gbstwrldnws.com Open in urlscan Pro
192.133.142.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gbstwrldnws.com/
Effective URL:
https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af
Submission: On January 19 via manual (January 19th 2023, 4:31:13 pm UTC) from SK — Scanned from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 10 HTTP transactions. The main IP is 192.133.142.177, located in United States and belongs to SERVEREL-AS, US. The main domain is gbstwrldnws.com. The Cisco Umbrella rank of the primary domain is 250397.
TLS certificate: Issued by R3 on January 9th 2023. Valid for: 3 months.

This is the only time gbstwrldnws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 7	192.133.142.177 192.133.142.177	15317 (SERVEREL-AS) (SERVEREL-AS)
4	199.182.164.165 199.182.164.165	15317 (SERVEREL-AS) (SERVEREL-AS)
10	3

7 192.133.142.177 (United States) 2 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 177.142.133.192.serverel.net

gbstwrldnws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.rplnd56.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.182.164.165 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 165.164.182.199.serverel.net

rexpush.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gbstwrldnws.com 2 redirects gbstwrldnws.com — Cisco Umbrella Rank: 250397	7 KB
4	rexpush.pro rexpush.pro — Cisco Umbrella Rank: 209349	120 KB
2	rplnd56.com 1.rplnd56.com	7 KB
10	3

	Domain	Requested by
5	gbstwrldnws.com	2 redirects
4	rexpush.pro	gbstwrldnws.com 1.rplnd56.com
2	1.rplnd56.com	rexpush.pro
10	3

This site contains no links.

Subject Issuer	Validity	Valid
rplnd35.com R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh
rexpush.net R3	`2022-12-15` - `2023-03-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af
Frame ID: A1BE6CF3B9F4D389B23A8391F80E3840
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download?

Page URL History Show full URLs

http://gbstwrldnws.com/ HTTP 301
https://gbstwrldnws.com/ HTTP 302
https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL
https://1.rplnd56.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL
https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL
https://1.rplnd56.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL
https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

134 kB
Transfer

371 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gbstwrldnws.com/ HTTP 301
https://gbstwrldnws.com/ HTTP 302
https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL
https://1.rplnd56.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL
https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL
https://1.rplnd56.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL
https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gbstwrldnws.com/ HTTP 301
https://gbstwrldnws.com/ HTTP 302
https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	60428889a9fde3a5250cf5e5b383f0af Show response gbstwrldnws.com/file_download/1/ Redirect Chain http://gbstwrldnws.com/ https://gbstwrldnws.com/ https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af	8 KB 3 KB	75ms 71ms	Document text/html	192.133.142.177 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.133.142.177 , United States, ASN15317 (SERVEREL-AS, US), Reverse DNS 177.142.133.192.serverel.net Software nginx / Resource Hash `20922400752062ff4bd229e2ca2d83e28d99efa1ef91941402d415e83249b286` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Jan 2023 16:31:08 GMT server nginx Redirect headers content-type text/html; charset=UTF-8 date Thu, 19 Jan 2023 16:31:08 GMT location https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af server nginx
GET H2	200	s_610043a588a07bb4eaf0898344a32b3e.min.js Show response rexpush.pro/js/	83 KB 30 KB	261ms 80ms	Script text/javascript	199.182.164.165 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://rexpush.pro/js/s_610043a588a07bb4eaf0898344a32b3e.min.js?tag=1&attempt=0&rnd=183932539&lnd=file_download&v=2&token=60428889a9fde3a5250cf5e5b383f0af&click_id=&sub1=&sub2=&sub3=&tb=&t_rdr= Requested by Host: gbstwrldnws.com URL: https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.182.164.165 , United States, ASN15317 (SERVEREL-AS, US), Reverse DNS 165.164.182.199.serverel.net Software nginx / Resource Hash `052464127b05e84f99988c09d67020705b3c9d004b212d4a7c08c55365121d10` Request headers accept-language en-US,en;q=0.9 Referer https://gbstwrldnws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 19 Jan 2023 16:31:08 GMT content-encoding gzip server nginx content-type text/javascript;charset=UTF-8
GET H2	200	60428889a9fde3a5250cf5e5b383f0af Show response 1.rplnd56.com/file_download/1/	8 KB 3 KB	91ms 74ms	Document text/html	192.133.142.177 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://1.rplnd56.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Requested by Host: rexpush.pro URL: https://rexpush.pro/js/s_610043a588a07bb4eaf0898344a32b3e.min.js?tag=1&attempt=0&rnd=183932539&lnd=file_download&v=2&token=60428889a9fde3a5250cf5e5b383f0af&click_id=&sub1=&sub2=&sub3=&tb=&t_rdr= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.133.142.177 , United States, ASN15317 (SERVEREL-AS, US), Reverse DNS 177.142.133.192.serverel.net Software nginx / Resource Hash `905b55b4c9d7f1ada4bfffa2226f4e40a74b775f82d6ac6878e0e36abd5654a1` Request headers Referer https://gbstwrldnws.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Jan 2023 16:31:09 GMT server nginx
GET H2	200	s_e65d5368c1cbf7ea7109209fd9c6572e.min.js Show response rexpush.pro/js/	83 KB 30 KB	82ms 81ms	Script text/javascript	199.182.164.165 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://rexpush.pro/js/s_e65d5368c1cbf7ea7109209fd9c6572e.min.js?tag=1&attempt=1&rnd=786459200&lnd=file_download&v=2&token=60428889a9fde3a5250cf5e5b383f0af&click_id=&sub1=&sub2=&sub3=&tb=&t_rdr= Requested by Host: 1.rplnd56.com URL: https://1.rplnd56.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.182.164.165 , United States, ASN15317 (SERVEREL-AS, US), Reverse DNS 165.164.182.199.serverel.net Software nginx / Resource Hash `865b2bff9480730d2e2ccdccaf6cb75ebcacc3da49d1e12035dc954f6a9dd3b0` Request headers accept-language en-US,en;q=0.9 Referer https://1.rplnd56.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 19 Jan 2023 16:31:09 GMT content-encoding gzip server nginx content-type text/javascript;charset=UTF-8
GET H2	200	60428889a9fde3a5250cf5e5b383f0af Show response gbstwrldnws.com/file_download/1/	8 KB 3 KB	84ms 83ms	Document text/html	192.133.142.177 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.133.142.177 , United States, ASN15317 (SERVEREL-AS, US), Reverse DNS 177.142.133.192.serverel.net Software nginx / Resource Hash `39a649cf159081f0bb2ef922702e51fa2a5a1e858799d2c26e4720639b2a3245` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Jan 2023 16:31:10 GMT server nginx
GET H2	200	s_04c93f7bb56263a9baac2d78bea56172.min.js Show response rexpush.pro/js/	83 KB 30 KB	93ms 93ms	Script text/javascript	199.182.164.165 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://rexpush.pro/js/s_04c93f7bb56263a9baac2d78bea56172.min.js?tag=1&attempt=0&rnd=553913282&lnd=file_download&v=2&token=60428889a9fde3a5250cf5e5b383f0af&click_id=&sub1=&sub2=&sub3=&tb=&t_rdr= Requested by Host: gbstwrldnws.com URL: https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.182.164.165 , United States, ASN15317 (SERVEREL-AS, US), Reverse DNS 165.164.182.199.serverel.net Software nginx / Resource Hash `4dbf57c72f7c9e7f70db0a472b01776f1450b8372aba42ec9e29b939e3d6f587` Request headers accept-language en-US,en;q=0.9 Referer https://gbstwrldnws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 19 Jan 2023 16:31:11 GMT content-encoding gzip server nginx content-type text/javascript;charset=UTF-8
GET H2	200	60428889a9fde3a5250cf5e5b383f0af Show response 1.rplnd56.com/file_download/1/	8 KB 3 KB	78ms 76ms	Document text/html	192.133.142.177 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://1.rplnd56.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Requested by Host: rexpush.pro URL: https://rexpush.pro/js/s_04c93f7bb56263a9baac2d78bea56172.min.js?tag=1&attempt=0&rnd=553913282&lnd=file_download&v=2&token=60428889a9fde3a5250cf5e5b383f0af&click_id=&sub1=&sub2=&sub3=&tb=&t_rdr= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.133.142.177 , United States, ASN15317 (SERVEREL-AS, US), Reverse DNS 177.142.133.192.serverel.net Software nginx / Resource Hash `401eaa16d825c41c2e61313718a9e5958b8a8a75e405f4e7f4ab93952070e1d2` Request headers Referer https://gbstwrldnws.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Jan 2023 16:31:11 GMT server nginx
GET H2	200	s_4cbd9a02b41dbd12eb1656c6e1ba238a.min.js Show response rexpush.pro/js/	83 KB 30 KB	84ms 84ms	Script text/javascript	199.182.164.165 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://rexpush.pro/js/s_4cbd9a02b41dbd12eb1656c6e1ba238a.min.js?tag=1&attempt=1&rnd=795541080&lnd=file_download&v=2&token=60428889a9fde3a5250cf5e5b383f0af&click_id=&sub1=&sub2=&sub3=&tb=&t_rdr= Requested by Host: 1.rplnd56.com URL: https://1.rplnd56.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Protocol H2 Security TLS 1.3, , AES_128_GCM Server 199.182.164.165 , United States, ASN15317 (SERVEREL-AS, US), Reverse DNS 165.164.182.199.serverel.net Software nginx / Resource Hash `3a5ee92e3aa3ec6d3db49364ccc26d761dd6fefe7c7bce2d521f06249028839d` Request headers accept-language en-US,en;q=0.9 Referer https://1.rplnd56.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 19 Jan 2023 16:31:11 GMT content-encoding gzip server nginx content-type text/javascript;charset=UTF-8
GET H2	200	Primary Request 60428889a9fde3a5250cf5e5b383f0af gbstwrldnws.com/file_download/1/	8 KB 0	74ms 73ms	Document text/html	192.133.142.177 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://gbstwrldnws.com/file_download/1/60428889a9fde3a5250cf5e5b383f0af Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.133.142.177 , United States, ASN15317 (SERVEREL-AS, US), Reverse DNS 177.142.133.192.serverel.net Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 19 Jan 2023 16:31:13 GMT server nginx
GET		s_6cb9fb553fa2a392f83e5d70f79ed267.min.js rexpush.pro/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rexpush.pro
URL: https://rexpush.pro/js/s_6cb9fb553fa2a392f83e5d70f79ed267.min.js?tag=1&attempt=0&rnd=418999541&lnd=file_download&v=2&token=60428889a9fde3a5250cf5e5b383f0af&click_id=&sub1=&sub2=&sub3=&tb=&t_rdr=

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| firebase

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rexpush.pro/	1970-01-20 18:38:25	Name: _f_30d9ff6106b5fe28d448dd5186c64932 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.rplnd56.com
gbstwrldnws.com
rexpush.pro
rexpush.pro
192.133.142.177
199.182.164.165
052464127b05e84f99988c09d67020705b3c9d004b212d4a7c08c55365121d10
20922400752062ff4bd229e2ca2d83e28d99efa1ef91941402d415e83249b286
39a649cf159081f0bb2ef922702e51fa2a5a1e858799d2c26e4720639b2a3245
3a5ee92e3aa3ec6d3db49364ccc26d761dd6fefe7c7bce2d521f06249028839d
401eaa16d825c41c2e61313718a9e5958b8a8a75e405f4e7f4ab93952070e1d2
4dbf57c72f7c9e7f70db0a472b01776f1450b8372aba42ec9e29b939e3d6f587
865b2bff9480730d2e2ccdccaf6cb75ebcacc3da49d1e12035dc954f6a9dd3b0
905b55b4c9d7f1ada4bfffa2226f4e40a74b775f82d6ac6878e0e36abd5654a1

gbstwrldnws.com Open in urlscan Pro 192.133.142.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

90 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

134 kBTransfer

371 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

gbstwrldnws.com Open in urlscan Pro
192.133.142.177 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

134 kB
Transfer

371 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions