tro1.ws.tls.gpantex.pro Open in urlscan Pro
85.133.153.205 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tro1.ws.tls.gpantex.pro/
Submission: On May 18 via api (May 18th 2024, 10:26:25 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 85.133.153.205, located in Tehran, Iran, Islamic Republic Of and belongs to AMINIDC, IR. The main domain is tro1.ws.tls.gpantex.pro.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.

This is the only time tro1.ws.tls.gpantex.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	85.133.153.205 85.133.153.205	48147 (AMINIDC) (AMINIDC)
1	45.156.184.42 45.156.184.42	208161 (PARSVDS) (PARSVDS)
11	3

1 85.133.153.205 (Tehran, Iran, Islamic Republic Of)

ASN48147 (AMINIDC, IR)

tro1.ws.tls.gpantex.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.156.184.42 (Iran, Islamic Republic Of)

ASN208161 (PARSVDS, IR)
PTR: box106.parsvds.com

gpante.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	gpante.com gpante.com	77 KB
1	gpantex.pro tro1.ws.tls.gpantex.pro
11	2

	Domain	Requested by
1	gpante.com	tro1.ws.tls.gpantex.pro gpante.com
1	tro1.ws.tls.gpantex.pro
11	2

This site contains no links.

Subject Issuer	Validity	Valid
45.32.91.165.sslip.io R3	`2024-05-15` - `2024-08-13`	3 months	crt.sh
gpante.com R3	`2024-04-23` - `2024-07-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tro1.ws.tls.gpantex.pro/
Frame ID: 6342AD59DA7C681180A160E1174C6D07
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

11
Requests

9 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

77 kB
Transfer

644 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / tro1.ws.tls.gpantex.pro/	142 KB 0	3984ms 3051ms	Document text/html	85.133.153.205 AMINIDC
General Check archive.org Show headers Download Go to Full URL https://tro1.ws.tls.gpantex.pro/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 85.133.153.205 Tehran, Iran, Islamic Republic Of, ASN48147 (AMINIDC, IR), Reverse DNS Software nginx/1.26.0 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Sat, 18 May 2024 10:25:50 GMT etag "41209-1716013018;br" expires Thu, 19 Nov 1981 08:52:00 GMT link <https://gpante.com/wp-json/>; rel="https://api.w.org/" <https://gpante.com/wp-json/wp/v2/pages/10>; rel="alternate"; type="application/json" <https://gpante.com/>; rel=shortlink pragma no-cache server nginx/1.26.0 vary Accept-Encoding x-dns-prefetch-control on x-litespeed-cache hit
GET H2	200	64110b3aec95687fb355633fa3a973cd.css gpante.com/wp-content/litespeed/css/	502 KB 77 KB	654ms 210ms	Stylesheet text/css	45.156.184.42 PARSVDS
General Check archive.org Show headers Download Go to Full URL https://gpante.com/wp-content/litespeed/css/64110b3aec95687fb355633fa3a973cd.css?ver=db672 Requested by Host: tro1.ws.tls.gpantex.pro URL: https://tro1.ws.tls.gpantex.pro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.156.184.42 , Iran, Islamic Republic Of, ASN208161 (PARSVDS, IR), Reverse DNS box106.parsvds.com Software / Resource Hash `610fe436fdacc76037e18cd3e1a8bc9a7a4808ae81dd758fa0e9efcdb95c149a` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://tro1.ws.tls.gpantex.pro/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 18 May 2024 10:25:58 GMT content-encoding br last-modified Sat, 18 May 2024 05:08:40 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=183599 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 78693 expires Mon, 20 May 2024 13:25:57 GMT
GET DATA	200 OK	truncated /	165 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c7f16b6ed1bd37365e73726ec88f5363d728703c86c270001f867ead181dedc0` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	167 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `591d4e03a7eaeb35b5bcb6ad3b99daacd635910c1cc8ec7bae6b3bdb89370951` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	167 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `945fb093ba8ea1318c91b9ebfcce1d6ad53a357d9f6ed1d67f6691a8b4f3674b` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET		landing-gadget-slider-bg.jpg gpante.com/wp-content/uploads/2022/04/	0 0

GET		%D8%AA%D8%AE%D9%81%DB%8C%D9%81-%D8%B7%D8%B1%D8%AD-%D8%A8%D8%B1%D8%B4-%D9%84%DB%8C%D8%B2%D8%B1%DB%8C.jpg gpante.com/wp-content/uploads/2024/01/	0 0

GET		Dana-Medium.woff2 gpante.com/wp-content/uploads/2022/03/	0 0

GET		woodmart-font-1-400.woff2 gpante.com/wp-content/themes/woodmart/fonts/	0 0

GET		Dana-Light.woff2 gpante.com/wp-content/uploads/2022/03/	0 0

GET		Dana-DemiBold.woff2 gpante.com/wp-content/uploads/2022/03/	0 0

GET		fontawesome-webfont.woff2 gpante.com/wp-content/plugins/dw-question-answer-pro/templates/assets/fonts/	0 0

GET		Dana-ExtraBold.woff2 gpante.com/wp-content/uploads/2022/03/	0 0

GET		Dana-Black.woff2 gpante.com/wp-content/uploads/2022/03/	0 0

GET DATA	200 OK	truncated /	163 B 163 B		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `03f49802e4845a9bef40e19e9b0caeb7600bf2ab4b532bfaf83077a495f7ffef` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gpante.com
URL: https://gpante.com/wp-content/uploads/2022/04/landing-gadget-slider-bg.jpg

Domain: gpante.com
URL: https://gpante.com/wp-content/uploads/2024/01/%D8%AA%D8%AE%D9%81%DB%8C%D9%81-%D8%B7%D8%B1%D8%AD-%D8%A8%D8%B1%D8%B4-%D9%84%DB%8C%D8%B2%D8%B1%DB%8C.jpg

Domain: gpante.com
URL: https://gpante.com/wp-content/uploads/2022/03/Dana-Medium.woff2

Domain: gpante.com
URL: https://gpante.com/wp-content/themes/woodmart/fonts/woodmart-font-1-400.woff2?v=7.5.1

Domain: gpante.com
URL: https://gpante.com/wp-content/uploads/2022/03/Dana-Light.woff2

Domain: gpante.com
URL: https://gpante.com/wp-content/uploads/2022/03/Dana-DemiBold.woff2

Domain: gpante.com
URL: https://gpante.com/wp-content/plugins/dw-question-answer-pro/templates/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: gpante.com
URL: https://gpante.com/wp-content/uploads/2022/03/Dana-ExtraBold.woff2

Domain: gpante.com
URL: https://gpante.com/wp-content/uploads/2022/03/Dana-Black.woff2

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| litespeed_docref

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gpante.com
tro1.ws.tls.gpantex.pro
gpante.com
45.156.184.42
85.133.153.205
03f49802e4845a9bef40e19e9b0caeb7600bf2ab4b532bfaf83077a495f7ffef
591d4e03a7eaeb35b5bcb6ad3b99daacd635910c1cc8ec7bae6b3bdb89370951
610fe436fdacc76037e18cd3e1a8bc9a7a4808ae81dd758fa0e9efcdb95c149a
945fb093ba8ea1318c91b9ebfcce1d6ad53a357d9f6ed1d67f6691a8b4f3674b
c7f16b6ed1bd37365e73726ec88f5363d728703c86c270001f867ead181dedc0

tro1.ws.tls.gpantex.pro Open in urlscan Pro 85.133.153.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

9 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

77 kBTransfer

644 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

tro1.ws.tls.gpantex.pro Open in urlscan Pro
85.133.153.205 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

9 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

77 kB
Transfer

644 kB
Size

0
Cookies

11 HTTP transactions
4 data transactions