thegeeks.click Open in urlscan Pro
91.210.105.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thegeeks.click/
Effective URL:
https://thegeeks.click/login.php
Submission: On September 22 via manual (September 22nd 2022, 3:55:41 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 91.210.105.114, located in Russian Federation and belongs to HOSTKEY-RU-AS, NL. The main domain is thegeeks.click.
TLS certificate: Issued by R3 on August 26th 2022. Valid for: 3 months.

This is the only time thegeeks.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	91.210.105.114 91.210.105.114	50867 (HOSTKEY-R...) (HOSTKEY-RU-AS)
8	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3

9 91.210.105.114 (Russian Federation) 2 redirects

ASN50867 (HOSTKEY-RU-AS, NL)
PTR: thegeeks.click

thegeeks.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

www.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	thegeeks.click 2 redirects thegeeks.click	71 KB
8	hcaptcha.com www.hcaptcha.com — Cisco Umbrella Rank: 115120 newassets.hcaptcha.com — Cisco Umbrella Rank: 12497 hcaptcha.com — Cisco Umbrella Rank: 7835	712 KB
15	2

	Domain	Requested by
9	thegeeks.click	2 redirects thegeeks.click
6	newassets.hcaptcha.com	www.hcaptcha.com newassets.hcaptcha.com
1	hcaptcha.com	newassets.hcaptcha.com
1	www.hcaptcha.com	thegeeks.click
15	4

This site contains links to these domains. Also see Links.

Domain
xbtt.sourceforge.net

Subject Issuer	Validity	Valid
thegeeks.click R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://thegeeks.click/login.php
Frame ID: 8D0FFD1B8EF7B47E533DA913534EEED8
Requests: 8 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Frame ID: C397480BF9EB8AE0DE005605D7874020
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Frame ID: 4487080EA876B7874243C85E62F4F99B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TheGeeks :: Login

Page URL History Show full URLs

http://thegeeks.click/ HTTP 302
https://thegeeks.click/main.php HTTP 302
https://thegeeks.click/login.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

783 kB
Transfer

1987 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://xbtt.sourceforge.net/
Title: XBTT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thegeeks.click/ HTTP 302
https://thegeeks.click/main.php HTTP 302
https://thegeeks.click/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
thegeeks.click/
Redirect Chain

http://thegeeks.click/
https://thegeeks.click/main.php
https://thegeeks.click/login.php

4 KB
2 KB

61ms
61ms

Document
text/html

91.210.105.114
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thegeeks.click/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.105.114 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS: thegeeks.click
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 1c16067565d1ed7eb338c986c87c7a0d2723f3bb5cd720092304cf911efbf238

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1759
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Sep 2022 15:55:34 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40

Redirect headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Sep 2022 15:55:34 GMT
Keep-Alive: timeout=5, max=100
Location: /login.php
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40

GET
H/1.1 200
OK ajax.js Show response
thegeeks.click/js/ 6 KB
7 KB 58ms
57ms Script
application/javascript 91.210.105.114
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thegeeks.click/js/ajax.js
Requested by: Host: thegeeks.click
URL: https://thegeeks.click/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.105.114 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS: thegeeks.click
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash: 469f0fcea334289d874e30cd605a320b86b28c853696c72b050c26b6e5ba9d67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegeeks.click/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:55:34 GMT
Last-Modified: Wed, 24 Sep 2008 22:16:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag: "1989-457aba25ef980"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6537

GET
H/1.1 200
OK helpers.js Show response
thegeeks.click/js/ 6 KB
7 KB 162ms
54ms Script
application/javascript 91.210.105.114
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thegeeks.click/js/helpers.js
Requested by: Host: thegeeks.click
URL: https://thegeeks.click/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.105.114 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS: thegeeks.click
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash: c688e6109218e070cde77707e7f8e2362aad6a04b3dd05051a7ab18a328858f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegeeks.click/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:55:34 GMT
Last-Modified: Wed, 24 Sep 2008 22:16:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag: "18d6-457aba25ef980"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6358

GET
H/1.1 200
OK tbz.css
thegeeks.click/css/ 18 KB
18 KB 115ms
57ms Stylesheet
text/css 91.210.105.114
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thegeeks.click/css/tbz.css
Requested by: Host: thegeeks.click
URL: https://thegeeks.click/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.105.114 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS: thegeeks.click
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash: 6b9c7cbd3ba5010a6b404a8312565b7879d1e3f5837be8fe9693d8568aa5fce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegeeks.click/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:55:34 GMT
Last-Modified: Sat, 27 May 2017 01:14:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag: "47fd-550772d3f786a"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 18429

GET
H/1.1 200
OK logo.circuit.jpg
thegeeks.click/pic/large/ 33 KB
34 KB 54ms
54ms Image
image/jpeg 91.210.105.114
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thegeeks.click/pic/large/logo.circuit.jpg
Requested by: Host: thegeeks.click
URL: https://thegeeks.click/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.105.114 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS: thegeeks.click
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash: 1d4bde03cbe7e9c1c7d5d3783dc134dc36848f5752a25b8b045fec001b40e735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegeeks.click/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:55:34 GMT
Last-Modified: Fri, 21 Apr 2017 21:35:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag: "85db-54db40876aac0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34267

GET
H2 200 api.js Show response
www.hcaptcha.com/1/ 281 KB
79 KB 92ms
30ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hcaptcha.com/1/api.js

Requested by

Host: thegeeks.click
URL: https://thegeeks.click/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegeeks.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:55:37 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
etag: W/"84729783ded6e9166650d2e40d1556b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: FRA56-C1
cf-ray: 74ec39d52c26bb9d-FRA
x-amz-cf-id: Hfszw0Ve-Qv0cHf4vpyAFUb4GlxI5EzOP35M6s6DL7RDgl3HmaKdSg==

GET
H/1.1 200
OK dropdown_menu.css
thegeeks.click/css/ 1 KB
1 KB 58ms
58ms Stylesheet
text/css 91.210.105.114
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thegeeks.click/css/dropdown_menu.css
Requested by: Host: thegeeks.click
URL: https://thegeeks.click/css/tbz.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.105.114 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS: thegeeks.click
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash: ffe8ceeaa556305480bebe814fcce2a128b73a319b929c13b626507578a24ff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegeeks.click/css/tbz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:55:34 GMT
Last-Modified: Wed, 24 Sep 2008 22:16:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag: "4bb-457aba25ef980"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1211

GET
H/1.1 200
OK logo.gif
thegeeks.click/pic/filelist/ 1 KB
2 KB 58ms
57ms Image
image/gif 91.210.105.114
HOSTKEY-RU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thegeeks.click/pic/filelist/logo.gif
Requested by: Host: thegeeks.click
URL: https://thegeeks.click/css/tbz.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.210.105.114 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS: thegeeks.click
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash: d8ed04cc86f172e9cf618331dd27bfbfc0318431a044ebe04e6c8122b6f37fb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thegeeks.click/css/tbz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 15:55:34 GMT
Last-Modified: Wed, 24 Sep 2008 22:16:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag: "53a-457aba25ef980"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1338

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/static/ Frame C397 2 KB
897 B 45ms
30ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html

Requested by

Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thegeeks.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 46429
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 74ec39d5bd6dbb9d-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 22 Sep 2022 15:55:37 GMT
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-id: Ove3-fQ7oxG9OvIUKDsW-uewXNJVeRPOs63XoW1RV-IKOl-L1p45YA==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/static/ Frame 4487 2 KB
1022 B 43ms
29ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html

Requested by

Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thegeeks.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 46429
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 74ec39d5bd70bb9d-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 22 Sep 2022 15:55:37 GMT
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-id: Ove3-fQ7oxG9OvIUKDsW-uewXNJVeRPOs63XoW1RV-IKOl-L1p45YA==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/ Frame 4487 281 KB
79 KB 32ms
31ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:55:37 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38834
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
etag: W/"84729783ded6e9166650d2e40d1556b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-C1
cf-ray: 74ec39d60e47bb9d-FRA
x-amz-cf-id: Hfszw0Ve-Qv0cHf4vpyAFUb4GlxI5EzOP35M6s6DL7RDgl3HmaKdSg==

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/ Frame C397 281 KB
79 KB 34ms
34ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:55:37 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 38834
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
etag: W/"84729783ded6e9166650d2e40d1556b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-C1
cf-ray: 74ec39d60e48bb9d-FRA
x-amz-cf-id: Hfszw0Ve-Qv0cHf4vpyAFUb4GlxI5EzOP35M6s6DL7RDgl3HmaKdSg==

GET
DATA 200
OK truncated
/ Frame 4487 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 checksiteconfig Show response
hcaptcha.com/ Frame 4487 543 B
802 B 58ms
45ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=1f7dc62&host=thegeeks.click&sitekey=1bf7aec4-bc95-4a09-8d85-df0bae1ca630&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f25f3063b8250ad39da02fe60aa7719daa9fa83d904f988ddc66e689d595a319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Sep 2022 15:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74ec39d6efffbb9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/40e56577/ Frame C397 956 KB
358 KB 34ms
34ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/40e56577/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ffef3f2e9efc1e758bb019d82ed23650cdead9f383f263f38e77c9b98dcd805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:55:37 GMT
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 22 Sep 2022 10:57:33 GMT
server: cloudflare
etag: W/"84bdb7bd52960277ec334157278a2667"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-P4
cf-ray: 74ec39d7387bbbc2-FRA
x-amz-cf-id: tcRF0nZpRt0JW5C9QNsnWoVOI-VbapHyBC4vrTAOCzgaADeczNB8BQ==

GET
H3 200 e Show response
newassets.hcaptcha.com/i/d5ef5ba/ Frame C397 113 KB
114 KB 31ms
31ms Fetch
application/octet-stream 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/i/d5ef5ba/e

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/c/40e56577/hsw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b88f429e0878e43e76be34e0dba0debe8b60a4883851de1645f0e57456d21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:55:37 GMT
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1386825
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115920
last-modified: Fri, 02 Sep 2022 07:03:20 GMT
server: cloudflare
etag: "ce885833508f58ddc1f45b0d115561ea"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 74ec39d8ec5fbbc2-FRA
x-amz-cf-id: pnhPiFuYfzuadJMsoWEct22p-tb3YwLVkHTUHWwQFiux-gjBJsEHQg==

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			thegeeks.click/	1969-12-31 23:59:59	Name: PHPSESSID Value: k41ipuva67tn5b3svfn63e3257

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hcaptcha.com
newassets.hcaptcha.com
thegeeks.click
www.hcaptcha.com
104.16.168.131
91.210.105.114
1c16067565d1ed7eb338c986c87c7a0d2723f3bb5cd720092304cf911efbf238
1d4bde03cbe7e9c1c7d5d3783dc134dc36848f5752a25b8b045fec001b40e735
469f0fcea334289d874e30cd605a320b86b28c853696c72b050c26b6e5ba9d67
4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
6b9c7cbd3ba5010a6b404a8312565b7879d1e3f5837be8fe9693d8568aa5fce8
9ffef3f2e9efc1e758bb019d82ed23650cdead9f383f263f38e77c9b98dcd805
c688e6109218e070cde77707e7f8e2362aad6a04b3dd05051a7ab18a328858f8
d8ed04cc86f172e9cf618331dd27bfbfc0318431a044ebe04e6c8122b6f37fb9
f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21
f1b88f429e0878e43e76be34e0dba0debe8b60a4883851de1645f0e57456d21e
f25f3063b8250ad39da02fe60aa7719daa9fa83d904f988ddc66e689d595a319
ffe8ceeaa556305480bebe814fcce2a128b73a319b929c13b626507578a24ff2

thegeeks.click Open in urlscan Pro 91.210.105.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

3 IPs

2 Countries

783 kBTransfer

1987 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

1 Cookies

Indicators

thegeeks.click Open in urlscan Pro
91.210.105.114 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

783 kB
Transfer

1987 kB
Size

1
Cookies

15 HTTP transactions
1 data transactions