www.globalgtt.online Open in urlscan Pro
2606:4700:20::681a:889 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Submission: On March 10 via manual (March 10th 2023, 12:39:11 pm UTC) from RS — Scanned from DE

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700:20::681a:889, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.globalgtt.online.

This is the only time www.globalgtt.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:20:... 2606:4700:20::681a:889	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 16	2606:4700:20:... 2606:4700:20::ac43:4a8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
17	5

5 2606:4700:20::681a:889 (United States)

ASN13335 (CLOUDFLARENET, US)

www.globalgtt.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:4a8b (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

lp.cybeready.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	cybeready.net 8 redirects lp.cybeready.net	31 KB
5	globalgtt.online www.globalgtt.online	23 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	31 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
17	5

	Domain	Requested by
16	lp.cybeready.net	8 redirects www.globalgtt.online
5	www.globalgtt.online	www.globalgtt.online cdnjs.cloudflare.com
2	cdnjs.cloudflare.com	www.globalgtt.online
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	lp.cybeready.net
17	5

This site contains links to these domains. Also see Links.

Domain
globalgtt.online
accounts.google.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Frame ID: E7C7055460F3847928FF9F4349090436
Requests: 14 HTTP requests in this frame

Frame: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678449600
Frame ID: 6A03FFD69518E820F347995776197F3C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in - Google Accounts

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

12 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

126 kB
Transfer

242 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://globalgtt.online/82ee8ec59qfeee4e1c09152a2bbib11f7836.html
Title: Sign In

Search URL Search Domain Scan URL

URL: http://accounts.google.com/ServiceLogin
Title: Sign in with a different account

Search URL Search Domain Scan URL

URL: https://globalgtt.online/82ee8ec59qfeee4e1c09152a2bbib11f7836.html%3EAbout%20Google%3C/a%3E%3Ca%20href=
Title: Privacy

Search URL Search Domain Scan URL

URL: https://globalgtt.online/82ee8ec59qfeee4e1c09152a2bbib11f7836.html%3ETerms%3C/a%3E%3Ca%20href=
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Request Chain 1

http://lp.cybeready.net/Forms/Google/sanitize.css HTTP 301
https://lp.cybeready.net/Forms/Google/sanitize.css

Request Chain 2

http://lp.cybeready.net/Forms/Google/index.css HTTP 301
https://lp.cybeready.net/Forms/Google/index.css

Request Chain 3

http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Request Chain 4

http://lp.cybeready.net/Forms/Google/validator.js HTTP 301
https://lp.cybeready.net/Forms/Google/validator.js

Request Chain 5

http://lp.cybeready.net/common/landing-page.js HTTP 301
https://lp.cybeready.net/common/landing-page.js

Request Chain 6

http://lp.cybeready.net/Forms/Google/logo.png HTTP 301
https://lp.cybeready.net/Forms/Google/logo.png

Request Chain 7

http://lp.cybeready.net/Forms/Google/avatar.png HTTP 301
https://lp.cybeready.net/Forms/Google/avatar.png

Request Chain 8

http://lp.cybeready.net/Forms/Google/bottom-strip.png HTTP 301
https://lp.cybeready.net/Forms/Google/bottom-strip.png

Request Chain 9

http://lp.cybeready.net/Forms/Google/universal-language.png HTTP 301
https://lp.cybeready.net/Forms/Google/universal-language.png

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/ 4 KB
3 KB 128ms
102ms Document
text/html 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60a5ae9dac3f8ba9ca04d123e1b756a01e41a92f0f7d2f94057b239b02c860e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7a5b9e5bdb742c45-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 10 Mar 2023 12:39:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0ozDgpU0ieQYCQAVWz8v38AuQzj8g38RNxUTMP9YytGiAWKEmRIomKR5LdzRXuUl8imHD9yCOrNA6wgCOMkrpo2kSBO51eCONTaqcMsSLF2DirP4JwR%2BBl%2BjNx5T9IBXTE12LcoBUvGhhjSKLE4LZ6M"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
x-amz-expiration: expiry-date="Sun, 19 Mar 2023 00:00:00 GMT", rule-id="DeleteAfter30Days"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2PG_ZKs2ScHott1W38_xW2zpSTCvsf8K

GET
H2

200

font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

23 KB
5 KB

35ms
18ms

Stylesheet
text/css

2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/

Protocol

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 49423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4364
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5cbb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Bb%2Bz1Lk9WFK%2FQEbJonfg6MoGuC%2BZxfdzIzWJdvKA4Fs8l5kZQqWmMOJm0K%2FLtfBEsR9lvwwd3Dy6uWzDHYLKmmJq6VMrZ5N1bwVRQwQRT0XiiArkV%2BJCuu8i%2F4%2FSDGdZGwc2MvboeJIntgOWcoBxO7a"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a5b9e5cde9b2bd6-FRA
expires: Wed, 28 Feb 2024 12:39:07 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

sanitize.css
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/sanitize.css
https://lp.cybeready.net/Forms/Google/sanitize.css

475 B
656 B

28ms
18ms

Stylesheet
text/css

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cybeready.net/Forms/Google/sanitize.css
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a449b4722f14af5cb2a4bcc627a7c324c804147feab1e56230a9712131ce116

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A8KWQCFMTHJ2KQC5
age: 1032
cf-polished: origSize=1022
x-amz-id-2: 8+m5l4AaYioSn4OhHBVtIvRJci1ADzDUkemrCC7OSnwwxgQSk6RhrhZGPiJfPPgAqEbvvG5Cmtg=
cf-bgj: minify
last-modified: Sun, 07 Feb 2016 16:12:29 GMT
server: cloudflare
etag: W/"4023fc4c0be2a30c1eafd0903d5f471b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30YKDDBK4LgUXmWgrA3BhEtCU1pgOO6Drz0wCmmpOPmPiv32AIVmrfX1%2FGb7VNq1bc5Zg%2BKXGgJhasuJ86TTA9r94xqzgc5lzIIgkr2HNJrn2Yy2zjrW72ie35hVlT7RDwgK2opf7of01HMBEKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a5b9e5d084ebbec-FRA

Redirect headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qbdz0%2FAiOFRvePgdvdYNTHNsiI0HdjyDFQGxJA9D3xyQNPygn7wr3Ac%2F7F8UsnuK%2FDc7zQ0YiJ4JR%2BKygBmhvUd37E9t4PPjKiNTxK2TzHtl%2BrKsV1OKrLPPY8sZysTpdHSJ005vjFWXfaCI9c%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/sanitize.css
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a5b9e5cd8bc92bd-FRA
Expires: Fri, 10 Mar 2023 13:39:07 GMT

GET
H2

200

index.css
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/index.css
https://lp.cybeready.net/Forms/Google/index.css

3 KB
1 KB

31ms
16ms

Stylesheet
text/css

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cybeready.net/Forms/Google/index.css
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c4448aa54b38018d193bb1b285454bf0c81be06d9caeb3dd1a9f0dbbf74b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y50B7DZS7QZ4E1B5
age: 1032
cf-polished: origSize=3883
x-amz-id-2: b1EXpqZPEQgsrg7nf+XreDC5wSO9nnvXgg5QI5x1uLJo01sXZ3REr3+61Rh3NayqJmDkOPDsvl4=
cf-bgj: minify
last-modified: Sun, 07 Feb 2016 16:12:28 GMT
server: cloudflare
etag: W/"57e393e42d12341ec78e469610dcf93e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CcvxedCgXa0VuJUkYvNYlyxNGD0orH3pH2GLWG249hC%2FAR32JShXn7jYDxLGeTwxcoIo0w368%2FxY2Oc%2F21d8XliEfNjq%2FMuxBVCz8a8%2BL8cXaZoeGXFbNw%2BYUWHdeXGd%2FrIQJZyrLcQsJ%2FqUzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7a5b9e5d084cbbec-FRA

Redirect headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbctPQprYZn%2FGY%2B977SJvv4ljSo2d2p2AcnoRP%2BadogWed1zztLTs%2Fm%2B7tEVExUnQ7fPT0KKgGww7z0Oj39SaLiJfg5aa90iiokHGR14E4ifT2O1agQlJbhV3HcyhZV7lrkEbVC82ZYyZ41Ymmo%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/index.css
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a5b9e5cd9692bae-FRA
Expires: Fri, 10 Mar 2023 13:39:07 GMT

GET
H2

200

jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

82 KB
26 KB

38ms
22ms

Script
application/javascript

2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/

Protocol

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 60958
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLwp7Bom2HBUfWxSLUhT%2BOTlvsEYz9RUiUPjSQ0mj1gWbp%2Bp6wYqNl1N2ZYMc7e5ByWw9sz4U5%2FW79%2Fu%2F7GCZdoJuQm0z0VgJ28sFRfPKvOVDhFyENLm8t%2BbHjDHY5PJ%2BBxMc6MlqvqRlE%2BoClSRBQ7P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a5b9e5cde9d2bd6-FRA
expires: Wed, 28 Feb 2024 12:39:07 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

validator.js Show response
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/validator.js
https://lp.cybeready.net/Forms/Google/validator.js

1 KB
804 B

26ms
19ms

Script
application/javascript

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cybeready.net/Forms/Google/validator.js
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeb7cb711f8559684e29273a8cb879df8b150fd7569b75daca0222889bf6dd5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TT91HAHYY1DTC7SV
age: 1032
cf-polished: origSize=1515
x-amz-id-2: 7nRucdOqilZ/1oujOO2HS9tU3UdYcbM9FISv+lEbjT0Y4vakMtN1udleVDSsBa7faRwMRI2QIlA=
cf-bgj: minify
last-modified: Sun, 07 Feb 2016 16:40:15 GMT
server: cloudflare
etag: W/"7152564fdc6195c26cbe4e2a7430631c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0PxYeaBpZtbPfzl6Gla8DTbFoKrpA%2FYCxliTSD4JDvh%2FKm%2F0rHFXIiZ%2B0VtyycU%2ByYsIP0FM0DIgbMssZLUHx7%2BQunSBJT%2F0i0yp0UqJP9ee7y3RHt1PAxf3q9Gb48%2FcwRVp9KAKccnD%2FBeXnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7a5b9e5d0850bbec-FRA

Redirect headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXEr9sXwdhk4xSyKfdkLg9ddSG4XS87FFWY7aeDJNh3v331HSC8DCrljUSReAX2fdFMe0PyO5Ng1dTTu4WGsq6B2aAf9gyBR2OHH4Y5gRm%2FDfCZZKS8xnYP7q0CjbbP4WmN2iZlCQCony9v21ug%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/validator.js
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a5b9e5cd9b99bfa-FRA
Expires: Fri, 10 Mar 2023 13:39:07 GMT

GET
H2

200

landing-page.js Show response
lp.cybeready.net/common/
Redirect Chain

http://lp.cybeready.net/common/landing-page.js
https://lp.cybeready.net/common/landing-page.js

4 KB
2 KB

36ms
18ms

Script
application/javascript

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.cybeready.net/common/landing-page.js
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2BTMTCXC57BHYNDN
age: 6580
cf-polished: origSize=7666
x-amz-id-2: OKX2fYVVy0kIjRkGZnwbgi/XtvffpMAlqt6oHoUQXE9FQLHsvS9ImrGjfOUUW976CjKhJjuJ2e8=
cf-bgj: minify
last-modified: Thu, 19 Nov 2015 18:47:02 GMT
server: cloudflare
etag: W/"dc85792ec27e1c3bf02af986d07c81eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHZVM7odEKxniTaAb8tKj5NTecCB8ICbLCF%2Fa4MZuQvUqbpYhCPKK2zd8S39WbDUrwImdgRs4sAe6HnqgwpLHyJFORCAhHscTelPShVt1UU5hdydy7GFwrElQPlXdaQxVdkE8Uh9DJiiCksg9RQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7a5b9e5d0854bbec-FRA

Redirect headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=malv5TWT1aVXBzOgANlmnfC%2Blk0kmUlXW7K4HN9jtHkQRbjhOeEpaswdiILrr2yQgJYDcm8uXUzpjl6hosI8p53s6scQZy4rpRBs%2Fn4vrom2Bs4dQiE5WWvlItZdFv0B8GStRSoeI4MyDJmB5z8%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/common/landing-page.js
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a5b9e5cdecb3a6c-FRA
Expires: Fri, 10 Mar 2023 13:39:07 GMT

GET
H2

200

logo.png
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/logo.png
https://lp.cybeready.net/Forms/Google/logo.png

13 KB
14 KB

19ms
19ms

Image
image/png

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cybeready.net/Forms/Google/logo.png
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f75b559a72868bf11e4bb75ea6834d7f158eca12bac649fd43474b97ad9908b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N7B6WHWHR2RB3D91
age: 1032
cf-polished: status=not_needed
content-length: 13804
x-amz-id-2: YxKnHNfgcCy/OlRm9l9xSMZ4D1E3ZDbw6xkip+yoz75guSUYog16LW+EqaIz8jqC5ONWjOZvaJk=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 07 Feb 2016 16:12:28 GMT
server: cloudflare
etag: "9a344d6cdd66f3fa4c3edfcb3b6faf1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOZmfQ01o8zc1G%2Fbutmy8xoXVoFp1887olgnPdbtmDdphMC%2FaAmUIgi29rmRATS4Cpk6MQMJ2ShSVv8CWRFw4rtcePx%2FMANfzlJaU34Suobw0q%2B2MM61rZBT4dPCVH8mFNoXu1B3UrRR%2FVhHjzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5b9e5d388fbbec-FRA

Redirect headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4x5r0K706bnXYP9HxW%2BGWi1vS5Q5bmBHp1nQ7DDtdvQZtgbfXga3OlnaU36f%2BMrYozdMQLEnurv7pe2dVOK27KOmy6yZuFVVEAoJNJFYK8xhV%2BOLEERciaeJb8mpxEFfiFJaZiWLm9J4QvPhU4%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/logo.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a5b9e5d2a4f9bfa-FRA
Expires: Fri, 10 Mar 2023 13:39:07 GMT

GET
H2

200

avatar.png
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/avatar.png
https://lp.cybeready.net/Forms/Google/avatar.png

1 KB
2 KB

18ms
18ms

Image
image/png

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cybeready.net/Forms/Google/avatar.png
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92cb7eec1d13f6b56958786a0f1008ae6a1d2057ae782622fdbbfa828dfce9d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N7BB4WJ8X71AKWAN
age: 1031
cf-polished: origSize=2016
content-length: 1374
x-amz-id-2: V2ALYV68gBn0JKHi7cXsLwv3spakxMlvogc/DljTM83Fr4g5snI/uDPPxcKhGpWlHZ4jVnrgG6k=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 07 Feb 2016 16:12:29 GMT
server: cloudflare
etag: "2787a6ef71bfd34b5bb1f37644ef91a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FEPdiEXPLD0C0MFOG4vRogLHjEPjJ6u2%2BoKV8QFcWpAoanIpyMH0xCiP73%2FUNk7qZAbJtcerTuDf31FSOU3Mhrhgt1a2tYMM5ajh4eYlgd%2BWLiOYZajG6rLolMDdlYvcFea9ZJ%2BDt6DsiQLyFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5b9e5d9926bbec-FRA

Redirect headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvTEliz9phVgGVqf9WbF1idB6ZszKaY0jzhVxMCf6LTDSwHH7QsDPNORmUx0yP2w7YH1dTRYt8OQ76CyzIPdn9QRRVkkkX3D%2BWCvp5wIdxGGyPChptvc8m64pS4MlXsT7M%2By1WILAN86meFun80%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/avatar.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a5b9e5d5ab69bfa-FRA
Expires: Fri, 10 Mar 2023 13:39:07 GMT

GET
H2

200

bottom-strip.png
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/bottom-strip.png
https://lp.cybeready.net/Forms/Google/bottom-strip.png

4 KB
5 KB

16ms
16ms

Image
image/png

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cybeready.net/Forms/Google/bottom-strip.png
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TT98FZP97RG3STRV
age: 1031
cf-polished: status=not_needed
content-length: 4285
x-amz-id-2: wxH/5EMVsNBB/ZyDuonynweRwSqnNr3kUJawjRqr1SY8MGXvVLB9kxwk4uwRc/lDkHbSH5uOE94=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 07 Feb 2016 16:12:30 GMT
server: cloudflare
etag: "c8e020fb658fa746845c385029c552f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wb4wpLfVXpXlWIVetzuv%2FY1WZDk722TC71PCmM2DtsyidWaZKPgv8XQEzqtgRkEjeYOxijPfZlEhlkNoDYFUZTqsVp3%2BF%2BnHtx%2FFRHN6uh8W3rGjYdSVxtZt%2Bq0WsAueiHDoLEc8APUtaaHOMmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5b9e5d9929bbec-FRA

Redirect headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJPMj%2FTKYH2n%2BA7ShNtOU%2F2R2tOzjO1rfcglDzRE9Y6yo8E2aRz5hMoPaKVjyyVSNmhYmprsiVK44QHNUoNXnIFTJN8Pf5vkbW1K8N%2BJ6wvSN0p%2Bi7PfRxNVPxJ4kWfHtYQZYsalBF7XnXQaSvQ%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/bottom-strip.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a5b9e5d696c92bd-FRA
Expires: Fri, 10 Mar 2023 13:39:07 GMT

GET
H2

200

universal-language.png
lp.cybeready.net/Forms/Google/
Redirect Chain

http://lp.cybeready.net/Forms/Google/universal-language.png
https://lp.cybeready.net/Forms/Google/universal-language.png

167 B
597 B

17ms
17ms

Image
image/png

2606:4700:20::ac43:4a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.cybeready.net/Forms/Google/universal-language.png
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: H2
Server: 2606:4700:20::ac43:4a8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 047e827c0b0110a7d60acb8b92f17c61eccc10353a4266ac226952c121def3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.globalgtt.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 12:39:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TT9C1EXPZ9SAHHC6
age: 1031
cf-polished: origSize=199
content-length: 167
x-amz-id-2: wTz3LQk2Jq6z87OiiQDWNf81aRWtFxB5D7y/LIXDfPzfVAGGkUEtrNDz/NPtpxF3z07TAGEkpy8=
cf-bgj: imgq:100,h2pri
last-modified: Sun, 07 Feb 2016 16:12:29 GMT
server: cloudflare
etag: "4a2d1168a691747daf4d22e0dc483958"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB%2BZSvfxra1onBPg0UiQysg1aepB48jR%2FsktjUWz93yzepaZqmvUi2jHpCnKrKzFQrM87M2DpkjvPUGbno0gt8Xc5OcbaU9MbZB3CbRkCEdUW71xp3fnRjp75sc2L%2FbfLLJZCcdjjGoWXQPCNvI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5b9e5d992cbbec-FRA

Redirect headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz7KthuuDVVMiETvZuMon%2B9Uc2wM2KVfCUnehP6hQ%2FKpspyLFpty24J8Z%2FFWhJYoKHnVknBgAVXF3Y643OooIOQ9lVdLolxswrcXQ8BUZdLdbCpC58ziJv91GKfn5R8aTRaUoSH3IQ%2FezKchPN4%3D"}],"group":"cf-nel","max_age":604800}
Location: https://lp.cybeready.net/Forms/Google/universal-language.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7a5b9e5d7ae09bfa-FRA
Expires: Fri, 10 Mar 2023 13:39:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 42ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,greek,latin-ext,cyrillic,greek-ext,vietnamese,cyrillic-ext

Requested by

Host: lp.cybeready.net
URL: https://lp.cybeready.net/Forms/Google/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lp.cybeready.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 12:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 12:39:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 12:39:07 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic&subset=latin,greek,latin-ext,cyrillic,greek-ext,vietnamese,cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.globalgtt.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 23:44:24 GMT
x-content-type-options: nosniff
age: 132883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 23:44:24 GMT

GET
H/1.1 200
OK invisible.js Show response
www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 6A03 29 KB
15 KB 12ms
12ms Script
application/javascript 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678449600
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ace934485f8f2d3b44d7289514e231b9215adb8181e9292abf88cb8fb27e318a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
content-encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9Vqvqj%2FVqTOBle2zt5uTI7uAM0jrMrVbcKS4G0byvQ%2Fh7gwOhBl4kd7PayAhnNP9C29PrpaUO21I4XeJc2j5U5XG%2BrugLs6EeUMLkRXRne7dAWBlRBUxNm4cnoYx4g2Z6OcvxaTbnSMfdPCykJAykR%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, public
Connection: keep-alive
x-control-type-options: nosniff
CF-RAY: 7a5b9e5d9e1c2c45-FRA

GET
H/1.1 200
OK pica.js
www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6A03 7 KB
4 KB 15ms
15ms Other
application/javascript 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b488b4ef38f2b7626a5cbb881c6a2e1015527285172ecfba2a6a6374ad922b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
content-encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: application/javascript; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0ZP%2FC9Y7LEZoURl0MZdV2tnbEJE%2BKtjN0abEw0vKLXHO3j49tkYCdUvCLYEkKRzVXubyR1N3oPCBQqFa0quF4G2lXj0vd956KKyXY1cJh1m0ltVshVRmspEj3iGxFt%2BVChp%2FTL%2FgPRFgL3y6Fj6A%2B9R"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, public
Connection: keep-alive
x-control-type-options: nosniff
CF-RAY: 7a5b9e5dce502c45-FRA

POST
H/1.1 200
OK / Show response
www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/ 0
668 B 57ms
54ms XHR
application/octet-stream 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
Requested by: Host: cdnjs.cloudflare.com
URL: http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: http://www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: json

Response headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tQEh3dy0Tr1OFUNJaw8IY3dKvPhvWweUHuSj22XpVFaTKgwDkxyEsJ33EhMw5UnmnTLzS3QEgjYfQD5Vxqdro9fidpDLKfFxGlEv9z5sk%2Bv6tqO%2FG4VIHQAaF9Wzur28Ne8s4Hdylgds0mLbVjT3mfL"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Connection: keep-alive
CF-RAY: 7a5b9e5dde702c45-FRA
Content-Length: 0

POST
H/1.1 200
OK 7a5b9e5bdb742c45 Show response
www.globalgtt.online/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6A03 2 B
910 B 34ms
34ms XHR
text/plain 2606:4700:20::681a:889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/cv/result/7a5b9e5bdb742c45
Requested by: Host: www.globalgtt.online
URL: http://www.globalgtt.online/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678449600
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 10 Mar 2023 12:39:07 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2Nfoj8aomA39oUdSq4dpFoBjimcJ8bN%2Bn1jN%2FZ7WSdvYSXdMETD9eIAtVVdzIqBfLearBIBgwa6GbXXcOENjDptRlTFSP3ZKxWkRF3JWkCd8bZAClH22dMJhyEjw4TVfG2YEt24jl3GS6RyulSOConP"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 7a5b9e5f28982c45-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.globalgtt.online/87d9608a8q2ba6435b087536fa4i150504de.html	1969-12-31 23:59:59	Name: requestid Value: 6fae5ae0d6e1e28240f0e78fa312f404

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
lp.cybeready.net
www.globalgtt.online
2606:4700:20::681a:889
2606:4700:20::ac43:4a8b
2606:4700::6811:190e
2a00:1450:4001:803::2003
2a00:1450:4001:813::200a
047e827c0b0110a7d60acb8b92f17c61eccc10353a4266ac226952c121def3c1
05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f75b559a72868bf11e4bb75ea6834d7f158eca12bac649fd43474b97ad9908b
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
60a5ae9dac3f8ba9ca04d123e1b756a01e41a92f0f7d2f94057b239b02c860e9
633d39e293d4a1e9f9c461323d6d3913f3ee51ab8cc901e4c45356cf022634ca
6a449b4722f14af5cb2a4bcc627a7c324c804147feab1e56230a9712131ce116
82c4448aa54b38018d193bb1b285454bf0c81be06d9caeb3dd1a9f0dbbf74b93
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
92cb7eec1d13f6b56958786a0f1008ae6a1d2057ae782622fdbbfa828dfce9d6
ace934485f8f2d3b44d7289514e231b9215adb8181e9292abf88cb8fb27e318a
aeb7cb711f8559684e29273a8cb879df8b150fd7569b75daca0222889bf6dd5f
b488b4ef38f2b7626a5cbb881c6a2e1015527285172ecfba2a6a6374ad922b5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.globalgtt.online Open in urlscan Pro 2606:4700:20::681a:889 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

12 %HTTPS

100 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

126 kBTransfer

242 kBSize

1 Cookies

4 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

Indicators

www.globalgtt.online Open in urlscan Pro
2606:4700:20::681a:889 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

12 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

126 kB
Transfer

242 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!