be.nxt.to Open in urlscan Pro
18.65.125.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nxt.to/nlwYJqm
Effective URL:
https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
Submission: On March 03 via manual (March 3rd 2023, 5:53:00 am UTC) from DE — Scanned from AU

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 18.65.125.16, located in United States and belongs to AMAZON-02, US. The main domain is be.nxt.to.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 16th 2023. Valid for: a year.

This is the only time be.nxt.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.65.4.13 52.65.4.13	16509 (AMAZON-02) (AMAZON-02)
4	18.65.125.16 18.65.125.16	16509 (AMAZON-02) (AMAZON-02)
1	142.250.4.95 142.250.4.95	15169 (GOOGLE) (GOOGLE)
4	13.238.2.149 13.238.2.149	16509 (AMAZON-02) (AMAZON-02)
2	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
2	54.240.206.240 54.240.206.240	16509 (AMAZON-02) (AMAZON-02)
14	6

2 52.65.4.13 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-65-4-13.ap-southeast-2.compute.amazonaws.com

nxt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.65.125.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-125-16.kix50.r.cloudfront.net

be.nxt.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.238.2.149 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-238-2-149.ap-southeast-2.compute.amazonaws.com

cognito-identity.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.240.206.240 (Sydney, Australia)

ASN16509 (AMAZON-02, US)

kinesis.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	amazonaws.com cognito-identity.ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 591459 kinesis.ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 656358	3 KB
6	nxt.to 1 redirects nxt.to be.nxt.to	359 KB
2	gstatic.com fonts.gstatic.com	26 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
14	4

	Domain	Requested by
4	cognito-identity.ap-southeast-2.amazonaws.com	be.nxt.to
4	be.nxt.to	nxt.to be.nxt.to
2	kinesis.ap-southeast-2.amazonaws.com	be.nxt.to
2	fonts.gstatic.com	fonts.googleapis.com
2	nxt.to	1 redirects
1	fonts.googleapis.com	client
14	6

This site contains links to these domains. Also see Links.

Domain
www.hellofresh.de

Subject Issuer	Validity	Valid
*.nxt.to Amazon RSA 2048 M01	`2022-12-13` - `2024-01-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
cognito-identity.ap-southeast-2.amazonaws.com Amazon RSA 2048 M02	`2023-02-13` - `2023-07-06`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
kinesis.ap-southeast-2.amazonaws.com Amazon	`2022-11-03` - `2023-11-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
Frame ID: DEEB85AE8D071565BA0AF3A15C6D3F04
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fehlende Zutat

Page URL History Show full URLs

https://nxt.to/nlwYJqm Page URL
https://nxt.to/nlwYJqm?unfurlId=a80183e0-a145-4cf0-b734-30dba28c23d2 HTTP 303
https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/in... Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

389 kB
Transfer

389 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hellofresh.de/my-account/deliveries/menu
Title: Meine Lieferung

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nxt.to/nlwYJqm Page URL
https://nxt.to/nlwYJqm?unfurlId=a80183e0-a145-4cf0-b734-30dba28c23d2 HTTP 303
https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 nlwYJqm
nxt.to/ 675 B
761 B 321ms
116ms Document
text/html 52.65.4.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nxt.to/nlwYJqm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.65.4.13 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-65-4-13.ap-southeast-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-type: text/html
date: Fri, 03 Mar 2023 05:52:52 GMT
server: Kestrel
vary: Accept

GET
H/1.1

200
OK

Primary Request index.html Show response
be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/
Redirect Chain

https://nxt.to/nlwYJqm?unfurlId=a80183e0-a145-4cf0-b734-30dba28c23d2
https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html

28 KB
29 KB

1323ms
565ms

Document
text/html

18.65.125.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
Requested by: Host: nxt.to
URL: https://nxt.to/nlwYJqm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.125.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-125-16.kix50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd33f6aaeb638742255361a7f984b238c0523ca1b3c05345dec9359d5acd4622

Request headers

Referer: https://nxt.to/nlwYJqm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 29141
Content-Type: text/html
Date: Fri, 03 Mar 2023 05:52:54 GMT
ETag: "89e9d8b547968af2cd5718d36401514f"
Last-Modified: Fri, 03 Feb 2023 11:21:53 GMT
Server: AmazonS3
Via: 1.1 36ae8c4c0bdff04ebcbb8d7c20122a6c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Jrl13wvT7DPd1O2mV4yZOgTab86gfu1nIlmUSgt54iBvuP4-lcEtPA==
X-Amz-Cf-Pop: KIX50-P3
X-Cache: Miss from cloudfront

Redirect headers

content-type: text/html
date: Fri, 03 Mar 2023 05:52:52 GMT
location: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
server: Kestrel

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 520ms
175ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://be.nxt.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Mar 2023 05:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 05:49:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Mar 2023 05:52:54 GMT

GET
H/1.1 200
OK aws-sdk-2.605.0.min.js Show response
be.nxt.to/global-assets/js/ 250 KB
251 KB 499ms
498ms Script
binary/octet-stream 18.65.125.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://be.nxt.to/global-assets/js/aws-sdk-2.605.0.min.js
Requested by: Host: be.nxt.to
URL: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.125.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-125-16.kix50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 858f1fb23502930c455b5fb95cc32f8f01b50360308a5e4dd638a6371561a1ba

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:52:55 GMT
Via: 1.1 087f9d87c8e332bb87ca113d04449838.cloudfront.net (CloudFront)
Last-Modified: Wed, 05 Feb 2020 00:52:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: KIX50-P3
ETag: "bc00ad0fedc775659989d496f23de5b9"
X-Cache: RefreshHit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Content-Length: 256092
X-Amz-Cf-Id: AqtrEf7U8KnzJGZ8_29Qt1ocY_JyZYZPJuLQjieHTAKEe4bxDH9yJw==

GET
H/1.1 200
OK event-publisher.js Show response
be.nxt.to/global-assets/js/ 1 KB
2 KB 505ms
503ms Script
binary/octet-stream 18.65.125.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://be.nxt.to/global-assets/js/event-publisher.js
Requested by: Host: be.nxt.to
URL: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.125.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-125-16.kix50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f51be2a3f00aad76b04b2c676a66df83b2661fbbe890d3ba952a755873615c7c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:52:55 GMT
Via: 1.1 36ae8c4c0bdff04ebcbb8d7c20122a6c.cloudfront.net (CloudFront)
Last-Modified: Wed, 05 Feb 2020 00:52:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: KIX50-P3
ETag: "04fd375564e70c04a8add1122b139938"
X-Cache: RefreshHit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Content-Length: 1325
X-Amz-Cf-Id: vmfGwmahyWEdHEVA7Y4u8TTBjc1MyV1BSyKn-6xUEF_N5Ouu-D-WhA==

OPTIONS
H2 200 /
cognito-identity.ap-southeast-2.amazonaws.com/ 0
0 302ms
99ms Preflight 13.238.2.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.ap-southeast-2.amazonaws.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.238.2.149 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-238-2-149.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://be.nxt.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Fri, 03 Mar 2023 05:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: b171df99-4a25-4c7d-bfe4-b9803043c6c4

POST
H2 200 / Show response
cognito-identity.ap-southeast-2.amazonaws.com/ 68 B
322 B 163ms
163ms XHR
application/x-amz-json-1.1 13.238.2.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.ap-southeast-2.amazonaws.com/

Requested by

Host: be.nxt.to
URL: https://be.nxt.to/global-assets/js/aws-sdk-2.605.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.238.2.149 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-238-2-149.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

afce79cbbf1a8cb76a16df0402a5b86ca64c2560a2797003606ee2725833e689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Amz-Content-Sha256: 0a372bdbdab29acb4e6496034dabec5963e3a4f87b698216ae0a60352252b23a
Referer: https://be.nxt.to/
X-Amz-Target: AWSCognitoIdentityService.GetId
accept-language: en-AU,en;q=0.9
X-Amz-User-Agent: aws-sdk-js/2.605.0 callback
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Fri, 03 Mar 2023 05:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: 91ab67f4-157b-44dd-9d28-c4d0e184c137
content-length: 68
content-type: application/x-amz-json-1.1

GET
H/1.1 200
OK baa9c178-a9c7-4532-9236-42b29e5b307e
be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/ 77 KB
77 KB 582ms
581ms Image
application/octet-stream 18.65.125.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/baa9c178-a9c7-4532-9236-42b29e5b307e
Requested by: Host: be.nxt.to
URL: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.125.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-125-16.kix50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4daa1fd2cfbc8698d2b74ae78ddd6f4c625004a3fa2755939057e9df41bc9e8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 05:52:56 GMT
Via: 1.1 087f9d87c8e332bb87ca113d04449838.cloudfront.net (CloudFront)
Last-Modified: Fri, 03 Feb 2023 11:21:50 GMT
Server: AmazonS3
X-Amz-Cf-Pop: KIX50-P3
ETag: "a34a186740c2a9f9361ef7689fde1468"
X-Cache: Miss from cloudfront
Content-Type: application/octet-stream
Connection: keep-alive
Content-Length: 78826
X-Amz-Cf-Id: N-V60pMKP5_1vcWOxEpgfWOJ_NYTre_1dsEvF9KmuShwhzCiq-Tszw==

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 512ms
170ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://be.nxt.to
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 17:48:49 GMT
x-content-type-options: nosniff
age: 43446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:48:49 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 546ms
205ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://be.nxt.to
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 05:49:07 GMT
x-content-type-options: nosniff
age: 345828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 05:49:07 GMT

POST
H2 200 / Show response
cognito-identity.ap-southeast-2.amazonaws.com/ 2 KB
2 KB 137ms
137ms XHR
application/x-amz-json-1.1 13.238.2.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.ap-southeast-2.amazonaws.com/

Requested by

Host: be.nxt.to
URL: https://be.nxt.to/global-assets/js/aws-sdk-2.605.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.238.2.149 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-238-2-149.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

823310482dae61f338a1681ac2b2ece57202148fb02259f608aeed4331706d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Amz-Content-Sha256: afce79cbbf1a8cb76a16df0402a5b86ca64c2560a2797003606ee2725833e689
Referer: https://be.nxt.to/
X-Amz-Target: AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language: en-AU,en;q=0.9
X-Amz-User-Agent: aws-sdk-js/2.605.0 callback
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Fri, 03 Mar 2023 05:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: 9b9ee575-5ef1-4a3b-9ba6-36e95ecc712a
content-length: 1801
content-type: application/x-amz-json-1.1

OPTIONS
H2 200 /
cognito-identity.ap-southeast-2.amazonaws.com/ 0
0 100ms
99ms Preflight 13.238.2.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.ap-southeast-2.amazonaws.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.238.2.149 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-238-2-149.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://be.nxt.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-content-sha256,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Fri, 03 Mar 2023 05:52:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: f6edce4b-dc82-4ee8-b663-36b4dcf4708f

POST
H/1.1 200
OK / Show response
kinesis.ap-southeast-2.amazonaws.com/ 110 B
546 B 110ms
109ms XHR
application/x-amz-json-1.1 54.240.206.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.ap-southeast-2.amazonaws.com/
Requested by: Host: be.nxt.to
URL: https://be.nxt.to/global-assets/js/aws-sdk-2.605.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.240.206.240 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d3e4601ca6150253c415b04a4b3e80f9e27b103620d4787cf23f6de594b93b1b

Request headers

accept-language: en-AU,en;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=ASIAZJRWLSS7RITA57JR/20230303/ap-southeast-2/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-target;x-amz-user-agent, Signature=000de6c223bd7a072575376568c625fb9316854dbda027606b09ecd934f57d69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: f6e82a5145b319d2cb9ac6748d3d541d04c3fc17605e19dcd1956125eec2914c
x-amz-security-token: IQoJb3JpZ2luX2VjEA4aDmFwLXNvdXRoZWFzdC0yIkcwRQIhAN06SIV89Mpqlz/xeaDIQT4n7PTXgGfbhYqlVl1P0za+AiBp19ksi95BfRi1DuvPWbJbcmAK3HhajraWGA9pTs3yMCqlBgi3//////////8BEAAaDDYzODk5MDM5MDQ2MyIMRtXi/yXEME8JSxRRKvkFyzBSQsUknjLddkov0/Pi+FPPR6y0Kn6sqJFWa8AXmw9Tfv5Y+sHLKJGQpJJnyEPD2Xu4l5guUi5xSgVMFll5Xpt5I4jB4H9cMTauI4KLGCs3E9bMXE4Gseb0hSXWgytZGtBz2GFtu57uDfAZZ41QJ494n5O3CjrIFu7THrrB+F2/fu+7Ibgo9zNzlhzu17MAxxfbJSo16nCG9v10uzl0rs+XN0ExZwsb+2SI+sAJ9L8cu80L5IObqL2Zb0sid6Q5qoCRNYyaD7dJl8Yjvxf9BR2DX2oOY+a6rnYlkKSaTnBrxNWd33A6BD7aNQWUOuIwHfXPH8cpDbC7cJUAIq/e9r/9jGT/jiSi0ewgObpZYdSDzMh1+s/UZxULWUkPprpCZw/GYTwUdudNBms9BPTAzf57cjHW+VIfnTmefGiAmI6RsYE+Jrx0SRo41iGugPlzmskoXk3rxYxt43s12rVc7llVOZ4F+VTKvhCxXgtrIHZ4ax2dnaDTChLcbORd7/+4il9rZBmll2X/j5LkdOQeeI+baXqwyT6GQEYsY9tgRFE7QZw0HTJJFh13bq9jDg9l9B7Nu3QXK4h40CuX+GWHlx6glYmC88T8SpkxwsQnb8BxSlJywm2IvsEcaNsHWJndQY7a6nWEf+jc30/CCxisOgl9keHkp4fa4cnE/tLUaXYHrrlHoY7TibUd1Fix03AuMXL9N9uFLpoRThO4dNJI7PC4uArhQPrtyMoeeGobV6f3Vkv1GGMl4u4aRAZDlHFnA91cpSHEXCBjOPN0ULg6nbpNjkZ28nlQzDQlKdDHXk1aIKbJV1ODOAUDLuAfmkfdCmvdvXr+vmEJMYvlS2ho/0CpbpItnUASJIv1aRwy8Znk5aDUHnBfOLb+bsBm0yFwJeL3UhzkQEcUChZWxdk8niCk2wXxaGm8X/L4/XJrB5ZTNZUuXwCj/rScqqaaK46eOMvD0A5SlitMRbnZnPUq4wn4hykalF3O+VXGO2rH140YAjTiFHQD/S8wt5aGoAY6hwJB/HDCue5eM32byqG+QncukyHKrY7kXPItrYyN81Jd+8m7m4ywTBZBDMK6fCXRhfI7pO194G9vHmIuYEERGcD+FXr33uRJRv/8Pajm3KLcp9F3sTn3tDGmrx2r/OH4SrC1vUzIPa3nrnM+DyMYuDA5ySuU5IyCV9LrpojaclKTcNGUU20AcCmKmPbkbF7BK4XIbN4NUOaFVbDo7L56BqfrKTrbsRDIo1sEXb+zSVXDprqt/TUe3MjgfupXRuUOZCeegCXD5tn6Lv7x/KeIVU69UZfFXUW1TnRu3EMHwO2bjgsSjmGJqJ4IlSnkeTbQmIZce420WN1Qmvoiz8gsG8CsudUYu9emmw==
Referer: https://be.nxt.to/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-User-Agent: aws-sdk-js/2.605.0 callback
X-Amz-Date: 20230303T055256Z

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 03 Mar 2023 05:52:56 GMT
x-amzn-RequestId: d1bd01dc-bd65-fab8-8dc6-8ca40f2c89d6
Content-Length: 110
x-amz-id-2: /t054+0CAf+fVDS+OoaZXpW+5DEcukQJVMtX0EglwxV2R2nqNjBrC2IfPuDqpYgSkaPDBh1r6XtocRkTLr32x7FuIlBf5WpG
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.ap-southeast-2.amazonaws.com/ 0
0 300ms
97ms Preflight 54.240.206.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.ap-southeast-2.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.240.206.240 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://be.nxt.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 03 Mar 2023 05:52:56 GMT
x-amzn-RequestId: cceafcf8-e77d-8d3b-9091-71805534fe55

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

be.nxt.to
cognito-identity.ap-southeast-2.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
kinesis.ap-southeast-2.amazonaws.com
nxt.to
13.238.2.149
142.250.4.95
142.251.12.94
18.65.125.16
52.65.4.13
54.240.206.240
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
823310482dae61f338a1681ac2b2ece57202148fb02259f608aeed4331706d20
858f1fb23502930c455b5fb95cc32f8f01b50360308a5e4dd638a6371561a1ba
afce79cbbf1a8cb76a16df0402a5b86ca64c2560a2797003606ee2725833e689
bd33f6aaeb638742255361a7f984b238c0523ca1b3c05345dec9359d5acd4622
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
d3e4601ca6150253c415b04a4b3e80f9e27b103620d4787cf23f6de594b93b1b
d4daa1fd2cfbc8698d2b74ae78ddd6f4c625004a3fa2755939057e9df41bc9e8
e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b
f51be2a3f00aad76b04b2c676a66df83b2661fbbe890d3ba952a755873615c7c

be.nxt.to Open in urlscan Pro 18.65.125.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

6 IPs

2 Countries

389 kBTransfer

389 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

be.nxt.to Open in urlscan Pro
18.65.125.16 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

389 kB
Transfer

389 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions