globalgenuinedocuments.com Open in urlscan Pro
2606:4700:3032::ac43:8966 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://globalgenuinedocuments.com/web/js/user.html
Submission: On December 17 via manual (December 17th 2024, 10:10:59 pm UTC) from US — Scanned from CH

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3032::ac43:8966, located in United States and belongs to CLOUDFLARENET, US. The main domain is globalgenuinedocuments.com.
TLS certificate: Issued by WE1 on October 23rd 2024. Valid for: 3 months.

This is the only time globalgenuinedocuments.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banrural (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3032::ac43:8966	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1 2	172.67.137.102 172.67.137.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	3

8 2606:4700:3032::ac43:8966 (United States)

ASN13335 (CLOUDFLARENET, US)

globalgenuinedocuments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.137.102 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

globalgenuinedocuments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	globalgenuinedocuments.com 1 redirects globalgenuinedocuments.com	828 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	11 KB
10	2

	Domain	Requested by
10	globalgenuinedocuments.com	1 redirects globalgenuinedocuments.com
1	cdn.jsdelivr.net	globalgenuinedocuments.com
10	2

This site contains no links.

Subject Issuer	Validity	Valid
globalgenuinedocuments.com WE1	`2024-10-23` - `2025-01-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://globalgenuinedocuments.com/web/js/user.html
Frame ID: 3B0EFE1C14076A8B0408573E9BAEBB33
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BanruralGT

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

10
Requests

90 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

838 kB
Transfer

851 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://globalgenuinedocuments.com/favicon.ico HTTP 302
https://globalgenuinedocuments.com/wp-content/uploads/2022/02/cropped-cuatomer-32x32.png

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request user.html Show response
globalgenuinedocuments.com/web/js/ 7 KB
3 KB 172ms
106ms Document
text/html 2606:4700:3032::ac43:8966
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://globalgenuinedocuments.com/web/js/user.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8966 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 346bf2c18813b2231858abc579f98ed27bc50f1e4e6ebc4b5220b4cfe18d7398

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=500, public, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f3a3ef1da6a5c56-FRA
content-encoding: zstd
content-type: text/html
date: Tue, 17 Dec 2024 22:10:54 GMT
expires: Tue, 17 Dec 2024 22:19:14 GMT
last-modified: Sat, 14 Dec 2024 07:57:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTd83Izadm4I5%2BmHW3gndv9qr0%2B485R4TP3V1Rk1nsInbshSKp%2BT4sfh9ncpm5lOzrEvzFRtITZl6zlAFXrNDuvqfCZsZGh9HHTelYiIXHR9OkOydVu%2FAcyV3QR5a5mIxzo3XmAcDY2S1cNi75YlGmS9G%2BkJn284SA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=21571&min_rtt=16393&rtt_var=12190&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4024&recv_bytes=2413&delivery_rate=240437&cwnd=228&unsent_bytes=0&cid=26f007124002af62&ts=110&x=0"
vary: X-Forwarded-Proto,Accept-Encoding

GET
H2 200 logoizquierda.png
globalgenuinedocuments.com/web/js/ 3 KB
3 KB 110ms
109ms Image
image/png 2606:4700:3032::ac43:8966
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalgenuinedocuments.com/web/js/logoizquierda.png
Requested by: Host: globalgenuinedocuments.com
URL: https://globalgenuinedocuments.com/web/js/user.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8966 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6fe470e9b113281c6a7288dd3fe1798e02044344844162226c530efc3696bdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://globalgenuinedocuments.com/web/js/user.html

Response headers

cf-cache-status: MISS
etag: "ab7-629364c3e50c1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1tQjMe%2FEtzdnEguLffwAjCU1LQPz6tUwWRUf82qeY%2F%2BIf6qyPUmf%2FLtl5PsINxIS16ABmZHQx1q2vd8b7hf9a1rlp7Plew6xfyr%2BHoxLAbITsmOoeTVpE%2FAgH6f7XqCQUuEwiTGJd3Fw3gIuxwbExeG8yDtityLfg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 00:10:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=19079&min_rtt=16393&rtt_var=5708&sent=20&recv=29&lost=0&retrans=0&sent_bytes=7425&recv_bytes=3239&delivery_rate=398815&cwnd=231&unsent_bytes=0&cid=26f007124002af62&ts=224&x=0"
date: Tue, 17 Dec 2024 22:10:54 GMT
content-type: image/png
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 14 Dec 2024 07:57:24 GMT
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f3a3ef28ab95c56-FRA
accept-ranges: bytes
content-length: 2743
server: cloudflare

GET
H2 200 derecha.png
globalgenuinedocuments.com/web/js/ 10 KB
11 KB 120ms
119ms Image
image/png 2606:4700:3032::ac43:8966
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalgenuinedocuments.com/web/js/derecha.png
Requested by: Host: globalgenuinedocuments.com
URL: https://globalgenuinedocuments.com/web/js/user.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8966 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0763760f370e096602956e45b03af9581c5946adf6b022e703c0f548972e21c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://globalgenuinedocuments.com/web/js/user.html

Response headers

cf-cache-status: MISS
etag: "28e1-629364c3de749"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2Bc%2BHOAbSOoBWgYABArksqhlm9H9etjIntVBw4RhcBwdZJhxDLMFn4fVbZLTG6OGH%2BaNT7W1dDyq7%2B5lW6v1B8udS7xadARVbanaCmgFC2Iy6JKRWGxlrDVmu4%2BZUJW4nHKs87xbvKgokRUHYN99z8ac1f5i6fzhvA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 00:10:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=19079&min_rtt=16393&rtt_var=5708&sent=41&recv=29&lost=0&retrans=0&sent_bytes=20723&recv_bytes=3239&delivery_rate=398815&cwnd=231&unsent_bytes=0&cid=26f007124002af62&ts=235&x=0"
date: Tue, 17 Dec 2024 22:10:54 GMT
content-type: image/png
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 14 Dec 2024 07:57:24 GMT
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f3a3ef28aba5c56-FRA
accept-ranges: bytes
content-length: 10465
server: cloudflare

GET
H2 200 logo1.png
globalgenuinedocuments.com/web/js/ 15 KB
16 KB 118ms
117ms Image
image/png 2606:4700:3032::ac43:8966
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalgenuinedocuments.com/web/js/logo1.png
Requested by: Host: globalgenuinedocuments.com
URL: https://globalgenuinedocuments.com/web/js/user.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8966 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a717b0f7fa42f60869fca0eee8a720542cf657f8fc3459208d96f7400378805

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://globalgenuinedocuments.com/web/js/user.html

Response headers

cf-cache-status: MISS
etag: "3d2c-629364c3f9111"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55%2BWGR7GmzProwyKJssMNEUquCmVy%2BnNzIoo8wAZ3phyV98mHbEtLTg16q8R1NHV89iPp7vbXTESXHitNB96kwCEYDwN51UXL%2B65gaOnO8By0MMXioG9EhE2%2Fg51zzJZmX79SwHbQa7CWY7YsG9esQKm0F202%2B%2Bm3g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 00:10:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18246&min_rtt=16393&rtt_var=3660&sent=58&recv=32&lost=0&retrans=0&sent_bytes=31894&recv_bytes=3239&delivery_rate=556559&cwnd=231&unsent_bytes=0&cid=26f007124002af62&ts=243&x=0"
date: Tue, 17 Dec 2024 22:10:54 GMT
content-type: image/png
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 14 Dec 2024 07:57:24 GMT
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f3a3ef29ac05c56-FRA
accept-ranges: bytes
content-length: 15660
server: cloudflare

GET
H2 200 usuario.jpg
globalgenuinedocuments.com/web/js/ 9 KB
9 KB 102ms
101ms Image
image/jpeg 2606:4700:3032::ac43:8966
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalgenuinedocuments.com/web/js/usuario.jpg
Requested by: Host: globalgenuinedocuments.com
URL: https://globalgenuinedocuments.com/web/js/user.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8966 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d49169c29e5fb4fee4848ad548905594d99d94870a0babe56a1513165169aae6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://globalgenuinedocuments.com/web/js/user.html

Response headers

cf-cache-status: MISS
etag: "23c2-629364c3ee919"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aze%2BRd%2BGCmRg3AXvv5pSwTzUDTyiCQhK%2F7qLGeXayH9xxUBAjZxupMwyRqo19jsh73IKqLOxA2rtYIlmSdXNjM%2Fy6u1Rd8vl%2FPRGXKsKsYh1bvk1iZArKgGzfId27E%2BkaCdpt6%2B8jxc23UGYLLj5%2BiCiRsdOv79H7A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 00:10:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=19079&min_rtt=16393&rtt_var=5708&sent=27&recv=29&lost=0&retrans=0&sent_bytes=10873&recv_bytes=3239&delivery_rate=398815&cwnd=231&unsent_bytes=0&cid=26f007124002af62&ts=227&x=0"
date: Tue, 17 Dec 2024 22:10:54 GMT
content-type: image/jpeg
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 14 Dec 2024 07:57:24 GMT
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f3a3ef29ac25c56-FRA
accept-ranges: bytes
content-length: 9154
server: cloudflare

GET
H2 200 boton.JPG
globalgenuinedocuments.com/web/js/ 17 KB
18 KB 130ms
130ms Image
image/jpeg 2606:4700:3032::ac43:8966
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalgenuinedocuments.com/web/js/boton.JPG
Requested by: Host: globalgenuinedocuments.com
URL: https://globalgenuinedocuments.com/web/js/user.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8966 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e42b2dae3df4833052b4b5a38ee2444176ee58052cdbfa582ecdebf2ff84735

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://globalgenuinedocuments.com/web/js/user.html

Response headers

cf-cache-status: MISS
etag: "457c-629364c3dc039"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVzleAee%2BuLfurj6M9eYtQMtMfzW13DaLvR4dwmCl8sg999obaR9n8jiLMQdEIyyPbGkzhFOKXl5LZVbkS6E0WHmtlBCiCHVPpNWmzEAfmdoF2iCJUth9c3s4EobhHCs%2Be9i72Y2cEUrq6XGZavyQP41DKN8gkSUSw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 00:10:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16851&min_rtt=16393&rtt_var=522&sent=77&recv=47&lost=0&retrans=0&sent_bytes=48351&recv_bytes=3239&delivery_rate=1752620&cwnd=231&unsent_bytes=0&cid=26f007124002af62&ts=256&x=0"
date: Tue, 17 Dec 2024 22:10:54 GMT
content-type: image/jpeg
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 14 Dec 2024 07:57:24 GMT
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f3a3ef29ac35c56-FRA
accept-ranges: bytes
content-length: 17788
server: cloudflare

GET
H2 200 campos.JPG
globalgenuinedocuments.com/web/js/ 43 KB
43 KB 139ms
139ms Image
image/jpeg 2606:4700:3032::ac43:8966
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalgenuinedocuments.com/web/js/campos.JPG
Requested by: Host: globalgenuinedocuments.com
URL: https://globalgenuinedocuments.com/web/js/user.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8966 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4012d9b3a69a58f63311ee5b8cad2ad054cb677f595e6781f43f42592c4688

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://globalgenuinedocuments.com/web/js/user.html

Response headers

cf-cache-status: MISS
etag: "ab26-629364c41bbc1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDBZnqpWnbh7Gx9dGQQJgxenAoeA69iK5IuezoUi8hteTAKISFh5YPmpiN%2Fq0PuW1jgO%2Bb6WuRzDc0BaN51GEvS57WpgC7rKaYgVbkD3%2FvDyY7QjTIf2PHi6Rt1TxFJw6Df08jjRapMmaWIjLJTnwXwgcSBvgUnrRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 00:10:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16628&min_rtt=16393&rtt_var=146&sent=95&recv=56&lost=0&retrans=0&sent_bytes=66901&recv_bytes=3239&delivery_rate=3320328&cwnd=233&unsent_bytes=0&cid=26f007124002af62&ts=265&x=0"
date: Tue, 17 Dec 2024 22:10:54 GMT
content-type: image/jpeg
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 14 Dec 2024 07:57:24 GMT
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f3a3ef29ac55c56-FRA
accept-ranges: bytes
content-length: 43814
server: cloudflare

GET
H2 200 axios.min.js Show response
cdn.jsdelivr.net/npm/axios@1.1.2/dist/ 26 KB
11 KB 56ms
16ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/axios@1.1.2/dist/axios.min.js

Requested by

Host: globalgenuinedocuments.com
URL: https://globalgenuinedocuments.com/web/js/user.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ffb6e270a7bbb1ea1b797965ae85e35760b38b98744478a4151ddee79a31d215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://globalgenuinedocuments.com/web/js/user.html

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"67d4-ae22gWc+WteU0z+fBbiwjqlAwTs"
age: 2503090
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 17 Dec 2024 22:10:54 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230112-FRA, cache-lin1730047-LIN
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10349
x-jsd-version: 1.1.2

GET
H2 200 bg-login-1.jpg
globalgenuinedocuments.com/web/js/ 718 KB
720 KB 148ms
148ms Image
image/jpeg 2606:4700:3032::ac43:8966
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://globalgenuinedocuments.com/web/js/bg-login-1.jpg
Requested by: Host: globalgenuinedocuments.com
URL: https://globalgenuinedocuments.com/web/js/user.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8966 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05af54bb34498e4a2d3e34bd151d81c858dede9c8a5c03201a3c8b658a5873b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://globalgenuinedocuments.com/web/js/user.html

Response headers

cf-cache-status: MISS
etag: "b39ec-629364c5c63f8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uYNqGCZE7XEqRbHBX8hub3z2hxkDuK4pZZ%2B%2FTOhWOD2ZhgojYsXaie2DvIswSrbZW%2B1rlLE4Rm%2Fem5SUTBEcziqVF0%2BQqavC2IogmEFu8Pop7TFH1d5u67cFof%2F%2BDjBtfpksANUAD8iFRqL1oimm%2BidRCajfGTrrg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 00:10:54 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17461&min_rtt=16393&rtt_var=1834&sent=133&recv=61&lost=0&retrans=0&sent_bytes=111642&recv_bytes=3239&delivery_rate=3320328&cwnd=233&unsent_bytes=0&cid=26f007124002af62&ts=273&x=0"
date: Tue, 17 Dec 2024 22:10:54 GMT
content-type: image/jpeg
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Sat, 14 Dec 2024 07:57:26 GMT
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f3a3ef29ac65c56-FRA
accept-ranges: bytes
content-length: 735724
server: cloudflare

GET
H3

200

cropped-cuatomer-32x32.png
globalgenuinedocuments.com/wp-content/uploads/2022/02/
Redirect Chain

https://globalgenuinedocuments.com/favicon.ico
https://globalgenuinedocuments.com/wp-content/uploads/2022/02/cropped-cuatomer-32x32.png

3 KB
4 KB

120ms
120ms

Other
image/png

172.67.137.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://globalgenuinedocuments.com/wp-content/uploads/2022/02/cropped-cuatomer-32x32.png
Protocol: H3
Server: 172.67.137.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b212f8424ffb7e0ded93bea18c9d1c3544ca350e87e8566ac5884ee32c58447d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://globalgenuinedocuments.com/web/js/user.html

Response headers

cf-cache-status: MISS
etag: "b17-5d88db62dda80"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrY%2FXwP6N6Djx%2FiqskrOBzNGrcNSB%2F0pC8bkMH8ZXfg%2BWykcKuO4Zn4jYqKS1u1GPdAsLRf9TlYMAc06vyIyqrqtfy9wuPlN0zNF8w7lE%2BacRDbZQhwHVsYaH6G8p6BhmulTTSzGqX8KFsTPBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 00:10:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15633&min_rtt=15456&rtt_var=1955&sent=14&recv=11&lost=0&retrans=0&sent_bytes=5218&recv_bytes=4879&delivery_rate=340&cwnd=12000&unsent_bytes=0&cid=35db1c574ffe8a8b&ts=3119&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 22:10:57 GMT
content-type: image/png
vary: X-Forwarded-Proto, Accept-Encoding
last-modified: Mon, 21 Feb 2022 21:14:02 GMT
priority: u=1,i
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f3a3f055b78fddb-MUC
accept-ranges: bytes
content-length: 2839
server: cloudflare

Redirect headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2tZ1NbzZwyH%2BBB8H8%2FFlcajMA6h%2FhYd3xlX5HwPPU6n0IFqXLiq6lsitnxEssPdx2%2Bg1kCnQXfVp1iGTMRCNpFqC92Do55kPHXlv43s4SU4FEcjLmcMxirXO%2BcHp7O02Vxjk9czW0DelENanA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 18 Dec 2024 00:10:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15640&min_rtt=15456&rtt_var=2588&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4257&recv_bytes=4474&delivery_rate=686&cwnd=12000&unsent_bytes=0&cid=35db1c574ffe8a8b&ts=2999&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 17 Dec 2024 22:10:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=1,i
x-redirect-by: WordPress
link: <https://globalgenuinedocuments.com/wp-json/>; rel="https://api.w.org/"
cache-control: public, max-age=14400
location: https://globalgenuinedocuments.com/wp-content/uploads/2022/02/cropped-cuatomer-32x32.png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f3a3ef42c8ffddb-MUC
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banrural (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| axios

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
globalgenuinedocuments.com
172.67.137.102
2606:4700:3032::ac43:8966
2a04:4e42:200::485
05af54bb34498e4a2d3e34bd151d81c858dede9c8a5c03201a3c8b658a5873b0
0763760f370e096602956e45b03af9581c5946adf6b022e703c0f548972e21c6
1a717b0f7fa42f60869fca0eee8a720542cf657f8fc3459208d96f7400378805
2b4012d9b3a69a58f63311ee5b8cad2ad054cb677f595e6781f43f42592c4688
346bf2c18813b2231858abc579f98ed27bc50f1e4e6ebc4b5220b4cfe18d7398
9e42b2dae3df4833052b4b5a38ee2444176ee58052cdbfa582ecdebf2ff84735
a6fe470e9b113281c6a7288dd3fe1798e02044344844162226c530efc3696bdd
b212f8424ffb7e0ded93bea18c9d1c3544ca350e87e8566ac5884ee32c58447d
d49169c29e5fb4fee4848ad548905594d99d94870a0babe56a1513165169aae6
ffb6e270a7bbb1ea1b797965ae85e35760b38b98744478a4151ddee79a31d215

globalgenuinedocuments.com Open in urlscan Pro 2606:4700:3032::ac43:8966 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

838 kBTransfer

851 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

globalgenuinedocuments.com Open in urlscan Pro
2606:4700:3032::ac43:8966 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

838 kB
Transfer

851 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!