaea60d856ae0897933760c9a930a344eef7cc7ba9f965f017530

Request headers

:method
GET
:authority
jknlz.hotboys.biz
:scheme
https
:path
/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 30 Jul 2019 11:03:22 GMT
content-type
text/html; charset=UTF-8
set-cookie
unique_2220889=unique_2220889; expires=Wed, 31-Jul-2019 11:03:22 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5d40223f40a57877184388; expires=Wed, 31-Jul-2019 11:03:22 GMT; Max-Age=86400; path=/; HttpOnly unique_2220889=unique_2220889; expires=Wed, 31-Jul-2019 11:03:22 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5d40223f40a57877184388; expires=Wed, 31-Jul-2019 11:03:22 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=200148_20415_84591; expires=Thu, 29-Aug-2019 11:03:22 GMT; Max-Age=2592000; path=/; HttpOnly unique_2220889=unique_2220889; expires=Wed, 31-Jul-2019 11:03:22 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5d40223f40a57877184388; expires=Wed, 31-Jul-2019 11:03:22 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=200148_20415_84591; expires=Thu, 29-Aug-2019 11:03:22 GMT; Max-Age=2592000; path=/; HttpOnly
content-encoding
gzip
main.css
cdn-aimi.akamaized.net/landings/149119/1551969975/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/css/main.css?1551969975
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1b4d832667cfc75f78434d23784e31f929aae707bada42b0c1f38495c27421df

Request headers

Referer
https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 14:46:18 GMT
Server
AmazonS3
x-amz-request-id
FCE8AD3E90A33BCC
ETag
"ff4f510023dd7b491809ae652392ffe4"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2974
x-amz-id-2
t2MVfrgn6vFYUHJWoHxFnoe3OJssQSxzMuzcbwhljjo1lwcyJAmygeg80RuGip4UYT/W2oQk7YY=
script.min.js
cdn-aimi.akamaized.net/landings/149119/1551969975/js/ 		252 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/js/script.min.js?1551969975
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
322d600431f53fb186989dad7e4ed1365b0d3012a808cd114390855a0dce16a6

Request headers

Referer
https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 14:46:18 GMT
Server
AmazonS3
x-amz-request-id
FD55AE25CCCF7C11
ETag
"28c2e529f18ba1afa7f17dc8776448d0"
Vary
Accept-Encoding
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
x-amz-id-2
ae7p8D1VlcceTKUN5CglY6rKvkiX9RZu5KqZppTkzoiV7uE6pp5X7NlWfn5xkhZtnIKcBnV98SE=
function.js
cdn-aimi.akamaized.net/landings/149119/1551969975/js/ 		765 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/js/function.js?1551969975
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
452eb955c14bff0f815d78d2ff1a041dec32aa23db4616c8dfa261d3fe57d4e3

Request headers

Referer
https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Last-Modified
Thu, 07 Mar 2019 14:46:18 GMT
Server
AmazonS3
x-amz-request-id
0D04BA92626AB7F5
ETag
"6a3a68155d91429c9d1ebcc18fdfce67"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
765
x-amz-id-2
cW36MU4jjtoPc/ZZRl+KM1sFRg2nTQ0eA4t+Eah1Z5GKqFwPJWNudxf9LbTBp7pi+xa8IIO9px8=
css
fonts.googleapis.com/ 		767 B
435 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&subset=latin-ext
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 30 Jul 2019 11:03:22 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 30 Jul 2019 11:03:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 30 Jul 2019 11:03:22 GMT
no.png
cdn-aimi.akamaized.net/landings/149119/1551969975/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/images/no.png
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/149119/1551969975/css/main.css?1551969975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Last-Modified
Thu, 07 Mar 2019 14:46:17 GMT
Server
AmazonS3
x-amz-request-id
1580F9086DED562F
ETag
"e51438397f6333f22081857d4236efca"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3134
x-amz-id-2
cgsk1CcURBZRQLdXYSHJGZl6VNvE4DSGJhPAT4ZnOu9BKmG/Tp9ajM5NaxKTowgyzxKi0zW1MzQ=
yes.png
cdn-aimi.akamaized.net/landings/149119/1551969975/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/images/yes.png
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/149119/1551969975/css/main.css?1551969975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Last-Modified
Thu, 07 Mar 2019 14:46:17 GMT
Server
AmazonS3
x-amz-request-id
3F9D45258A1FA147
ETag
"3d0dab8337c085af1541ee5b7d63b53b"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3480
x-amz-id-2
QRI4e+VqF4uwYz2jEXOVTKUKoKYSwB5kZ43v/lBVLzOHTPmHmRR9y/HpanB/baZY8S1VmwiW5aA=
1.jpg
cdn-aimi.akamaized.net/landings/149119/1551969975/images/ 		259 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/images/1.jpg
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b08d22d311892fa42dff79a535f672c4573012801b0c6832c3fd7b842808080a

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/149119/1551969975/css/main.css?1551969975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Last-Modified
Thu, 07 Mar 2019 14:46:17 GMT
Server
AmazonS3
x-amz-request-id
0586C9F90585CC08
ETag
"779ca422f0b727ff902e64ff9d06ab8c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
265388
x-amz-id-2
GGcpkfJIzjEE8kCsWjRA8IP3RXk0Vn51CRyuXpsQ3xTJPYpc0h2DDMqgNjb4wXmXrL4Y5UHnd6w=
pattern.png
cdn-aimi.akamaized.net/landings/149119/1551969975/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/images/pattern.png
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/149119/1551969975/css/main.css?1551969975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Last-Modified
Thu, 07 Mar 2019 14:46:17 GMT
Server
AmazonS3
x-amz-request-id
51686C3D68D00256
ETag
"f06b5903c3ed5ef39db9b98b60deba70"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2801
x-amz-id-2
NczyRApZJrchiWNPx8OjCWHNfKQk7X70YctoeIa3/8H7Hk3vCQs5vlIRjLDLfu9EN3d+DRflkbY=
2.jpg
cdn-aimi.akamaized.net/landings/149119/1551969975/images/ 		365 KB
365 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/images/2.jpg
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fa5d8e364c2a66baf390c49a6ec08378ed620faa1cd78d21d0bf7807707282bc

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/149119/1551969975/css/main.css?1551969975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Last-Modified
Thu, 07 Mar 2019 14:46:18 GMT
Server
AmazonS3
x-amz-request-id
21F935CC0B8D1279
ETag
"689c582180b5f962ac18df58d5e86541"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
373501
x-amz-id-2
7YEI9e4WtYJFuT0YPdGfUrcJELDYCASc4MtvD3kdme0EjeQXYKsrRTT8K52g7kamyRA9sm3tTH0=
3.jpg
cdn-aimi.akamaized.net/landings/149119/1551969975/images/ 		263 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/images/3.jpg
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2a96360fef3ce109c8fbe91e5ece5b2ff86e75047730869e1032e81266debad

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/149119/1551969975/css/main.css?1551969975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Last-Modified
Thu, 07 Mar 2019 14:46:18 GMT
Server
AmazonS3
x-amz-request-id
B12EC96C302EBD3C
ETag
"1af05092386a1c2da1befb878b85fd06"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
269758
x-amz-id-2
F+GQd/OfHZQjg59pVonV52rUZHNfzBS/ViBeKwv6KrsSVGH/PyivbP0LdvJRKqW5WZp5Ds3OW68=
4.jpg
cdn-aimi.akamaized.net/landings/149119/1551969975/images/ 		295 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/149119/1551969975/images/4.jpg
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
46b2a93635d51685dc22b6f1e9d800e28840d39a1e017f3f3c1828c332f02b6c

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/149119/1551969975/css/main.css?1551969975
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date
Tue, 30 Jul 2019 11:03:22 GMT
Last-Modified
Thu, 07 Mar 2019 14:46:18 GMT
Server
AmazonS3
x-amz-request-id
36C281CB059C5220
ETag
"76345c43a202fb909813385fe6704a5d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
302121
x-amz-id-2
2TRbQc4uAy9AbKrwVpej5kPkSkj+ncHUWuRc0FAOb8aWq6lrpw9pwFV2Be+WTfzLG/s2JsFTylg=
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: jknlz.hotboys.biz
URL: https://jknlz.hotboys.biz/c/f82757e39b1a28a9?s1=20415&s2=84591&s5=&click_id=_iMonGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato&subset=latin-ext
Origin
https://jknlz.hotboys.biz

Response headers

date
Tue, 23 Jul 2019 04:03:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
630009
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Wed, 22 Jul 2020 04:03:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
new-men-here.com
URL
https://new-men-here.com/?u=bhbp605&o=xxdewuk&t=LosGay&b=0&cid=_LosGay-Prelander-GD3_ba_rvV-Dc3GUzjTTdh-PLrc_Lhi

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery

3 Cookies

Domain/Path Name / Value
jknlz.hotboys.biz/ Name: scriptHash
Value: 200148_20415_84591
jknlz.hotboys.biz/ Name: unique_id
Value: 5d40223f40a57877184388
jknlz.hotboys.biz/ Name: unique_2220889
Value: unique_2220889

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff