geekprank.com
Open in
urlscan Pro
2606:4700:3035::6815:4e75
Public Scan
Effective URL: https://geekprank.com/fake-virus/
Submission Tags: @phishunt_io
Submission: On November 02 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by E1 on October 4th 2023. Valid for: 3 months.
This is the only time geekprank.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN36352 (AS-COLOCROSSING, US)
PTR: mail4.1hqfy1.cn
open.spotify.com.0b.lol |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network |
ASN16509 (AMAZON-02, US)
static.adsafeprotected.com |
ASN16509 (AMAZON-02, US)
secure.quantserve.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-125-110.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
geekprank.com
geekprank.com — Cisco Umbrella Rank: 415663 |
119 KB |
7 |
quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3190 test.cmp.quantcast.com — Cisco Umbrella Rank: 11889 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 13468 |
194 KB |
3 |
volatilevessel.com
volatilevessel.com — Cisco Umbrella Rank: 74549 |
24 KB |
2 |
pub.network
a.pub.network — Cisco Umbrella Rank: 4389 d.pub.network — Cisco Umbrella Rank: 4659 |
48 KB |
1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212 |
635 B |
1 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245 |
9 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462 |
253 B |
1 |
adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587 |
483 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
88 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 762 |
33 KB |
1 |
0b.lol
1 redirects
open.spotify.com.0b.lol |
249 B |
32 | 11 |
Domain | Requested by | |
---|---|---|
13 | geekprank.com |
geekprank.com
|
5 | cmp.quantcast.com |
geekprank.com
cmp.quantcast.com |
3 | volatilevessel.com |
a.pub.network
volatilevessel.com |
1 | audit-tcfv2.cmp.quantcast.com |
cmp.quantcast.com
|
1 | test.cmp.quantcast.com |
cmp.quantcast.com
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | secure.quantserve.com |
cmp.quantcast.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | static.adsafeprotected.com |
geekprank.com
|
1 | d.pub.network |
geekprank.com
|
1 | a.pub.network |
geekprank.com
|
1 | www.googletagmanager.com |
geekprank.com
|
1 | code.jquery.com |
geekprank.com
|
1 | open.spotify.com.0b.lol | 1 redirects |
32 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
geekprank.com E1 |
2023-10-04 - 2024-01-02 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
cmp.quantcast.com R3 |
2023-10-28 - 2024-01-26 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-26 - 2024-02-25 |
a year | crt.sh |
d.pub.network GTS CA 1D4 |
2023-10-07 - 2024-01-05 |
3 months | crt.sh |
volatilevessel.com R3 |
2023-10-14 - 2024-01-12 |
3 months | crt.sh |
static.adsafeprotected.com Amazon RSA 2048 M02 |
2023-07-07 - 2024-08-04 |
a year | crt.sh |
quantserve.com R3 |
2023-10-28 - 2024-01-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://geekprank.com/fake-virus/
Frame ID: F2AFD021385F5EAC314D1A45A8143F34
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
Fake Virus Screen - Files encryptedPage URL History Show full URLs
-
https://open.spotify.com.0b.lol/
HTTP 301
https://geekprank.com/fake-virus/ Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Quantcast Measure (Analytics) Expand
Detected patterns
- \.quantserve\.com/quant\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://open.spotify.com.0b.lol/
HTTP 301
https://geekprank.com/fake-virus/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
geekprank.com/fake-virus/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
geekprank.com/fake-virus/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-latest.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
geekprank.com/fake-virus/ |
690 B 670 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.jpg
geekprank.com/fake-virus/ |
39 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fake-virus.png
geekprank.com/fake-virus/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fake-virus-prank.png
geekprank.com/fake-virus/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cursor.gif
geekprank.com/fake-virus/ |
96 B 605 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fake-hacked-computer.png
geekprank.com/fake-virus/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
files-encrypted-prank.png
geekprank.com/fake-virus/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pay-with-kidneys.png
geekprank.com/fake-virus/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
support.png
geekprank.com/fake-virus/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
260 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
choice.js
cmp.quantcast.com/choice/xncav4ssEzwLp/geekprank.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubfig.min.js
a.pub.network/geekprank-com/ |
120 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scroll.png
geekprank.com/fake-virus/ |
790 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
configs
d.pub.network/v2/sites/geekprank-com/ |
40 KB 5 KB |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
849342d6422c8e4fdb343ee5cd001d64872af0.min.js
volatilevessel.com/bundles/ |
68 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skeleton.gif
static.adsafeprotected.com/ |
43 B 483 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 253 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
22 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2.js
cmp.quantcast.com/tcfv2/ |
160 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-xncav4ssEzwLp.js
rules.quantcount.com/ |
160 B 635 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ |
11 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp2ui-en.js
cmp.quantcast.com/tcfv2/48/ |
280 KB 69 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ |
358 KB 43 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-atp-list.json
cmp.quantcast.com/tcfv2/ |
141 KB 34 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
52ada8d40df3cac2435d23a8cfe53a5660e356ec6b7e0
volatilevessel.com/0/3fb114c2e/ |
303 B 330 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audit-tcfv2.cmp.quantcast.com/ |
2 B 101 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cookie-icon.jpg
geekprank.com/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
dece8ec78c3a3bed419ce3b580fca11ebadb3399
volatilevessel.com/614adda21e0e44/ |
3 B 29 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
region1.google-analytics.com/g/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- region1.google-analytics.com
- URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-YSFP0RLNB7>m=45je3au1v890152210&_p=1174144630&gcd=11l1l1l1l1&cid=10173276.1698945171&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1698945171&sct=1&seg=0&dl=https%3A%2F%2Fgeekprank.com%2Ffake-virus%2F&dt=Fake%20Virus%20Screen%20-%20Files%20encrypted&en=scroll&epn.percent_scrolled=90&_et=11
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| $ function| jQuery function| startTimer function| checkSecond function| __tcfapi function| __uspapi object| freestar function| gtag object| dataLayer function| admiral object| googletag object| fsCmpInitMessage function| 4dm1r11545242527 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _qevents function| quantserve function| __qc object| ezt object| _qoptions object| regeneratorRuntime function| __tcfapiui4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.pub.network/ | Name: _fsuid Value: b954c296-a0cf-480a-8942-e0ffa81e75a0 |
|
.geekprank.com/ | Name: _ga Value: GA1.1.10173276.1698945171 |
|
.geekprank.com/ | Name: _ga_YSFP0RLNB7 Value: GS1.1.1698945171.1.0.1698945171.0.0.0 |
|
.geekprank.com/ | Name: _awl Value: 2.1698945171.5-47e79c77564c36be2a37f35d877fee93-6763652d6575726f70652d7765737431-0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.pub.network
audit-tcfv2.cmp.quantcast.com
cmp.quantcast.com
code.jquery.com
d.pub.network
geekprank.com
open.spotify.com.0b.lol
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
static.adsafeprotected.com
test.cmp.quantcast.com
volatilevessel.com
www.googletagmanager.com
region1.google-analytics.com
172.245.228.158
2001:4860:4802:34::36
2600:1901:0:328a::1
2600:9000:2171:2600:9:46dc:4700:93a1
2600:9000:223c:6400:6:44e3:f8c0:93a1
2600:9000:223f:fe00:8:48e:53c0:93a1
2600:9000:2644:6000:3:a4cd:8380:93a1
2606:4700:3035::6815:4e75
2606:4700::6812:15ce
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:82b::2008
2a04:4e42::649
34.160.152.31
54.93.125.110
0391f0332b098baa8b987ce0f9a9517afd5a76d7870a90fe95459df3668f4d9d
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214
067b6d459cf7754642cc35755d0f580189563a62679a648321722387a6943b7e
0dcfb190826da98dca89d80af068dd7f77d8388798728da41592dfcf94bf0f85
1c87922d76e88063895836fd079f851987fc9be84e4687fd9dd4b835f50ad8b2
2c49271eb5a6fd2a1b666681205375f55b87c2f729483496644060d76ca4d470
306b095e8c1105edee548daca8e0aa7c6607e34274737251c7b1b4d564d1eb80
38d6005ddaf44cffe037d44e265678ec6e1579fa82ee3267fa1bea8d9f1679bb
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
46af09a4b95a6d4752b77f2644420d30923309dde813616ddd982ad2791fb570
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
66b10ea3e40d0c51fe998ab2c4ba55b69d0f3b0766e128b86885fac97c70ed6e
6fa352a257c3d3fa7c579cc0cca85b85457065eb4cc6d9b13600d4ce5274a345
842a3c167e5062aeb5a122ac53ff4a41869f7486a84f2ef391ec5af1615147d7
86f04c423c9fffa5e9f58e7c73f9de1aeb31cd66afddbe20898fc1a8c503c59a
8b070d2d5c5921de7e62b465419d957afb17b7f7c82e6185290d6a365161a98e
8c78fec1348dca0507ee787ad63d41bc7b9bad64084f3a7e49ddf27f1d474e96
939b53e0db3ebee47feea39fe0f449d745c8c99dc574103678834a58e43863d3
a2c758ef8f1920eb17860ac6a2b2a0ee7db8725eff3e84a1492267f0a6445860
a90763881f13269758470bab2d02d9ae6122a8f3349cb057055ca44ada6c0c19
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
c6cbf4913eaf07c9e7b483efae5c5780d44b6737cf2d1ebcdf6374778ee51655
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa4272a46c45321d072e130536e1dc58ad3657c2bda33e98c2c8d5107d4bb02
cd3eae76484319735087da48a61062c94c45e1a903f9b2b4e20ee5bbc5c84703
d2353e851fbd7bbac7214119c409ec1e50dd44bd92ad844efd5cf662ade0d871
d9c42d24bff5c44e2f82f65616c142cb6adaa6617973fbeb13d58157a3524157
e2d401593b60264353e2116231aca0027a9cae92da4be6b21bfa69a3ff900b8a
e31b5718a4b54cfc8455c60942b6c1925b39b08edf8e6db936d1fa828c383e4e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855