urlscan.io logo urlscan.io
SecurityTrails logo

m.newsletters.nyxcosmetics.com Open in urlscan Pro
52.208.103.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.newsletters.nyxcosmetics.com/r/?id=he34bf050%2Cabc1f27e%2C984dcf7&e=cDE9JTQwcm9OTHl1MjY3cm1MOE9wVkRyQVJrTTNPOUZQb1Jad3dYVUNaM...
Effective URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Submission Tags: falconsandbox
Submission: On November 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 52.208.103.33, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is m.newsletters.nyxcosmetics.com.
This is the only time m.newsletters.nyxcosmetics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 52.208.103.33 16509 (AMAZON-02)
14 52.222.214.93 16509 (AMAZON-02)
2 20.47.8.184 8069 (MICROSOFT...)
18 3
Domain Requested by
14 t.newsletters.kiehls.com m.newsletters.nyxcosmetics.com
2 emeafrcrmfonts.blob.core.windows.net m.newsletters.nyxcosmetics.com
2 t.newsletters.nyxcosmetics.com 1 redirects m.newsletters.nyxcosmetics.com
1 m.newsletters.nyxcosmetics.com
18 4

This site contains links to these domains. Also see Links.

Domain
t.newsletters.nyxcosmetics.com
Subject Issuer Validity Valid
t.newsletters.kiehls.com
Corporation Service Company RSA OV SSL CA		 2023-11-03 -
2024-11-02		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 06		 2023-10-25 -
2024-06-27		 8 months crt.sh

This page contains 1 frames:

Primary Page: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Frame ID: 108E6027FCAA42A2945B5DA44F8C9099
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.newsletters.nyxcosmetics.com/r/?id=he34bf050%2Cabc1f27e%2C984dcf7&e=cDE9JTQwcm9OTHl1MjY3cm1MOE9wVkRyQVJrT... HTTP 302
    http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D Page URL

Page Statistics

18
Requests

89 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

576 kB
Transfer

606 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.newsletters.nyxcosmetics.com/r/?id=he34bf050%2Cabc1f27e%2C984dcf7&e=cDE9JTQwcm9OTHl1MjY3cm1MOE9wVkRyQVJrTTNPOUZQb1Jad3dYVUNaMm5BZ0xPSSUzRA&s=gQHhEeqokCFMWTcCD-imV5pk7KqGqGrWbv-r3KaNtVE HTTP 302
    http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request m.jsp
m.newsletters.nyxcosmetics.com/nl/jsp/
Redirect Chain
  • http://t.newsletters.nyxcosmetics.com/r/?id=he34bf050%2Cabc1f27e%2C984dcf7&e=cDE9JTQwcm9OTHl1MjY3cm1MOE9wVkRyQVJrTTNPOUZQb1Jad3dYVUNaMm5BZ0xPSSUzRA&s=gQHhEeqokCFMWTcCD-imV5pk7KqGqGrWbv-r3KaNtVE
  • http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
44 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
HTTP/1.1
Server
52.208.103.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-33.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
19b562dab3376df3cfb51d1116d8a44761db9a9e165611eae18926f2710664d6
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
7054
Content-Security-Policy
script-src 'none'
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Nov 2023 08:38:29 GMT
Server
Apache
Vary
Accept-Encoding
X-Robots-Tag
noindex
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
17
Content-Type
text/plain; charset=utf-8
Date
Fri, 10 Nov 2023 08:38:29 GMT
Location
http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
P3P
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Server
Apache
X-Robots-Tag
noindex
32BA4F15CC0BCD22742F2DCCC2106E85.jpg
t.newsletters.kiehls.com/res/img/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/32BA4F15CC0BCD22742F2DCCC2106E85.jpg
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
e799f07e8863aac562871a0fc5747f0a352257d7cca1fa5ae2b6da7832ea256a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:38:18 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Wed, 02 Oct 2019 17:01:42 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
12
etag
"b8e2-593f06c4d6980"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
47330
x-amz-cf-id
vHyvv1w85Kj3rgeovo12UgzDkh5X4bMx95McXcb7H-iALpNW29cwLg==
C2F77F6C71FDB2BDC21C44EECEE4ABCC.gif
t.newsletters.kiehls.com/res/img/ 		356 KB
357 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/C2F77F6C71FDB2BDC21C44EECEE4ABCC.gif
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
a2860d9ba37107e9674b319d2b2738d4a1a2bc3dd465f40917e2186c90bf8f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:40 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 15:30:01 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
117
etag
"590e6-609a5c2b29040"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
364774
x-amz-cf-id
6eV84zjX-iQsC-ouq5XZp4Uw0r5y-4ZmihE5eQz8o0PpI0_GCkdLjQ==
FFD23FC91618E04EA81A1EA680398395.png
t.newsletters.kiehls.com/res/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/FFD23FC91618E04EA81A1EA680398395.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
c4ee163bbd3996a23d60eca614f56a2c40e041dc89e9e0ffb9a6c99e654c0100

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:47 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Sat, 25 Sep 2021 07:10:15 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
104
etag
"2b6b-5cccc8e3843c0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
11115
x-amz-cf-id
5eKWJxEN4F1dM2u73NjgcyXCXXeOmOpo5gtMjsPhKzzWYqkpj142bA==
8825C1231211CC49B7A8295A679E19CB.png
t.newsletters.kiehls.com/res/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/8825C1231211CC49B7A8295A679E19CB.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
033dd8ff3fb289288bc05692d6a9a8f9c6a2a859280c7add7ab622b91e0a4fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:47 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Sat, 25 Sep 2021 07:10:15 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
103
etag
"2872-5cccc8e3843c0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10354
x-amz-cf-id
c0KkorvhbdNr9Eqp75JkLYL2tx-u-iRQOGkLLi4ztnqipFA21HuzwQ==
38A6BCFBC2CFF12BDAB197A7988BBAE8.png
t.newsletters.kiehls.com/res/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/38A6BCFBC2CFF12BDAB197A7988BBAE8.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
1ac060b93a217cca0e1bab2942671c0bed4845326e3db549dddd4ad8e1a61d2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:46 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Sat, 25 Sep 2021 07:10:15 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
104
etag
"1746-5cccc8e3843c0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
5958
x-amz-cf-id
wk6m9yWl7MNXzjcheazYK_N8zeyj4yXmCo3HN1T7B3dny2n2L7DcTw==
C96999DA61FD64BD5324E7EB5CC019C5.png
t.newsletters.kiehls.com/res/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/C96999DA61FD64BD5324E7EB5CC019C5.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
922e3e20e0b61a6019f40e381c65bf4412efe2dbfe1c8d2f86d3ccd1b2ab5e44

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:47 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Mon, 11 Jan 2021 17:44:19 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
104
etag
"2cca-5b8a3749a42c0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
11466
x-amz-cf-id
ZeDdQRogmH8EtRnHPxwI4g8WfpyGNEFjvBHD2VXx8Okp6aK6eo4YEQ==
F8097BFEBC5CA675FED0376B17D69B5E.png
t.newsletters.kiehls.com/res/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/F8097BFEBC5CA675FED0376B17D69B5E.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b99010ea5bc6525d9bfabbc35820cffeb0d7a5c39c34602f6111ed06bc6d62b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:58 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Sat, 25 Sep 2021 07:10:15 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
92
etag
"6c6-5cccc8e3843c0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1734
x-amz-cf-id
9Df0nAfUYduLkgBD-OzCjhzOAj6rfBRttP7E6Ss8XO6prjRwAUATIA==
8E83CD8E06A170F3F4ABE2E5C8ADE1C0.png
t.newsletters.kiehls.com/res/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/8E83CD8E06A170F3F4ABE2E5C8ADE1C0.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
195c2b018f6a94e5a40bdec1d39f9a364a2d6bf034f031f4a911375b12f1b9a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:58 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Sat, 25 Sep 2021 07:10:15 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
92
etag
"809-5cccc8e3843c0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2057
x-amz-cf-id
FGQU5HCHaBTler2DxUmCpCB1LEJs1wxA943Q0g7h3D2pqg_RgVJT5g==
B42A7D5882C9D52C8BF3CB374BD96F19.png
t.newsletters.kiehls.com/res/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/B42A7D5882C9D52C8BF3CB374BD96F19.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b2476b2cec40c9926a738e57db8d25a84ec358e966920021050b9aacf0090d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:37:01 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jan 2022 16:47:52 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
89
etag
"4cf-5d53d18f53e00"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1231
x-amz-cf-id
IlbrSC5G2CVWCpx-VAcVwXVwXYghDxcwqRj5EWJW4-oJzotTT-5auA==
9625920BEDBAA2E4EFBB4279874C7A51.png
t.newsletters.kiehls.com/res/img/ 		559 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/9625920BEDBAA2E4EFBB4279874C7A51.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
ff28e657b4af4a22745375e4a43e995be88f19ecf11bb54d766265307053678d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:37:05 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Mon, 11 Jan 2021 17:44:19 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
89
etag
"22f-5b8a3749a42c0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
559
x-amz-cf-id
ZXd6-bWut-SqkUePmXnYfXvs9rFcBnIx6h1hLtrGwAXtuEyiu8An4w==
1D090BB9853841968BEBF072777D07A5.png
t.newsletters.kiehls.com/res/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/1D090BB9853841968BEBF072777D07A5.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
abd29d3fc6304d3addb32af590a47de1d9df1e1297f6f7152033e8b4d2b5d442

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:47 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jan 2022 16:47:52 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
103
etag
"417-5d53d18f53e00"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1047
x-amz-cf-id
YxS0YgdN2wUn5o7yDqu_k8dbY8f-T1o8HcvtCZkLBjHNa8Yvkji4zw==
AB2C172F6ACB6C76793C5B47A202E3E5.jpg
t.newsletters.kiehls.com/res/img/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/AB2C172F6ACB6C76793C5B47A202E3E5.jpg
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
c696b02dbf59106a4ed800233507b09010e826fdc31ea59f77b37ae7f51c9bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:47 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 14:32:31 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
104
etag
"8dd1-5bc7a7ce57dc0"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
36305
x-amz-cf-id
cg8n5eC-bxQ0QGBVPtxvFP8rKPtQ2zZNFdk9IFVaWjjLKzULeAzyMw==
/
t.newsletters.nyxcosmetics.com/r/ 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t.newsletters.nyxcosmetics.com/r/?id=he34bf050,abc1f27e,1
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
HTTP/1.1
Server
52.208.103.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-33.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
2e09cc2e7dde2d5636fe0bed0d424e497967fbcbfbc380ff278d856b068abf5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 08:38:30 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
44
9F8F3E33A4A1DB696FC6F92F4AB36C1F.png
t.newsletters.kiehls.com/res/img/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/9F8F3E33A4A1DB696FC6F92F4AB36C1F.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
fe671a2597d47bc5403dd8f7bc8ce49d657cc2f145f1fc417b769c77e4ae6522

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:47 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 15:30:01 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
103
etag
"a3c3-609a5c2b29040"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
41923
x-amz-cf-id
upjmCC8Zenulowp76D5Lmf1a7d7Cn9t6ph6kbSrkXxSG4iOf5PIqJg==
B6FFE8D9A791E0BD6921A390FD92B534.png
t.newsletters.kiehls.com/res/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.newsletters.kiehls.com/res/img/B6FFE8D9A791E0BD6921A390FD92B534.png
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-93.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
19554a6c53f8ef1e17e9684f9d6b6c5b166f157b8c418f99d6eacd242fa53353

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m.newsletters.nyxcosmetics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 08:36:40 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 15:30:01 GMT
server
Apache
x-amz-cf-pop
FRA56-P3
age
114
etag
"2433-609a5c2b29040"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9267
x-amz-cf-id
m5WvbHrOM2m3q3MPP14WMoequm60baPaip-9OTNPcHPeltdVv_-q5Q==
FuturaStd-Bold.woff
emeafrcrmfonts.blob.core.windows.net/frfonts/FR/CPD/NYXPM/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emeafrcrmfonts.blob.core.windows.net/frfonts/FR/CPD/NYXPM/FuturaStd-Bold.woff
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.47.8.184 Dublin, Ireland, ASN8069 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d826f5dde248e9cfafb93096a7290c5bc8bcf734245c11fc34f17556e94644f1

Request headers

Referer
http://m.newsletters.nyxcosmetics.com/
Origin
http://m.newsletters.nyxcosmetics.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 10 Nov 2023 08:38:29 GMT
Last-Modified
Thu, 05 Dec 2019 13:41:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D77988D4C1D937"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
8877a447-501e-0083-54b1-137bb6000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
15552
x-ms-lease-state
available
FuturaStd-Medium.woff
emeafrcrmfonts.blob.core.windows.net/frfonts/FR/CPD/NYXPM/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emeafrcrmfonts.blob.core.windows.net/frfonts/FR/CPD/NYXPM/FuturaStd-Medium.woff
Requested by
Host: m.newsletters.nyxcosmetics.com
URL: http://m.newsletters.nyxcosmetics.com/nl/jsp/m.jsp?c=%40roNLyu267rmL8OpVDrARkM3O9FPoRZwwXUCZ2nAgLOI%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.47.8.184 Dublin, Ireland, ASN8069 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
08e59f20c0c4fb0356d5863fa107be0b1f1da384db38a635a49bc2b0e04be35d

Request headers

Referer
http://m.newsletters.nyxcosmetics.com/
Origin
http://m.newsletters.nyxcosmetics.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 10 Nov 2023 08:38:30 GMT
Last-Modified
Thu, 05 Dec 2019 13:41:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D77988D4CA664E"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
x-ms-request-id
5c1fe0a9-801e-0016-07b1-139303000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Content-Length
15288
x-ms-lease-state
available

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.nyxcosmetics.com/ Name: AMCV_97BF22C757522D697F000101%40AdobeOrg
Value: MCMID%7C04410350003269140473296634927235203071
.nyxcosmetics.com/ Name: nlid
Value: e34bf050|abc1f27e
.nyxcosmetics.com/ Name: nllastdelid
Value: abc1f27e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'none'
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

emeafrcrmfonts.blob.core.windows.net
m.newsletters.nyxcosmetics.com
t.newsletters.kiehls.com
t.newsletters.nyxcosmetics.com
20.47.8.184
52.208.103.33
52.222.214.93
033dd8ff3fb289288bc05692d6a9a8f9c6a2a859280c7add7ab622b91e0a4fb3
08e59f20c0c4fb0356d5863fa107be0b1f1da384db38a635a49bc2b0e04be35d
19554a6c53f8ef1e17e9684f9d6b6c5b166f157b8c418f99d6eacd242fa53353
195c2b018f6a94e5a40bdec1d39f9a364a2d6bf034f031f4a911375b12f1b9a5
19b562dab3376df3cfb51d1116d8a44761db9a9e165611eae18926f2710664d6
1ac060b93a217cca0e1bab2942671c0bed4845326e3db549dddd4ad8e1a61d2b
2e09cc2e7dde2d5636fe0bed0d424e497967fbcbfbc380ff278d856b068abf5f
922e3e20e0b61a6019f40e381c65bf4412efe2dbfe1c8d2f86d3ccd1b2ab5e44
a2860d9ba37107e9674b319d2b2738d4a1a2bc3dd465f40917e2186c90bf8f3f
abd29d3fc6304d3addb32af590a47de1d9df1e1297f6f7152033e8b4d2b5d442
b2476b2cec40c9926a738e57db8d25a84ec358e966920021050b9aacf0090d48
b99010ea5bc6525d9bfabbc35820cffeb0d7a5c39c34602f6111ed06bc6d62b5
c4ee163bbd3996a23d60eca614f56a2c40e041dc89e9e0ffb9a6c99e654c0100
c696b02dbf59106a4ed800233507b09010e826fdc31ea59f77b37ae7f51c9bb3
d826f5dde248e9cfafb93096a7290c5bc8bcf734245c11fc34f17556e94644f1
e799f07e8863aac562871a0fc5747f0a352257d7cca1fa5ae2b6da7832ea256a
fe671a2597d47bc5403dd8f7bc8ce49d657cc2f145f1fc417b769c77e4ae6522
ff28e657b4af4a22745375e4a43e995be88f19ecf11bb54d766265307053678d