login.consumer.shell.com Open in urlscan Pro
2a02:26f0:480:22::1726:62f8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.uk.shell.com/r/?id=ha21d7863,1beac52e,94791611&e=ZWlkPURNMjUyOTUyMyZiaWQ9LTE1NzUxMjY5NDE&s=fndHlUk4imLKNhr726...
Effective URL:
https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS...
Submission: On September 27 via api (September 27th 2024, 8:03:12 pm UTC) from BE — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 2a02:26f0:480:22::1726:62f8, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is login.consumer.shell.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 12th 2024. Valid for: a year.

This is the only time login.consumer.shell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.32.0.185 63.32.0.185	16509 (AMAZON-02) (AMAZON-02)
1 1	52.208.145.174 52.208.145.174	16509 (AMAZON-02) (AMAZON-02)
14	2a02:26f0:480... 2a02:26f0:480:22::1726:62f8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	2

1 63.32.0.185 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-0-185.eu-west-1.compute.amazonaws.com

t.uk.shell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.145.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-145-174.eu-west-1.compute.amazonaws.com

www.goplus.shell.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:480:22::1726:62f8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

login.consumer.shell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	shell.com 1 redirects t.uk.shell.com login.consumer.shell.com	1 MB
1	shell.be 1 redirects www.goplus.shell.be	3 KB
14	2

	Domain	Requested by
14	login.consumer.shell.com	login.consumer.shell.com
1	www.goplus.shell.be	1 redirects
1	t.uk.shell.com	1 redirects
14	3

This site contains no links.

Subject Issuer	Validity	Valid
login.consumer.shell.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-07-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss
Frame ID: C562682E81679E736C52829EC7419B02
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shell SSO

Page URL History Show full URLs

https://t.uk.shell.com/r/?id=ha21d7863,1beac52e,94791611&e=ZWlkPURNMjUyOTUyMyZiaWQ9LTE1NzUxMjY5NDE&... HTTP 302
https://www.goplus.shell.be/sso/login/start?eid=DM2529523&bid=-1575126941 HTTP 302
https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flo... Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

1137 kB
Transfer

2725 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.uk.shell.com/r/?id=ha21d7863,1beac52e,94791611&e=ZWlkPURNMjUyOTUyMyZiaWQ9LTE1NzUxMjY5NDE&s=fndHlUk4imLKNhr726-wM-RVgdvujlH9Ub20rJWftFQ HTTP 302
https://www.goplus.shell.be/sso/login/start?eid=DM2529523&bid=-1575126941 HTTP 302
https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response login.consumer.shell.com/ Redirect Chain https://t.uk.shell.com/r/?id=ha21d7863,1beac52e,94791611&e=ZWlkPURNMjUyOTUyMyZiaWQ9LTE1NzUxMjY5NDE&s=fndHlUk4imLKNhr726-wM-RVgdvujlH9Ub20rJWftFQ https://www.goplus.shell.be/sso/login/start?eid=DM2529523&bid=-1575126941 https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss	26 KB 12 KB	676ms 321ms	Document text/html	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `1c267826d7426010cee8eaffb4d6cae5ef30ef5de1000ac3bd177cc5dafd1b3b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes akamai-grn 0.38d53e17.1727467387.6470a8d cache-control max-age=0, no-cache, no-store content-encoding gzip content-length 9836 content-type text/html date Fri, 27 Sep 2024 20:03:07 GMT etag "0x8DCDC9F599B60A9" expires Fri, 27 Sep 2024 20:03:07 GMT last-modified Tue, 24 Sep 2024 13:46:54 GMT pragma no-cache vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding x-akamai-transformed 9 26475 0 pmb=mTOE,3 x-azure-ref 20240927T200307Z-r17f979f74467dlv73t2w9rfxg00000008300000000058vh x-cache-info L1_T2 x-fd-int-roxy-purgeid 76496996 x-ms-request-id 57310766-501e-0061-0f89-0e659c000000 x-ms-version 2018-03-28 Redirect headers Connection keep-alive Content-Length 0 Content-Security-Policy default-src 'self' data: 'unsafe-inline' 'unsafe-eval' mailto: .azureedge.net .coco-cdnimages.shell.com .evidon.com .betrad.com fonts.gstatic.com hello.myfonts.net fonts.googleapis.com .geoapp.me geome.loyaltyondemand.eu .google.com .gstatic.com .metrics-shell.com .googleadservices.com .googlesyndication.com .google-analytics.com .facebook.net .facebook.com .google.hu .google.co.in .adobedtm.com .adobe.com .demdex.net .googletagmanager.com .doubleclick.net cm.everesttech.net .2o7.net .omtrdc.net scmetrics.shell.com https://authorize.omniture.com nscmetrics.shell.com activitymap.adobe.com .ytimg.com .youtube.com .youtube-nocookie.com wss://.zopim.com wss://.zopim.io gateway.zscloud.net .zopim.io .zendesk.com .zdassets.com offersbank.shell.com offersbankstg.azurewebsites.net stg.offersbank.shell.com graph.facebook.com .fbcdn.net .fbsbx.com ajax.googleapis.com maps.googleapis.com tile.openstreetmap.org az-as-cdne-prod.azureedge.net Date Fri, 27 Sep 2024 20:03:07 GMT Feature-Policy layout-animations 'none'; unoptimized-images 'none'; oversized-images 'none'; sync-script 'none'; sync-xhr 'none'; unsized-media 'none'; Location https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Origin-Agent-Cluster ?0 Referrer-Policy same-origin Server Apache Strict-Transport-Security max-age=600 max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-LOD-LOG-TAIL nl-BE,N,N,W X-Request-ID 520ac2ea83b444ada5913284579f1105 X-XSS-Protection 1; mode=block
GET H2	200	fonts.css login.consumer.shell.com/static/fonts/	3 KB 802 B	101ms 100ms	Stylesheet text/css	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/static/fonts/fonts.css Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `c34b85ac345c6119552fa1aa6bd700a7a9dfaf03aae90ad431f8a987f40db3d1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers x-cache-info L1_T2 cache-control max-age=35542 x-ms-version 2018-03-28 content-encoding br etag W/"0x8DCDC9F59A3470A" x-fd-int-roxy-purgeid 76496996 x-ms-request-id 368c5137-e01e-0016-47eb-0fb008000000 expires Sat, 28 Sep 2024 05:55:29 GMT content-length 447 date Fri, 27 Sep 2024 20:03:07 GMT akamai-grn 0.38d53e17.1727467387.6470e9c x-azure-ref 20240926T081758Z-r1944857c99q86qvmymubft8sw0000000mb000000000ktv5 content-type text/css vary Accept-Encoding last-modified Tue, 24 Sep 2024 13:46:54 GMT
GET H2	200	Shell-Book.woff2 login.consumer.shell.com/static/fonts/	53 KB 54 KB	103ms 103ms	Font font/woff2	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/static/fonts/Shell-Book.woff2 Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `6ddc15fa6882d039fbd36e1428562ea611ba1acabdf87993dd929ca14f120aee` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://login.consumer.shell.com Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers x-cache-info L2_T2 cache-control max-age=32693 x-ms-version 2018-03-28 etag "0x8DCDC9F59B864F8" x-fd-int-roxy-purgeid 76496996 x-ms-request-id 68e4d2e4-501e-0013-2094-0e62d3000000 expires Sat, 28 Sep 2024 05:08:00 GMT accept-ranges bytes content-length 54504 date Fri, 27 Sep 2024 20:03:07 GMT akamai-grn 0.38d53e17.1727467387.6470e9e content-type font/woff2 last-modified Tue, 24 Sep 2024 13:46:54 GMT x-azure-ref 20240925T095455Z-r1944857c99zqb4nwn0unhd34s0000000gh0000000005bp6
GET H2	200	Roboto-Bold.woff2 login.consumer.shell.com/static/fonts/	64 KB 65 KB	118ms 117ms	Font font/woff2	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/static/fonts/Roboto-Bold.woff2 Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://login.consumer.shell.com Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers x-cache-info L1_T2 cache-control max-age=33329 x-ms-version 2018-03-28 etag "0x8DCDC9F59B5F6BC" x-fd-int-roxy-purgeid 76496996 x-ms-request-id 89a31a94-701e-0014-1792-0e0eb0000000 expires Sat, 28 Sep 2024 05:18:36 GMT accept-ranges bytes content-length 65972 date Fri, 27 Sep 2024 20:03:07 GMT akamai-grn 0.38d53e17.1727467387.6470e9f content-type font/woff2 last-modified Tue, 24 Sep 2024 13:46:54 GMT x-azure-ref 20240925T100304Z-r1944857c99wdz9xe5086e57kw0000000bng000000010ptw
GET H2	200	Roboto-Regular.woff2 login.consumer.shell.com/static/fonts/	64 KB 65 KB	128ms 127ms	Font font/woff2	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/static/fonts/Roboto-Regular.woff2 Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://login.consumer.shell.com Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers x-cache-info L1_T2 cache-control max-age=32899 x-ms-version 2018-03-28 etag "0x8DCDC9F59B7A289" x-fd-int-roxy-purgeid 76496996 x-ms-request-id 0017a418-501e-003c-3a0e-0f6f18000000 expires Sat, 28 Sep 2024 05:11:26 GMT accept-ranges bytes content-length 65916 date Fri, 27 Sep 2024 20:03:07 GMT akamai-grn 0.38d53e17.1727467387.6470ea0 content-type font/woff2 last-modified Tue, 24 Sep 2024 13:46:54 GMT x-azure-ref 20240925T095810Z-r1944857c99q86qvmymubft8sw0000000h9000000000b3um
GET H2	200	main.6e01bf18.js Show response login.consumer.shell.com/static/js/	2 MB 814 KB	40ms 40ms	Script application/javascript	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/static/js/main.6e01bf18.js Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `82993fb845c40c45b1211df51bd3a096cd144670f8557394d07146de312938c8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers x-cache-info L1_T2 cache-control max-age=35491 x-ms-version 2018-03-28 content-encoding br etag W/"0x8DCDC9F59C46589" x-fd-int-roxy-purgeid 76496996 x-ms-request-id 07251aa3-801e-0072-57eb-0f4190000000 expires Sat, 28 Sep 2024 05:54:38 GMT content-length 832295 date Fri, 27 Sep 2024 20:03:07 GMT akamai-grn 0.38d53e17.1727467387.6470f3e x-azure-ref 20240926T081204Z-r1944857c99ckc2hbmw8qrxhdw0000000kbg000000010x2g content-type application/javascript vary Accept-Encoding last-modified Tue, 24 Sep 2024 13:46:54 GMT
GET H2	200	main.950d211d.css login.consumer.shell.com/static/css/	3 KB 2 KB	101ms 101ms	Stylesheet text/css	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/static/css/main.950d211d.css Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `af0df38c6770eb291b309722a43dabe4813716574213087fa2f9320dc7cf3989` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers cache-control max-age=35516 x-ms-version 2018-03-28 content-encoding br etag W/"0x8DCDC9F59971FB0" x-fd-int-roxy-purgeid 76496996 x-ms-request-id 0725199f-801e-0072-65eb-0f4190000000 expires Sat, 28 Sep 2024 05:55:03 GMT content-length 1419 date Fri, 27 Sep 2024 20:03:07 GMT akamai-grn 0.38d53e17.1727467387.6470e9d x-azure-ref 20240926T081158Z-r1944857c995nksg7pf2kayzsw0000000hx0000000012cbd content-type text/css vary Accept-Encoding last-modified Tue, 24 Sep 2024 13:46:54 GMT
GET H2	200	1b0fb5ad Show response login.consumer.shell.com/akam/13/	26 KB 9 KB	148ms 148ms	Script application/javascript	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/akam/13/1b0fb5ad Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `f7e99491ab1cfa9c0e2051a0477b9ab53307961df51635cbdee6f917986689fa` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers cache-control max-age=21600 content-encoding gzip etag "bf3960f823101499b02ffa7f33caa025224174e416499622f8f8914bd916040f" pragma no-cache expires Fri, 27 Sep 2024 20:03:07 GMT content-length 8781 date Fri, 27 Sep 2024 20:03:07 GMT stored-attribute-sha-checksum f7e99491ab1cfa9c0e2051a0477b9ab53307961df51635cbdee6f917986689fa last-modified Thu, 22 Feb 2024 19:44:57 GMT content-type application/javascript vary Accept-Encoding akamai-grn 0.38d53e17.1727467387.6470f73
GET H2	200	SQyAB Show response login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/	309 KB 105 KB	67ms 67ms	Script application/javascript	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/SQyAB Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `2f063e43c3c2f142da916256b04dcd1e9038f012fc4da39538d318810e0e4313` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers cache-control max-age=21600, max-age=21600 content-encoding br etag "3340343f9f385e6d0b7caaa11e1b241719573067dd16593fb51d6b1f500b6a98" expires Wed, 23 Oct 2024 10:23:27 GMT content-length 106667 date Fri, 27 Sep 2024 20:03:07 GMT stored-attribute-sha-checksum 2f063e43c3c2f142da916256b04dcd1e9038f012fc4da39538d318810e0e4313 last-modified Tue, 03 Sep 2024 15:50:48 GMT content-type application/javascript vary Accept-Encoding akamai-grn 0.38d53e17.1727467387.6470ea1
POST H2	201	SQyAB Show response login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/	18 B 759 B	144ms 142ms	XHR application/json	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/SQyAB Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/SQyAB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers access-control-allow-credentials true x_req_id ccfa6914-4897-49a7-9594-1017e640efa4 access-control-allow-origin https://login.consumer.shell.com content-length 18 date Fri, 27 Sep 2024 20:03:08 GMT akamai-grn 0.38d53e17.1727467387.6470ffa content-type application/json vary Origin access-control-allow-headers Content-Type
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	157 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	favicon.ico login.consumer.shell.com/	33 KB 9 KB	47ms 47ms	Other image/vnd.microsoft.icon	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `5a15a65abba136823acf152acab31bcdcc969d67b939aab7b9c7cd8b835c9777` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers x-cache-info L1_T2 x-ms-version 2018-03-28 content-encoding gzip etag "0x8DCDC9F59B5CFCE" x-fd-int-roxy-purgeid 76496996 expires Sat, 28 Sep 2024 05:07:48 GMT date Fri, 27 Sep 2024 20:03:08 GMT content-type image/vnd.microsoft.icon last-modified Tue, 24 Sep 2024 13:46:54 GMT vary Accept-Encoding cache-control max-age=32680 x-ms-request-id 734a642c-a01e-0028-4991-0e2777000000 accept-ranges bytes content-length 8276 akamai-grn 0.38d53e17.1727467388.647109b x-azure-ref 20240925T095424Z-r1944857c99ckc2hbmw8qrxhdw0000000g9g00000001kkw7
POST H2	201	SQyAB Show response login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/	18 B 739 B	126ms 124ms	XHR application/json	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/SQyAB Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/SQyAB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers access-control-allow-credentials true x_req_id c4ef2485-9976-4031-bb0e-6c206e77b8c1 access-control-allow-origin https://login.consumer.shell.com content-length 18 date Fri, 27 Sep 2024 20:03:08 GMT akamai-grn 0.38d53e17.1727467388.64712b2 content-type application/json vary Origin access-control-allow-headers Content-Type
POST H2	200	pixel_1b0fb5ad Show response login.consumer.shell.com/akam/13/	0 712 B	36ms 34ms	XHR text/html	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/akam/13/pixel_1b0fb5ad Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/akam/13/1b0fb5ad Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers expires Fri, 27 Sep 2024 20:03:08 GMT cache-control max-age=0, no-cache, no-store content-length 0 pragma no-cache date Fri, 27 Sep 2024 20:03:08 GMT content-type text/html akamai-grn 0.38d53e17.1727467388.6471440
POST H2	201	SQyAB Show response login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/	18 B 733 B	111ms 109ms	XHR application/json	2a02:26f0:480:22::1726:62f8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/SQyAB Requested by Host: login.consumer.shell.com URL: https://login.consumer.shell.com/MaCgtnGkd8PQvY-q1BflLB_4/ir1DkL5SEaQX/czBXN0YD/fXVJIyl/SQyAB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62f8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://login.consumer.shell.com/login?redirect=https%3A%2F%2Fwww.goplus.shell.be%2Fsso%2Flogin%2Freturn%3Flod_state%3DMY_REWARDS&market=nl-BE&clientId=qjurjk257t8u53nhr7ywykyevr8ubtss Response headers access-control-allow-credentials true x_req_id 6af32ebb-7b75-46fd-a124-56508915590e access-control-allow-origin https://login.consumer.shell.com content-length 18 date Fri, 27 Sep 2024 20:03:09 GMT akamai-grn 0.38d53e17.1727467388.6471720 content-type application/json vary Origin access-control-allow-headers Content-Type

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shell.com/	1970-01-21 09:12:43	Name: AMCV_B7FA08E5529E27690A490D4D%40AdobeOrg Value: MCMID%7C53266103828039557113945153273576554495
.shell.com/	1969-12-31 23:59:59	Name: nlid Value: a21d7863\|1beac52e
.shell.com/	1970-01-21 09:12:43	Name: nllastdelid Value: 1beac52e
www.goplus.shell.be/	1970-01-21 08:36:43	Name: b Value: https://www.goplus.shell.be/
www.goplus.shell.be/	1970-01-21 09:27:07	Name: psid Value: a8084f0deb72ee035d27aef776864bf06b6179ea87f806dda46e3f362c6c5200
www.goplus.shell.be/	1969-12-31 23:59:59	Name: SESSION Value: YjM1ZGIwZjgtZTAwMC00YzA0LWI0YmEtMzBhYTlmMzE1Y2Rh
www.goplus.shell.be/	1970-01-21 00:01:12	Name: AWSALBAPP-0 Value: _remove_
www.goplus.shell.be/	1970-01-21 00:01:12	Name: AWSALBAPP-1 Value: _remove_
www.goplus.shell.be/	1970-01-21 00:01:12	Name: AWSALBAPP-2 Value: _remove_
www.goplus.shell.be/	1970-01-21 00:01:12	Name: AWSALBAPP-3 Value: _remove_
.shell.com/	1970-01-20 23:51:21	Name: bm_sz Value: 4E19B110D04319392AA8B8CB0AA02097~YAAQONU+Fw++nzCSAQAANHsUNRlq5BQzRpp91yyQohhaCoMIYxWsTSywcZ/F0N9wY0MZoU08NBslGr2UOHtFQf7fc901Snm3NDnwICjPSKrlg4FWcjEyRCnpjQ8H26c8WKgMsFhTUnssgXMJfxKCQ5QwIse6ByE/2q0XgFTA/GAkOtHlv640WKQGxwGa+XWeRg5wyNxAEm337GbIHesrWMGxpdFMGuPlAQ++qKunkpFyQpy8J1R+O2QHnC55c7TQiR4Qea9ONot+yCH91c4avoO1EwfZ3LKt+qHUYV6FiWjMisZdh78ZrIzrKE1JC+yULn8S+7Iv5NgEjC/ElCcITvS8ScpYCdLjZbkteQX8M2d9JGdfptSuTU+6Cm+uOOu1JsnLrC7ItgTuLd+Go+o+i1RB5N9UdugeJF/NFOTC12cTmymx~4339013~3622213
.consumer.shell.com/	1970-01-20 23:51:14	Name: ak_bmsc Value: 02616BD355EE809E83F19068CA4A0D38~000000000000000000000000000000~YAAQONU+FzW+nzCSAQAAin4UNRmlhCLKaCyXrFvthOujRCGaVvo7h10cIequD8CKcaoZDAs80SkpOuyrpVrwjI5lKrQ9dBQK2ZrYTODDiQ3zmX5MKglwjljAN4GT4TR/lDyrlp5DfOtLnNPrGvMhG1dBCohyzSPesHeBkSFgx+Z/gemY+XZkIWNrIL534MBYEIqUZV/Ob1b0+vatnXGTbeqTTthBWwCqcR438h+LAzbMmR3AWN91hDQqZl+sj3qzUz6ESea6dt/0AE9iUihqqhZfkQPNKyzJ+nGs1Jc4fBSlEPxvkRVzv01LUMhLgoX/fh4WkZR2XKBfxyT+lVZxRuUM0PLXfoDCyqqKtizJH1jQnUSWEP1cefL3MGVxwjt+1J1F5YKIOBBwd92y0fq9PJR3Tj8TEpUQq8m9v77tyba4hGLlBTsYqef+mASqBhGnmQAoQTlXYsowr9bqCKrGv2e58/q2m9cUTk492SR8/gnXKoThD0TFuYPRgA==
.shell.com/	1970-01-21 08:36:43	Name: _abck Value: DB1948B525569AC0C8C938293A77A22A~-1~YAAQONU+F0G+nzCSAQAAjYAUNQyY/PhV1yJ3haNpetu6D4CukJSTofKkMa1YJhxdNDd2Ln0UPbCV+lwUTD1YWaCj+VTukpNOeNT78Y8KsjpY+VlozdeT5F15w4kofs5uwMc4rvBH0j1/x0e6Xla9p/RP5DWK1Jz9kfLTOI/VCgYrKMq2yB1CIl5j/wJCGR0A4oORUdNr/7XVaw8mCM25zL1Tby29gGHcH6cn4n427YRFVWR8jUECB+1lFZcdLWH/AcrX5Ph7lj7B0ua1JGMhubjcpk3ZUHFqCgGLTAX0aGrURTnprro+jhcOFtXVChJbSsNa+Xg+uy14hZiB4viPIwPWRKoPaC900EXD64Rs2uTPavAdqeKCqRIBTtbpWNpUdpWfAIeimESqYvYD/7StaD0tZsBD+833rH1top9OCb8przvNnWo0YQA=~-1~-1~1727470988

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.consumer.shell.com
t.uk.shell.com
www.goplus.shell.be
2a02:26f0:480:22::1726:62f8
52.208.145.174
63.32.0.185
1c267826d7426010cee8eaffb4d6cae5ef30ef5de1000ac3bd177cc5dafd1b3b
2f063e43c3c2f142da916256b04dcd1e9038f012fc4da39538d318810e0e4313
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
5a15a65abba136823acf152acab31bcdcc969d67b939aab7b9c7cd8b835c9777
6ddc15fa6882d039fbd36e1428562ea611ba1acabdf87993dd929ca14f120aee
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
82993fb845c40c45b1211df51bd3a096cd144670f8557394d07146de312938c8
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
af0df38c6770eb291b309722a43dabe4813716574213087fa2f9320dc7cf3989
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c34b85ac345c6119552fa1aa6bd700a7a9dfaf03aae90ad431f8a987f40db3d1
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7e99491ab1cfa9c0e2051a0477b9ab53307961df51635cbdee6f917986689fa

login.consumer.shell.com Open in urlscan Pro 2a02:26f0:480:22::1726:62f8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

1137 kBTransfer

2725 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

13 Cookies

Indicators

login.consumer.shell.com Open in urlscan Pro
2a02:26f0:480:22::1726:62f8 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

1137 kB
Transfer

2725 kB
Size

13
Cookies

14 HTTP transactions
2 data transactions