cloud.em.shangri-lacircle.com

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 128.245.128.237, located in United States and belongs to SALESFORCE, US. The main domain is cloud.em.shangri-lacircle.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 21st 2023. Valid for: a year.

This is the only time cloud.em.shangri-lacircle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.245.144.169 128.245.144.169	14340 (SALESFORCE) (SALESFORCE)
1	128.245.128.237 128.245.128.237	14340 (SALESFORCE) (SALESFORCE)
1	2a02:26f0:480... 2a02:26f0:480:22::1726:62c3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	163.181.92.235 163.181.92.235	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
5	4

1 128.245.144.169 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.em.shangri-lacircle.com

click.em.shangri-lacircle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.245.128.237 (United States)

ASN14340 (SALESFORCE, US)
PTR: cloud.em.shangri-lacircle.com

cloud.em.shangri-lacircle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:22::1726:62c3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

image.em.shangri-lacircle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.235 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

s.shangri-la.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	shangri-lacircle.com 1 redirects click.em.shangri-lacircle.com — Cisco Umbrella Rank: 975197 cloud.em.shangri-lacircle.com image.em.shangri-lacircle.com — Cisco Umbrella Rank: 947331	21 KB
2	gstatic.com fonts.gstatic.com	28 KB
1	shangri-la.com s.shangri-la.com — Cisco Umbrella Rank: 390247	31 KB
5	3

	Domain	Requested by
2	fonts.gstatic.com	cloud.em.shangri-lacircle.com
1	s.shangri-la.com	cloud.em.shangri-lacircle.com
1	image.em.shangri-lacircle.com	cloud.em.shangri-lacircle.com
1	cloud.em.shangri-lacircle.com
1	click.em.shangri-lacircle.com	1 redirects
5	5

This site contains links to these domains. Also see Links.

Domain
www.shangri-la.com

Subject Issuer	Validity	Valid
cloud.em.shangri-lacircle.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-21` - `2024-04-20`	a year	crt.sh
san-17-s12.tlsprovisioning.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-04-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.shangri-la.com Trusted Secure Certificate Authority 5	`2023-03-29` - `2024-03-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e35733664cf7f78ebfa62199cd2d0ef4ded595062a6ac7cc46bbc1545b2b391a322b5f0d5f4fb7e06cab15c
Frame ID: 0DE1CB7846E078DC92E6BBDDAFDE4208
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.em.shangri-lacircle.com/?qs=bba6e5c70679920b67a8f928019e13c8714e5a2cb3d067f2c77723b25609d9ffa71c7f49... HTTP 302
https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e... Page URL

Page Statistics

5
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

81 kB
Transfer

91 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.shangri-la.com/en/corporate/shangrilacircle/online-services/edit-profile/
Title: LOGIN ACCOUNT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.em.shangri-lacircle.com/?qs=bba6e5c70679920b67a8f928019e13c8714e5a2cb3d067f2c77723b25609d9ffa71c7f49e37b5412b717b8bd8bd24a2756c94c1548451aa4c774199ea59d2b45 HTTP 302
https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e35733664cf7f78ebfa62199cd2d0ef4ded595062a6ac7cc46bbc1545b2b391a322b5f0d5f4fb7e06cab15c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request unsubscribe_en Show response
cloud.em.shangri-lacircle.com/
Redirect Chain

https://click.em.shangri-lacircle.com/?qs=bba6e5c70679920b67a8f928019e13c8714e5a2cb3d067f2c77723b25609d9ffa71c7f49e37b5412b717b8bd8bd24a2756c94c1548451aa4c774199ea59d2b45
https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e35733664cf7f78ebfa62199cd2d0ef4ded595062a6ac7cc46bbc1545b2b391a322b5f0d5f4fb7e06cab15c

15 KB
4 KB

642ms
258ms

Document
text/html

128.245.128.237
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e35733664cf7f78ebfa62199cd2d0ef4ded595062a6ac7cc46bbc1545b2b391a322b5f0d5f4fb7e06cab15c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 128.245.128.237 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: cloud.em.shangri-lacircle.com
Software: /
Resource Hash: 5be9cfafeb3882398fa3b18d6efbd395d250998f5bd2403d00003e71586c8816

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Length: 3513
Content-Type: text/html; charset=utf-8
Date: Fri, 15 Dec 2023 02:31:35 GMT
Expires: -1
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 317
Content-Type: text/html; charset=utf-8
Date: Fri, 15 Dec 2023 02:31:33 GMT
Location: https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e35733664cf7f78ebfa62199cd2d0ef4ded595062a6ac7cc46bbc1545b2b391a322b5f0d5f4fb7e06cab15c

GET
H/1.1 200
OK 5b65cc3e-3709-4d5a-93fd-5b02d7b9cb51.jpeg
image.em.shangri-lacircle.com/lib/fe3011737164047e701374/m/1/ 17 KB
17 KB 146ms
108ms Image
image/jpeg 2a02:26f0:480:22::1726:62c3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.em.shangri-lacircle.com/lib/fe3011737164047e701374/m/1/5b65cc3e-3709-4d5a-93fd-5b02d7b9cb51.jpeg
Requested by: Host: cloud.em.shangri-lacircle.com
URL: https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e35733664cf7f78ebfa62199cd2d0ef4ded595062a6ac7cc46bbc1545b2b391a322b5f0d5f4fb7e06cab15c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62c3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ae92fa47879d500b68d7ebe46a10f1acc65c505ccc4c484d83b596423d4ee0b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud.em.shangri-lacircle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 02:31:35 GMT
Last-Modified: Tue, 10 May 2022 16:49:52 GMT
Server: AkamaiNetStorage
ETag: "f3f873c22f0e8b77c28e5c5c22b78e0e:1652201392.480828"
Content-Type: image/jpeg
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17562

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v18/ 14 KB
14 KB 40ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: cloud.em.shangri-lacircle.com
URL: https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e35733664cf7f78ebfa62199cd2d0ef4ded595062a6ac7cc46bbc1545b2b391a322b5f0d5f4fb7e06cab15c

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15349bbd9d7d527b01aedfb700750f554fe4da177e30334ffd55ef5f56a039a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloud.em.shangri-lacircle.com/
Origin: https://cloud.em.shangri-lacircle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:17:40 GMT
x-content-type-options: nosniff
age: 274435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14172
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 22:17:40 GMT

GET
H2 200 playfair_display.woff2
s.shangri-la.com/sl-fe-public/fonts/playfair_display/ 31 KB
31 KB 710ms
10ms Font
application/octet-stream 163.181.92.235
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.shangri-la.com/sl-fe-public/fonts/playfair_display/playfair_display.woff2

Requested by

Host: cloud.em.shangri-lacircle.com
URL: https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e35733664cf7f78ebfa62199cd2d0ef4ded595062a6ac7cc46bbc1545b2b391a322b5f0d5f4fb7e06cab15c

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

163.181.92.235 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

2c85197debfa7d61e76eec8ae33c8f096ad4cdd44ceac6e94fc92603715d09b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloud.em.shangri-lacircle.com/
Origin: https://cloud.em.shangri-lacircle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:34:39 GMT
via: cache16.l2sg2[0,0,304-0,H], cache33.l2sg2[1,0], cache33.l2sg2[1,0], ens-cache6.de5[0,0,200-0,H], ens-cache15.de5[1,0]
x-content-type-options: nosniff
age: 849416
x-swift-cachetime: 2591853
x-cache: HIT TCP_MEM_HIT dirn:13:734824472
x-swift-savetime: Tue, 05 Dec 2023 06:37:06 GMT
content-length: 31540
last-modified: Wed, 07 Sep 2022 02:28:23 GMT
server: Tengine
etag: "631801c7-7b34"
ali-swift-global-savetime: 1701758079
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
eagleid: a3b55ca317026074959328758e

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v18/ 14 KB
14 KB 41ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: cloud.em.shangri-lacircle.com
URL: https://cloud.em.shangri-lacircle.com/unsubscribe_en?qs=4a18a29cf261ea5655e6d79bc3eecda4b1555654b1ebbb526e372cec1e35733664cf7f78ebfa62199cd2d0ef4ded595062a6ac7cc46bbc1545b2b391a322b5f0d5f4fb7e06cab15c

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dad81153cb015fb3434cd053af77f46f1a3ae83c9735930c48aa050df26e44c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cloud.em.shangri-lacircle.com/
Origin: https://cloud.em.shangri-lacircle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:58:40 GMT
x-content-type-options: nosniff
age: 235975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:58:40 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.em.shangri-lacircle.com
cloud.em.shangri-lacircle.com
fonts.gstatic.com
image.em.shangri-lacircle.com
s.shangri-la.com
128.245.128.237
128.245.144.169
163.181.92.235
2a00:1450:4001:813::2003
2a02:26f0:480:22::1726:62c3
15349bbd9d7d527b01aedfb700750f554fe4da177e30334ffd55ef5f56a039a6
2c85197debfa7d61e76eec8ae33c8f096ad4cdd44ceac6e94fc92603715d09b1
5be9cfafeb3882398fa3b18d6efbd395d250998f5bd2403d00003e71586c8816
ae92fa47879d500b68d7ebe46a10f1acc65c505ccc4c484d83b596423d4ee0b3
dad81153cb015fb3434cd053af77f46f1a3ae83c9735930c48aa050df26e44c4

cloud.em.shangri-lacircle.com Open in urlscan Pro 128.245.128.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

40 %IPv6

3 Domains

5 Subdomains

4 IPs

2 Countries

81 kBTransfer

91 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

cloud.em.shangri-lacircle.com Open in urlscan Pro
128.245.128.237 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

81 kB
Transfer

91 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions