Report - forbigboys.com/collections/featured/products/big-boy-shaving-gel-100ml-3-38-floz-enriched-with-aloe-vera-made-in-italy

Report Overview

Submitted URL
forbigboys.com/collections/featured/products/big-boy-shaving-gel-100ml-3-38-floz-enriched-with-aloe-vera-made-in-italy
IP
86.105.245.69
ASN
#20857 Signet B.V.
Submitted
2024-04-28 09:51:01
Access
public
Website Title
forbigboys.com domain name is for sale. Inquire now.
Final URL
www.forbigboys.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.forbigboys.com	unknown	2015-10-18	2017-05-21	2023-09-07	5.1 kB	38 kB	86.105.245.69
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-28	1.3 kB	265 kB	142.250.74.168
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-04-26	1.0 kB	134 kB	104.21.27.152
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	408 B	6.2 kB	142.250.74.164
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-04-26	490 B	157 kB	104.18.10.207
forbigboys.com	unknown	2015-10-18	2016-04-07	2023-09-07	572 B	319 B	86.105.245.69
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-27	445 B	31 kB	151.101.66.137
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-28	1.1 kB	31 kB	216.58.207.227
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-27	486 B	207 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-27	885 B	9.9 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed
2024-04-28	medium	forbigboys.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	www.forbigboys.com/	0 B	2023-03-07	2024-05-13
Pretty URL www.forbigboys.com/ IP 86.105.245.69 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-13 04:29:58 Times Seen37574423 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=UA-51651642-1	202 kB	2024-04-28	2024-04-28
Pretty URL www.googletagmanager.com/gtag/js?id=UA-51651642-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 11:51:02 Last Seen2024-04-28 11:51:03 Times Seen2 Hash 82a55f25a0a5004be9f458161d506a4d ee1d259563855431e82f2665277036daca369cc3 416b21e447a6a442333f6d451c14d0ec62d4b31e59dd48d97c5f6b176622ce20 Loading...

	www.google.com/recaptcha/api.js	850 B	2024-04-24	2024-05-08
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 09:35:35 Last Seen2024-05-08 15:55:32 Times Seen1408 Hash ee87fd4035a91d937ff13613982b4170 e897502e3a58c6be2b64da98474f0d405787f5f7 7649b605b4f35666df5cbcbb03597306d9215f53f61c2a097f085fa39af9859f Loading...

	code.jquery.com/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-05-13
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-13 04:19:16 Times Seen111285 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	www.forbigboys.com/odf/js/odf.js	21 kB	2023-03-12	2024-05-08
Pretty URL www.forbigboys.com/odf/js/odf.js IP 86.105.245.69 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:40:00 Last Seen2024-05-08 05:12:07 Times Seen124 Hash a652f60032a0abf0a7b9c7fd3c55f9fd 47773a40900dd1705aa29efc1b04319c4fa90edb e87626a9399a3587f38db35a97681cb70c1598d6f7ee8335a964cbf12e0fdaa3 Loading...

	www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js	518 kB	2024-04-24	2024-05-11
Pretty URL www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 09:18:30 Last Seen2024-05-11 08:40:38 Times Seen8998 Hash e2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b Loading...

	www.forbigboys.com/	0 B	2023-03-07	2024-05-13
Pretty URL www.forbigboys.com/ IP 86.105.245.69 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-13 04:29:58 Times Seen37574423 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.forbigboys.com/js/fitty.min.js	3.9 kB	2023-03-12	2024-05-08
Pretty URL www.forbigboys.com/js/fitty.min.js IP 86.105.245.69 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:17:35 Last Seen2024-05-08 05:12:07 Times Seen112 Hash 29ab20f58be55cded7b5381d7dc31882 54d69e4cab4307ca20214fa118e51f193764f39e f5be15b599336b8f56857ca53fdbc4af7dfba2378d31fc920c028f8a95716b5d Loading...

	www.forbigboys.com/	0 B	2023-03-07	2024-05-13
Pretty URL www.forbigboys.com/ IP 86.105.245.69 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-13 04:29:58 Times Seen37574423 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.forbigboys.com/	103 B	2023-03-25	2024-04-28
Pretty URL www.forbigboys.com/ IP 86.105.245.69 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-25 22:42:23 Last Seen2024-04-28 11:51:03 Times Seen2 Hash c5c6c2f7f06848da655cf147feaff6d1 8367d8c251d8dc35890af731eae39dc76cd58df7 20a72ccbc32a04c9e84b5a513220cf38f8e5f48af7bb23b2c347002826bab38f Loading...

	www.forbigboys.com/	0 B	2023-03-07	2024-05-13
Pretty URL www.forbigboys.com/ IP 86.105.245.69 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-13 04:29:58 Times Seen37574423 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-5243WNRXFG&l=dataLayer&cx=c	250 kB	2024-04-28	2024-04-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-5243WNRXFG&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 11:51:03 Last Seen2024-04-28 11:51:03 Times Seen2 Hash bdf6fe74b585766a975f31dae36f0cfe 371625c30590000edaca305612f0e6aaa4333692 d6ffa5fa72fa09eaddc05cd762a96ae39d1173f53e7dab29ad970fae36015954 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-13
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-13 04:26:33 Times Seen346817 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.forbigboys.com/	0 B	2023-03-07	2024-05-13
Pretty URL www.forbigboys.com/ IP 86.105.245.69 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-13 04:29:58 Times Seen37574423 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-RLBVQG6K3M	304 kB	2024-04-28	2024-04-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-RLBVQG6K3M IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-28 11:51:03 Last Seen2024-04-28 11:51:03 Times Seen2 Hash 2eb34a52d402a920e3b548b9d6ed6760 7bc4c9983be92e3cde322ee77d9b965d7541dde8 660f17ad9fa1870ca75b5087077901ba5ae49563c72b39657b5ce01f9c103041 Loading...

	www.forbigboys.com/sandbox%20eval%20code	147 B	2023-04-11	2024-05-13
Pretty URL www.forbigboys.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-13 04:26:33 Times Seen347326 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

HTTP Transactions (24)

URL IP Response Size

forbigboys.com/collections/featured/products/big-boy-shaving-gel-100ml-3-38-floz-enriched-with-aloe-vera-made-in-italy

86.105.245.69

302 Found

0 B

URL User Request GET HTTP/1.1
forbigboys.com/collections/featured/products/big-boy-shaving-gel-100ml-3-38-floz-enriched-with-aloe-vera-made-in-italy
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /collections/featured/products/big-boy-shaving-gel-100ml-3-38-floz-enriched-with-aloe-vera-made-in-italy HTTP/1.1
Host: forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.forbigboys.com/collections/featured/products/big-boy-shaving-gel-100ml-3-38-floz-enriched-with-aloe-vera-made-in-italy

www.forbigboys.com/collections/featured/products/big-boy-shaving-gel-100ml-3-38-floz-enriched-with-aloe-vera-made-in-italy

86.105.245.69

302 Found

1 B

URL User Request GET HTTP/1.1
www.forbigboys.com/collections/featured/products/big-boy-shaving-gel-100ml-3-38-floz-enriched-with-aloe-vera-made-in-italy
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /collections/featured/products/big-boy-shaving-gel-100ml-3-38-floz-enriched-with-aloe-vera-made-in-italy HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
location: /

www.forbigboys.com/

86.105.245.69

200 OK

2.8 kB

URL User Request GET HTTP/1.1
www.forbigboys.com/
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
JavaScript source, ASCII text
Size
2.8 kB (2808 bytes)
Hash
bf2916d2a9f9f6512baafcdca33cb55e
433ab70ea1255913ecab6f334027164c70c3f03f
68e5944d73dabfb57e5fe62a6e8b3b63e23a10e38e522a4ff4baede538c22cd8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

www.forbigboys.com/css/page_specific/landing_themes/bin_fresku/style.css

86.105.245.69

200 OK

1.7 kB

URL GET HTTP/1.1
www.forbigboys.com/css/page_specific/landing_themes/bin_fresku/style.css
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Requested by
https://www.forbigboys.com/
Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
ASCII text
Size
1.7 kB (1683 bytes)
Hash
c1cc1eba409ff4d20cd4097eb6020c75
0db37ecf1c783d18c5a52724088a47ae6779827f
6da4b1ad54cad4baa9f22dd3dbadc7fa9c2df631dd16c4cea8d0b90d1c487840

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/page_specific/landing_themes/bin_fresku/style.css HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:35 GMT
Content-Type: text/css
Last-Modified: Fri, 09 Dec 2022 08:18:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6392ef56-1275"
Content-Encoding: gzip

www.forbigboys.com/js/fitty.min.js

86.105.245.69

200 OK

1.7 kB

URL GET HTTP/1.1
www.forbigboys.com/js/fitty.min.js
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Requested by
https://www.forbigboys.com/
Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
JavaScript source, ASCII text, with very long lines (3710)
Size
1.7 kB (1710 bytes)
Hash
29ab20f58be55cded7b5381d7dc31882
54d69e4cab4307ca20214fa118e51f193764f39e
f5be15b599336b8f56857ca53fdbc4af7dfba2378d31fc920c028f8a95716b5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/fitty.min.js HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:35 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Dec 2022 08:34:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a4167b-f0e"
Content-Encoding: gzip

www.forbigboys.com/css/page_specific/landing_themes/loading_spinner.css

86.105.245.69

200 OK

667 B

URL GET HTTP/1.1
www.forbigboys.com/css/page_specific/landing_themes/loading_spinner.css
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Requested by
https://www.forbigboys.com/
Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
ASCII text
Size
667 B (667 bytes)
Hash
83501e85cee8eed375994e7386020e5f
d9a9628a38b0e2eb3a14d238ea24492808f6b135
dc6babb4172fb6c51b7887ae45b10bdf6bc6ed38ced0abcb6c55c3da63aec469

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/page_specific/landing_themes/loading_spinner.css HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:35 GMT
Content-Type: text/css
Last-Modified: Fri, 09 Dec 2022 08:18:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6392ef56-a47"
Content-Encoding: gzip

www.forbigboys.com/odf/js/odf.js

86.105.245.69

200 OK

6.7 kB

URL GET HTTP/1.1
www.forbigboys.com/odf/js/odf.js
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Requested by
https://www.forbigboys.com/
Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
JavaScript source, ASCII text
Size
6.7 kB (6651 bytes)
Hash
a652f60032a0abf0a7b9c7fd3c55f9fd
47773a40900dd1705aa29efc1b04319c4fa90edb
e87626a9399a3587f38db35a97681cb70c1598d6f7ee8335a964cbf12e0fdaa3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /odf/js/odf.js HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:35 GMT
Content-Type: application/javascript
Last-Modified: Wed, 21 Dec 2022 08:58:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a2cabf-52d6"
Content-Encoding: gzip

code.jquery.com/jquery-3.3.1.min.js

151.101.66.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://www.forbigboys.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.forbigboys.com
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1538f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 28 Apr 2024 09:50:35 GMT
age: 19497232
x-served-by: cache-lga13622-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 36, 931610
x-timer: S1714297836.846153,VS0,VE0
vary: Accept-Encoding
content-length: 30288
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-51651642-1

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-51651642-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (73157 bytes)
Hash
82a55f25a0a5004be9f458161d506a4d
ee1d259563855431e82f2665277036daca369cc3
416b21e447a6a442333f6d451c14d0ec62d4b31e59dd48d97c5f6b176622ce20

HTTP Headers

GET /gtag/js?id=UA-51651642-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 Apr 2024 09:50:35 GMT
expires: Sun, 28 Apr 2024 09:50:35 GMT
cache-control: private, max-age=900
last-modified: Sun, 28 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-RLBVQG6K3M

142.250.74.168

200 OK

101 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-RLBVQG6K3M
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
101 kB (101292 bytes)
Hash
2eb34a52d402a920e3b548b9d6ed6760
7bc4c9983be92e3cde322ee77d9b965d7541dde8
660f17ad9fa1870ca75b5087077901ba5ae49563c72b39657b5ce01f9c103041

HTTP Headers

GET /gtag/js?id=G-RLBVQG6K3M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 Apr 2024 09:50:35 GMT
expires: Sun, 28 Apr 2024 09:50:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.forbigboys.com/img/landing_themes/kiffer/escrow.png

86.105.245.69

200 OK

4.8 kB

URL GET HTTP/1.1
www.forbigboys.com/img/landing_themes/kiffer/escrow.png
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Requested by
https://www.forbigboys.com/
Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
PNG image data, 43 x 44, 8-bit/color RGBA, non-interlaced
Size
4.8 kB (4848 bytes)
Hash
f74b9f39f8b207123fe192943ebeff55
5a4924ef07f71ec207f8b59769bee53a2dab744e
fd83a8683db70fd10abfd830a0a98295baca6288d34c0d5506c617664d8a2e7d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/landing_themes/kiffer/escrow.png HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:36 GMT
Content-Type: image/png
Content-Length: 4848
Last-Modified: Fri, 09 Dec 2022 08:20:05 GMT
Connection: keep-alive
ETag: "6392efb5-12f0"
Accept-Ranges: bytes

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14712, version 1.0
Size
15 kB (14712 bytes)
Hash
3afeae0d768769f5e5f30ac9805c5b70
3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.forbigboys.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:35:47 GMT
expires: Fri, 25 Apr 2025 17:35:47 GMT
cache-control: public, max-age=31536000
age: 231289
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.forbigboys.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:27:12 GMT
expires: Fri, 25 Apr 2025 17:27:12 GMT
cache-control: public, max-age=31536000
age: 231804
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.forbigboys.com/img/loading_black_bg_big.gif

86.105.245.69

200 OK

3.2 kB

URL GET HTTP/1.1
www.forbigboys.com/img/loading_black_bg_big.gif
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Requested by
https://www.forbigboys.com/
Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
GIF image data, version 89a, 32 x 32
Size
3.2 kB (3208 bytes)
Hash
aef3c727d3d44e0655f61894bd346d0c
58cb295b2abab86d8535600c0ac04cdb2dd695fb
5457f900ca9b0aa675863ae830da4720b50d423c9a45e2e8a605fccbfe4aded7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/loading_black_bg_big.gif HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:36 GMT
Content-Type: image/gif
Content-Length: 3208
Last-Modified: Fri, 09 Dec 2022 08:20:05 GMT
Connection: keep-alive
ETag: "6392efb5-c88"
Accept-Ranges: bytes

use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2

104.21.27.152

200 OK

79 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.forbigboys.com/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 79100, version 1.0
Size
79 kB (79100 bytes)
Hash
5dc01cfcd5336f696cb85da7ce53fa9b
28a1f2fadc35c5343e0280389fe7955e3d1be607
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

HTTP Headers

GET /releases/v5.6.3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.forbigboys.com
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 28 Apr 2024 09:50:36 GMT
content-type: font/woff2
content-length: 79100
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
last-modified: Fri, 22 Sep 2023 01:45:45 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SfOOLvj4s7CroEg0W2pfw5IbcpAjIoJDWUcNc0LczUmM9WOsyo3iie2mX8oYzGimwEccFeblnifa7Jwed2yfrY4HzpT4jci%2FRZQVXlDrIqfo4dbtGdg2e%2B8d9aQ1%2BjojoORJRow6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b626241fb7568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-5243WNRXFG&l=dataLayer&cx=c

142.250.74.168

200 OK

89 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-5243WNRXFG&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
89 kB (88806 bytes)
Hash
bdf6fe74b585766a975f31dae36f0cfe
371625c30590000edaca305612f0e6aaa4333692
d6ffa5fa72fa09eaddc05cd762a96ae39d1173f53e7dab29ad970fae36015954

HTTP Headers

GET /gtag/js?id=G-5243WNRXFG&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 28 Apr 2024 09:50:36 GMT
expires: Sun, 28 Apr 2024 09:50:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88806
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.forbigboys.com/img/y.png

86.105.245.69

200 OK

13 kB

URL GET HTTP/1.1
www.forbigboys.com/img/y.png
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Requested by
https://www.forbigboys.com/
Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
13 kB (13071 bytes)
Hash
ccc0de1ac2a4da2fefb5ec5dfc944b37
74b4be27b5e71c343be4c73d9f3d5a4b3628e92e
4d27e316ae6d72e7d0f2cc28b1bd83c192226ee2e38c5b8b456f2d540b510a54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/y.png HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv; _ga_RLBVQG6K3M=GS1.1.1714297836.1.0.1714297836.0.0.0; _ga=GA1.1.1395936164.1714297836; _ga_5243WNRXFG=GS1.1.1714297836.1.0.1714297836.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:36 GMT
Content-Type: image/png
Content-Length: 13071
Last-Modified: Mon, 26 Feb 2024 11:46:35 GMT
Connection: keep-alive
ETag: "65dc7a1b-330f"
Accept-Ranges: bytes

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.35

200 OK

206 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.forbigboys.com
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 28 Apr 2024 05:52:13 GMT
expires: Mon, 28 Apr 2025 05:52:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 14303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.forbigboys.com/ajax/visitors/create/?domain_id=4643295

86.105.245.69

200 OK

21 B

URL GET HTTP/1.1
www.forbigboys.com/ajax/visitors/create/?domain_id=4643295
IP
86.105.245.69:443
ASN
#20857 Signet B.V.

Requested by
https://www.forbigboys.com/
Certificate
IssuerLet's Encrypt
Subjectforbigboys.com
FingerprintC8:BC:C9:33:CC:5C:FF:56:8D:A6:6B:75:FF:D6:11:3A:9F:2F:E9:60
ValidityThu, 28 Mar 2024 04:08:36 GMT - Wed, 26 Jun 2024 04:08:35 GMT

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/visitors/create/?domain_id=4643295 HTTP/1.1
Host: www.forbigboys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Cookie: PHPSESSID=49l86arhado72ahgtl31tpldpv
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Sun, 28 Apr 2024 09:50:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

142.250.74.106

200 OK

4.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
4.9 kB (4933 bytes)
Hash
dbd89edad5bec27be82a7d30c88cf3d8
8e262fa2a4850c5aa220febc8a2a2942b0e81da8
7cb67cbeff3e4d6cb401b5297b8f2ddbd28bbe4fb8c8f756408d75e5716e194d

HTTP Headers

GET /css?family=Source+Sans+Pro:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Apr 2024 09:50:35 GMT
date: Sun, 28 Apr 2024 09:50:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js

142.250.74.164

200 OK

5.7 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF3:75:C9:48:E6:A5:11:C7:87:C8:8D:9A:C4:16:F8:09:4E:88:7C:5A
ValidityMon, 08 Apr 2024 07:33:48 GMT - Mon, 01 Jul 2024 07:33:47 GMT

File type
gzip compressed data
Size
5.7 kB (5744 bytes)
Hash
e5df802d86b6aa3b113a4ac1150216f2
120fccea3e04a5dd8481d7df3a6078f250cba2a4
22db0c6b43448d6da30a198d3878e3e5879472269506902272105453bb0e36df

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 28 Apr 2024 09:50:35 GMT
date: Sun, 28 Apr 2024 09:50:35 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Oswald:400,700

142.250.74.106

200 OK

3.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Oswald:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (3738), with no line terminators
Size
3.7 kB (3658 bytes)
Hash
16c10338a971380225748a51428916cd
c74dabac93a1e3707fb1ec2073385e7610f27faf
ca8adf780f600368c76896dbc8cd6dfcf35ddb2d3ebf035054995a0316091dab

HTTP Headers

GET /css?family=Oswald:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Apr 2024 09:50:35 GMT
date: Sun, 28 Apr 2024 09:50:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

104.18.10.207

200 OK

156 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.forbigboys.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
156 kB (155758 bytes)
Hash
a15c2ac3234aa8f6064ef9c1f7383c37
6e10354828454898fda80f55f3decb347fd9ed21
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

HTTP Headers

GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.forbigboys.com
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 Apr 2024 09:50:35 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 03/18/2024 12:46:56
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1055
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 3e020b004f34af36cb0cd5410eba43d3
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87b6262188ae5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.6.3/css/all.css

104.21.27.152

200 OK

54 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.6.3/css/all.css
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.forbigboys.com/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (53592), with no line terminators
Size
54 kB (53592 bytes)
Hash
dc93d584e41f8417f6b7163320d34329
07013bc45af8f3412ea2d15b874702aeb1df3350
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

HTTP Headers

GET /releases/v5.6.3/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.forbigboys.com
DNT: 1
Connection: keep-alive
Referer: https://www.forbigboys.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 28 Apr 2024 09:50:36 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"dc93d584e41f8417f6b7163320d34329"
last-modified: Fri, 22 Sep 2023 01:45:44 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2iLJg8M3mALHuCil%2FfnKw5lw%2FlmN2bjUiSg2pBf4pZTRtXhtW%2B2%2Bo4GRpwERgo0%2Ff%2FJtP%2FfdXwksxr8pI1lp0zaYlK74nJy9XsBgxQMdiN5%2BK%2BEgFPFFDLKRKWKOZGdc621K2Ga"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87b62621cd79568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML