blog.nexthealth.pk
Open in
urlscan Pro
136.243.1.18
Public Scan
Submitted URL: https://bit.ly/3z6TbTi
Effective URL: https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/login/
Submission Tags: falconsandbox
Submission: On December 28 via api from US — Scanned from DE
Effective URL: https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/login/
Submission Tags: falconsandbox
Submission: On December 28 via api from US — Scanned from DE
Summary
This website contacted 4 IPs
in 3 countries
across 5 domains to perform 19 HTTP transactions.
The main IP is 136.243.1.18, located in
Germany and
belongs to HETZNER-AS, DE.
The main domain is blog.nexthealth.pk.
TLS certificate: Issued by R3 on December 8th 2021. Valid for: 3 months.
This is the only time blog.nexthealth.pk was scanned on urlscan.io!
TLS certificate: Issued by R3 on December 8th 2021. Valid for: 3 months.
This is the only time blog.nexthealth.pk was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
| 1 | 2a02:4a8:ac24... 2a02:4a8:ac24:129::13:12 | 25234 (GLOBE-AS ...) (GLOBE-AS www.active24.cz) | |
| 2 18 | 136.243.1.18 136.243.1.18 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 | 2606:4700::68... 2606:4700::6810:5814 | () () | |
| 1 | 2a00:1450:400... 2a00:1450:4001:808::200a | () () | |
| 19 | 4 |
1
2a02:4a8:ac24:129::13:12
(Czech Republic)
ASN25234 (GLOBE-AS www.active24.cz, CZ)
ASN25234 (GLOBE-AS www.active24.cz, CZ)
| www.bilakrava.cz |
18
136.243.1.18
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: ns1.gazetechnologies.com
ASN24940 (HETZNER-AS, DE)
PTR: ns1.gazetechnologies.com
| blog.nexthealth.pk |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 18 |
nexthealth.pk
2 redirects
blog.nexthealth.pk |
236 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
1 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net |
25 KB |
| 1 |
bilakrava.cz
www.bilakrava.cz |
728 B |
| 1 |
bit.ly
1 redirects
bit.ly |
284 B |
| 19 | 5 |
| Domain | Requested by | |
|---|---|---|
| 18 | blog.nexthealth.pk |
2 redirects
blog.nexthealth.pk
|
| 1 | fonts.googleapis.com |
blog.nexthealth.pk
|
| 1 | cdn.jsdelivr.net |
blog.nexthealth.pk
|
| 1 | www.bilakrava.cz | |
| 1 | bit.ly | 1 redirects |
| 19 | 5 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.bilakrava.cz R3 |
2021-11-11 - 2022-02-09 |
3 months | crt.sh |
| blog.nexthealth.pk R3 |
2021-12-08 - 2022-03-08 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/login/
Frame ID: CAFC361E0294D52DDBE66E5575E7C815
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Please wait...Page URL History Show full URLs
-
https://bit.ly/3z6TbTi
HTTP 301
https://www.bilakrava.cz/wp-content/uploads/ithemes-security/logs/tap.php Page URL
- https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/ Page URL
-
https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6
HTTP 301
https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/ HTTP 302
https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/login/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AngularJS
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \bangular.{0,32}\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/3z6TbTi
HTTP 301
https://www.bilakrava.cz/wp-content/uploads/ithemes-security/logs/tap.php Page URL
- https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/ Page URL
-
https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6
HTTP 301
https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/ HTTP 302
https://blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://bit.ly/3z6TbTi HTTP 301
- https://www.bilakrava.cz/wp-content/uploads/ithemes-security/logs/tap.php
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
tap.php
www.bilakrava.cz/wp-content/uploads/ithemes-security/logs/ Redirect Chain
|
1 KB 728 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
blog.nexthealth.pk/wp-includes/images/crystal/caixa/ |
728 B 617 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/login/ Redirect Chain
|
178 KB 104 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
helpers.css
blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/login/assets/css/ |
41 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
blog.nexthealth.pk/wp-includes/images/crystal/caixa/a1b2c3/0ed4e7f1ef7ac931829600fd236944f6/login/assets/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
blog.nexthealth.pk/wp-includes/images/crystal/caixa/bower_components/jquery/dist/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ua-parser.min.js
blog.nexthealth.pk/wp-includes/images/crystal/caixa/bower_components/ua-parser-js/dist/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
blog.nexthealth.pk/wp-includes/images/crystal/caixa/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core_form.js
blog.nexthealth.pk/wp-includes/images/crystal/caixa/core/form/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core_token.js
blog.nexthealth.pk/wp-includes/images/crystal/caixa/core/token/ |
12 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
angular.min.js
blog.nexthealth.pk/wp-includes/images/crystal/caixa/bower_components/angular/ |
165 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
blog.nexthealth.pk/wp-includes/images/crystal/caixa/node_modules/bootstrap/dist/css/ |
150 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core_form.css
blog.nexthealth.pk/wp-includes/images/crystal/caixa/core/form/ |
3 KB 739 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css.css
blog.nexthealth.pk/wp-includes/images/crystal/caixa/login/form/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
form.js
blog.nexthealth.pk/wp-includes/images/crystal/caixa/login/form/ |
4 KB 941 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ng.js
blog.nexthealth.pk/wp-includes/images/crystal/caixa/login/ng/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
token.js
blog.nexthealth.pk/wp-includes/images/crystal/caixa/login/token/ |
411 B 484 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| blog.nexthealth.pk/wp-includes/images/crystal/caixa | Name: real Value: OK |
|
| .bit.ly/ | Name: _bit Value: lbsi3p-5b0109d5f36682bf46-00J |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
blog.nexthealth.pk
cdn.jsdelivr.net
fonts.googleapis.com
www.bilakrava.cz
136.243.1.18
2606:4700::6810:5814
2a00:1450:4001:808::200a
2a02:4a8:ac24:129::13:12
67.199.248.11
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
4d8d1b000517d9e4cb42d5b6843fb184c4c83977261f0372570d02437dda1a81
65cc4a06bd6f2639c2ac6a8d96a290abf4d68e9f71567f3dce39106b0ec6e4cc
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
bce11a827404c533c0b35005a8fdb4dd0746d02b5dcf16e68ef5f2f11545326b
c7cf8461fffd60782894e1363618c9995ec44cafdd95d72ef8a8c4384b205368
d50f022bb37d15392bbb4d63ed70d163f5c2c93496a17f78b33af62bc23eae67
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765
fe675dc81bd7d20f6634fcfa4795f25057d619436592ef86d525cbfdc726543b