be.nxt.to
Open in
urlscan Pro
18.65.125.16
Public Scan
Effective URL: https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
Submission: On March 03 via manual from DE — Scanned from AU
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 16th 2023. Valid for: a year.
This is the only time be.nxt.to was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 52.65.4.13 52.65.4.13 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 18.65.125.16 18.65.125.16 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 142.250.4.95 142.250.4.95 | 15169 (GOOGLE) (GOOGLE) | |
4 | 13.238.2.149 13.238.2.149 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 142.251.12.94 142.251.12.94 | 15169 (GOOGLE) (GOOGLE) | |
2 | 54.240.206.240 54.240.206.240 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-65-4-13.ap-southeast-2.compute.amazonaws.com
nxt.to |
ASN16509 (AMAZON-02, US)
PTR: server-18-65-125-16.kix50.r.cloudfront.net
be.nxt.to |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-238-2-149.ap-southeast-2.compute.amazonaws.com
cognito-identity.ap-southeast-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
amazonaws.com
cognito-identity.ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 591459 kinesis.ap-southeast-2.amazonaws.com — Cisco Umbrella Rank: 656358 |
3 KB |
6 |
nxt.to
1 redirects
nxt.to be.nxt.to |
359 KB |
2 |
gstatic.com
fonts.gstatic.com |
26 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36 |
1 KB |
14 | 4 |
Domain | Requested by | |
---|---|---|
4 | cognito-identity.ap-southeast-2.amazonaws.com |
be.nxt.to
|
4 | be.nxt.to |
nxt.to
be.nxt.to |
2 | kinesis.ap-southeast-2.amazonaws.com |
be.nxt.to
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | nxt.to | 1 redirects |
1 | fonts.googleapis.com |
client
|
14 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.hellofresh.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nxt.to Amazon RSA 2048 M01 |
2022-12-13 - 2024-01-12 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
cognito-identity.ap-southeast-2.amazonaws.com Amazon RSA 2048 M02 |
2023-02-13 - 2023-07-06 |
5 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
kinesis.ap-southeast-2.amazonaws.com Amazon |
2022-11-03 - 2023-11-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html
Frame ID: DEEB85AE8D071565BA0AF3A15C6D3F04
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Fehlende ZutatPage URL History Show full URLs
- https://nxt.to/nlwYJqm Page URL
-
https://nxt.to/nlwYJqm?unfurlId=a80183e0-a145-4cf0-b734-30dba28c23d2
HTTP 303
https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/in... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Meine Lieferung
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://nxt.to/nlwYJqm Page URL
-
https://nxt.to/nlwYJqm?unfurlId=a80183e0-a145-4cf0-b734-30dba28c23d2
HTTP 303
https://be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
nlwYJqm
nxt.to/ |
675 B 761 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.html
be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/df8cb283-debb-4019-93bc-3b06c67bbe9b/ Redirect Chain
|
28 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aws-sdk-2.605.0.min.js
be.nxt.to/global-assets/js/ |
250 KB 251 KB |
Script
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event-publisher.js
be.nxt.to/global-assets/js/ |
1 KB 2 KB |
Script
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
cognito-identity.ap-southeast-2.amazonaws.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
cognito-identity.ap-southeast-2.amazonaws.com/ |
68 B 322 B |
XHR
application/x-amz-json-1.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
baa9c178-a9c7-4532-9236-42b29e5b307e
be.nxt.to/e92ded48-bd53-4349-a590-f9ca20205abe/ |
77 KB 77 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
cognito-identity.ap-southeast-2.amazonaws.com/ |
2 KB 2 KB |
XHR
application/x-amz-json-1.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
cognito-identity.ap-southeast-2.amazonaws.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
kinesis.ap-southeast-2.amazonaws.com/ |
110 B 546 B |
XHR
application/x-amz-json-1.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
/
kinesis.ap-southeast-2.amazonaws.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| JsBarcode function| _xamzrequire object| AWS function| sendEvent function| submitForm0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
be.nxt.to
cognito-identity.ap-southeast-2.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
kinesis.ap-southeast-2.amazonaws.com
nxt.to
13.238.2.149
142.250.4.95
142.251.12.94
18.65.125.16
52.65.4.13
54.240.206.240
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
823310482dae61f338a1681ac2b2ece57202148fb02259f608aeed4331706d20
858f1fb23502930c455b5fb95cc32f8f01b50360308a5e4dd638a6371561a1ba
afce79cbbf1a8cb76a16df0402a5b86ca64c2560a2797003606ee2725833e689
bd33f6aaeb638742255361a7f984b238c0523ca1b3c05345dec9359d5acd4622
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
d3e4601ca6150253c415b04a4b3e80f9e27b103620d4787cf23f6de594b93b1b
d4daa1fd2cfbc8698d2b74ae78ddd6f4c625004a3fa2755939057e9df41bc9e8
e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b
f51be2a3f00aad76b04b2c676a66df83b2661fbbe890d3ba952a755873615c7c