Is globalcdn.co a scam?

Our automated security review marked globalcdn.co as suspicious. Several warning signs were detected; it may still turn out legitimate, but you should verify it through independent channels before trusting it with money or credentials.

Is globalcdn.co safe to use?

globalcdn.co currently scores 55/100 on our trust scale. We found enough warning signals to recommend caution. Verify the site through independent channels before entering credentials or money.

Has globalcdn.co been flagged by antivirus engines?

No. All 92 antivirus engines in our malware network report globalcdn.co as clean.

Is globalcdn.co on any phishing or malware blacklists?

No. globalcdn.co is not currently listed on the major browser blocklist feeds that modern browsers use.

Where is globalcdn.co hosted?

globalcdn.co resolves to an IP operated by G-Core Labs S.A. in LU (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.

Is globalcdn.co a well-known website?

Yes. globalcdn.co sits in the global top-100k on Cloudflare Radar, which means it has substantial real-world traffic. That does not automatically make it safe, but established brands almost always rank here and throwaway scam domains almost never do.

How often is the globalcdn.co report updated?

This is a permanent record of the scan run on June 19, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around globalcdn.co have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Security Review

Is globalcdn.co legit or a scam?

Our verdict:Suspicious· 55/100

SafeSuspiciousDangerous

A content delivery network domain frequently exploited by ransomware groups and malware operators to host malicious payloads.

Top reasons

Subdomains are explicitly linked to ShinySp1d3r ransomware in technical research.Multiple sandbox reports identify the domain as a network indicator for malicious activity.Lack of a transparent business entity or public-facing website despite 5 years of registration.

globalcdn.coScanned 2h ago

Post Facebook

Trust score

SUSPICIOUS

Heuristics 100·MT 45

Category tags

infrastructure#malware85% MT confidence

Positive signals (3)

Antivirus clear Not on major blacklists Clean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence

0/92

All engines report clean

Domain Age

—

Registration date unknown

MT Intelligence

Suspicious

Moderate likelihood · 85% confidence

SUSPICIOUS

Warning signs detected

A content delivery network domain frequently exploited by ransomware groups and malware operators to host malicious payloads. Several risk indicators suggest caution. This site might be legitimate — but treat it as unverified until you can independently confirm.

Website Preview

LIVE RENDER

globalcdn.co

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence

MT Security Analyst

Moderate scam likelihoodengineMT · Guardiantrust45/100

MT AgentLive web researchVisual inspectionNetwork correlation

Confidence

The domain operates as a technical infrastructure provider, which makes it a prime target for abuse by cybercriminals. Our research found that specific subdomains have been identified in ransomware analysis reports, specifically linked to the ShinySp1d3r group. While the root domain is registered to a legitimate UK-based registrar, the lack of a public-facing business website and the presence of multiple malware sandbox hits are significant red flags. The infrastructure appears to be used for command-and-control (C2) activities or as a distribution point for malicious scripts. Because it lacks a standard consumer reputation, the risk of encountering harmful content via its subdomains is high.

Full dossier

Analysis complete

Page Content

The root domain does not host a traditional website, which is typical for backend CDN infrastructure. It primarily serves as a routing point for subdomains rather than a consumer-facing storefront.

Infrastructure

The domain uses dedicated name servers (gns1.globalcdn.co) and is hosted on an IP address with a clean reputation score. However, the absence of an SSL certificate on the root URL suggests it is not intended for direct web browsing.

Domain History

Registered in late 2019 via Safenames Ltd, the domain has a stable five-year history. This longevity suggests it is a managed asset rather than a 'burnable' scam domain, though this age is often used to bypass basic security filters.

Web Reputation

The reputation is polarized; while major antivirus engines do not flag the root domain, security researchers have documented its subdomains in active malware campaigns. It is frequently cited in technical reports as a network indicator for ransomware operations.

Risk Factors

Subdomains are explicitly linked to ShinySp1d3r ransomware in technical research.
Multiple sandbox reports identify the domain as a network indicator for malicious activity.
Lack of a transparent business entity or public-facing website despite 5 years of registration.
Infrastructure is configured in a way that is commonly exploited for command-and-control (C2) traffic.

Positive Signals

Domain has been registered since 2019, showing long-term stability.
Zero detections across 92 antivirus engines for the root domain.
Registered through a reputable UK-based corporate registrar.

AI Recommendation

Do not download files or click links that lead to this domain or its subdomains. It is intended for backend data delivery and is currently associated with high-risk malware activity.

Scam network detected

2 linked domains correlated

The domain is part of a wider CDN infrastructure that shares naming conventions with other frequently abused delivery networks.

globalcdn.mediagcdn.co

Next-gen fraud intelligence

Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for globalcdn.co, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration

Active · United Kingdom

Site traces back to an actively registered business.

Clone check

Not a clone

No well-known site's layout or branding detected here.

Typosquat check

No look-alike match

The domain doesn't resemble any well-known brand's spelling.

Web mentions

2 scam reports

Key findings

7 headline facts from open-web research

Domain registered on 2019-11-26 via Safenames Ltd (UK), expires 2026-11-26, with privacy-protected registrant details.
Name servers: gns1.globalcdn.co and gns2.globalcdn.media; status includes clientTransferProhibited, clientUpdateProhibited, clientDeleteProhibited.
Subdomains such as cl-glcb907925.globalcdn.co frequently appear in malware analysis reports (Joe Sandbox, VirusTotal relations, ShinySp1d3r ransomware sandbox) as C2 or network IOCs.
Similar domain gcdn.co is a Gcore Labs CDN that is sometimes abused by cybercriminals, leading to Malwarebytes riskware blocks on subdomains.
Listed in AlienVault OTX with associated suspicious URLs and sandbox connections; no direct scam reports or consumer complaints found.
One independent checker (arrowhonest.com) found no blocklist hits or obvious red flags for globalcdn.co itself.
Functions as part of a content delivery network infrastructure, but subdomains are commonly abused for malicious payloads.

Scam reports (2)

Direct quotes from public scam databases, forums, and news.

Joe Sandboxopen
"cl-glcb907925.globalcdn.co"
Medium (ShinySp1d3r ransomware analysis)open
"DNS: a1672.dscr.akamai.net , cl-glcb907925.globalcdn.co , nexusrules.officeapps.live.com"

Business registration

Status: active · United Kingdom

Registered via Safenames Ltd (UK registrar). Domain created 2019-11-26, expires 2026-11-26. Registrant details privacy protected. No specific company entity tied directly in WHOIS.

Research summary

Narrative write-up from our AI analyst, grounded on the facts above

We analyzed security databases and technical research papers for globalcdn.co. Findings from independent researchers and sandbox reports link the domain's subdomains to the ShinySp1d3r ransomware-as-a-service operation. While no consumer 'scam' reports exist in the traditional sense, the domain is heavily documented as a technical indicator of compromise (IOC) in malware campaigns.

Antivirus Engines

Clean pass · verified

Clean across 92 engines

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious57Harmless92Engines

Clean

Kaspersky

Clean

Bitdefender

Clean

Microsoft

Not in pass

ESET-NOD32

Not in pass

Avira

Not in pass

Sophos

Clean

Fortinet

Clean

Google Safebrowsing

Clean

Emsisoft

Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check

Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Server Reputation

Abuse Intelligence

Confidence score0%

Reports on file0

ISPG-Core Labs S.A.

Usage typeData Center/Web Hosting/Transit

Proceed with caution

Our automated review flagged enough risk that you should treat this site as unverified.

Treat globalcdn.co as unverified
Do not enter credentials or send money until you have independently verified the business.
Verify the business through independent channels
Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.
Never use irreversible payment methods
Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.
Share your experience
If you have additional context, drop a comment below or post on the MalwareTips forum.
Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing

Not listedCheck ↗

VirusTotal

Not listedCheck ↗

AbuseIPDB

Not listedCheck ↗

Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

Our automated security review marked globalcdn.co as suspicious. Several warning signs were detected; it may still turn out legitimate, but you should verify it through independent channels before trusting it with money or credentials.
globalcdn.co currently scores 55/100 on our trust scale. We found enough warning signals to recommend caution. Verify the site through independent channels before entering credentials or money.
No. All 92 antivirus engines in our malware network report globalcdn.co as clean.
No. globalcdn.co is not currently listed on the major browser blocklist feeds that modern browsers use.
globalcdn.co resolves to an IP operated by G-Core Labs S.A. in LU (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
Yes. globalcdn.co sits in the global top-100k on Cloudflare Radar, which means it has substantial real-world traffic. That does not automatically make it safe, but established brands almost always rank here and throwaway scam domains almost never do.
This is a permanent record of the scan run on June 19, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around globalcdn.co have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

Trust / 100

Final Verdict·globalcdn.co

SUSPICIOUS

This domain is a Content Delivery Network (CDN) infrastructure that is frequently abused to host malicious files and ransomware commands. While the domain itself is a registered business asset, its subdomains are actively linked to cyberattacks. Users should avoid interacting with any direct links or downloads originating from this host.

Do not download files or click links that lead to this domain or its subdomains. It is intended for backend data delivery and is currently associated with high-risk malware activity.

AV engines

MT passes

Net signals

Scan another URL

Security review completemalwaretips.com/url-scan

Recently scanned

Other Suspicious reports

freetubespot-usa.bitbucket.io

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…

Loading comments…

This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.