g-globalfx.net Open in urlscan Pro
2606:4700:3037::ac43:bc23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://g-globalfx.net/#ce
Effective URL:
https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
Submission Tags: 0xscam
Submission: On January 09 via api (January 9th 2025, 7:57:01 am UTC) from US — Scanned from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3037::ac43:bc23, located in United States and belongs to CLOUDFLARENET, US. The main domain is g-globalfx.net.
TLS certificate: Issued by WE1 on January 9th 2025. Valid for: 3 months.

This is the only time g-globalfx.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3 13	2606:4700:303... 2606:4700:3037::ac43:bc23		13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

13 2606:4700:3037::ac43:bc23 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

g-globalfx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	g-globalfx.net 3 redirects g-globalfx.net	84 KB
10	1

	Domain	Requested by
13	g-globalfx.net	3 redirects g-globalfx.net
10	1

This site contains no links.

Subject Issuer	Validity	Valid
g-globalfx.net WE1	`2025-01-09` - `2025-04-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
Frame ID: 734F2475E625A1C1B33CDA4C759E3738
Requests: 9 HTTP requests in this frame

Frame: https://g-globalfx.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js
Frame ID: 8939754D2A0776F0A6430571E2021065
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GreenGlobalFX

Page URL History Show full URLs

https://g-globalfx.net/ HTTP 302
https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

10
Requests

80 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

113 kB
Transfer

170 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://g-globalfx.net/ HTTP 302
https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://g-globalfx.net/wp-content/plugins/login-designer/assets/images/backgrounds/.jpg HTTP 302
https://g-globalfx.net/wp-content/plugins/login-designer/assets/images/backgrounds/.jpg?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2Fwp-content%2Fplugins%2Flogin-designer%2Fassets%2Fimages%2Fbackgrounds%2F.jpg

Request Chain 7

https://g-globalfx.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://g-globalfx.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
g-globalfx.net/
Redirect Chain

https://g-globalfx.net/
https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F

7 KB
3 KB

349ms
349ms

Document
text/html

2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 767a91f3e5901e124fe068b30082a449eb099789046fd5d946a432c8b453a747

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8ff2dfa80cd5439f-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 09 Jan 2025 07:56:57 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5LJ%2FmMil3aix9xtYeAv1xt0GMqEKVHZIZJjlseKcybFpbbLiOF8lPX3Avyic2%2BCuVqiG20%2BSZSREiGDJfUSYJvHquWu00Emy%2BlHoc0jgifPEBfpLekPQBXKGcBKIO7r%2FC5S3ajhPOzOeCFNFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=21083&min_rtt=20818&rtt_var=2662&sent=15&recv=11&lost=0&retrans=0&sent_bytes=5130&recv_bytes=4879&delivery_rate=39409&cwnd=12000&unsent_bytes=0&cid=334d80a07c91da62&ts=844&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8ff2dfa4fabb439f-EWR
content-type: text/html; charset=UTF-8
date: Thu, 09 Jan 2025 07:56:56 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taq9FMz9N3I9cyYdRCE%2Bd8dlBtxnrg6frub5Ietn0jUSJh4JPFu4S%2FYCoIXGlfl3s7F4%2BpbAPkjB1fovsgBxdJCM%2FcShsnMK8OuCAb8%2FwSmSO6UTN7I%2F9hqc2NSol5daHU2x7aY6yJ0%2BqRa6MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=21095&min_rtt=20818&rtt_var=3516&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4167&recv_bytes=4427&delivery_rate=601&cwnd=12000&unsent_bytes=0&cid=334d80a07c91da62&ts=493&x=1" cfExtPri cfHdrFlush;dur=0
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 dashicons.min.css
g-globalfx.net/wp-includes/css/ 58 KB
36 KB 353ms
352ms Stylesheet
text/css 2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-globalfx.net/wp-includes/css/dashicons.min.css
Requested by: Host: g-globalfx.net
URL: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "e688-5bca85cdbf580-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzkRnOVRawiE6XXlJzvL%2FrQL5iKP4eTJiwlzReEoOHxnQO3h2QIyZkZeGuVSOQq8P3WJlbJv0e35D77vvw1Yi2ja8tcsqRLqFsxzURpWJaK57YbVZjBV2qQZ%2Fq%2B9J%2FmFcweoxjEfTPVjgOZvOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21994&min_rtt=20818&rtt_var=1624&sent=35&recv=26&lost=0&retrans=0&sent_bytes=22936&recv_bytes=7359&delivery_rate=39272&cwnd=15600&unsent_bytes=0&cid=334d80a07c91da62&ts=1205&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 09 Jan 2025 07:56:57 GMT
content-type: text/css
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff2dfaa4ea1439f-EWR
accept-ranges: bytes
content-length: 35730
server: cloudflare

GET
H3 200 buttons.min.css
g-globalfx.net/wp-includes/css/ 6 KB
2 KB 293ms
293ms Stylesheet
text/css 2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-globalfx.net/wp-includes/css/buttons.min.css
Requested by: Host: g-globalfx.net
URL: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a5fea14a12ec9ee91f044a7ff810602662c97d3fad8728497ea4e8c5aef0eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "17ad-61fb94af3aad7-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNDrGXhxAMN3C6LTEDaBiPZigPJslaYPhSKK9FNgeSfY21wMMSyHcufLmfakQWp6Fh9%2FkxMDW2YlvMCXJtj%2Fg8Pn8zcj8ohc15tiBRqOt%2BO1f8Wl29U8taEfag36FmJI79p3nvUNy5DCr4wa%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21062&min_rtt=20818&rtt_var=1532&sent=32&recv=18&lost=0&retrans=0&sent_bytes=20631&recv_bytes=7014&delivery_rate=10017&cwnd=12000&unsent_bytes=0&cid=334d80a07c91da62&ts=1143&x=1", cfExtPri, cfHdrFlush;dur=2
date: Thu, 09 Jan 2025 07:56:57 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 14:02:27 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff2dfaa4ea2439f-EWR
accept-ranges: bytes
content-length: 1470
server: cloudflare

GET
H3 200 forms.min.css
g-globalfx.net/wp-admin/css/ 28 KB
7 KB 289ms
288ms Stylesheet
text/css 2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-globalfx.net/wp-admin/css/forms.min.css
Requested by: Host: g-globalfx.net
URL: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87340ff69f885cba81092ed2401a4f82e6a9ed37ed7fde4a8e4cbcad79887195

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "6f8f-61fb94af7b216-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tsuHGhkwhR1h%2F9MFW8Nct3sJ%2BQo%2FMKuv5Jjl7mcv%2Frmz0CfDuFVEVFj%2B0nyWVAb%2BUank51YQsuRLLCkC8pPI%2FMb6Z92V6qZXTqRG9f%2FF6lF36tryYavZnbRtUtsiRdzN%2F3%2BhevqHUqUTvip9oA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21062&min_rtt=20818&rtt_var=1532&sent=25&recv=18&lost=0&retrans=0&sent_bytes=13103&recv_bytes=7014&delivery_rate=10017&cwnd=12000&unsent_bytes=0&cid=334d80a07c91da62&ts=1142&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 09 Jan 2025 07:56:57 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 14:02:27 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff2dfaa4ea3439f-EWR
accept-ranges: bytes
content-length: 6724
server: cloudflare

GET
H3 200 l10n.min.css
g-globalfx.net/wp-admin/css/ 3 KB
1 KB 272ms
271ms Stylesheet
text/css 2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-globalfx.net/wp-admin/css/l10n.min.css
Requested by: Host: g-globalfx.net
URL: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a77610fd0190ea9ecb57063433a619486dec13a59b1c2ce3b502b5c7cad7454

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "c80-61fb94af7c1b6-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1RPcSbCgbQQPZz3nJGq%2Bw%2B6Lc%2BQ01E3P0CxygzaqxcDYUwE4vIRU16RAIWphpf5G%2BEhK3w4%2FA8nddFx8aPaEKZjjldLGUJPtEHiwveWADaV48jS11dQvyVHCOJ6huYvoUs9FnnBvMUdE3A84Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21062&min_rtt=20818&rtt_var=1532&sent=20&recv=18&lost=0&retrans=0&sent_bytes=8631&recv_bytes=7014&delivery_rate=10017&cwnd=12000&unsent_bytes=0&cid=334d80a07c91da62&ts=1124&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 09 Jan 2025 07:56:57 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 14:02:27 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff2dfaa4ea4439f-EWR
accept-ranges: bytes
content-length: 767
server: cloudflare

GET
H3 200 login.min.css
g-globalfx.net/wp-admin/css/ 6 KB
3 KB 271ms
271ms Stylesheet
text/css 2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-globalfx.net/wp-admin/css/login.min.css
Requested by: Host: g-globalfx.net
URL: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e973191f0db85e0427b674b7c187b1e0f2e3b6b2c4e2ca52bab4fd5a20d873e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "191a-61fb94af78336-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOJ893Mz1r7km3Zm4tFpfDU1KLGwCCgp6etzkknj9HIbtU7%2FXDYfkcxZtW0%2Fgq8pK35JLZpzILl8PwxTKniwS6CB7m6kn6WSVtwaZxVaC%2BE%2BRZ3fGTdUT0JrbkkUhgw8crESOTRXFEr4Rju%2FlA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21062&min_rtt=20818&rtt_var=1532&sent=22&recv=18&lost=0&retrans=0&sent_bytes=10143&recv_bytes=7014&delivery_rate=10017&cwnd=12000&unsent_bytes=0&cid=334d80a07c91da62&ts=1124&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 09 Jan 2025 07:56:57 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 14:02:27 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff2dfaa4ea5439f-EWR
accept-ranges: bytes
content-length: 2189
server: cloudflare

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://g-globalfx.net
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3

404

.jpg
g-globalfx.net/wp-content/plugins/login-designer/assets/images/backgrounds/
Redirect Chain

https://g-globalfx.net/wp-content/plugins/login-designer/assets/images/backgrounds/.jpg
https://g-globalfx.net/wp-content/plugins/login-designer/assets/images/backgrounds/.jpg?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2Fwp-content%2Fplugins%2Flogin-designer%2Fa...

6 KB
6 KB

493ms
493ms

Image
text/html

2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g-globalfx.net/wp-content/plugins/login-designer/assets/images/backgrounds/.jpg?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2Fwp-content%2Fplugins%2Flogin-designer%2Fassets%2Fimages%2Fbackgrounds%2F.jpg
Requested by: Host: g-globalfx.net
URL: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F
Protocol: H3
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 697ea0354d5fdef8b87e5aae3a11fb49f1221bca184c9ae3c06d43e169465e5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F

Response headers

server: cloudflare
cache-control: no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gIeBW83GlDgU0LVkTMWh5AB35pEbopOn3rz%2F9A1Vq1IjN6xA9aPWLJdPRuBtQ2sxbccJQ6%2BNCzbzTsgfZjSdaypj4O%2Bb7Wbcyhrh%2BHZOPIMU8EwWVlqzsK57jnZ0BGArNBL%2FwDFgYzzzFMCVKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ff2dfaffaee439f-EWR
expires: Wed, 11 Jan 1984 05:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24043&min_rtt=20818&rtt_var=3482&sent=96&recv=65&lost=0&retrans=0&sent_bytes=68585&recv_bytes=27571&delivery_rate=38643&cwnd=30000&unsent_bytes=0&cid=334d80a07c91da62&ts=2255&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 09 Jan 2025 07:56:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
priority: u=1,i

Redirect headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QRfvJpr8TR7Cl%2FMeNABCVwGO0zhGYbeZT0zEkGE90Fpvcdg55aweS1mvLDNZ9ETsiTyhq%2F%2BEpsW7rfX%2BEdEwJ%2BDS4jaTZCQqbgL4rOxe2Xx5Ltf7MAEFldgsTKAmmdvFBBsHOYctKymLRSz3Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 11 Jan 1984 05:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24385&min_rtt=20818&rtt_var=3729&sent=94&recv=64&lost=0&retrans=0&sent_bytes=67623&recv_bytes=26614&delivery_rate=33705&cwnd=30000&unsent_bytes=0&cid=334d80a07c91da62&ts=1761&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 09 Jan 2025 07:56:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
priority: u=3,i
x-redirect-by: WordPress
cache-control: max-age=14400, must-revalidate
location: https://g-globalfx.net/wp-content/plugins/login-designer/assets/images/backgrounds/.jpg?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2Fwp-content%2Fplugins%2Flogin-designer%2Fassets%2Fimages%2Fbackgrounds%2F.jpg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff2dfacd8db439f-EWR
x-powered-by: PHP/7.4.33
server: cloudflare

GET
H3

200

main.js Show response
g-globalfx.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/ Frame 8939
Redirect Chain

https://g-globalfx.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://g-globalfx.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?

9 KB
5 KB

31ms
31ms

Script
application/javascript

2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g-globalfx.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?

Requested by

Host: g-globalfx.net
URL: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F

Protocol

Server

2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21bef1e48d07e22e828d9ea55e95e1957589db402bd3aea13dab588f2b1c04bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTiIa1FuBrC%2Fj%2Bk6HkEPQKeI4cLUM04yGhP%2FKcWQQPV8r0qMyJOgxLoo4CnZX0P90lVIcf50grGRgiOQTR6ILK90tvQzEmTQhI1WeCpzBJWZQzH6n27Dm9FM4vXhf%2FVVoZHdcXY6d%2BhUxe0%2BuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ff2dfad18f8439f-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22906&min_rtt=20818&rtt_var=1882&sent=72&recv=45&lost=0&retrans=0&sent_bytes=61026&recv_bytes=9164&delivery_rate=22306&cwnd=30000&unsent_bytes=0&cid=334d80a07c91da62&ts=1331&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 09 Jan 2025 07:56:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AeoSqN%2BTaNZPCe9u60xJ0CzC1%2Bz%2F%2Bcniojn9DqE4W5cmOqqEaD7B6Uj%2Fwzza5MerxEx%2Fyj1JpovzICAukUyoZjBr9a7odbQ8LtbJwXiinYznl1RyMeUwdmCoUijiEn4%2FUKVn%2BJK%2F69OwxAGozg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ff2dfacd8de439f-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=23202&min_rtt=20818&rtt_var=1718&sent=70&recv=44&lost=0&retrans=0&sent_bytes=60256&recv_bytes=8831&delivery_rate=1025778&cwnd=30000&unsent_bytes=0&cid=334d80a07c91da62&ts=1300&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 09 Jan 2025 07:56:57 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8ff2dfa80cd5439f Show response
g-globalfx.net/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8939 0
1 KB 39ms
32ms XHR
text/plain 2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-globalfx.net/cdn-cgi/challenge-platform/h/g/jsd/r/8ff2dfa80cd5439f
Requested by: Host: g-globalfx.net
URL: https://g-globalfx.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4oZTzorfJ0sts%2F29wYm9yvP5SuvFxc6XZx17oDLew8tYIvz25OO%2F8U7dh6Z%2FdpuOgaa6aqvAk839eAyPnJXMawWKzzluyJR73LguGS8p%2BWGzxHIkZjaY0lQ%2BImnrHfVuT8Ax283714ppLhQ%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ff2dfade96e439f-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24841&min_rtt=20818&rtt_var=3756&sent=92&recv=63&lost=0&retrans=0&sent_bytes=66391&recv_bytes=26570&delivery_rate=176489&cwnd=30000&unsent_bytes=0&cid=334d80a07c91da62&ts=1470&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Thu, 09 Jan 2025 07:56:57 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 cropped-GreenGlobalFX_Favicon-32x32.jpg
g-globalfx.net/wp-content/uploads/2024/08/ 16 KB
17 KB 354ms
353ms Other
image/jpeg 2606:4700:3037::ac43:bc23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g-globalfx.net/wp-content/uploads/2024/08/cropped-GreenGlobalFX_Favicon-32x32.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c192ea3b8616ef4bc46c5897a80f0fd3484f3ac8879b1e1e9180bea4da9ab1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://g-globalfx.net/?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2F

Response headers

cf-cache-status: MISS
etag: "41d9-621604a362f20"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4YQQ35MdPjZng9Hf703PRE84wDYKtC%2F8mU5Kj2VnF23aDBI%2BwKL33pSj9HHQj9AMVefeJE0u5lkWmrChq5W5HWHLRzgA%2FMjpGJ1fOBG%2BLGjbQ5h9LjZI2VQCHAroxfEmvtvrRsFSMDKtXAbzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23520&min_rtt=20818&rtt_var=2856&sent=100&recv=67&lost=0&retrans=0&sent_bytes=71693&recv_bytes=28470&delivery_rate=6291&cwnd=30000&unsent_bytes=0&cid=334d80a07c91da62&ts=2619&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 09 Jan 2025 07:56:59 GMT
content-type: image/jpeg
last-modified: Thu, 05 Sep 2024 14:41:45 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ff2dfb31db4439f-EWR
accept-ranges: bytes
content-length: 16857
server: cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
g-globalfx.net/	1970-01-21 11:05:45	Name: pll_language Value: en
g-globalfx.net/	1969-12-31 23:59:59	Name: wordpress_test_cookie Value: WP%20Cookie%20check
.g-globalfx.net/	1970-01-21 11:05:45	Name: cf_clearance Value: .xjyau3jOTAmx9bbRN1_jyWRerJGXYzTQbwDX5uSXT4-1736409417-1.2.1.1-uIzeHKFdRx33ccN3CsKQWpFdYlFC25u_PBs12BispIPmKG4bxnUuf0Hj92_mNIk3ri0Z5Qqk_16fAXl58KpYKCJNh9sov0iog_eUdBD9XO2m_M2dEcWqln5Wz_f5Ij3XJLA964tGqxFWflHLWNUjq3cM94PF5phEBemPfeGMz8XaqMURYKofisU2qu6oyULiPeWUahmq0vuPQJjxhxgUtLrrxgzjm4cJm3MCCpNAX9344q7PFQmxc8qYEjZ347.NdFRc.uVDwjeyBF0j6GMU3aZ67yABc5yy6eHETXOuftSUjGC6KHC0tfQliFKULQK9VN.lhQNZPh.o3ZWwkfQ4Qd6k7Cylt43K9nWTIfAtnVnyeCWgDCIgbNXxlIsQy5im

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://g-globalfx.net/wp-content/plugins/login-designer/assets/images/backgrounds/.jpg?password-protected=login&redirect_to=https%3A%2F%2Fg-globalfx.net%2Fwp-content%2Fplugins%2Flogin-designer%2Fassets%2Fimages%2Fbackgrounds%2F.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

g-globalfx.net
2606:4700:3037::ac43:bc23
21bef1e48d07e22e828d9ea55e95e1957589db402bd3aea13dab588f2b1c04bd
5c192ea3b8616ef4bc46c5897a80f0fd3484f3ac8879b1e1e9180bea4da9ab1b
697ea0354d5fdef8b87e5aae3a11fb49f1221bca184c9ae3c06d43e169465e5e
6db83b2803fed3f9b574567755102b18c401904a374c8acf4c9a2e9b0159cb4f
767a91f3e5901e124fe068b30082a449eb099789046fd5d946a432c8b453a747
87340ff69f885cba81092ed2401a4f82e6a9ed37ed7fde4a8e4cbcad79887195
8a77610fd0190ea9ecb57063433a619486dec13a59b1c2ce3b502b5c7cad7454
8e973191f0db85e0427b674b7c187b1e0f2e3b6b2c4e2ca52bab4fd5a20d873e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
d5a5fea14a12ec9ee91f044a7ff810602662c97d3fad8728497ea4e8c5aef0eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

g-globalfx.net Open in urlscan Pro 2606:4700:3037::ac43:bc23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

80 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

113 kBTransfer

170 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

g-globalfx.net Open in urlscan Pro
2606:4700:3037::ac43:bc23 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

80 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

113 kB
Transfer

170 kB
Size

3
Cookies

10 HTTP transactions
1 data transactions