balaxta.online Open in urlscan Pro
2606:4700:3034::6815:129f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://balaxta.online/ca14454
Effective URL:
https://balaxta.online/ca14454
Submission: On March 07 via api (March 7th 2024, 9:14:30 pm UTC) from US — Scanned from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 14 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3034::6815:129f, located in United States and belongs to CLOUDFLARENET, US. The main domain is balaxta.online.
TLS certificate: Issued by GTS CA 1P5 on February 26th 2024. Valid for: 3 months.

This is the only time balaxta.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3034::6815:129f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.39.40 104.21.39.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:303... 2606:4700:3032::6815:1ef2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a01:4f8:1060... 2a01:4f8:1060:13eb::2	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
19	9

2 2606:4700:3034::6815:129f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

balaxta.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.39.40 (None, )

ASN13335 (CLOUDFLARENET, US)

js.nextpsh.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.capndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cb1d14ec96.c38f521ff4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:1ef2 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:1060:13eb::2 (Germany)

ASN24940 (HETZNER-AS, DE)

ntvpforever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 40708	433 B
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 19496	36 KB
2	balaxta.online 1 redirects balaxta.online	8 KB
1	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 18964	15 KB
1	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 70475	45 KB
1	c38f521ff4.com cb1d14ec96.c38f521ff4.com	207 B
1	ntvpforever.com ntvpforever.com — Cisco Umbrella Rank: 63768
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 34382	906 B
1	capndr.com js.capndr.com — Cisco Umbrella Rank: 41889	238 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 54860	3 KB
1	nextpsh.top js.nextpsh.top	687 B
0	85d2ae7308.com Failed 25f07559f6.85d2ae7308.com Failed
0	nereserv.com Failed nereserv.com Failed
0	google.com Failed accounts.google.com Failed
19	14

	Domain	Requested by
2	fp.metricswpsh.com	js.wpadmngr.com
2	js.wpadmngr.com	balaxta.online js.wpadmngr.com
2	balaxta.online	1 redirects
1	js.wpshsdk.com	js.wpadmngr.com
1	js.wpushsdk.com	js.wpadmngr.com js.wpushsdk.com
1	cb1d14ec96.c38f521ff4.com	js.wpadmngr.com
1	ntvpforever.com	js.wpadmngr.com
1	storage.multstorage.com	js.wpadmngr.com
1	js.capndr.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	js.nextpsh.top	balaxta.online
0	25f07559f6.85d2ae7308.com Failed	js.wpushsdk.com
0	nereserv.com Failed	js.wpushsdk.com
0	accounts.google.com Failed	balaxta.online
19	14

This site contains no links.

Subject Issuer	Validity	Valid
balaxta.online GTS CA 1P5	`2024-02-26` - `2024-05-26`	3 months	crt.sh
nextpsh.top GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
js.wpadmngr.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
na.nawpush.com R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
js.capndr.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
multstorage.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
notification.tubecup.net R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
cb1d14ec96.c38f521ff4.com R3	`2024-03-04` - `2024-06-02`	3 months	crt.sh
js.wpushsdk.com R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
js.wpshsdk.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://balaxta.online/ca14454
Frame ID: 5A48921FC31497FB2AF539C7D989D147
Requests: 15 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 2C02FAFD1A2E6AB236C43BF451FE6A1C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page URL History Show full URLs

http://balaxta.online/ca14454 HTTP 301
https://balaxta.online/ca14454 Page URL

Page Statistics

19
Requests

68 %
HTTPS

38 %
IPv6

14
Domains

14
Subdomains

9
IPs

3
Countries

108 kB
Transfer

324 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://balaxta.online/ca14454 HTTP 301
https://balaxta.online/ca14454 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ca14454 Show response balaxta.online/ Redirect Chain http://balaxta.online/ca14454 https://balaxta.online/ca14454	19 KB 7 KB	863ms 801ms	Document text/html	2606:4700:3034::6815:129f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://balaxta.online/ca14454 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:129f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.19 Resource Hash `caf01871123d25a59035bdc4fb3a24d406dd0869a34831da5fb6e1d16846e321` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 860d98290d443358-MIA content-encoding br content-type text/html; charset=UTF-8 date Thu, 07 Mar 2024 21:14:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy unsafe-url report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Fcyw8PuAmhBcOtlQyKymQ9s1s8iQHAKBwd0r%2FAV%2BMIfXkxXwKi8f2wZKK7oQX87mbMAxJA80%2BV4%2B0cPcZ88Gf621expTNkzY7PgfuRL7uN6TxPbYDIGPtDKeJ60%2Fap1vZdTsFhb19MG3zr79Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.0.19 Redirect headers CF-RAY 860d98285b0767db-MIA Cache-Control max-age=3600 Connection keep-alive Date Thu, 07 Mar 2024 21:14:18 GMT Expires Thu, 07 Mar 2024 22:14:18 GMT Location https://balaxta.online/ca14454 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfDAUpU%2FdDG1nq72z9uCGwKvi9M1nOWaqBFXYv7i%2F0zNxU%2FeM4L6VeAphfByCDIqGJedw0bdhN9cVCW4Ra1602rqMgdisG0Kc8BBjT3jze6qPACO1Cw2khEpcNT1HqLo4Nmh3FeaF5vVdakrPQ%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H2	200	ps.js Show response js.nextpsh.top/ps/	82 B 687 B	249ms 170ms	Script application/javascript	104.21.39.40 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.nextpsh.top/ps/ps.js?id=Ph8jYmrE70ufzXRCoxphlw Requested by Host: balaxta.online URL: https://balaxta.online/ca14454 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.39.40 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f41597e9109254c277334ce27b4dd5a1b823f2b988b602f3295fc2e8cdfd54a3` Request headers accept-language en-US,en;q=0.9 Referer https://balaxta.online/ca14454 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 21:14:19 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mi2LLBw%2B1E0o4CZ7P7eqqgXAwvs9VvbKQyY500oyZ0ney%2FqkZWA0Z%2Fwg51kJIjaaGU1D1Uc%2FRSli2JMvw0%2FlxPT3bfU4joXkAdUkVjXgQ5RCH%2FG7Mni1aKYbHR90zJNIQA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate cf-ray 860d982e9ca031d8-MIA alt-svc h3=":443"; ma=86400
GET H2	200	adManager.js Show response js.wpadmngr.com/static/	2 KB 1 KB	164ms 52ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpadmngr.com/static/adManager.js Requested by Host: balaxta.online URL: https://balaxta.online/ca14454 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `8cda164a8346788a16932ad07549430d0ddf6768aef3c148273b48070f2d4e4b` Request headers accept-language en-US,en;q=0.9 Referer https://balaxta.online/ca14454 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Thu, 07 Mar 2024 21:19:19 GMT date Thu, 07 Mar 2024 21:14:19 GMT content-encoding gzip last-modified Tue, 05 Mar 2024 14:52:17 GMT server nginx/1.18.0 etag W/"65e731a1-6a9" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	adManager.m.js Show response js.wpadmngr.com/static/	104 KB 35 KB	77ms 75ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpadmngr.com/static/adManager.m.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `f4a6bd7c4c4b744112e7a17254201adcffb90ff1f99d0aff97e059b6af2a84d6` Request headers accept-language en-US,en;q=0.9 Referer https://balaxta.online/ca14454 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Thu, 07 Mar 2024 21:19:20 GMT date Thu, 07 Mar 2024 21:14:20 GMT content-encoding gzip last-modified Tue, 05 Mar 2024 14:52:22 GMT server nginx/1.18.0 etag W/"65e731a6-1a102" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	43957 Show response na.nawpush.com/tags/	3 KB 3 KB	968ms 54ms	XHR application/json	45.133.44.25 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://na.nawpush.com/tags/43957?version_name=b Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `cc4929bfad96b630f940d3379a5184bb240dab2d9a3131921fd85d388639ba54` Request headers accept-language en-US,en;q=0.9 Referer https://balaxta.online/ca14454 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-origin * date Thu, 07 Mar 2024 21:14:21 GMT cache-control max-age=300, public content-type application/json server nginx/1.18.0 x-proxy-cache HIT
GET H2	200	advertising.js Show response js.capndr.com/	0 238 B	1852ms 858ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.capndr.com/advertising.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer https://balaxta.online/ca14454 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Thu, 07 Mar 2024 21:19:21 GMT date Thu, 07 Mar 2024 21:14:21 GMT last-modified Fri, 14 Jul 2023 08:23:25 GMT server nginx/1.18.0 etag "64b105fd-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
GET H2	200	count.html Show response storage.multstorage.com/log/ Frame 2C02	882 B 906 B	1975ms 932ms	Document text/html	2606:4700:3032::6815:1ef2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://storage.multstorage.com/log/count.html Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:1ef2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2` Request headers Referer https://balaxta.online/ca14454 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 860d984798d525e3-MIA content-encoding br content-type text/html date Thu, 07 Mar 2024 21:14:23 GMT last-modified Mon, 18 Sep 2023 14:39:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxqctMwO6UKYoLlrhgbJQu%2FxPAr9ZSWcJwmP5Ckr16AcnC95QeeDx15NOoj%2BzudacBlMlDHv0KUI%2FF8fV7za4RKlrrzmxgL8hVeH%2FRIQdCBZ4wNKFkjyLJMX5fmQrT7mv8kJcvreWXdW4w1s0iWP39jby%2BITQQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-request-id 31816f0db0d7fb766084ba0f87b99fe5
OPTIONS H2	204	keywords ntvpforever.com/ Frame	0 0	2960ms 919ms	Preflight	2a01:4f8:1060:13eb::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ntvpforever.com/keywords Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://balaxta.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Thu, 07 Mar 2024 21:14:24 GMT pragma no-cache server nginx/1.20.1 vary Origin
POST		keywords ntvpforever.com/	0 0

GET H2	200	track Show response cb1d14ec96.c38f521ff4.com/in/	0 207 B	4945ms 3915ms	XHR text/plain	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://cb1d14ec96.c38f521ff4.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzA2MTE4MjE2MDAzNTc2MjAwMCIsInRpbWV6b25lIjotMTAsInZlciI6IjMuMTEwLjAiLCJ0YWdfaWQiOjQzOTU3LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiUGFjaWZpYy9Ib25vbHVsdSIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjoxLjkxLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJMb2FkaW5nLi4uIn0= Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer https://balaxta.online/ca14454 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 21:14:23 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	npush.m.js Show response js.wpushsdk.com/npc/sdk/wpu/	162 KB 45 KB	1119ms 96ms	Script application/javascript	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `8639d11375e69d2f4b8e3b010df15e4011f04e924c4875b4ba2f8ad8c56a5cee` Request headers accept-language en-US,en;q=0.9 Referer https://balaxta.online/ca14454 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Thu, 07 Mar 2024 21:19:23 GMT date Thu, 07 Mar 2024 21:14:23 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 09:26:16 GMT server nginx/1.18.0 etag W/"65e98838-286fd" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	push.m.js Show response js.wpshsdk.com/npc/sdk/	34 KB 15 KB	1120ms 98ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpshsdk.com/npc/sdk/push.m.js?v=1 Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `db6c3c00f44fd66346429a82b08ebe4485ef289e63e903e769da163648d07328` Request headers accept-language en-US,en;q=0.9 Referer https://balaxta.online/ca14454 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Thu, 07 Mar 2024 21:19:23 GMT date Thu, 07 Mar 2024 21:14:23 GMT content-encoding gzip last-modified Tue, 20 Feb 2024 10:38:20 GMT server nginx/1.18.0 etag W/"65d4811c-8608" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
POST H/1.1	200 OK	fp fp.metricswpsh.com/	58 B 433 B	3156ms 155ms	XHR application/json	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=43957 Requested by Host: js.wpadmngr.com URL: https://js.wpadmngr.com/static/adManager.m.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Referer https://balaxta.online/ca14454 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Thu, 07 Mar 2024 21:14:28 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://balaxta.online Access-Control-Allow-Credentials true Connection keep-alive Content-Length 58
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	2937ms 920ms	Preflight	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=43957 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://balaxta.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://balaxta.online Connection keep-alive Date Thu, 07 Mar 2024 21:14:24 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET		nmain.m.js js.wpushsdk.com/skins/	0 0

GET		ServiceLogin accounts.google.com/	0 0

GET		dip nereserv.com/in/	0 0

POST		multy 25f07559f6.85d2ae7308.com/in/	0 0

OPTIONS		multy 25f07559f6.85d2ae7308.com/in/ Frame	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ntvpforever.com
URL: https://ntvpforever.com/keywords

Domain: js.wpushsdk.com
URL: https://js.wpushsdk.com/skins/nmain.m.js

Domain: accounts.google.com
URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

Domain: nereserv.com
URL: https://nereserv.com/in/dip?site=native-push&wl=0&event_id=fb92999c-4853-478a-abfe-8ea366496600&subid=416473681&sid=803812519&spot_id=26103&created_at=2024-03-07&timezone=-10&ver=8.149.0&is_native=1

Domain: 25f07559f6.85d2ae7308.com
URL: https://25f07559f6.85d2ae7308.com/in/multy

Domain: 25f07559f6.85d2ae7308.com
URL: https://25f07559f6.85d2ae7308.com/in/multy

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			js.nextpsh.top/	1970-01-21 04:33:26	Name: __psu Value: 8786f678-80d0-4da1-8706-090a200293f1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://balaxta.online/ca14454 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://balaxta.online/ca14454 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25f07559f6.85d2ae7308.com
accounts.google.com
balaxta.online
cb1d14ec96.c38f521ff4.com
fp.metricswpsh.com
js.capndr.com
js.nextpsh.top
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
na.nawpush.com
nereserv.com
ntvpforever.com
storage.multstorage.com
25f07559f6.85d2ae7308.com
accounts.google.com
js.wpushsdk.com
nereserv.com
ntvpforever.com
104.21.39.40
157.90.84.242
2606:4700:3032::6815:1ef2
2606:4700:3034::6815:129f
2a01:4f8:1060:13eb::2
45.133.44.25
45.133.44.52
45.133.44.53
8639d11375e69d2f4b8e3b010df15e4011f04e924c4875b4ba2f8ad8c56a5cee
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
8cda164a8346788a16932ad07549430d0ddf6768aef3c148273b48070f2d4e4b
caf01871123d25a59035bdc4fb3a24d406dd0869a34831da5fb6e1d16846e321
cc4929bfad96b630f940d3379a5184bb240dab2d9a3131921fd85d388639ba54
db6c3c00f44fd66346429a82b08ebe4485ef289e63e903e769da163648d07328
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f41597e9109254c277334ce27b4dd5a1b823f2b988b602f3295fc2e8cdfd54a3
f4a6bd7c4c4b744112e7a17254201adcffb90ff1f99d0aff97e059b6af2a84d6

balaxta.online Open in urlscan Pro 2606:4700:3034::6815:129f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

68 %HTTPS

38 %IPv6

14 Domains

14 Subdomains

9 IPs

3 Countries

108 kBTransfer

324 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

balaxta.online Open in urlscan Pro
2606:4700:3034::6815:129f Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

68 %
HTTPS

38 %
IPv6

14
Domains

14
Subdomains

9
IPs

3
Countries

108 kB
Transfer

324 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions