balaxta.online
Open in
urlscan Pro
2606:4700:3034::6815:129f
Public Scan
Effective URL: https://balaxta.online/ca14454
Submission: On March 07 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on February 26th 2024. Valid for: 3 months.
This is the only time balaxta.online was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 2606:4700:303... 2606:4700:3034::6815:129f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.21.39.40 104.21.39.40 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 45.133.44.52 45.133.44.52 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 45.133.44.25 45.133.44.25 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
3 | 45.133.44.53 45.133.44.53 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 2606:4700:303... 2606:4700:3032::6815:1ef2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a01:4f8:1060... 2a01:4f8:1060:13eb::2 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 157.90.84.242 157.90.84.242 | 24940 (HETZNER-AS) (HETZNER-AS) | |
19 | 9 |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpadmngr.com | |
js.wpshsdk.com |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.capndr.com | |
cb1d14ec96.c38f521ff4.com | |
js.wpushsdk.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 40708 |
433 B |
2 |
wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 19496 |
36 KB |
2 |
balaxta.online
1 redirects
balaxta.online |
8 KB |
1 |
wpshsdk.com
js.wpshsdk.com — Cisco Umbrella Rank: 18964 |
15 KB |
1 |
wpushsdk.com
js.wpushsdk.com — Cisco Umbrella Rank: 70475 |
45 KB |
1 |
c38f521ff4.com
cb1d14ec96.c38f521ff4.com |
207 B |
1 |
ntvpforever.com
ntvpforever.com — Cisco Umbrella Rank: 63768 |
|
1 |
multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 34382 |
906 B |
1 |
capndr.com
js.capndr.com — Cisco Umbrella Rank: 41889 |
238 B |
1 |
nawpush.com
na.nawpush.com — Cisco Umbrella Rank: 54860 |
3 KB |
1 |
nextpsh.top
js.nextpsh.top |
687 B |
0 |
85d2ae7308.com
Failed
25f07559f6.85d2ae7308.com Failed |
|
0 |
nereserv.com
Failed
nereserv.com Failed |
|
0 |
google.com
Failed
accounts.google.com Failed |
|
19 | 14 |
Domain | Requested by | |
---|---|---|
2 | fp.metricswpsh.com |
js.wpadmngr.com
|
2 | js.wpadmngr.com |
balaxta.online
js.wpadmngr.com |
2 | balaxta.online | 1 redirects |
1 | js.wpshsdk.com |
js.wpadmngr.com
|
1 | js.wpushsdk.com |
js.wpadmngr.com
js.wpushsdk.com |
1 | cb1d14ec96.c38f521ff4.com |
js.wpadmngr.com
|
1 | ntvpforever.com |
js.wpadmngr.com
|
1 | storage.multstorage.com |
js.wpadmngr.com
|
1 | js.capndr.com |
js.wpadmngr.com
|
1 | na.nawpush.com |
js.wpadmngr.com
|
1 | js.nextpsh.top |
balaxta.online
|
0 | 25f07559f6.85d2ae7308.com Failed |
js.wpushsdk.com
|
0 | nereserv.com Failed |
js.wpushsdk.com
|
0 | accounts.google.com Failed |
balaxta.online
|
19 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
balaxta.online GTS CA 1P5 |
2024-02-26 - 2024-05-26 |
3 months | crt.sh |
nextpsh.top GTS CA 1P5 |
2024-01-30 - 2024-04-29 |
3 months | crt.sh |
js.wpadmngr.com R3 |
2024-01-11 - 2024-04-10 |
3 months | crt.sh |
na.nawpush.com R3 |
2024-01-28 - 2024-04-27 |
3 months | crt.sh |
js.capndr.com R3 |
2024-02-21 - 2024-05-21 |
3 months | crt.sh |
multstorage.com GTS CA 1P5 |
2024-01-18 - 2024-04-17 |
3 months | crt.sh |
notification.tubecup.net R3 |
2024-02-09 - 2024-05-09 |
3 months | crt.sh |
cb1d14ec96.c38f521ff4.com R3 |
2024-03-04 - 2024-06-02 |
3 months | crt.sh |
js.wpushsdk.com R3 |
2024-01-12 - 2024-04-11 |
3 months | crt.sh |
js.wpshsdk.com R3 |
2024-01-20 - 2024-04-19 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://balaxta.online/ca14454
Frame ID: 5A48921FC31497FB2AF539C7D989D147
Requests: 15 HTTP requests in this frame
Frame:
https://storage.multstorage.com/log/count.html
Frame ID: 2C02FAFD1A2E6AB236C43BF451FE6A1C
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Loading...Page URL History Show full URLs
-
http://balaxta.online/ca14454
HTTP 301
https://balaxta.online/ca14454 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://balaxta.online/ca14454
HTTP 301
https://balaxta.online/ca14454 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ca14454
balaxta.online/ Redirect Chain
|
19 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ps.js
js.nextpsh.top/ps/ |
82 B 687 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adManager.js
js.wpadmngr.com/static/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adManager.m.js
js.wpadmngr.com/static/ |
104 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
43957
na.nawpush.com/tags/ |
3 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advertising.js
js.capndr.com/ |
0 238 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
count.html
storage.multstorage.com/log/ Frame 2C02 |
882 B 906 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
keywords
ntvpforever.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
keywords
ntvpforever.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
cb1d14ec96.c38f521ff4.com/in/ |
0 207 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
npush.m.js
js.wpushsdk.com/npc/sdk/wpu/ |
162 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
push.m.js
js.wpshsdk.com/npc/sdk/ |
34 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fp
fp.metricswpsh.com/ |
58 B 433 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
fp
fp.metricswpsh.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
nmain.m.js
js.wpushsdk.com/skins/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
ServiceLogin
accounts.google.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
dip
nereserv.com/in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
POST |
multy
25f07559f6.85d2ae7308.com/in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
multy
25f07559f6.85d2ae7308.com/in/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ntvpforever.com
- URL
- https://ntvpforever.com/keywords
- Domain
- js.wpushsdk.com
- URL
- https://js.wpushsdk.com/skins/nmain.m.js
- Domain
- accounts.google.com
- URL
- https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
- Domain
- nereserv.com
- URL
- https://nereserv.com/in/dip?site=native-push&wl=0&event_id=fb92999c-4853-478a-abfe-8ea366496600&subid=416473681&sid=803812519&spot_id=26103&created_at=2024-03-07&timezone=-10&ver=8.149.0&is_native=1
- Domain
- 25f07559f6.85d2ae7308.com
- URL
- https://25f07559f6.85d2ae7308.com/in/multy
- Domain
- 25f07559f6.85d2ae7308.com
- URL
- https://25f07559f6.85d2ae7308.com/in/multy
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| onAlreadySubscribed function| onPermissionDenied function| onPermissionAllowed function| onNotificationUnsupported function| _onAlreadySubscribed function| _onPermissionDenied function| _onPermissionAllowed function| _onNotificationUnsupported function| e object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam function| getRemoteSubscriber function| init object| activesInpages function| __fp-init1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
js.nextpsh.top/ | Name: __psu Value: 8786f678-80d0-4da1-8706-090a200293f1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
25f07559f6.85d2ae7308.com
accounts.google.com
balaxta.online
cb1d14ec96.c38f521ff4.com
fp.metricswpsh.com
js.capndr.com
js.nextpsh.top
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
na.nawpush.com
nereserv.com
ntvpforever.com
storage.multstorage.com
25f07559f6.85d2ae7308.com
accounts.google.com
js.wpushsdk.com
nereserv.com
ntvpforever.com
104.21.39.40
157.90.84.242
2606:4700:3032::6815:1ef2
2606:4700:3034::6815:129f
2a01:4f8:1060:13eb::2
45.133.44.25
45.133.44.52
45.133.44.53
8639d11375e69d2f4b8e3b010df15e4011f04e924c4875b4ba2f8ad8c56a5cee
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
8cda164a8346788a16932ad07549430d0ddf6768aef3c148273b48070f2d4e4b
caf01871123d25a59035bdc4fb3a24d406dd0869a34831da5fb6e1d16846e321
cc4929bfad96b630f940d3379a5184bb240dab2d9a3131921fd85d388639ba54
db6c3c00f44fd66346429a82b08ebe4485ef289e63e903e769da163648d07328
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f41597e9109254c277334ce27b4dd5a1b823f2b988b602f3295fc2e8cdfd54a3
f4a6bd7c4c4b744112e7a17254201adcffb90ff1f99d0aff97e059b6af2a84d6