www.geniusproject.com Open in urlscan Pro
75.126.4.115 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://disq.us/?url=http%3A%2F%2Fwww.rmiembassyus.org%2Fmedia%2Fjui%2Fjs%2F&key=i5ElDKzVfYplZuUVH2XYTg
Effective URL:
https://www.geniusproject.com/sites/default/default.settings.php
Submission Tags: 6616641
Submission: On June 07 via api (June 7th 2020, 10:27:54 pm UTC) from NL

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 75.126.4.115, located in Dallas, United States and belongs to SOFTLAYER, US. The main domain is www.geniusproject.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 20th 2019. Valid for: 2 years.

This is the only time www.geniusproject.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: LinkedIn (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1	151.101.128.64 151.101.128.64	54113 (FASTLY) (FASTLY)
1 1	216.110.146.30 216.110.146.30	3064 (AFFINITY-FTL) (AFFINITY-FTL)
3	75.126.4.115 75.126.4.115	36351 (SOFTLAYER) (SOFTLAYER)
4	2606:2800:233... 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990	15133 (EDGECAST) (EDGECAST)
8	3

1 151.101.128.64 (United States)

ASN54113 (FASTLY, US)

disq.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.110.146.30 (United States) 1 redirects

ASN3064 (AFFINITY-FTL, US)

www.rmiembassyus.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 75.126.4.115 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 73.04.7e4b.ip4.static.sl-reverse.com

www.geniusproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 (United States)

ASN15133 (EDGECAST, US)

static.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	licdn.com static.licdn.com	138 KB
3	geniusproject.com www.geniusproject.com	44 KB
1	rmiembassyus.org 1 redirects www.rmiembassyus.org	304 B
1	disq.us disq.us	601 B
8	4

	Domain	Requested by
4	static.licdn.com	www.geniusproject.com
3	www.geniusproject.com	disq.us static.licdn.com
1	www.rmiembassyus.org	1 redirects
1	disq.us
8	4

This site contains links to these domains. Also see Links.

Domain
linkedin.com

Subject Issuer	Validity	Valid
*.geniusproject.com Go Daddy Secure Certificate Authority - G2	`2019-11-20` - `2022-02-06`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2021-10-14`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.geniusproject.com/sites/default/default.settings.php
Frame ID: E061CB440F133E3F000F2614B04F7692
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://disq.us/?url=http%3A%2F%2Fwww.rmiembassyus.org%2Fmedia%2Fjui%2Fjs%2F&key=i5ElDKzVfYp... Page URL
http://www.rmiembassyus.org/media/jui/js/ HTTP 302
https://www.geniusproject.com/sites/default/default.settings.php Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

88 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

182 kB
Transfer

669 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://linkedin.com/help/linkedin/answer/34593?lang=en&trk=d_checkpoint_lg_consumerLogin_ft_community_guidelines
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: https://linkedin.com/help/linkedin?trk=d_checkpoint_lg_consumerLogin_ft_send_feedback&lang=en
Title: Send Feedback

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://disq.us/?url=http%3A%2F%2Fwww.rmiembassyus.org%2Fmedia%2Fjui%2Fjs%2F&key=i5ElDKzVfYplZuUVH2XYTg Page URL
http://www.rmiembassyus.org/media/jui/js/ HTTP 302
https://www.geniusproject.com/sites/default/default.settings.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
disq.us/ 294 B
601 B 213ms
182ms Document
text/html 151.101.128.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

http://disq.us/?url=http%3A%2F%2Fwww.rmiembassyus.org%2Fmedia%2Fjui%2Fjs%2F&key=i5ElDKzVfYplZuUVH2XYTg

Protocol

HTTP/1.1

Server

151.101.128.64 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disq.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Content-Type: text/html
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Sun, 07 Jun 2020 23:27:17 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
X-Backend: shortener
Disqus-Cachetype: TTL
Disqus-NoCache: 1
Content-Length: 206
Date: Sun, 07 Jun 2020 22:27:17 GMT
Age: 0
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

Primary Request default.settings.php Show response
www.geniusproject.com/sites/default/
Redirect Chain

http://www.rmiembassyus.org/media/jui/js/
https://www.geniusproject.com/sites/default/default.settings.php

22 KB
7 KB

753ms
169ms

Document
text/html

75.126.4.115
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geniusproject.com/sites/default/default.settings.php

Requested by

Host: disq.us
URL: http://disq.us/?url=http%3A%2F%2Fwww.rmiembassyus.org%2Fmedia%2Fjui%2Fjs%2F&key=i5ElDKzVfYplZuUVH2XYTg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

75.126.4.115 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

73.04.7e4b.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e7b722538d6fbe7319a2f3fec61281484159f2f1b67b87f1f29a6ff8a6204bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Host: www.geniusproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://disq.us/?url=http%3A%2F%2Fwww.rmiembassyus.org%2Fmedia%2Fjui%2Fjs%2F&key=i5ElDKzVfYplZuUVH2XYTg
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://disq.us/?url=http%3A%2F%2Fwww.rmiembassyus.org%2Fmedia%2Fjui%2Fjs%2F&key=i5ElDKzVfYplZuUVH2XYTg

Response headers

Server: nginx
Date: Sun, 07 Jun 2020 22:29:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Cache: BYPASS
Content-Encoding: gzip

Redirect headers

Date: Sun, 07 Jun 2020 22:27:18 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1+hw3
Location: https://www.geniusproject.com/sites/default/default.settings.php
Keep-Alive: timeout=5, max=256
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 31mqu6a6sydhthsyjzi3v5coe Show response
static.licdn.com/sc/h/br/ 70 KB
20 KB 30ms
8ms Script
text/javascript 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.licdn.com/sc/h/br/31mqu6a6sydhthsyjzi3v5coe
Requested by: Host: www.geniusproject.com
URL: https://www.geniusproject.com/sites/default/default.settings.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F4C) /
Resource Hash: 1cfe4c996a730d4001d94dc792f36503e3d055aa129a1fbbb9f739180fa4a19e

Request headers

Referer: https://www.geniusproject.com/sites/default/default.settings.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 22:27:19 GMT
content-encoding: br
content-type: text/javascript
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 2654731
x-fs-txn-id: 2ae247923e90
x-cache: HIT
status: 200
x-cdn-proto: HTTP2
content-length: 19607
x-li-uuid: lEKui/b0DBZwtc+7XSsAAA==
server: ECAcc (frc/8F4C)
timing-allow-origin: *
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-pop: prod-edc2
cache-control: max-age=31536000, immutable
vary: Accept-Encoding
x-li-fabric: prod-lva1
access-control-allow-origin: *
access-control-expose-headers: X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
x-li-proto: http/1.1
accept-ranges: bytes
x-li-static-content: 1
x-fs-uuid: 06d7c1a445b102167085df15c82a0000
expires: Thu, 06 May 2021 00:49:31 GMT

GET
H2 200 64qgwz5qqroaggxqxu6370jvs Show response
static.licdn.com/sc/h/br/ 185 KB
83 KB 35ms
13ms Script
text/javascript 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.licdn.com/sc/h/br/64qgwz5qqroaggxqxu6370jvs
Requested by: Host: www.geniusproject.com
URL: https://www.geniusproject.com/sites/default/default.settings.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA2) /
Resource Hash: 5439c1a615806b62849178f075c081bd09a195233477f3b324a1531c4bf20a4a

Request headers

Referer: https://www.geniusproject.com/sites/default/default.settings.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 22:27:19 GMT
content-encoding: br
content-type: text/javascript
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 2654776
x-fs-txn-id: 2b91728e4e50
x-cache: HIT
status: 200
x-cdn-proto: HTTP2
content-length: 85215
x-li-uuid: eUb9Muz0DBaAwk5kWysAAA==
server: ECAcc (frc/8EA2)
timing-allow-origin: *
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-pop: prod-edc2
cache-control: max-age=31536000, immutable
vary: Accept-Encoding
x-li-fabric: prod-lva1
access-control-allow-origin: *
access-control-expose-headers: X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
x-li-proto: http/1.1
accept-ranges: bytes
x-li-static-content: 1
x-fs-uuid: cb213c29f5280b16c03ace0b252b0000
expires: Sun, 02 May 2021 08:32:07 GMT

GET
H2 200 39q1xngfynmqegl2ijphoun57 Show response
static.licdn.com/sc/h/br/ 63 KB
16 KB 42ms
21ms Script
text/javascript 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.licdn.com/sc/h/br/39q1xngfynmqegl2ijphoun57
Requested by: Host: www.geniusproject.com
URL: https://www.geniusproject.com/sites/default/default.settings.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA8) /
Resource Hash: 7a911a2da379cea15d972eceae5a13918db397ae2110e20349d7323c60b1e446

Request headers

Referer: https://www.geniusproject.com/sites/default/default.settings.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 22:27:19 GMT
content-encoding: br
content-type: text/javascript
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 2654776
x-fs-txn-id: 2b9e1c91dd40
x-cache: HIT
status: 200
x-cdn-proto: HTTP2
content-length: 16606
x-li-uuid: WXUUIez0DBaA8hV1misAAA==
server: ECAcc (frc/8EA8)
timing-allow-origin: *
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-pop: prod-efr5
cache-control: max-age=31536000, immutable
vary: Accept-Encoding
x-li-fabric: prod-lva1
access-control-allow-origin: *
access-control-expose-headers: X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
x-li-proto: http/1.1
accept-ranges: bytes
x-li-static-content: 1
x-fs-uuid: d6405a5ce1d50116e032c292262b0000
expires: Sun, 18 Apr 2021 04:49:10 GMT

GET
H2 200 %2Fcheckpoint-frontend%2Fstylesheets%2Flogin%2Forganic%2Fdesktop_en_US.css
static.licdn.com/sc/p/com.linkedin.checkpoint%3Acheckpoint-static-content%2B2.0.647/f/ 156 KB
18 KB 41ms
21ms Stylesheet
text/css 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.licdn.com/sc/p/com.linkedin.checkpoint%3Acheckpoint-static-content%2B2.0.647/f/%2Fcheckpoint-frontend%2Fstylesheets%2Flogin%2Forganic%2Fdesktop_en_US.css
Requested by: Host: www.geniusproject.com
URL: https://www.geniusproject.com/sites/default/default.settings.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E99) /
Resource Hash: 203eaa07150030c25a469cc308b564930ece1e9268fc2cdd21de491036810b51

Request headers

Referer: https://www.geniusproject.com/sites/default/default.settings.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Jun 2020 22:27:19 GMT
content-encoding: gzip
content-type: text/css
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cdn: ECST
age: 2654731
x-fs-txn-id: 2ab2e2519e90
x-cache: HIT
status: 200
x-cdn-proto: HTTP2
content-length: 18214
x-li-uuid: rPCCjPb0DBawaWqv9CoAAA==
server: ECAcc (frc/8E99)
timing-allow-origin: *
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-pop: prod-edc2
cache-control: max-age=31536000, immutable
x-cdn-client-ip-version: IPV6
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
access-control-allow-origin: *
access-control-expose-headers: X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
x-li-proto: http/1.1
accept-ranges: bytes
x-li-static-content: 1
x-fs-uuid: 1b3c9b2117a7f91540862677122b0000
expires: Tue, 20 Apr 2021 14:10:39 GMT

POST
H/1.1 404
Not Found track Show response
www.geniusproject.com/li/ 86 KB
19 KB 1392ms
1391ms XHR
text/html 75.126.4.115
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geniusproject.com/li/track

Requested by

Host: static.licdn.com
URL: https://static.licdn.com/sc/h/br/39q1xngfynmqegl2ijphoun57

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

75.126.4.115 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

73.04.7e4b.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

80f9b4e66410a02d8c9567e5a8742e1d66873a4d86afbddcd02321a94c68bfc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.geniusproject.com/sites/default/default.settings.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

Date: Sun, 07 Jun 2020 22:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Link: <https://www.geniusproject.com/>; rel="canonical",<https://www.geniusproject.com/>; rel="shortlink"
X-Frame-Options: SAMEORIGIN
Content-Language: en
X-Generator: Drupal 7 (https://www.drupal.org)
Cache-Control: no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Expires: Sun, 19 Nov 1978 05:00:00 GMT

POST
H/1.1 404
Not Found track Show response
www.geniusproject.com/li/ 86 KB
19 KB 1672ms
1339ms XHR
text/html 75.126.4.115
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geniusproject.com/li/track

Requested by

Host: static.licdn.com
URL: https://static.licdn.com/sc/h/br/39q1xngfynmqegl2ijphoun57

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

75.126.4.115 Dallas, United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

73.04.7e4b.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

1d218be8a431f43385f5c271047bf55745ebd0d7adbba438649cc8ac7b43dc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Csrf-Token
Referer: https://www.geniusproject.com/sites/default/default.settings.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Sun, 07 Jun 2020 22:29:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Link: <https://www.geniusproject.com/>; rel="canonical",<https://www.geniusproject.com/>; rel="shortlink"
X-Frame-Options: SAMEORIGIN
Content-Language: en
X-Generator: Drupal 7 (https://www.drupal.org)
Cache-Control: no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Expires: Sun, 19 Nov 1978 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: LinkedIn (Social Network)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://static.licdn.com/sc/h/br/39q1xngfynmqegl2ijphoun57(Line 27) Message: [object XMLHttpRequest]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

disq.us
static.licdn.com
www.geniusproject.com
www.rmiembassyus.org
151.101.128.64
216.110.146.30
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
75.126.4.115
1cfe4c996a730d4001d94dc792f36503e3d055aa129a1fbbb9f739180fa4a19e
1d218be8a431f43385f5c271047bf55745ebd0d7adbba438649cc8ac7b43dc65
203eaa07150030c25a469cc308b564930ece1e9268fc2cdd21de491036810b51
5439c1a615806b62849178f075c081bd09a195233477f3b324a1531c4bf20a4a
7a911a2da379cea15d972eceae5a13918db397ae2110e20349d7323c60b1e446
80f9b4e66410a02d8c9567e5a8742e1d66873a4d86afbddcd02321a94c68bfc7
e7b722538d6fbe7319a2f3fec61281484159f2f1b67b87f1f29a6ff8a6204bf9

www.geniusproject.com Open in urlscan Pro 75.126.4.115 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

182 kBTransfer

669 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

www.geniusproject.com Open in urlscan Pro
75.126.4.115 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

182 kB
Transfer

669 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!