www.globalgtt.online Open in urlscan Pro
2606:4700:20::ac43:4a4b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Submission: On March 10 via automatic, source openphish (March 10th 2023, 5:11:40 am UTC) — Scanned from DE

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700:20::ac43:4a4b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.globalgtt.online.

This is the only time www.globalgtt.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:20:... 2606:4700:20::ac43:4a4b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	2606:4700:20:... 2606:4700:20::681a:8e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:20:... 2606:4700:20::ac43:4a8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
17	5

5 2606:4700:20::ac43:4a4b (United States)

ASN13335 (CLOUDFLARENET, US)

www.globalgtt.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:8e9 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

lp.cybeready.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4a8b (United States)

ASN13335 (CLOUDFLARENET, US)

lp.cybeready.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	cybeready.net 8 redirects lp.cybeready.net	32 KB
5	globalgtt.online www.globalgtt.online	23 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	31 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
17	5

	Domain	Requested by
16	lp.cybeready.net	8 redirects www.globalgtt.online
5	www.globalgtt.online	www.globalgtt.online cdnjs.cloudflare.com
2	cdnjs.cloudflare.com	www.globalgtt.online
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	lp.cybeready.net
17	5

This site contains links to these domains. Also see Links.

Domain
globalgtt.online
accounts.google.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Frame ID: C173E1982B99354943309B39D99F4C9F
Requests: 14 HTTP requests in this frame

Frame: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678420800
Frame ID: 1A88986BF469EA11F1E33BFE99257EDD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in - Google Accounts

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

12 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

126 kB
Transfer

243 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://globalgtt.online/82ee8ec59qfeee4e1c09152a2bbib11f7836.html
Title: Sign In

Search URL Search Domain Scan URL

URL: http://accounts.google.com/ServiceLogin
Title: Sign in with a different account

Search URL Search Domain Scan URL

URL: https://globalgtt.online/82ee8ec59qfeee4e1c09152a2bbib11f7836.html%3EAbout%20Google%3C/a%3E%3Ca%20href=
Title: Privacy

Search URL Search Domain Scan URL

URL: https://globalgtt.online/82ee8ec59qfeee4e1c09152a2bbib11f7836.html%3ETerms%3C/a%3E%3Ca%20href=
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Request Chain 1

http://lp.cybeready.net/Forms/Google/sanitize.css HTTP 301
https://lp.cybeready.net/Forms/Google/sanitize.css

Request Chain 2

http://lp.cybeready.net/Forms/Google/index.css HTTP 301
https://lp.cybeready.net/Forms/Google/index.css

Request Chain 3

http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Request Chain 4

http://lp.cybeready.net/Forms/Google/validator.js HTTP 301
https://lp.cybeready.net/Forms/Google/validator.js

Request Chain 5

http://lp.cybeready.net/common/landing-page.js HTTP 301
https://lp.cybeready.net/common/landing-page.js

Request Chain 6

http://lp.cybeready.net/Forms/Google/logo.png HTTP 301
https://lp.cybeready.net/Forms/Google/logo.png

Request Chain 7

http://lp.cybeready.net/Forms/Google/avatar.png HTTP 301
https://lp.cybeready.net/Forms/Google/avatar.png

Request Chain 8

http://lp.cybeready.net/Forms/Google/bottom-strip.png HTTP 301
https://lp.cybeready.net/Forms/Google/bottom-strip.png

Request Chain 9

http://lp.cybeready.net/Forms/Google/universal-language.png HTTP 301
https://lp.cybeready.net/Forms/Google/universal-language.png

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 87d9608a8q2ba6435b087536fa4i150504de.html Show response
www.globalgtt.online/ 4 KB
3 KB 154ms
124ms Document
text/html 2606:4700:20::ac43:4a4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a5f5cc05388539bce0b864cd49181ced3692b98d34d5fe39020330102112db6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7a590ec9ce71360a-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 10 Mar 2023 05:11:34 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnOlk8H%2BRDVWuP%2F5ts3%2BRUtkGownkW2QCyZ9ik%2FBgQGz64jva%2FYMzCJA0HHNwsJkHB6Ew94wF75uPfiDTjOOVdo9CxdBGV8BDY6ScFCSxdJwEG3nBZLHV6z%2Ff7f%2FqK2y5ixLbtGDZQJ3W%2FGsK7StB2lH"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
x-amz-expiration: expiry-date="Sun, 19 Mar 2023 00:00:00 GMT", rule-id="DeleteAfter30Days"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2PG_ZKs2ScHott1W38_xW2zpSTCvsf8K

GET
H2

200

font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

23 KB
5 KB

33ms
12ms

Stylesheet
text/css

2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html

Protocol

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2993249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4364
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5cbb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9SCdcDIzhT8KlKwW6TZ%2BdzpnNpPGALA8%2F%2BM33KBpHEAJdufgFyjU0uAAb4N6Dz%2FBlhUpWiRxn26Bp%2BthG7ctSck%2BtcvvC%2B2LVQS6XT7gck3q3Xw%2BwSno1%2FwhOjCw0qNGr6PQPF6SC1pBHfKI2m6Fapy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a590ecadecd9079-FRA
expires: Wed, 28 Feb 2024 05:11:34 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

sanitize.css
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/sanitize.css
https://lp.cybeready.net/Forms/Google/sanitize.css

475 B
677 B

134ms
117ms

Stylesheet
text/css

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cybeready.net/Forms/Google/sanitize.css
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a449b4722f14af5cb2a4bcc627a7c324c804147feab1e56230a9712131ce116

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TSPT05P3QPPMWB6H
cf-polished: origSize=1022
x-amz-id-2: /GzF5gAVtJvWi+vM/QqkcpZxN1qCm7kyVNgx/i97Jp+gzblTRUjIcv1wco6x9okXM1s1zXJtaNk=
cf-bgj: minify
last-modified: Sun, 07 Feb 2016 16:12:29 GMT
server: cloudflare
etag: W/"4023fc4c0be2a30c1eafd0903d5f471b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TrIQHXfA%2FhhvwcpLMiQeEuj9gSs16uXf51iHTl2KfqiYqe3W39FrjVXNiP2F2INoLZ1eEPhSVgcNlMRlCQvd1ZGpg%2BTu7sPcQ1bJBrcd1%2FQCVqvjLyFuzGPoFnrnKsgoWjZW9wXwDDjEZUb0UE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a590ecc0f466916-FRA

Redirect headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4gotHCY29nL1FakZeSmI0DaOCS8V6ZpLuHq0%2FazfG3u4j4zmc5uDZYClYkXghPAusbON%2B5PXTSxSPYVs%2BRQ9tPqzgoiWmyhIL8c%2BpHu%2Bld%2BvuShjiOgL5KanbhwsyNFKTjxoE2z2r8IjZhMYcY%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/sanitize.css
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a590ecbdd07916e-FRA
Expires: Fri, 10 Mar 2023 06:11:35 GMT

GET
H2

200

index.css
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/index.css
https://lp.cybeready.net/Forms/Google/index.css

4 KB
1 KB

140ms
124ms

Stylesheet
text/css

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cybeready.net/Forms/Google/index.css
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 826ba41fe94727573926745e155818e7c85601ea76da7e8d877fba22afe53355

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 07 Feb 2016 16:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 5Q55D0ZAMSNDAYBP
etag: W/"57e393e42d12341ec78e469610dcf93e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FklxntM%2By7QyXqzQKojpEQo1RdsK1J3gb0q7l1KBkZi%2FBbiU76Lts24OfUkHVOvq4iMChHYThM06qWzw3RvXBJQ7CHuuoyHHGQPog1foNykHdOEGwFAb3hiRYMkgn8kXzxw2uCp1nEUCi1mPAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a590ecc0f476916-FRA
x-amz-id-2: T6/yjmj9G4ikQz3I8pRpSe5Amw8LXlLn11AjRcY1Ve3wsPcv+29vqoRrwnxT4aTnRp5MBY1OmZ4=

Redirect headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Fm3aiL50FWgdSqFN2IToZv4eFdW17UkS49rppSOt5fxtpC%2BgnoMKJXZ14BrUeB2SpVY1fUKMrpCEZ8eA261chqF4EZWyUCk8ry89dMkb6oCfKGPXV%2B6YIHUwwWxT1dgkGlKYULLbLeuhMpJNbA%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/index.css
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a590ecbdb2c9bef-FRA
Expires: Fri, 10 Mar 2023 06:11:35 GMT

GET
H2

200

jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

82 KB
26 KB

62ms
41ms

Script
application/javascript

2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html

Protocol

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1125034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BnzTPtlNUNAqonmHv2YTS1A5utkFKmAaXQrpt25UZesQyeVowa8jCr65XRL978HJsh8FVf6lrda63DRiskO5yU8uAFf1XZN6XMtVd9uukryqO%2FnpXRGFXwRfqxbZ4wpcOIWl%2BOAh4QPwjPgyNmIXryS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a590ecadece9079-FRA
expires: Wed, 28 Feb 2024 05:11:34 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

validator.js Show response
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/validator.js
https://lp.cybeready.net/Forms/Google/validator.js

1 KB
799 B

142ms
122ms

Script
application/javascript

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cybeready.net/Forms/Google/validator.js
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeb7cb711f8559684e29273a8cb879df8b150fd7569b75daca0222889bf6dd5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TSPGHTFRJTG6NVX5
cf-polished: origSize=1515
x-amz-id-2: 9DATFGtTIJWgvv0UMUwNT4PHnYR7gMFTztlh4pKWTxeU2QfVDP77Ya3Y//LcW/4sBFxtP7xC2dw=
cf-bgj: minify
last-modified: Sun, 07 Feb 2016 16:40:15 GMT
server: cloudflare
etag: W/"7152564fdc6195c26cbe4e2a7430631c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPrs2Mz66Uftj5m%2BBzlR0kywhA1rbYLxSJXqzMTgvN18uBQH9JWE2Z91SplnmjT9%2B1s7n9e4jO7OGmhD1FNwRqCpCs4NmsA4oj9JnUd%2FWLy1U7S%2Fpywrkj7IrpTwf9cBhZ5NCxQcmA%2B6aMKXLMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7a590ecc0f486916-FRA

Redirect headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8oLjwyiHWMVu94F%2BFS8W5ig%2BkIu4EzJMvmzvwvGfa7S%2FoabzFFW0kFhagi9wHFv5aRFLHWhypIOrMfrq%2B4m0BYDXyd9KEOv5SrYj3Ri3gedmosQm%2BSrVpsVu32lRBnIn2IaLui1E3D3OiohD7Y%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/validator.js
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a590ecbde509107-FRA
Expires: Fri, 10 Mar 2023 06:11:35 GMT

GET
H2

200

landing-page.js Show response
lp.cybeready.net/common/
Redirect Chain

http://lp.cybeready.net/common/landing-page.js
https://lp.cybeready.net/common/landing-page.js

4 KB
2 KB

43ms
24ms

Script
application/javascript

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cybeready.net/common/landing-page.js
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YBHBJMQQ66AD61NR
age: 4015
cf-polished: origSize=7666
x-amz-id-2: mWNc0VrLJp6E48HkW2F7m+DStFT96ckLmyvmruKwS2DODmUB1FCrDXXDpNkQYTlgiCOm7KDuo7U=
cf-bgj: minify
last-modified: Thu, 19 Nov 2015 18:47:02 GMT
server: cloudflare
etag: W/"dc85792ec27e1c3bf02af986d07c81eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4e%2Feb8Z%2BvL6oTxxQWgEPaWA5UUVJiQ%2FXvAwO3oDVLtdjBi8L230cts45n1Tdhr2BSG%2BApT0Tk1U40De%2BKRncHHQme9zi9vFOfGPE8UCqg9m%2B4Bk3%2FXlcCdZUZ9ADsNNyfYOO%2Fr7i6ngx3nXKjxE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7a590ecc0f496916-FRA

Redirect headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2w35lVApA8CWREKneqerfp8fVHwNvma%2FBwVdkLob0IwrYU47t8bfduWN3NhDNCydzLQnVgiqcQCYehmxonB7RP00XsUF3Jf6UUEi06RN0yJkM53XMfjqNUehomD7vOhMwf08bsNA2Kx%2FlES5wBo%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/common/landing-page.js
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a590ecbdfc337de-FRA
Expires: Fri, 10 Mar 2023 06:11:35 GMT

GET
H2

200

logo.png
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/logo.png
https://lp.cybeready.net/Forms/Google/logo.png

13 KB
14 KB

136ms
136ms

Image
image/png

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cybeready.net/Forms/Google/logo.png
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f75b559a72868bf11e4bb75ea6834d7f158eca12bac649fd43474b97ad9908b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:35 GMT
cf-cache-status: MISS
last-modified: Sun, 07 Feb 2016 16:12:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 5Q5AZKS7P4K4CM3W
etag: "9a344d6cdd66f3fa4c3edfcb3b6faf1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWDngRN5K5a%2FUKcQAIYgPx2B%2FejjlFwO6ePoCwLhWGHD2fcCTGG1QkMYF3VU4aIycxnX%2BvDH4l6pf%2FHoCVbAHKoMfHrKrRcXS5ojzKUUvBWWoab%2FG10L3zYIGHNONCuVTAIW91FBr9J9g3CU9ss%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a590eccefe06916-FRA
content-length: 13804
x-amz-id-2: dLOCFyH0SThz3jx9t41ke1yhSnmKwvX3Awi7ef9PYMJ4p0ag8FtzoW2YPnhwdAeVgko1FxkpA/c=

Redirect headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUaP%2BmYM0xQGipFBKxI0G0WsjDebE%2BsNx6o6tSR51eybr5za3GAzGjnBkb0yThC1W3Zl2A4hUHCJx0yRvjmb8Zk2CtLE5TY40rTWw6YXM4C%2B8PEu242NoyAemYz2CHRNmTiFFv2liSIMZF1sGR4%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/logo.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a590eccdc169bef-FRA
Expires: Fri, 10 Mar 2023 06:11:35 GMT

GET
H2

200

avatar.png
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/avatar.png
https://lp.cybeready.net/Forms/Google/avatar.png

2 KB
2 KB

127ms
126ms

Image
image/png

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cybeready.net/Forms/Google/avatar.png
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21035c80c37646e5cf28d522aa36c5bb6354715f073e8a061c39cb4ab39857d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:35 GMT
cf-cache-status: MISS
last-modified: Sun, 07 Feb 2016 16:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-amz-request-id: 5Q52AVDJEEDB4SDH
etag: "2787a6ef71bfd34b5bb1f37644ef91a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eLosmelS%2BwC6tDLuiO%2FbTbOn1Tq7S0C49eZdGlVzBhbzUmZ3iTUVJmXY1Y%2FRvvA23u6M%2FlZWANkKmUVn2g%2B5%2Biu2Ifr2pYnmnl9oIfcUkGSDtnec1SLsKY1j%2BvSTuAE6hgxdsXXIL90rT1CXws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a590ecd784b6916-FRA
content-length: 2016
x-amz-id-2: MKMSb7MRjr3/DyPl22jTznN8qgqj331CE6OgkvJnKjPqdTnGXMktHF7rd8fEkFhmGcNW4t2wUN0=

Redirect headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=954KgIY6XCQb%2B%2FOECpeoHu57aeritv8XBZq4dscEQmgNn%2F6yNNjIPdiz%2BHglE7tRw1CrbR4%2BL4we90KBET19scl%2BPw4k6r%2B%2BKhzUyh1xFN4KiPE8tfoPW3HvyfDQrPjO1XM1RWUj9iZpHRnFVIk%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/avatar.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a590ecd4c769bef-FRA
Expires: Fri, 10 Mar 2023 06:11:35 GMT

GET
H2

200

bottom-strip.png
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/bottom-strip.png
https://lp.cybeready.net/Forms/Google/bottom-strip.png

4 KB
5 KB

113ms
112ms

Image
image/png

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cybeready.net/Forms/Google/bottom-strip.png
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:35 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TSPMNP68HNY16S9M
cf-polished: status=not_needed
content-length: 4285
x-amz-id-2: WvehYRHVBaujCiyPZtUDehWiyA5WjmeKhoR73wXcgDggwS8v+8pqmuyN0V4iCupLkOzXBY6hz7o=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 07 Feb 2016 16:12:30 GMT
server: cloudflare
etag: "c8e020fb658fa746845c385029c552f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4D%2FCqUImKXfT7AVaFM2SRlw7TH3fmOwvF6SyFEm48DmjLF9poq2tpVtSSOOqZvIwJey6a9VShR%2Fxvxxk%2FxG1WHvcxNPfpnnl3ZiexkqyDPpJyTGEwSRBTxX35GrrHbm8KtkLvK9HviT3yDwX34%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a590ecd784c6916-FRA

Redirect headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TC%2BMjelVN94fVo02JKztxNn0LRNaeJ1GpxadTEOhcfH8Pur32NjGZPxgePaE0sM3YsMjODzkR5pOWO14pCNKBa2MJdfk9XVRYOfuPJpHTWoEgVA2EWeX1%2BRg7A9hQtlMWNYHINlkC9ZFvdndkx4%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/bottom-strip.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a590ecd5e3c916e-FRA
Expires: Fri, 10 Mar 2023 06:11:35 GMT

GET
H2

200

universal-language.png
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/universal-language.png
https://lp.cybeready.net/Forms/Google/universal-language.png

167 B
618 B

117ms
117ms

Image
image/png

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cybeready.net/Forms/Google/universal-language.png
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 047e827c0b0110a7d60acb8b92f17c61eccc10353a4266ac226952c121def3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 05:11:35 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TSPHMEMNC1M3BRFS
cf-polished: origSize=199
content-length: 167
x-amz-id-2: 84J01SQMu+NzVoTmCm2aRSVEBIV5nzqkpxtmlpP8RQObgWQBxKSyLUzgjemQh4yYeWsozZXAhCI=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 07 Feb 2016 16:12:29 GMT
server: cloudflare
etag: "4a2d1168a691747daf4d22e0dc483958"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duKABQPQpcJKsYSEzj7GRvmILSvpoxIkWjIyr2LI%2FId%2FSE0GB343E8LzVIBxoZLX2idK23cJj4ADGbSrmsP1AFzdJjsXLJ9ZOdf%2FdwASyNYCW6AtKEl%2Fa8WeGaI%2FeUlV%2BawF%2BsxWJ3F7%2BKNwnWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a590ecd884d6916-FRA

Redirect headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUXyzajiFcpZIXCpGeZ%2BnPxEazKlQRJ%2Fc3HmrTSbUrH3fecQvgTCSJl92eucKV%2BbqFNCd515wJxk6gBrBLS6GF03AsRS4BGRf5YmL%2FMXEtB28ga88HgzwrgopPMjO36RpOBCbxzUSfwLZ%2FYs9M0%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/universal-language.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a590ecd590337de-FRA
Expires: Fri, 10 Mar 2023 06:11:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 64ms
37ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,greek,latin-ext,cyrillic,greek-ext,vietnamese,cyrillic-ext

Requested by

Host: lp.cybeready.net
URL: https://lp.cybeready.net/Forms/Google/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cybeready.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 05:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 05:11:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 05:11:35 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,greek,latin-ext,cyrillic,greek-ext,vietnamese,cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.globalgtt.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 23:44:24 GMT
x-content-type-options: nosniff
age: 106031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 23:44:24 GMT

GET
H/1.1 200
OK invisible.js Show response
www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 1A88 28 KB
14 KB 11ms
11ms Script
application/javascript 2606:4700:20::ac43:4a4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678420800
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f351ca7b34d171c9eba5ccd76d6cf90cf4e19e36de3c551791b649db6613c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
content-encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKW0wo4CyPaMkBa%2Fx86y8qAM0OziiWWbfpWKhAZtZjREYUpC27szjH8HZMy1p3dPiFVcjWaEd4nsyg6ibXYi3qcxMksOsQMAs%2BVK1g%2F7yIBCMWWa31%2BAgHss2Nuv9oZh8%2FvUWRQshDhal7o1gM%2BrWj2I"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, public
Connection: keep-alive
x-control-type-options: nosniff
CF-RAY: 7a590ecd8999360a-FRA

GET
H/1.1 200
OK pica.js
www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/ Frame 1A88 7 KB
4 KB 12ms
12ms Other
application/javascript 2606:4700:20::ac43:4a4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf8443214a8e55675ff8c7fbcb168787d3dca8d89bdfd86949c256c3b587d24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
content-encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FOb%2FXEXxXT9vUrKvLUH%2BSv1DSnt3qOCsjdVrk5mcFeNOUFrSUvriAreAVNOs12jw5%2FGTZ4s5WEQyUh1FEzlSBhMrPAv1c1e9xvWbrtWe5gcyd1VVacN93BeJG9%2FEgQRfCCbrN3J86k1cQi0tCpSuuL5"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, public
Connection: keep-alive
x-control-type-options: nosniff
CF-RAY: 7a590ecda9b6360a-FRA

POST
H/1.1 200
OK 7a590ec9ce71360a Show response
www.globalgtt.online/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1A88 2 B
914 B 27ms
27ms XHR
text/plain 2606:4700:20::ac43:4a4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/cv/result/7a590ec9ce71360a
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678420800
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBob4CHBaEX0CUc2TtsMbhy7%2BAyk5fcJp9wdX1CD1W8rxAMFunyJx%2B4POwl5GC9DU7DE3SmizG%2F1XYanXxxHVuNhc0qT96B6WjBubxTlJC0RWj5T4ZJ0eQl%2Bpwc1ALmUbu9WpZSwqZXnBlEy2iIm1aZ6"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 7a590ecf7b12360a-FRA

POST
H/1.1 200
OK 87d9608a8q2ba6435b087536fa4i150504de.html Show response
www.globalgtt.online/ 0
672 B 89ms
82ms XHR
application/octet-stream 2606:4700:20::ac43:4a4b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
Requested by: Host: cdnjs.cloudflare.com
URL: http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:4a4b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: json

Response headers

Date: Fri, 10 Mar 2023 05:11:35 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlltQ2g4wxzak%2B2mHm138mKy0RLEib7Hk6kE%2F%2FbHDcON1S87H6KHID4gHK1f9duLuYFtZHf3O1YimA5rtqFguvxvZU8Jkj8mZqkujqU7taX6%2BM9jr5qG629L0rl5M63YavQaIOKQPn1YTFX37AOlpmak"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Connection: keep-alive
CF-RAY: 7a590ecf8acb3a97-FRA
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.globalgtt.online/	1969-12-31 23:59:59	Name: requestid Value: d3778e249d7271db2db39334f7d1be8d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
lp.cybeready.net
www.globalgtt.online
2606:4700:20::681a:8e9
2606:4700:20::ac43:4a4b
2606:4700:20::ac43:4a8b
2606:4700::6811:180e
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2003
047e827c0b0110a7d60acb8b92f17c61eccc10353a4266ac226952c121def3c1
05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c
1a5f5cc05388539bce0b864cd49181ced3692b98d34d5fe39020330102112db6
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
21035c80c37646e5cf28d522aa36c5bb6354715f073e8a061c39cb4ab39857d6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f75b559a72868bf11e4bb75ea6834d7f158eca12bac649fd43474b97ad9908b
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
4cf8443214a8e55675ff8c7fbcb168787d3dca8d89bdfd86949c256c3b587d24
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca
6a449b4722f14af5cb2a4bcc627a7c324c804147feab1e56230a9712131ce116
826ba41fe94727573926745e155818e7c85601ea76da7e8d877fba22afe53355
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
a5f351ca7b34d171c9eba5ccd76d6cf90cf4e19e36de3c551791b649db6613c8
aeb7cb711f8559684e29273a8cb879df8b150fd7569b75daca0222889bf6dd5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.globalgtt.online Open in urlscan Pro 2606:4700:20::ac43:4a4b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

12 %HTTPS

100 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

126 kBTransfer

243 kBSize

1 Cookies

4 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

Indicators

www.globalgtt.online Open in urlscan Pro
2606:4700:20::ac43:4a4b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

12 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

126 kB
Transfer

243 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!