urlscan.io logo urlscan.io
SecurityTrails logo

demo.nexito.link Open in urlscan Pro
18.190.71.75  Public Scan

Go To Rescan Add Verdict Report
URL: https://demo.nexito.link/
Submission: On November 28 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 16 HTTP transactions. The main IP is 18.190.71.75, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is demo.nexito.link.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 15th 2024. Valid for: a year.
This is the only time demo.nexito.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 18.190.71.75 16509 (AMAZON-02)
1 172.217.23.106 15169 (GOOGLE)
1 13.33.223.41 16509 (AMAZON-02)
1 13.32.27.7 16509 (AMAZON-02)
1 199.67.84.80 2639 (ZOHO-AS)
2 172.217.18.3 15169 (GOOGLE)
2 13.33.187.74 16509 (AMAZON-02)
1 89.36.170.147 41913 (COMPUTERL...)
1 52.51.180.248 16509 (AMAZON-02)
1 13.32.99.85 16509 (AMAZON-02)
16 10
5    18.190.71.75 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-71-75.us-east-2.compute.amazonaws.com
demo.nexito.link
1    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f10.1e100.net
fonts.googleapis.com
1    13.33.223.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-223-41.fra60.r.cloudfront.net
cdn.auth0.com
1    13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net
static.hotjar.com
1    199.67.84.80 (United States)

ASN2639 (ZOHO-AS, US)
desk.zohocloud.ca
2    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net
fonts.gstatic.com
2    13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net
script.hotjar.com
1    89.36.170.147 (Schlierbach, Switzerland)

ASN41913 (COMPUTERLINE Computerline GmbH, CH)
PTR: zoho-170-147.dub3.computerline.net
static.zohocdn.com
1    52.51.180.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-180-248.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    13.32.99.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-85.fra60.r.cloudfront.net
surveystats.hotjar.io
Apex Domain
Subdomains		 Transfer
5 nexito.link
demo.nexito.link
1 MB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
135 KB
2 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 5577
surveystats.hotjar.io — Cisco Umbrella Rank: 12212
645 B
2 gstatic.com
fonts.gstatic.com
51 KB
1 zohocdn.com
static.zohocdn.com — Cisco Umbrella Rank: 14039
12 KB
1 zohocloud.ca
desk.zohocloud.ca
3 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6544
971 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
16 8
Domain Requested by
5 demo.nexito.link demo.nexito.link
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 fonts.gstatic.com fonts.googleapis.com
1 surveystats.hotjar.io script.hotjar.com
1 content.hotjar.io script.hotjar.com
1 static.zohocdn.com desk.zohocloud.ca
1 desk.zohocloud.ca demo.nexito.link
1 static.hotjar.com demo.nexito.link
1 cdn.auth0.com
1 fonts.googleapis.com demo.nexito.link
16 10

This site contains links to these domains. Also see Links.

Domain
www.nexito.ai
nexito.zohodesk.ca
Subject Issuer Validity Valid
*.us-east-2.awsapprunner.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-12		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
zohocloud.ca
Sectigo RSA Domain Validation Secure Server CA		 2024-06-19 -
2025-06-19		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.zohocdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-16 -
2025-10-16		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://demo.nexito.link/
Frame ID: 91F174A755A9BEEA53F734665008D81B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Néxito

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

16
Requests

69 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1724 kB
Transfer

2188 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
demo.nexito.link/ 		785 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://demo.nexito.link/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.71.75 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-71-75.us-east-2.compute.amazonaws.com
Software
envoy /
Resource Hash
50cca2ea864a2b948f821db83db2dce739398d59b5f12ca8d84b30fa1370aa46

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
785
content-type
text/html
date
Thu, 28 Nov 2024 21:29:02 GMT
etag
"6748dc4e-311"
last-modified
Thu, 28 Nov 2024 21:10:38 GMT
server
envoy
x-envoy-upstream-service-time
2
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Requested by
Host: demo.nexito.link
URL: https://demo.nexito.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
8aa5f7e1e22e17a6ff449fdef0d68ed8fac3bfeb0c78ff8349816d29c7d3b4ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 21:29:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 21:29:03 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 28 Nov 2024 21:29:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
index-DD3f4FcR.js
demo.nexito.link/assets/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://demo.nexito.link/assets/index-DD3f4FcR.js
Requested by
Host: demo.nexito.link
URL: https://demo.nexito.link/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.71.75 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-71-75.us-east-2.compute.amazonaws.com
Software
envoy /
Resource Hash
27a97929b14d05a7989c599bf85fc8eb70cbe0f33146217321496ceb21fe2ff2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://demo.nexito.link
Referer
https://demo.nexito.link/

Response headers

etag
"6748dc4e-16a536"
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
1484086
date
Thu, 28 Nov 2024 21:29:03 GMT
content-type
application/javascript
last-modified
Thu, 28 Nov 2024 21:10:38 GMT
server
envoy
index-C8Set0a_.css
demo.nexito.link/assets/ 		45 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://demo.nexito.link/assets/index-C8Set0a_.css
Requested by
Host: demo.nexito.link
URL: https://demo.nexito.link/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.71.75 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-71-75.us-east-2.compute.amazonaws.com
Software
envoy /
Resource Hash
673ec3a94b4ab134aca30574023dbdecbfb84ee906de04df7b7b502693c36188

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://demo.nexito.link
Referer
https://demo.nexito.link/

Response headers

etag
"6748dc4e-b5d4"
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
46548
date
Thu, 28 Nov 2024 21:29:03 GMT
content-type
text/css
last-modified
Thu, 28 Nov 2024 21:10:38 GMT
server
envoy
loader.svg
cdn.auth0.com/blog/hello-auth0/ 		445 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.auth0.com/blog/hello-auth0/loader.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.223.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-223-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba6ae8882ad73e4b20605a6bc133d48491e5d0c24572808f7c10bb32644c22ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

x-robots-tag
noindex
x-amz-version-id
1uMAzYNDqoXP9CA5oxvRPbPAmk34mwAM
etag
"452398a87f2ff1ac92e9c1d829f9056c"
age
57654
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Id3R3Miby-QCGAlxcFjQw1J8C93Fn0MVd0ifBv2DTwerSKBNhmpe8w==
date
Thu, 28 Nov 2024 05:28:12 GMT
content-type
image/svg+xml
last-modified
Mon, 15 Nov 2021 00:57:58 GMT
vary
accept-encoding
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-replication-status
COMPLETED
cache-control
max-age=2628000
via
1.1 3c07e6ef6fe5c74a2c43590885d64f70.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
445
x-amz-cf-pop
FRA60-P10
server
AmazonS3
hotjar-5130379.js
static.hotjar.com/c/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-5130379.js?sv=6
Requested by
Host: demo.nexito.link
URL: https://demo.nexito.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
/
Resource Hash
0e7c774c88bcaeffcd939f63f7227234dc095b30af62cb2ac307621a5e2c106f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/c330b1f71c909e1965731d95f0575855
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
w_s7PMp7p_oHvAPOlHUiDSh1Gz_PEr0C0hY2gn4RDKH4CCYhNIbT9A==
date
Thu, 28 Nov 2024 21:29:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-C2
3975000000099025
desk.zohocloud.ca/portal/api/web/asapApp/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://desk.zohocloud.ca/portal/api/web/asapApp/3975000000099025?orgId=110000691524
Requested by
Host: demo.nexito.link
URL: https://demo.nexito.link/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.67.84.80 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
b7790f4e18fe81b5099476b8cf9d8fac668e90e0cf635bd10e13302c48f46864
Security Headers
Name Value
Content-Security-Policy default-src 'none';report-uri https://logsapi.zohoone.ca/csplog?service=support;report-to https://logsapi.zohoone.ca/csplog?service=support
Strict-Transport-Security max-age=64072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=64072000; includeSubDomains; preload
Content-Security-Policy
default-src 'none';report-uri https://logsapi.zohoone.ca/csplog?service=support;report-to https://logsapi.zohoone.ca/csplog?service=support
Cache-Control
private,no-cache,no-store,max-age=0,must-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Date
Thu, 28 Nov 2024 21:29:04 GMT
Content-Type
application/javascript;charset=UTF-8
vary
accept-encoding
Server
ZGS
womanLaptopNexito-BFq13csU.webp
demo.nexito.link/assets/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demo.nexito.link/assets/womanLaptopNexito-BFq13csU.webp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.71.75 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-71-75.us-east-2.compute.amazonaws.com
Software
envoy /
Resource Hash
da4ef7a9fcc7c47add9e13444dd193ba815e069391cd761cb3090e38e64258f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

etag
"6748dc4e-58d2"
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
22738
date
Thu, 28 Nov 2024 21:29:04 GMT
content-type
image/webp
last-modified
Thu, 28 Nov 2024 21:10:38 GMT
server
envoy
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://demo.nexito.link
Referer
https://fonts.googleapis.com/

Response headers

age
197251
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 14:41:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 14:41:33 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://demo.nexito.link
Referer
https://fonts.googleapis.com/

Response headers

age
8481
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 19:07:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 19:07:43 GMT
last-modified
Thu, 24 Aug 2023 21:28:06 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13820
x-xss-protection
0
server
sffe
Favicon-DpJPF9i7.svg
demo.nexito.link/assets/ 		434 B
679 B 		Other
General
Check archive.org
Download Go to
Full URL
https://demo.nexito.link/assets/Favicon-DpJPF9i7.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.71.75 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-71-75.us-east-2.compute.amazonaws.com
Software
envoy /
Resource Hash
f02dc2642e1cf000587b524dca256dda1bbf589ffa42cd5c9572ab10ea1d6682

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

etag
"6748dc4e-1b2"
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
434
date
Thu, 28 Nov 2024 21:29:04 GMT
content-type
image/svg+xml
last-modified
Thu, 28 Nov 2024 21:10:38 GMT
server
envoy
modules.86621fa4aeada5bcf025.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5130379.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-74.fra60.r.cloudfront.net
Software
/
Resource Hash
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ff8702986a1c41356391628a5f5d6f03"
age
717419
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
gb-NPzKGfWTDCP56lRNp8T8Fu3k8lSgK_oZRKQHvuIDofUrzEc167w==
date
Wed, 20 Nov 2024 14:12:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 14:11:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56243
x-amz-cf-pop
FRA60-P9
zohohcasapweb-efc-sdk-v3.0.1c5856551981f09e7bfe.js
static.zohocdn.com/helpcenter/asapweb/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zohocdn.com/helpcenter/asapweb/zohohcasapweb-efc-sdk-v3.0.1c5856551981f09e7bfe.js
Requested by
Host: desk.zohocloud.ca
URL: https://desk.zohocloud.ca/portal/api/web/asapApp/3975000000099025?orgId=110000691524
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline GmbH, CH),
Reverse DNS
zoho-170-147.dub3.computerline.net
Software
ZGS /
Resource Hash
93f8c694cad2b1102dfd6e52760ed5efcec6d3ae2e9994b13898018c3733cd38
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
"d5d531ae54cf4f735184e019966d8c17"
nb-request-id
776ba6cb5abf478a0457fed683a407bf
z-origin-id
ex1-dc5339ecab56425fbbab362719df81f9
x-content-type-options
nosniff
x-cache
HIT
date
Thu, 28 Nov 2024 21:29:05 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Mon, 11 Nov 2024 10:09:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15768000, max-age=63072000
cache-control
public, max-age=2592000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
12023
content-language
en-US
server
ZGS
survey-v2.cd1d5c4c92321abeabfc.js
script.hotjar.com/ 		331 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/survey-v2.cd1d5c4c92321abeabfc.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-74.fra60.r.cloudfront.net
Software
/
Resource Hash
2dea54c01e0b8330a3fc6534b965edc69b6ab332972dea4a7dffb90dc0ebf3cd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

x-robots-tag
none
content-encoding
br
etag
"26010c9e953e4a03709aa24b6b7ded2e"
age
650758
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
rYf7Ir4FPRuPzZQLqvHxxSnmYtW21pNIkADALPzD9oFs3LOvl5uLuA==
date
Thu, 21 Nov 2024 08:43:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 08:42:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
74544
x-amz-cf-pop
FRA60-P9
/
content.hotjar.io/ 		56 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=5130379&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.51.180.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-180-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f8ceca2c144a832986ad209937d6ac275d9c576d32c361dab2d4ee29bb04a6cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8
Referer
https://demo.nexito.link/

Response headers

access-control-max-age
86400
access-control-allow-origin
*
content-length
56
date
Thu, 28 Nov 2024 21:29:05 GMT
content-type
application/json
hit
surveystats.hotjar.io/ 		0
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surveystats.hotjar.io/hit?id=1077680&device=desktop
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-85.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://demo.nexito.link/

Response headers

access-control-max-age
0
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id
null
access-control-allow-methods
GET, HEAD
x-cache
Miss from cloudfront
x-amz-cf-id
rYKnlaEvPgyi6gvaEFWacDg3ESjjodIuM6PGKryA9b3WMQkM_lzRnQ==
date
Thu, 28 Nov 2024 21:29:07 GMT
content-type
binary/octet-stream
last-modified
Wed, 27 Jan 2021 15:23:17 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public,max-age=0
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-amz-cf-pop
FRA60-P3
server
AmazonS3

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| __reactRouterVersion boolean| __EMOTION_REACT_11__ function| hj object| _hjSettings object| d object| s object| t function| ZohoDeskAsapReady boolean| MotionHandoffIsComplete object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled function| ZohoDeskAsap object| ZohoHCAsapSettings string| _asapStaticPath

3 Cookies

Domain/Path Name / Value
desk.zohocloud.ca/ Name: crmcsr
Value: 49685149-b3a6-4b7b-8951-c94b34136ff0
.nexito.link/ Name: _hjSessionUser_5130379
Value: eyJpZCI6ImFmMGE5MzgzLWVkNzgtNWIwNC05ODcwLTk4ZjQ4NjRmZTUxYyIsImNyZWF0ZWQiOjE3MzI4MjkzNDUzMjMsImV4aXN0aW5nIjp0cnVlfQ==
.nexito.link/ Name: _hjSession_5130379
Value: eyJpZCI6IjkwZWRiOGQ0LWEzNDYtNDNiMi05ZTU5LWEyNzNhYmU3MjVmOSIsImMiOjE3MzI4MjkzNDUzMjMsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.auth0.com
content.hotjar.io
demo.nexito.link
desk.zohocloud.ca
fonts.googleapis.com
fonts.gstatic.com
script.hotjar.com
static.hotjar.com
static.zohocdn.com
surveystats.hotjar.io
13.32.27.7
13.32.99.85
13.33.187.74
13.33.223.41
172.217.18.3
172.217.23.106
18.190.71.75
199.67.84.80
52.51.180.248
89.36.170.147
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
0e7c774c88bcaeffcd939f63f7227234dc095b30af62cb2ac307621a5e2c106f
27a97929b14d05a7989c599bf85fc8eb70cbe0f33146217321496ceb21fe2ff2
2dea54c01e0b8330a3fc6534b965edc69b6ab332972dea4a7dffb90dc0ebf3cd
50cca2ea864a2b948f821db83db2dce739398d59b5f12ca8d84b30fa1370aa46
673ec3a94b4ab134aca30574023dbdecbfb84ee906de04df7b7b502693c36188
8aa5f7e1e22e17a6ff449fdef0d68ed8fac3bfeb0c78ff8349816d29c7d3b4ff
93f8c694cad2b1102dfd6e52760ed5efcec6d3ae2e9994b13898018c3733cd38
b7790f4e18fe81b5099476b8cf9d8fac668e90e0cf635bd10e13302c48f46864
ba6ae8882ad73e4b20605a6bc133d48491e5d0c24572808f7c10bb32644c22ed
da4ef7a9fcc7c47add9e13444dd193ba815e069391cd761cb3090e38e64258f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f02dc2642e1cf000587b524dca256dda1bbf589ffa42cd5c9572ab10ea1d6682
f8ceca2c144a832986ad209937d6ac275d9c576d32c361dab2d4ee29bb04a6cd
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad