s1monwork.cf Open in urlscan Pro
2606:4700:3035::ac43:9497  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
• https://btloader.com/tag?h=freestar-io&upapi=true

Request Chain 34

• https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1681505124059&ns_c=UTF-8&ns_if=1&cs_ucfr=&c7=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F&c8=Fake%20Virus%20Screen%20-%20Files%20encrypted&c9=https%3A%2F%2Fs1monwork.cf%2F HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1681505124059&ns_c=UTF-8&ns_if=1&cs_ucfr=&c7=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F&c8=Fake%20Virus%20Screen%20-%20Files%20encrypted&c9=https%3A%2F%2Fs1monwork.cf%2F

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response s1monwork.cf/	837 B 943 B	1059ms 752ms	Document text/html	2606:4700:3035::ac43:9497 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s1monwork.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9497 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.0RC7 Resource Hash b424d85d21e6ded05a98780ebcd8a5acc019076392b180496be6a9b755b130a9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7b7eca9e5acbb51e-OSL content-encoding br content-type text/html; charset=UTF-8 date Fri, 14 Apr 2023 20:45:16 GMT expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" host s1monwork.cf nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} replit-cluster global report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBuHs5WxBNhrg3XiA9%2Bo%2Bf%2FYP8nZOC2T1POQ2uk%2BJslmz191AG4cdd3v4%2BFRTvAfWKRIHyWSYjjpcLbejd5F3wTkFwCndv1IrSYbyhmoI7SjZvKKBjnEvsUn%2BEieReQem6vgXS8thvoOKkc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.0RC7
GET H2	200	style.css s1monwork.cf/	1 KB 764 B	3233ms 3232ms	Stylesheet text/css	2606:4700:3035::ac43:9497 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s1monwork.cf/style.css Requested by Host: s1monwork.cf URL: https://s1monwork.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9497 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46af5be70bf8a771c134f1bdbc452a3b764bec878a7c04ffb167c08af7d56a0d Request headers accept-language fi-FI,fi;q=0.9 Referer https://s1monwork.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:19 GMT content-encoding br cf-cache-status MISS last-modified Fri, 14 Apr 2023 20:45:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} host s1monwork.cf server cloudflare expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wC0aYDP9iO%2F3GPrxGbxEmgnsBqsMlHSUDm4luu1qOjMTpsKoGPeVxQI9V1KI1lLFQSpXIKUXjfnrsXKmhe9yyPeDRPedKNym2laocEZImfYqwl5J0Gpbt6%2Fw2TtoQN9WXhD5VTY3TXbUTkI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control max-age=14400 replit-cluster global cf-ray 7b7ecaa31acdb51e-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.2.1/	85 KB 30 KB	244ms 75ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Requested by Host: s1monwork.cf URL: https://s1monwork.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://s1monwork.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Wed, 12 Apr 2023 12:13:37 GMT content-encoding gzip x-content-type-options nosniff age 203499 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30306 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Apr 2024 12:13:37 GMT
GET H2	404	script.js s1monwork.cf/	0 0	5070ms 5069ms	Script text/html	2606:4700:3035::ac43:9497 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s1monwork.cf/script.js Requested by Host: s1monwork.cf URL: https://s1monwork.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9497 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer https://s1monwork.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:21 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEtkhqTxsaly9XvP8jZoYKfSTGPULQMd8mZzr0qg62aajYy1IWpg%2BNGtf3P6HNmSG2RKOqtrisXdRfkRF5k9blhRoBBX5JjNFdsOjQNCqmjM8MmPNYM7OhefKzY0I4sZlLfkaNNgMJvtUvE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control max-age=14400 replit-cluster global cf-ray 7b7ecaa31aceb51e-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	timeout.js Show response s1monwork.cf/	0 369 B	708ms 707ms	Script application/javascript	2606:4700:3035::ac43:9497 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s1monwork.cf/timeout.js Requested by Host: s1monwork.cf URL: https://s1monwork.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:9497 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://s1monwork.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:17 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} replit-cluster global alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 last-modified Fri, 14 Apr 2023 20:45:17 GMT server cloudflare host s1monwork.cf expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ReuAMBNtvZPGsL2ZW4aJphHPkVVLxQIMcOUoHdypsN9bEtzyS8J3c%2FYbLp%2B2SZnjKW%2FAAJ84%2BmfD%2B%2Ba07qllTmqDiHdzciMJRxSO%2Bpotv9QT3BkWD%2Bv0DesEBhQZcfOiKtN581IBvluKFA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 accept-ranges bytes cf-ray 7b7ecaa31acfb51e-OSL
GET H2	200	/ Show response geekprank.com/fake-virus/ Frame 3DAA	8 KB 4 KB	832ms 460ms	Document text/html	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geekprank.com/fake-virus/ Requested by Host: s1monwork.cf URL: https://s1monwork.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e228eb2409eb639657fa234d1cbbbf2f586c0ce3c16c4ba6e36348aab416357d Request headers Referer https://s1monwork.cf/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7b7ecac5286a0afe-OSL content-encoding br content-type text/html date Fri, 14 Apr 2023 20:45:22 GMT last-modified Thu, 21 Jul 2022 12:39:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1OZ41maW7FSSt3NP6OGwMlYrlWXN6oPy1qYfQ3%2B8GhnTb6AkZTMfiCygtxscz2jKO2PwKcrGcYzv0un7JbL5fABkf2sW3t2%2FlQYCe4H%2FEsxDauYHOL%2Bz%2BEIi%2Fp1Cc9YP%2F4JGSJ2zdUrVhLb"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	style.css geekprank.com/fake-virus/ Frame 3DAA	5 KB 2 KB	412ms 412ms	Stylesheet text/css	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geekprank.com/fake-virus/style.css?y=2022 Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a90763881f13269758470bab2d02d9ae6122a8f3349cb057055ca44ada6c0c19 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 21 Oct 2020 11:51:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"30a307a-1570-5b22cf955acc0-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaRhiVnMGykubgxWfdy%2B%2BLbzFr%2BgG8pKbmhe16l9neuKoKH4oip5dRrJeNJYMZ6QFh3B0PLjw%2BfD4oyzYxYGE%2B%2BLChbdfZZ40cm0cbgU01CjS%2BifsmGgkJs3GRaVIpBTsa79Y7OXt%2FCaqXqd"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b7ecac83bd00afe-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery-latest.min.js Show response code.jquery.com/ Frame 3DAA	94 KB 33 KB	185ms 56ms	Script application/javascript	2001:4de0:ac18::1:a:2b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-latest.min.js Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:22 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-1762a" vary Accept-Encoding x-hw 1681505122.dop017.sk1.t,1681505122.cds202.sk1.hn,1681505122.cds256.sk1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33202
GET H2	200	script.js Show response geekprank.com/fake-virus/ Frame 3DAA	690 B 668 B	411ms 411ms	Script application/javascript	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geekprank.com/fake-virus/script.js?y=2022 Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 306b095e8c1105edee548daca8e0aa7c6607e34274737251c7b1b4d564d1eb80 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:22 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 27 Aug 2017 21:44:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"30a307b-2b2-557c31596d900-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VD%2F5Z295PGX8laVM1AnOhUv0cYGR67OesosivX8zIf2T5kBWv77mPDaNxmgEOHOU67FDjGY7%2FD%2F8wlptVAW9%2BjLQXUXCPHsxjv8MbZOKmIf%2B2640ZBiHOh17HdSzAfJ9SRr2L65COtinUzBh"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b7ecac83bd30afe-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	background.jpg geekprank.com/fake-virus/ Frame 3DAA	39 KB 40 KB	374ms 374ms	Image image/jpeg	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://geekprank.com/fake-virus/background.jpg Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86f04c423c9fffa5e9f58e7c73f9de1aeb31cd66afddbe20898fc1a8c503c59a Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2017 20:56:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "30a307c-9dbb-557c269ed8900" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkvcNC47sIKzAYpA%2FCyNZPaDZPQI%2F1%2B3vFa1Tk%2Fft3SFBvQ2mLjZ2vLWzCL9KeBjkU5ysTn%2F4%2BTBGmMwhHgMSo89pOc%2BaTr621TBJGp7qh7yCCCHnkMEj0y61SS3LIJz9W8Jg7Hy8hUw8jHc"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7b7ecacacd0cb500-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 40379
GET H3	200	fake-virus.png geekprank.com/fake-virus/ Frame 3DAA	14 KB 14 KB	409ms 408ms	Image image/png	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://geekprank.com/fake-virus/fake-virus.png Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0dcfb190826da98dca89d80af068dd7f77d8388798728da41592dfcf94bf0f85 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT cf-cache-status REVALIDATED last-modified Sun, 27 Aug 2017 21:17:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "30a307d-37ae-557c2b5dd3b80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cFE7WdsFr%2BAFufKgaygdubKNiT399gLdMYFN4OeQg%2BPlBsKC5HEfoBBO%2FBU9WBbidvErTl1t%2F8qPt0pLacDybrwFUh7%2FqgqErBwDIPvy3SsFvgsJ0HB9BhKeuQ0ASMmhSPiNs3m9mbl00z%2F"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b7ecacafd3cb500-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14254
GET H3	200	fake-virus-prank.png geekprank.com/fake-virus/ Frame 3DAA	21 KB 22 KB	477ms 474ms	Image image/png	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://geekprank.com/fake-virus/fake-virus-prank.png Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2c758ef8f1920eb17860ac6a2b2a0ee7db8725eff3e84a1492267f0a6445860 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Aug 2017 09:56:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "30a3075-556a-557cd4f4e5880" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWSLeNM1oIo2wPV4Zm7%2B%2BWC%2Fn%2FrV7g3X8Pl1Pxvx0v2pQQM8mOVbeeYaDE924mZALEAhcI4R7pW42WwC4FGe8%2FhY6RcvPhObsyYq%2BbMcpwEeagKUjwUTbt4kPjlnOfYGZq4yPvzszq62cxZl"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b7ecacafd49b500-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21866
GET H3	200	cursor.gif geekprank.com/fake-virus/ Frame 3DAA	96 B 588 B	488ms 475ms	Image image/gif	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://geekprank.com/fake-virus/cursor.gif Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0391f0332b098baa8b987ce0f9a9517afd5a76d7870a90fe95459df3668f4d9d Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Aug 2017 08:42:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "30a3079-60-557cc462f4080" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKohIzuyPfBWVlPBqdTsXEUKvrdUZabCINn%2B21CDwxY6LLdPHRNRUXTrDKeqqj6gFczylWJhXm2xAwxf%2Bs3%2BIgP9tG%2FRghgRL84pLEQGVfCp0R0kAy6uz907414H0xcqzH1dL0RI%2FxQqNEMG"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 7b7ecacb0d63b500-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 96
GET H3	200	fake-hacked-computer.png geekprank.com/fake-virus/ Frame 3DAA	4 KB 5 KB	488ms 475ms	Image image/png	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://geekprank.com/fake-virus/fake-hacked-computer.png Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c49271eb5a6fd2a1b666681205375f55b87c2f729483496644060d76ca4d470 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Aug 2017 08:30:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "30a3078-1152-557cc1b266800" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHzN6Cqtaoy6thlDSgkUdFd1C45vPOSO%2By2ZTRwV6pH5vytBDVUpzbJYc%2F1ULjSvZ7wt%2B5WXL%2F%2F3C4e7OKl6gHAH%2FmpnFHVf%2BvvmtTf5ZZS1hRLilFOfEL%2FDNgf2DmzMR3NY2eDaobJY%2Fg0j"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b7ecacb0d67b500-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4434
GET H3	200	files-encrypted-prank.png geekprank.com/fake-virus/ Frame 3DAA	8 KB 8 KB	531ms 517ms	Image image/png	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://geekprank.com/fake-virus/files-encrypted-prank.png Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6fa352a257c3d3fa7c579cc0cca85b85457065eb4cc6d9b13600d4ce5274a345 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Aug 2017 08:03:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "30a3074-1fcd-557cbbb8b4f00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XP0cRqRF9jo3ligBpKIV7Pt%2FNbteIe%2F70T3mfhgk5xopzeSosJNyVHNTCVE5bx7J7XpCY%2BUB6G%2BAJ0eAf%2B%2BUnkRx%2FeV5mFgi4QpIEgZtSw%2FvCq1zMJGjzy%2BfRRC5nONy3WufDh0hNLhqa50w"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b7ecacb0d6ab500-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8141
GET H3	200	pay-with-kidneys.png geekprank.com/fake-virus/ Frame 3DAA	8 KB 9 KB	537ms 523ms	Image image/png	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://geekprank.com/fake-virus/pay-with-kidneys.png Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 842a3c167e5062aeb5a122ac53ff4a41869f7486a84f2ef391ec5af1615147d7 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Aug 2017 09:10:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "30a307f-2149-557ccab833180" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2ygjhzSWBsN0KtE4WNB2fwMQUH%2FrP6A2Q632XT404dPJtvYpfOGvmmh06y%2BtUZOGb3NOeX8TaeWKjMWje25UMdyiECEOBDjmHaT1W6%2BTToKvhnMnEZFHRt6c3sdMMuRPMPD2450HDTYFipz"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b7ecacb0d6db500-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8521
GET H3	200	support.png geekprank.com/fake-virus/ Frame 3DAA	10 KB 10 KB	244ms 230ms	Image image/png	2606:4700:3033::ac43:dc9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://geekprank.com/fake-virus/support.png Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:dc9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38d6005ddaf44cffe037d44e265678ec6e1579fa82ee3267fa1bea8d9f1679bb Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/fake-virus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT cf-cache-status REVALIDATED last-modified Mon, 28 Aug 2017 08:40:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "30a307e-2722-557cc3d99fc80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdBo2LqEED9vczZtti14%2BIFLlwB6Vjur5e9mfSMAZLzvmedKWXMRVLbv5n7sQcjhN%2BMqKaL47HbWSXgzqpcSA8SFMJFNe9B%2F%2FUU8MJ3UbVFgFAm2S5fJdQvQF417oreLNKrHLf3h6fCF%2BUhy"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b7ecacb0d70b500-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10018
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 3DAA	221 KB 78 KB	272ms 89ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YSFP0RLNB7 Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d11435d4fa342d3e84da7701ff8c1018ad15571c9c9a0eac08e04aed3f35f71 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79051 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 14 Apr 2023 20:45:23 GMT
GET H2	200	choice.js Show response cmp.quantcast.com/choice/xncav4ssEzwLp/geekprank.com/ Frame 3DAA	4 KB 2 KB	371ms 183ms	Script application/javascript	2600:9000:211e:8000:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/choice/xncav4ssEzwLp/geekprank.com/choice.js Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:8000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 53d3094f8a5ca75b46212ca08e83b7fbfd7b3733600bcc82b784b2518874f5f0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:24 GMT content-encoding br via 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront) last-modified Thu, 14 Oct 2021 07:31:53 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 x-amz-server-side-encryption AES256 etag W/"4c2fa397e23299fc37b126d57600e577" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=3600 cross-origin-resource-policy cross-origin x-amz-cf-id BS6VohqwH3t2GgxmyWDJHqJOQMt6sNDNiPz9n794OWct_irl98SXQw==
GET H2	200	pubfig.min.js Show response a.pub.network/geekprank-com/ Frame 3DAA	107 KB 38 KB	235ms 89ms	Script application/javascript	2606:4700::6812:15ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/geekprank-com/pubfig.min.js Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 655814216f1ba873f7a00aeb5bb85257ff25af55be0dd73e6629982d0926f3a4 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT content-encoding gzip cf-cache-status HIT age 446 x-guploader-uploadid ADPycdsxoHxdSqPBDmB5mFIUgpaTkgrl137Nm2dZ337jMpvQ9EFp_939nDtPKs8EJBmGlBtrPUjv-8-DqKnDuVzSlUlJYOLCi5o_ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity last-modified Thu, 06 Apr 2023 14:27:03 GMT server cloudflare etag W/"03d29074ad8d4f2108f80abaa9a8b28e" vary Accept-Encoding x-goog-hash crc32c=j2ILKw==, md5=A9KQdK2NTyEI+Aq6qaiyjg== x-goog-generation 1680791223865971 content-type application/javascript access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=1800 x-goog-stored-content-length 110012 cf-ray 7b7ecacbea77b529-OSL expires Fri, 14 Apr 2023 21:15:23 GMT
GET H2	200	v2xpaoSD5AkTB5bpypLUtJVY-Co85OKJb1bSF3d438PvSXfXWmqHQ7E_xuQ Show response volatilevessel.com/ Frame 3DAA	60 KB 22 KB	244ms 84ms	Script text/javascript	2600:1901:0:328a::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://volatilevessel.com/v2xpaoSD5AkTB5bpypLUtJVY-Co85OKJb1bSF3d438PvSXfXWmqHQ7E_xuQ Requested by Host: a.pub.network URL: https://a.pub.network/geekprank-com/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 74e64d6ae9b5a8a3547a6a0fda9c45785c7f53ca2c8ba56b110e0f017e15fbbf Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br via 1.1 google date Fri, 14 Apr 2023 20:45:23 GMT x-datacenter gce-europe-west1 etag "651e95fa80d17eae5fe9dd813552c257bc7d4d7a0d8b6b5442e0dd9c02f8f797" x-buildname hoothoot vary Accept-Encoding, Accept-Language x-hostname fen-hoothoot-europe-west1-spot-1dhj content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 x-buildnumber 832971200 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	init Show response d.pub.network/v2/ Frame 3DAA	38 KB 5 KB	307ms 174ms	Fetch application/json	34.160.110.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://d.pub.network/v2/init?siteId=1650&env=PROD Requested by Host: a.pub.network URL: https://a.pub.network/geekprank-com/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.110.160.34.bc.googleusercontent.com Software / Resource Hash ebd51b6e296e9845fbc1eb876310ee3a0884024b90f945b322591e500d1dc826 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT content-encoding gzip via 1.1 google vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent content-type application/json access-control-allow-origin https://geekprank.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	quant.js Show response secure.quantserve.com/ Frame 3DAA	22 KB 9 KB	245ms 76ms	Script application/javascript	2620:116:800d:21:b314:a0ef:ab7c:d546 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/choice/xncav4ssEzwLp/geekprank.com/choice.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT content-encoding gzip etag "DUHyBE1e2vdA+NAhXV6BXg==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Fri, 21 Apr 2023 20:45:23 GMT
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/ Frame 3DAA	178 KB 44 KB	236ms 74ms	Script text/javascript	2600:9000:211e:c400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=geekprank.com Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/choice/xncav4ssEzwLp/geekprank.com/choice.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:c400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 19:52:01 GMT content-encoding br via 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 3202 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-storage-class INTELLIGENT_TIERING last-modified Wed, 05 Apr 2023 15:47:12 GMT server AmazonS3 etag W/"1746c81073fb3adcecce59e604b48427" access-control-max-age 86400 access-control-allow-methods GET content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=3600 x-amz-meta-qc-ineu True vary Accept-Encoding x-amz-cf-id 1pND3d-m9bWuOJt1vHMZXhPWTwpyCzUAr1l7F3Bcleybqj0mR0K1qw==
GET H2	200	skeleton.gif static.adsafeprotected.com/ Frame 3DAA	43 B 483 B	302ms 93ms	Image image/gif	2600:9000:223f:9c00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif?adunitid=dqovp&adnum=741956 Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 25 Jun 2022 14:52:58 GMT x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja via 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 25336345 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 last-modified Mon, 17 Aug 2020 23:55:15 GMT server AmazonS3 etag "45cf913e5d9d3c9b2058033056d3dd23" content-type image/gif cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id PVuqeDjdAWlC3X8fI_ujkE7bKtsdxz6WP4a25REpwB4JlYzroTXt-g==
GET H2	200	beacon.js Show response sb.scorecardresearch.com/ Frame 3DAA	4 KB 2 KB	239ms 76ms	Script application/javascript	13.32.121.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: a.pub.network URL: https://a.pub.network/geekprank-com/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.121.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-121-37.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 00:35:31 GMT content-encoding gzip via 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront) last-modified Thu, 09 Mar 2023 09:22:40 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 72593 x-amz-server-side-encryption AES256 etag W/"a06e7a176f40dc26aa5e9567ac9d2d5e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id NE-wQppRqAoa1i2Z_pPvjj-MsXfouIHdcVdRwBUoDAZc0eD7vReuKg==
GET H2	200	pubfig.engine.js Show response a.pub.network/core/pubfig/3587b8b6ea1364e7983dde86521b19e97edd6807/ Frame 3DAA	443 KB 132 KB	90ms 89ms	Script application/javascript	2606:4700::6812:15ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/core/pubfig/3587b8b6ea1364e7983dde86521b19e97edd6807/pubfig.engine.js Requested by Host: a.pub.network URL: https://a.pub.network/geekprank-com/pubfig.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edf0a1c40f35a6250c4eee074788d3949838731477fb2c07986520927677d920 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:23 GMT content-encoding gzip cf-cache-status HIT age 926 x-guploader-uploadid ADPycduXAq-iP8g7QRg-8QwYTVwO02JPuj2oFUVRJ0VCBjVjaFJxdG7Ot95aw9BCXdkVuuOULVArYkexszMv9NGCZq4KxsHRYOPr x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity last-modified Mon, 03 Apr 2023 19:26:34 GMT server cloudflare etag W/"28e6996f67acf169e59a82fac6eb74dc" vary Accept-Encoding x-goog-hash crc32c=xpKo6Q==, md5=KOaZb2es8WnlmoL6xut03A== x-goog-generation 1680549994880999 content-type application/javascript access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=3600 x-goog-stored-content-length 453756 cf-ray 7b7ecaceef4bb529-OSL expires Fri, 14 Apr 2023 21:45:23 GMT
GET H2	200	rules-p-xncav4ssEzwLp.js Show response rules.quantcount.com/ Frame 3DAA	160 B 633 B	273ms 79ms	Script application/javascript	2600:9000:223c:5600:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-xncav4ssEzwLp.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1c87922d76e88063895836fd079f851987fc9be84e4687fd9dd4b835f50ad8b2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:14:05 GMT via 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 1879 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Thu, 13 Oct 2022 23:38:30 GMT server AmazonS3 etag "236524bfd54f7155820e9bf3a87172f1" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id jAC11RuhEiDr64ShaGw0MWyN71wmEKHiymY5aNP0FzHa1el1-FhgJw==
OPTIONS H2	200	/ optimise.net/ Frame	0 0	220ms 86ms	Preflight	34.111.152.239 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://optimise.net/?k=1&d=geekprank.com&t=desktop Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 239.152.111.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://geekprank.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Key, Authorization access-control-allow-methods ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL access-control-allow-origin https://geekprank.com access-control-expose-headers fs-client-rtt access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 date Fri, 14 Apr 2023 20:45:24 GMT expires 0 fs-client-rtt 49 pragma no-cache strict-transport-security max-age=31536000;includeSubDomains;preload; via 1.1 google
GET H3	200	/ Show response optimise.net/ Frame 3DAA	490 B 515 B	159ms 53ms	Fetch application/json	34.111.152.239 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://optimise.net/?k=1&d=geekprank.com&t=desktop Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/3587b8b6ea1364e7983dde86521b19e97edd6807/pubfig.engine.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 239.152.111.34.bc.googleusercontent.com Software / Resource Hash 88efe3ce04899a8f46b0bb84172bc025a43c534eca1b54b4deb480869321c628 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload; Request headers Referer https://geekprank.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=31536000;includeSubDomains;preload; via 1.1 google date Fri, 14 Apr 2023 16:50:06 GMT fs-client-rtt 49 age 14118 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 490 pragma no-cache access-control-max-age 3600 access-control-allow-methods ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL content-type application/json access-control-allow-origin https://geekprank.com access-control-expose-headers fs-client-rtt cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Key, Authorization expires 0
GET H2	200	config.js Show response cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ Frame 3DAA	75 KB 17 KB	221ms 68ms	Script text/javascript	2606:4700:4400::6812:220a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/3587b8b6ea1364e7983dde86521b19e97edd6807/pubfig.engine.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f34e3f913f35357b71dad2f2b50621bea19e54cdb99075c363251c714239d50a Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:24 GMT content-encoding br cf-cache-status HIT last-modified Fri, 14 Apr 2023 19:17:09 GMT server cloudflare x-amz-request-id NS5VP2GESFHPKV73 age 655 etag W/"f9f697fd25187aca5bab335420908bca" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript cache-control public, max-age=900, stale-while-revalidate=3600 cf-ray 7b7ecad208010b61-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 RBx3S5XsNgYSqp31R4Fh+KPcn6W1PYnz+w8o9S53uL1wrAFqCybzAgoqvjPn9aO8pfe3eQ1qCB9mzTPjpoxAyw==
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 3DAA	77 KB 25 KB	337ms 125ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/3587b8b6ea1364e7983dde86521b19e97edd6807/pubfig.engine.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2e8be78b1eec810e9722593c6ee18bce97dd1f9b011b5a870b1137d1857cf647 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:24 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25599 x-xss-protection 0 server cafe etag 369 / 19461 / 31073791 / config-hash: 11787412583201714567 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 14 Apr 2023 20:45:24 GMT
GET H2	200	tag Show response btloader.com/ Frame 3DAA Redirect Chain https://freestar-io.videoplayerhub.com/gallery.js https://btloader.com/tag?h=freestar-io&upapi=true	1 MB 118 KB	186ms 63ms	Script application/javascript	2606:4700:20::681a:78b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://btloader.com/tag?h=freestar-io&upapi=true Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Server 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d87704e12c114739174efbab0e18d0548964b3f2ea73cfa6f03d5f7f8ea43ed Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:24 GMT via 1.1 google content-encoding br cf-cache-status HIT last-modified Fri, 14 Apr 2023 19:57:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2782 etag W/"327bbcd2e00076d850d4c5f960c9e6a4" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyYL4a7vZ8ZLrFvx%2FdLcTzm6%2FAoD0NDtcZyQij1uXcBbH%2BXUfgzuxTbI2i4YGCwVz47w32HB0nAgqIcB95KXHHQCQNSzJEzXTimSF6lWCreOxSfXukYA%2FY8EGOimuzE6aOSPUhcSy9igng%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 cf-ray 7b7ecad3c99b376a-HEL Redirect headers date Fri, 14 Apr 2023 20:45:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INfqy4XV%2BO2IZKdTiWGVKpbnYARI6%2F%2B1d2foKNgIt61y88zA7OGVc4a4Mze8%2FjLqOBDasUQjgqgOGIFrUvUb9IZTd2ZLCTWTA%2Fq7TVOiR1U3%2BAq%2Fl93HEQRJ4MlBdCyrZoQMcKMItAmQmBiJA1uGViyQZEHh7FKgBSP5GA%3D%3D"}],"group":"cf-nel","max_age":604800} location https://btloader.com/tag?h=freestar-io&upapi=true cache-control max-age=3600 cf-ray 7b7ecad1f9f4fe4c-HEL expires Fri, 14 Apr 2023 21:45:24 GMT
GET H2	200	hadron.js Show response cdn.hadronid.net/ Frame 3DAA	55 KB 10 KB	267ms 79ms	Script application/javascript	2606:4700:10::6816:35ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F&ref=https%3A%2F%2Fs1monwork.cf%2F&_it=freestar&partner_id=474 Requested by Host: s1monwork.cf URL: https://s1monwork.cf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:24 GMT content-encoding gzip cf-cache-status HIT cf-bgj minify last-modified Fri, 18 Nov 2022 10:57:44 GMT server cloudflare x-amz-request-id TC75RB0KRRP8NTXT age 767 etag W/"2280e2148e4ee3c06f679f8fac039778" vary Accept-Encoding content-type application/javascript cache-control max-age=3600 cf-ray 7b7ecad26f47b509-OSL x-amz-id-2 tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
GET H2	200	prebid-analytics-7.37.0.js Show response a.pub.network/core/ Frame 3DAA	578 KB 180 KB	79ms 79ms	Script text/html	2606:4700::6812:15ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/core/prebid-analytics-7.37.0.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/3587b8b6ea1364e7983dde86521b19e97edd6807/pubfig.engine.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3185bc42c8ca3f93874f2caa46848aaf28192d71adcdf770c0045f2a326dcc5 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:24 GMT content-encoding gzip cf-cache-status HIT age 926 x-guploader-uploadid ADPycdvPhqFx-41BMzokTtvNUDXESkSKhoc2MAphSbw6vwAFXTc7S-qwB-I1CWY-VvJX26cJYaH0POaPG4Px05LjrzPslR0c5QXz x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 3 x-goog-stored-content-encoding identity last-modified Mon, 27 Feb 2023 19:41:16 GMT server cloudflare etag W/"ac79a52155d1d846e5f8db243d3cd297" vary Accept-Encoding x-goog-generation 1677526876107470 content-type text/html access-control-allow-origin * x-goog-hash crc32c=sQc5Xw==, md5=rHmlIVXR2Ebl+NskPTzSlw== content-language en access-control-expose-headers * cache-control public, max-age=31535073 x-goog-stored-content-length 592265 cf-ray 7b7ecad15afeb529-OSL expires Sat, 13 Apr 2024 20:29:57 GMT
GET H2	204	b2 sb.scorecardresearch.com/ Frame 3DAA Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1681505124059&ns_c=UTF-8&ns_if=1&cs_ucfr=&c7=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F&c8=Fake%20Virus%20S... https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1681505124059&ns_c=UTF-8&ns_if=1&cs_ucfr=&c7=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F&c8=Fake%20Virus%20...	0 223 B	82ms 76ms	Image text/plain	13.32.121.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1681505124059&ns_c=UTF-8&ns_if=1&cs_ucfr=&c7=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F&c8=Fake%20Virus%20Screen%20-%20Files%20encrypted&c9=https%3A%2F%2Fs1monwork.cf%2F Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Server 13.32.121.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-121-37.fra60.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:24 GMT via 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop FRA60-P1 x-amz-cf-id Tb7cDPkGmQHgxyBosJc0WtVu-92nhvoetrE1qq9gNm-fTncCaAF2mw== x-cache Miss from cloudfront Redirect headers date Fri, 14 Apr 2023 20:45:24 GMT via 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop FRA60-P1 x-cache Miss from cloudfront location /b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1681505124059&ns_c=UTF-8&ns_if=1&cs_ucfr=&c7=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F&c8=Fake%20Virus%20Screen%20-%20Files%20encrypted&c9=https%3A%2F%2Fs1monwork.cf%2F content-length 0 x-amz-cf-id jaNw0Bf5uobvzEV_2h1bewW7hyGh09AsKjAP7L-qiV_zTfQ3CTBCuA==
GET H2	200	pixel;r=1408393007;source=choice;rf=0;a=p-xncav4ssEzwLp;url=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F;ref=https%3A%2F%2Fs1monwork.cf%2F;uht=2;fpan=1;fpa=P0-1905041390-1681505123751;pbc=;ns=1;ce=1... pixel.quantserve.com/ Frame 3DAA	35 B 372 B	97ms 84ms	Image image/gif	2620:116:800d:21:b314:a0ef:ab7c:d546 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=1408393007;source=choice;rf=0;a=p-xncav4ssEzwLp;url=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F;ref=https%3A%2F%2Fs1monwork.cf%2F;uht=2;fpan=1;fpa=P0-1905041390-1681505123751;pbc=;ns=1;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;d=geekprank.com;dst=0;et=1681505124072;tzo=0;ogl=title.Fake%20Virus%20Screen%2Ctype.website%2Cdescription.Fake%20virus%20screen%20demanding%20money%20for%20file%20decryption%252E%20Prank%20your%20friends%20openin%2Curl.https%3A%2F%2Fgeekprank%252Ecom%2Ffake-virus%2F%2Cimage.https%3A%2F%2Fgeekprank%252Ecom%2Ffake-virus%2Fog%252Ejpg;ses=fc0964db-133c-4be4-9336-8fd95dbe5b44 Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers pragma no-cache date Fri, 14 Apr 2023 20:45:24 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
POST H3	200	v2kekK-w_Wq6zzdESOYgL0BN-eixHMqK7N5ShaUafSc87CCsFjtXscSzv_AjH5eUpmrq8xxD3HoI Show response volatilevessel.com/ Frame 3DAA	206 B 233 B	162ms 97ms	Fetch application/json	2600:1901:0:328a::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://volatilevessel.com/v2kekK-w_Wq6zzdESOYgL0BN-eixHMqK7N5ShaUafSc87CCsFjtXscSzv_AjH5eUpmrq8xxD3HoI Requested by Host: volatilevessel.com URL: https://volatilevessel.com/v2xpaoSD5AkTB5bpypLUtJVY-Co85OKJb1bSF3d438PvSXfXWmqHQ7E_xuQ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 6f959a3842293536b753fecc38a7a80099ef60c8bf615f81363dab20ac3298d4 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://geekprank.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload date Fri, 14 Apr 2023 20:45:24 GMT via 1.1 google x-buildnumber 832971200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206 x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://geekprank.com x-hostname fen-hoothoot-europe-west1-spot-1dhj cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie expires Fri, 14 Apr 2023 20:45:23 GMT
GET H2	200	wrap.js Show response cdn.confiant-integrations.net/gptprebidnative/202304111045/ Frame 3DAA	239 KB 74 KB	70ms 68ms	Script application/javascript	2606:4700:4400::6812:220a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/gptprebidnative/202304111045/wrap.js Requested by Host: cdn.confiant-integrations.net URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90db7c2929c1f8fa3cb7be282e5c88ce131312749bb86d8eed33f6757e57f772 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:24 GMT content-encoding br cf-cache-status HIT last-modified Tue, 11 Apr 2023 14:47:39 GMT server cloudflare x-amz-request-id 9437A3M1M2VF86E8 age 272484 etag W/"7371672e2ad6b3b9469c4dc5cc2f6c08" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 7b7ecad318fc0b61-OSL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 9dmqhi9VtrNFlRnn5jJTKjqRS/+Bx72Nk+7YVBXAmPnWlSxLSMIdZGcK6pfn37vv3DJ8foNmpyc=
POST H3	200	v2vuhbfpl4bV04XhD0-hCvrv3fspr3oUyn-ulf8A2lt3GtIXprpLyHGPrOC3yjZemzbv1DdDFVkY Show response volatilevessel.com/ Frame 3DAA	3 B 27 B	84ms 84ms	Fetch application/json	2600:1901:0:328a::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://volatilevessel.com/v2vuhbfpl4bV04XhD0-hCvrv3fspr3oUyn-ulf8A2lt3GtIXprpLyHGPrOC3yjZemzbv1DdDFVkY Requested by Host: volatilevessel.com URL: https://volatilevessel.com/v2xpaoSD5AkTB5bpypLUtJVY-Co85OKJb1bSF3d438PvSXfXWmqHQ7E_xuQ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://geekprank.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload date Fri, 14 Apr 2023 20:45:24 GMT via 1.1 google x-buildnumber 832971200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://geekprank.com x-hostname fen-hoothoot-europe-west1-spot-1dhj access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/ Frame 3DAA	398 KB 124 KB	249ms 79ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304100101/pubads_impl.js?cb=31073791 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2d3b45a4be3864673801baea2c3f066e1c7320bab56d3c7818d7484cf1811696 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 11:22:06 GMT content-encoding br x-content-type-options nosniff age 33798 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126408 x-xss-protection 0 server cafe etag 11042757488233447259 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 13 Apr 2024 11:22:06 GMT
GET H2	200	px.gif ad-delivery.net/ Frame 3DAA	43 B 340 B	187ms 67ms	Image image/gif	2606:4700:20::ac43:4513
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=2 Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4513 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 170824 x-guploader-uploadid ADPycdvYhDnvO2b9GuX9kA7eTVJjsnzm3R6zaFNuj7xQ7dmCvusrOsxzFqwhLPXOQYDUSgytJM_z1cB2Zyq6gciwT1Dpsg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tkS%2B2x4Hk8kfKYiU1QOKZR%2BcIFUs1OR85ogPxmvme7Z4IgawfgEExKvXxxNNCQ6QmTND5Axd7Lvf3EFFgXivsrFFD2ihbC7WNH02AqTL3wUfZxV2WvTV78BkSD88D4DMRGEsOUJthzWyh%2BqxQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 7b7ecad8096ed953-HEL expires Wed, 12 Apr 2023 22:01:43 GMT
GET H2	200	favicon.ico ad.doubleclick.net/ Frame 3DAA	1 KB 571 B	259ms 77ms	Image image/x-icon	142.250.185.70
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.70 -, , ASN (), Reverse DNS Software sffe / Resource Hash d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 08:03:02 GMT content-encoding gzip x-content-type-options nosniff age 45743 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 104 x-xss-protection 0 last-modified Tue, 08 May 2012 13:08:06 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/x-icon access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 15 Apr 2023 08:03:02 GMT
GET H2	200	px.gif ad-delivery.net/ Frame 3DAA	43 B 927 B	184ms 65ms	Image image/gif	2606:4700:20::ac43:4513
General Check archive.org Show headers Download Go to Show image Full URL https://ad-delivery.net/px.gif?ch=1&e=0.7224114940343336 Requested by Host: geekprank.com URL: https://geekprank.com/fake-virus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4513 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 170824 x-guploader-uploadid ADPycdvYhDnvO2b9GuX9kA7eTVJjsnzm3R6zaFNuj7xQ7dmCvusrOsxzFqwhLPXOQYDUSgytJM_z1cB2Zyq6gciwT1Dpsg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 5 x-goog-stored-content-encoding identity content-length 43 last-modified Wed, 05 May 2021 19:25:32 GMT server cloudflare etag "ad4b0f606e0f8465bc4c4c170b37e1a3" vary Accept-Encoding x-goog-generation 1620242732037093 content-type image/gif access-control-allow-origin * x-goog-hash crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKEEcf%2F06QO9vrQyuDGlUKp9R63BCmf0VPmuKjX97lf3vRxxxpGrsQipwAn2OY2GRmOmntJVRHvt6GZFsVNJwaqSqRj6DwMXLzjxYpTV8mp0M3Pzh37m7mA8fx9A%2BquUsid1dMf8QstspxeDwQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 43 accept-ranges bytes cf-ray 7b7ecad80971d953-HEL expires Wed, 12 Apr 2023 22:01:43 GMT
OPTIONS H2	200	floors api.floors.dev/sgw/v1/ Frame	0 0	486ms 342ms	Preflight	34.160.128.112
General Check archive.org Show headers Download Go to Full URL https://api.floors.dev/sgw/v1/floors Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.128.112 -, , ASN (), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload; Request headers Accept */* Access-Control-Request-Headers content-type,x-api-key Access-Control-Request-Method POST Origin https://geekprank.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key access-control-allow-methods ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL access-control-allow-origin https://geekprank.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 date Fri, 14 Apr 2023 20:45:25 GMT expires 0 pragma no-cache strict-transport-security max-age=31536000;includeSubDomains;preload; via 1.1 google
POST H3	200	floors Show response api.floors.dev/sgw/v1/ Frame 3DAA	2 KB 2 KB	199ms 93ms	Fetch application/json	34.160.128.112
General Check archive.org Show headers Download Go to Full URL https://api.floors.dev/sgw/v1/floors Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/3587b8b6ea1364e7983dde86521b19e97edd6807/pubfig.engine.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.160.128.112 -, , ASN (), Reverse DNS Software / Resource Hash 19a12d722702aa31e9719ce37d3c16e1347c78b32f1eca1987be34046f82283a Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload; Request headers Referer https://geekprank.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 x-api-key 4e799501-b8b6-4ef1-bad5-225b3dd1aa8d Content-Type application/json Response headers pragma no-cache date Fri, 14 Apr 2023 20:45:25 GMT strict-transport-security max-age=31536000;includeSubDomains;preload; via 1.1 google access-control-max-age 3600 access-control-allow-methods ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL content-type application/json access-control-allow-origin https://geekprank.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
GET H2	200	analytics.min.js Show response a.pub.network/core/analytics/1.1.1/ Frame 3DAA	13 KB 6 KB	74ms 73ms	Script application/javascript	2606:4700::6812:15ce CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.pub.network/core/analytics/1.1.1/analytics.min.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/3587b8b6ea1364e7983dde86521b19e97edd6807/pubfig.engine.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56962bc48f2acb175c71b59298782cc1e841afb9f725986955105139e52078e9 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:25 GMT content-encoding gzip cf-cache-status HIT age 928 x-guploader-uploadid ADPycdvhMZorP1YnTwmEKAE66rYsCrcoxZGmmpOXY50v07rYs3kmfenv5ayBHUhdWq95iu-nbtFp21heszYSOZJB9GErlQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity last-modified Tue, 21 Mar 2023 16:29:06 GMT server cloudflare etag W/"9faa51c72267d7040ea861c2a59c266f" vary Accept-Encoding x-goog-hash crc32c=Yy7HVA==, md5=n6pRxyJn1wQOqGHCpZwmbw== x-goog-generation 1679416146332026 content-type application/javascript access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600 x-goog-stored-content-length 13155 cf-ray 7b7ecad7ad30b529-OSL expires Fri, 14 Apr 2023 21:45:25 GMT
GET H2	200	country Show response api.btloader.com/ Frame 3DAA	16 B 203 B	291ms 170ms	Fetch application/json	130.211.23.194
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/country Requested by Host: freestar-io.videoplayerhub.com URL: https://freestar-io.videoplayerhub.com/gallery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 -, , ASN (), Reverse DNS Software / Resource Hash 0276c38bdce11b6761cc269e4ad45e261b186650699db6a481c7df95173d04e9 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:25 GMT via 1.1 google vary Origin content-type application/json access-control-allow-origin * cache-control private, max-age=300, stale-while-revalidate=600, stale-if-error=600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16
GET H2	204	pv Show response api.btloader.com/ Frame 3DAA	0 66 B	291ms 171ms	XHR text/plain	130.211.23.194
General Check archive.org Show headers Download Go to Full URL https://api.btloader.com/pv?tid=EckZ7O7Zg&w=5727411657244672&o=5714937848528896&cv=2.1.10-3-g4120aac&r=false&vr=0x0&pageURL=https%3A%2F%2Fs1monwork.cf%2F&sid=0meP15xJfH&upapi=true Requested by Host: freestar-io.videoplayerhub.com URL: https://freestar-io.videoplayerhub.com/gallery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 130.211.23.194 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers access-control-allow-origin * date Fri, 14 Apr 2023 20:45:25 GMT cache-control no-cache, no-store, must-revalidate via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 vary Origin
POST H3	200	c Show response c.pub.network/v2/ Frame 3DAA	36 B 53 B	139ms 84ms	Fetch text/plain	34.160.152.31
General Check archive.org Show headers Download Go to Full URL https://c.pub.network/v2/c Requested by Host: a.pub.network URL: https://a.pub.network/core/analytics/1.1.1/analytics.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.160.152.31 -, , ASN (), Reverse DNS Software / Resource Hash e86135b08a2538cf008d7cc019027e50919eb4e4be4655c8d863b2bf893345e5 Request headers Referer https://geekprank.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type application/json Response headers date Fri, 14 Apr 2023 20:45:26 GMT via 1.1 google vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type text/plain;charset=utf-8 access-control-allow-origin https://geekprank.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36
GET		json gum.criteo.com/sid/ Frame 3DAA	0 0
GET H2	200	pbhid Show response id.hadron.ad.gt/api/v1/ Frame 3DAA	141 B 305 B	252ms 81ms	XHR application/json	2606:4700:10::6816:445
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.37.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:445 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 8ac29b3dafaf80097d78b9cbf67c548a9bb92eec92c21278f777e09394964db3 Request headers Referer https://geekprank.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain Response headers date Fri, 14 Apr 2023 20:45:25 GMT content-encoding gzip server cloudflare allow POST, OPTIONS, GET vary Accept-Encoding content-type application/json access-control-allow-origin * cf-ray 7b7ecadd2c2eb4eb-OSL access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET		envelope api.rlcdn.com/api/identity/ Frame 3DAA	0 0
GET H2	200	ProfilesEngineServlet Show response api.intentiq.com/profiles_engine/ Frame 3DAA	95 B 832 B	381ms 176ms	XHR text/html	13.32.121.27
General Check archive.org Show headers Download Go to Full URL https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&iiqidtype=2&iiqpcid=6187a16a-3773-4520-9781-0be99d57b995 Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.37.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.121.27 -, , ASN (), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash ddde4cd604189e8e61603f659d80056c953459a0d55ab8c7cc8cdd2d80aa7fc7 Request headers Referer https://geekprank.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain Response headers date Fri, 14 Apr 2023 20:45:26 GMT via 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" patent https://www.almondnet.com/ip alt-svc h3=":443"; ma=86400 pragma no-cache server Apache-Coyote/1.1 vary Origin access-control-allow-methods POST, GET content-type text/html access-control-allow-origin https://geekprank.com access-control-max-age 3600 access-control-allow-credentials true cache-control no-cache, no-store, must-revalidate access-control-allow-headers Content-Type, Accept, X-Requested-With, remember-me x-amz-cf-id dOQ7zV0Fw-5sV3AY5yktUR6nj_miP4FwHS_gX0M99ByU55vyLRjYZg== expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	rid Show response match.adsrvr.org/track/ Frame 3DAA	63 B 389 B	323ms 93ms	XHR application/json	35.71.131.137
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.37.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 -, , ASN (), Reverse DNS Software / Resource Hash 7084c13fcb534052b34cafb537274728af8b088eaac550d219ccb305656c3585 Request headers Referer https://geekprank.com/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain Response headers date Fri, 14 Apr 2023 20:45:26 GMT x-aspnet-version 4.0.30319 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://geekprank.com cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 63 expires Sun, 14 May 2023 20:45:26 GMT
OPTIONS H2	200	c c.pub.network/v2/ Frame	0 0	297ms 177ms	Preflight	34.160.152.31
General Check archive.org Show headers Download Go to Full URL https://c.pub.network/v2/c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.160.152.31 -, , ASN (), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://geekprank.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://geekprank.com access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 14 Apr 2023 20:45:25 GMT vary Origin Access-Control-Request-Method Access-Control-Request-Headers via 1.1 google
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	305ms 82ms	Preflight application/json	2a02:2638:d::d
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fs1monwork.cf%2F&domain=geekprank.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::d -, , ASN (), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://geekprank.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://geekprank.com cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Fri, 14 Apr 2023 20:45:25 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 284972 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	quant.js Show response secure.quantserve.com/ Frame 3DAA	22 KB 9 KB	88ms 88ms	Script application/javascript	2620:116:800d:21:b314:a0ef:ab7c:d546 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: a.pub.network URL: https://a.pub.network/core/pubfig/3587b8b6ea1364e7983dde86521b19e97edd6807/pubfig.engine.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:25 GMT content-encoding gzip etag "DUHyBE1e2vdA+NAhXV6BXg==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Fri, 21 Apr 2023 20:45:25 GMT
GET H2	200	hadronid id.hadron.ad.gt/api/v1/ Frame 3DAA	14 KB 0	292ms 176ms	Script text/plain	2606:4700:10::6816:445
General Check archive.org Show headers Download Go to Full URL https://id.hadron.ad.gt/api/v1/hadronid?_it=prebid&partner_id=474&_it=prebid Requested by Host: a.pub.network URL: https://a.pub.network/core/prebid-analytics-7.37.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:445 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer https://geekprank.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:45:26 GMT cf-cache-status DYNAMIC server cloudflare access-control-allow-methods HEAD,GET,POST,PUT,DELETE,OPTIONS content-type Content-Type; text/javascript; charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true debug NON-OPTIONS access-control-allow-headers authorization content-length 55794 cf-ray 7b7ecaddfb51b500-OSL
POST		cookie_sync s2s.t13.io/ Frame 3DAA	0 0
POST		auction s2s.t13.io/openrtb2/ Frame 3DAA	0 0
POST		translator hbopenbid.pubmatic.com/ Frame 3DAA	0 0
POST		hbjson grid.bidswitch.net/ Frame 3DAA	0 0
POST		bid ap.lijit.com/rtb/ Frame 3DAA	0 0
POST		prebid ib.adnxs.com/ut/v3/ Frame 3DAA	0 0
POST		auction tlx.3lift.com/header/ Frame 3DAA	0 0
OPTIONS		c c.pub.network/v2/ Frame	0 0
POST		c c.pub.network/v2/ Frame 3DAA	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

gum.criteo.com

URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fs1monwork.cf%2F&domain=geekprank.com&cw=1&lsw=1

Domain

api.rlcdn.com

URL

https://api.rlcdn.com/api/identity/envelope?pid=106

Domain

s2s.t13.io

URL

https://s2s.t13.io/cookie_sync

Domain

s2s.t13.io

URL

https://s2s.t13.io/openrtb2/auction

Domain

hbopenbid.pubmatic.com

URL

https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain

grid.bidswitch.net

URL

https://grid.bidswitch.net/hbjson

Domain

ap.lijit.com

URL

https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.0

Domain

ib.adnxs.com

URL

https://ib.adnxs.com/ut/v3/prebid

Domain

tlx.3lift.com

URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.37.0&referrer=https%3A%2F%2Fs1monwork.cf%2F&tmax=1044

Domain

c.pub.network

URL

https://c.pub.network/v2/c

Domain

c.pub.network

URL

https://c.pub.network/v2/c