greenshadesonline.s3.fr-par.scw.cloud
Open in
urlscan Pro
2001:bc8:10::7
Public Scan
Submitted URL: https://link.mail.beehiiv.com/ss/c/jYqbUqB0ZVwGwXpALD5R0Gef6iYwhfkFZdOC6CE6xgnjV4z5gMjsXEhx3PxtEqX6fv3GQ1muY5ZP8X24OAUleeVws5A...
Effective URL: https://greenshadesonline.s3.fr-par.scw.cloud/GreenShadesOnlineVerificationPageGREENSHADEScustomerassistGREENSHADESLOGIN.html?X-Amz-Algorithm=...
Submission: On February 22 via manual from US — Scanned from DE
Effective URL: https://greenshadesonline.s3.fr-par.scw.cloud/GreenShadesOnlineVerificationPageGREENSHADEScustomerassistGREENSHADESLOGIN.html?X-Amz-Algorithm=...
Submission: On February 22 via manual from US — Scanned from DE
Summary
This website contacted 4 IPs
in 3 countries
across 5 domains to perform 4 HTTP transactions.
The main IP is 2001:bc8:10::7, located in
France and
belongs to Online SAS, FR.
The main domain is greenshadesonline.s3.fr-par.scw.cloud.
TLS certificate: Issued by R3 on December 21st 2022. Valid for: 3 months.
This is the only time greenshadesonline.s3.fr-par.scw.cloud was scanned on urlscan.io!
TLS certificate: Issued by R3 on December 21st 2022. Valid for: 3 months.
This is the only time greenshadesonline.s3.fr-par.scw.cloud was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2606:4700::68... 2606:4700::6812:df9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2001:bc8:10::7 2001:bc8:10::7 | 12876 (Online SAS) (Online SAS) | |
| 1 | 192.229.221.25 192.229.221.25 | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 2a04:4e42:400... 2a04:4e42:400::393 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2a02:26f0:350... 2a02:26f0:3500:888::1f37 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 4 | 4 |
1
2a02:26f0:3500:888::1f37
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| www.citizensbank.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 1 |
citizensbank.com
www.citizensbank.com — Cisco Umbrella Rank: 59408 |
127 KB |
| 1 |
cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 1981 |
3 KB |
| 1 |
paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2241 |
14 KB |
| 1 |
scw.cloud
greenshadesonline.s3.fr-par.scw.cloud |
12 KB |
| 1 |
beehiiv.com
1 redirects
link.mail.beehiiv.com — Cisco Umbrella Rank: 130717 |
669 B |
| 4 | 5 |
| Domain | Requested by | |
|---|---|---|
| 1 | www.citizensbank.com |
greenshadesonline.s3.fr-par.scw.cloud
|
| 1 | res.cloudinary.com |
greenshadesonline.s3.fr-par.scw.cloud
|
| 1 | www.paypalobjects.com |
greenshadesonline.s3.fr-par.scw.cloud
|
| 1 | greenshadesonline.s3.fr-par.scw.cloud | |
| 1 | link.mail.beehiiv.com | 1 redirects |
| 4 | 5 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| s3.fr-par.scw.cloud R3 |
2022-12-21 - 2023-03-21 |
3 months | crt.sh |
| www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2022-11-09 - 2023-12-10 |
a year | crt.sh |
| *.cloudinary.com Go Daddy Secure Certificate Authority - G2 |
2022-05-30 - 2023-07-01 |
a year | crt.sh |
| www.citizensbank.com Entrust Certification Authority - L1M |
2022-07-01 - 2023-07-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://greenshadesonline.s3.fr-par.scw.cloud/GreenShadesOnlineVerificationPageGREENSHADEScustomerassistGREENSHADESLOGIN.html?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=SCWPG1SX2JW4ZC4PEF6X%2F20230219%2Ffr-par%2Fs3%2Faws4_request&X-Amz-Date=20230219T185455Z&X-Amz-Expires=446705&X-Amz-Signature=08991844957fa1274906fc6f739fa2d15cf93afbbc43d9801e626e9191cd60fb&X-Amz-SignedHeaders=host&x-id=GetObject
Frame ID: 7F0DCA8B5F408C9CE73E750A68A0CC57
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
GreenshadesPage URL History Show full URLs
-
https://link.mail.beehiiv.com/ss/c/jYqbUqB0ZVwGwXpALD5R0Gef6iYwhfkFZdOC6CE6xgnjV4z5gMjsXEhx3PxtEqX6fv3GQ1m...
HTTP 302
https://greenshadesonline.s3.fr-par.scw.cloud/GreenShadesOnlineVerificationPageGREENSHADEScustomerassistGREENSHADESLOGIN.h... Page URL
Detected technologies
PayPal
(Payment Processors)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- paypalobjects\.com
Cloudinary
(CDN)
Expand
Overall confidence: 80%
Detected patterns
Detected patterns
- <img[^>]+\.cloudinary\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://link.mail.beehiiv.com/ss/c/jYqbUqB0ZVwGwXpALD5R0Gef6iYwhfkFZdOC6CE6xgnjV4z5gMjsXEhx3PxtEqX6fv3GQ1muY5ZP8X24OAUleeVws5AU3-JXHZ_pkznhgKGJ-MCpDmKE_hV14-eMpxGKuzNNvUYqs6ntoyOpJ3GKIplsDiWQDREFOQJdbjVZOqQSgLEwtoVw_wCb5pVMNDdfeGnphj4Wy6huXCUXlPcOVmCsVLz6OlCIVBdfZW1hbgqmR1Iu7yDiud-NYo3aLTy-lEFMvYFIdLzRxkQlwBTv7MpxJ1aLW7PbqeegJVz1kaAkddTQ69O_a8Eg2YekRjA-ed645rWlNr8c8OZS34vxmHxpDfD0PqciWLbxP2qItjqOz7OedUdvJjR1dGg96KazgDJSU4cg6P8XUTkhzKjptDoQQCSPsv8uGgQsZqoKTt7XKOh_dVdB0ggrv-CgxTop3lmICSI8k27xmowmUSslCKXC67T01wZr6VtzA8OhJ98OYaPInWinSSRKIB-8D9QnCqNNs-Cb0P3lvsI_uNquWMJcy-La7a1Ds3iDVus53Iznz7pat1WV6VBft6OplBxdvU1V7daRKKOv7rq_YykglbQlaC9iY4veNkZgm3qvErY/3tv/jfO6DjDBRIKjGmhsYoEw6Q/h0/eZTSaHfR2h-qCLGiOZa4D6shi54IJTFvtWZPDZ_XQM4
HTTP 302
https://greenshadesonline.s3.fr-par.scw.cloud/GreenShadesOnlineVerificationPageGREENSHADEScustomerassistGREENSHADESLOGIN.html?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=SCWPG1SX2JW4ZC4PEF6X%2F20230219%2Ffr-par%2Fs3%2Faws4_request&X-Amz-Date=20230219T185455Z&X-Amz-Expires=446705&X-Amz-Signature=08991844957fa1274906fc6f739fa2d15cf93afbbc43d9801e626e9191cd60fb&X-Amz-SignedHeaders=host&x-id=GetObject Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
GreenShadesOnlineVerificationPageGREENSHADEScustomerassistGREENSHADESLOGIN.html
greenshadesonline.s3.fr-par.scw.cloud/ Redirect Chain
|
11 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
contextualLogin.css
www.paypalobjects.com/web/res/e3a/65c5f2465e43c2598eadb20766d07/css/ |
76 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sfsgdr7wvt5mtsmbsfvm
res.cloudinary.com/crunchbase-production/image/upload/c_lpad,f_auto,q_auto:eco,dpr_1/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Feature-Single-CC-Overview-Landingpage-976x550.jpg
www.citizensbank.com/assets/CB_media/images/CREDIT_CARDS/CashBackProduct/ |
126 KB 127 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| html5 object| Modernizr function| isEligibleIntegration object| antiClickjack1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .beehiiv.com/ | Name: __cf_bm Value: siiuVSNWZidDNovluXILc31M6SZXT7tC4yDoRAVW9p8-1677039712-0-AXYcucv8/HkIf5czRdxU7yjlA2JduR6prrecrETJeabCwi5UV/tYiFY6NZZk28X0o/PECCodpymruVzjPteBar0= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
greenshadesonline.s3.fr-par.scw.cloud
link.mail.beehiiv.com
res.cloudinary.com
www.citizensbank.com
www.paypalobjects.com
192.229.221.25
2001:bc8:10::7
2606:4700::6812:df9
2a02:26f0:3500:888::1f37
2a04:4e42:400::393
1d54636adccbd69d6fd62863a1ee72ef855b01808cec683e7bac9df009e37b7c
1fc421885ca9e26fed978a4c7e4b9f1d73901cbd060f4fd15d8338f537e46d28
38acd6914ae5ec86cf48b3e00c4df6f764f1e0bd172811652a1b8ac3eeec879f
edfc3163ce871d4b642e291ab4f089999db8415d3c358cc806ee7ca65f7a5503