![](/screenshots/8fe7ca13-0eaa-4382-ab0e-b398380b6234.png)
nmqba.hotboys.biz
Open in
urlscan Pro
2a05:d018:244:5200::ab
Malicious Activity!
Public Scan
Effective URL: https://nmqba.hotboys.biz/c/f82757e39b1a28a9?s1=30477&s2=300398&s3=nudity-club&j1=1&j3=1
Submission Tags: @jcybersec_
Submission: On July 16 via api from GB
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 26th 2020. Valid for: 3 months.
This is the only time nmqba.hotboys.biz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2606:4700:303... 2606:4700:3036::ac43:b32d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a05:d018:244... 2a05:d018:244:5200::ab | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 2.16.177.9 2.16.177.9 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::2003 | 15169 (GOOGLE) (GOOGLE) | |
34 | 6 |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-9.deploy.static.akamaitechnologies.com
cdn-aimi.akamaized.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
akamaized.net
cdn-aimi.akamaized.net |
2 MB |
6 |
nudity-club.co.uk
nudity-club.co.uk |
27 KB |
1 |
gstatic.com
fonts.gstatic.com |
14 KB |
1 |
hotboys.biz
nmqba.hotboys.biz |
3 KB |
1 |
googleapis.com
fonts.googleapis.com Failed |
856 B |
0 |
cloudflare.com
Failed
cdnjs.cloudflare.com Failed |
|
0 |
codepen.io
Failed
assets.codepen.io Failed |
|
34 | 7 |
Domain | Requested by | |
---|---|---|
10 | cdn-aimi.akamaized.net |
nmqba.hotboys.biz
|
6 | nudity-club.co.uk |
nudity-club.co.uk
|
1 | fonts.gstatic.com |
nmqba.hotboys.biz
|
1 | nmqba.hotboys.biz |
nudity-club.co.uk
|
1 | fonts.googleapis.com |
nudity-club.co.uk
nmqba.hotboys.biz |
0 | cdnjs.cloudflare.com Failed |
nudity-club.co.uk
|
0 | assets.codepen.io Failed |
nudity-club.co.uk
|
34 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-08 - 2021-07-08 |
a year | crt.sh |
*.hotboys.biz Let's Encrypt Authority X3 |
2020-05-26 - 2020-08-24 |
3 months | crt.sh |
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2019-08-13 - 2020-08-12 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-06-30 - 2020-09-22 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nmqba.hotboys.biz/c/f82757e39b1a28a9?s1=30477&s2=300398&s3=nudity-club&j1=1&j3=1
Frame ID: E5680648ED5F5B45675444E605E98DEC
Requests: 34 HTTP requests in this frame
Screenshot
![](/screenshots/8fe7ca13-0eaa-4382-ab0e-b398380b6234.png)
Page URL History Show full URLs
- https://nudity-club.co.uk/ Page URL
- https://nmqba.hotboys.biz/c/f82757e39b1a28a9?s1=30477&s2=300398&s3=nudity-club&j1=1&j3=1 Page URL
Detected technologies
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://nudity-club.co.uk/ Page URL
- https://nmqba.hotboys.biz/c/f82757e39b1a28a9?s1=30477&s2=300398&s3=nudity-club&j1=1&j3=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
nudity-club.co.uk/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countdown.js
nudity-club.co.uk/js/ |
56 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
nudity-club.co.uk/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red-theme.css
nudity-club.co.uk/css/ |
481 B 397 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
star-header.css
nudity-club.co.uk/css/ |
302 B 271 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
guy3.png
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
nudity-naked-dance-club-logo.png
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
nudity-naked-dance-club-logo2.png
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
button_menu.jpg
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dance-n-cruise-oct.jpg
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gmfa.jpg
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sound-of-nudity.png
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
foam-info-v3.jpg
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
facebook3.jpg
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
faqs.jpg
nudity-club.co.uk/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu3.js
nudity-club.co.uk/js/ |
3 KB 706 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
script.js
nudity-club.co.uk/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
stopExecutionOnTimeout.js
assets.codepen.io/assets/common/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bubbles.js
nudity-club.co.uk/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
f82757e39b1a28a9
nmqba.hotboys.biz/c/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
cdn-aimi.akamaized.net/landings/156098/1551969895/css/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
cdn-aimi.akamaized.net/landings/156098/1551969895/js/ |
252 KB 75 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
function.js
cdn-aimi.akamaized.net/landings/156098/1551969895/js/ |
765 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
767 B 856 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no.png
cdn-aimi.akamaized.net/landings/156098/1551969895/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yes.png
cdn-aimi.akamaized.net/landings/156098/1551969895/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
cdn-aimi.akamaized.net/landings/156098/1551969895/images/ |
621 KB 621 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pattern.png
cdn-aimi.akamaized.net/landings/156098/1551969895/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
cdn-aimi.akamaized.net/landings/156098/1551969895/images/ |
612 KB 613 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.jpg
cdn-aimi.akamaized.net/landings/156098/1551969895/images/ |
549 KB 550 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.jpg
cdn-aimi.akamaized.net/landings/156098/1551969895/images/ |
494 KB 495 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/guy3.png
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/nudity-naked-dance-club-logo.png
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/nudity-naked-dance-club-logo2.png
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/button_menu.jpg
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/dance-n-cruise-oct.jpg
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/gmfa.jpg
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/sound-of-nudity.png
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/foam-info-v3.jpg
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/facebook3.jpg
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/img/faqs.jpg
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/js/script.js
- Domain
- assets.codepen.io
- URL
- https://assets.codepen.io/assets/common/stopExecutionOnTimeout.js?t=1
- Domain
- cdnjs.cloudflare.com
- URL
- https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
- Domain
- nudity-club.co.uk
- URL
- https://nudity-club.co.uk/js/bubbles.js
- Domain
- fonts.googleapis.com
- URL
- http://fonts.googleapis.com/css?family=Oswald
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery boolean| exit number| chromeVersion3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nmqba.hotboys.biz/ | Name: scriptHash Value: 200148_30477_300398 |
|
nmqba.hotboys.biz/ | Name: unique_id Value: 5ec4090a951b3410630113 |
|
nmqba.hotboys.biz/ | Name: unique_3074628 Value: unique_3074628 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.codepen.io
cdn-aimi.akamaized.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
nmqba.hotboys.biz
nudity-club.co.uk
assets.codepen.io
cdnjs.cloudflare.com
fonts.googleapis.com
nudity-club.co.uk
2.16.177.9
2606:4700:3036::ac43:b32d
2a00:1450:4001:800::200a
2a00:1450:4001:815::2003
2a05:d018:244:5200::ab
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0a85ff3ea757d5518116b94f90eee5fafbcbffabaf09f95ddef9dad15e2c519c
24c20332ae8c3218dfade84685278f44da0f7c99960981dbcf151ca12231528f
26081ad14814a300ba4c7d08b3950c1f367fad88c90db115988be2d2700e204f
322d600431f53fb186989dad7e4ed1365b0d3012a808cd114390855a0dce16a6
33ad3a7458354568f9acb1c90523543e0603be88ef4af298b951c9b2e060c64f
452eb955c14bff0f815d78d2ff1a041dec32aa23db4616c8dfa261d3fe57d4e3
554db66d2f8f44ef13d49407cb42dd4939f49891647a6c3ae0eaa70d31ba600a
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004
60ac8b8400210e0965737ef34328646da4c97090fa5473adcfdf798a186026a2
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43
6c62142b9d179f8ae17032661dc68ac9fa9bebb23ec3591c424532ddde68be58
7a7c519d6c940450f7fe9ab476eaab708876af399cfe0d6d9698c6df7ad79179
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
f1de946a12582cfe3ba5ac1a924c3aa74b45f5f8d81ebc820d3edf87f7d28dcd
fcc22825b6fd8de692af28f0f7132c50463aa4c17c555071afe640b4c51782ac
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1