urlscan.io logo urlscan.io
SecurityTrails logo

nl.shein.com Open in urlscan Pro
2.17.100.232  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link-nl.shein.com/u/nrd.php?p=wLknR2vnXL_117665_4942090_1_5&ems_l=6751232&i=1&d=NDk0MjM0NDYw%7Cd0xrblIydm5YTA==%7C...
Effective URL: https://nl.shein.com/hotsale/TUR-Hotsale-sc-003142114.html?onelink=1/3m171d2tw70y&requestId=476151348754022413&sc_src...
Submission: On May 02 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2.17.100.232, located in and belongs to . The main domain is nl.shein.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 3rd 2023. Valid for: a year.
This is the only time nl.shein.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.39.2 13335 (CLOUDFLAR...)
2 52.89.19.141 16509 (AMAZON-02)
1 2.17.100.232 ()
4 3
Apex Domain
Subdomains		 Transfer
4 shein.com
link-nl.shein.com — Cisco Umbrella Rank: 837899
app.shein.com — Cisco Umbrella Rank: 385251
nl.shein.com
3 KB
0 Failed
function sub() { [native code] }. Failed
4 2
Domain Requested by
2 app.shein.com
1 nl.shein.com app.shein.com
1 link-nl.shein.com 1 redirects
0 applink Failed app.shein.com
4 4

This site contains no links.

Subject Issuer Validity Valid
*.shein.com
Secure Site CA G2		 2024-02-18 -
2025-03-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nl.shein.com/hotsale/TUR-Hotsale-sc-003142114.html?onelink=1/3m171d2tw70y&requestId=476151348754022413&sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1&url_from=msp_194609_4912904_20240501_Tnavbar03_nl_couponexpire_5D_EM_nl_nl_de_LVMTBSEI14
Frame ID: C131AB10F29BD9A3E787C35199A73D26
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://link-nl.shein.com/u/nrd.php?p=wLknR2vnXL_117665_4942090_1_5&ems_l=6751232&i=1&d=NDk0MjM0NDYw%7... HTTP 302
    https://app.shein.com/1/3m171d2tw70y?sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_ll... Page URL
  2. https://nl.shein.com/hotsale/TUR-Hotsale-sc-003142114.html?onelink=1/3m171d2tw70y&requestId=47615... Page URL

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

2 kB
Transfer

100 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link-nl.shein.com/u/nrd.php?p=wLknR2vnXL_117665_4942090_1_5&ems_l=6751232&i=1&d=NDk0MjM0NDYw%7Cd0xrblIydm5YTA==%7COTI2YTgzMDJmYjUxYjI5ZjE=%7C&_esuh=_11_68250ca2b017a1a6b9ee28af111479981d797342b3a30500616a0d605321f1cf HTTP 302
    https://app.shein.com/1/3m171d2tw70y?sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1 Page URL
  2. https://nl.shein.com/hotsale/TUR-Hotsale-sc-003142114.html?onelink=1/3m171d2tw70y&requestId=476151348754022413&sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1&url_from=msp_194609_4912904_20240501_Tnavbar03_nl_couponexpire_5D_EM_nl_nl_de_LVMTBSEI14 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://link-nl.shein.com/u/nrd.php?p=wLknR2vnXL_117665_4942090_1_5&ems_l=6751232&i=1&d=NDk0MjM0NDYw%7Cd0xrblIydm5YTA==%7COTI2YTgzMDJmYjUxYjI5ZjE=%7C&_esuh=_11_68250ca2b017a1a6b9ee28af111479981d797342b3a30500616a0d605321f1cf HTTP 302
  • https://app.shein.com/1/3m171d2tw70y?sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
3m171d2tw70y
app.shein.com/1/
Redirect Chain
  • https://link-nl.shein.com/u/nrd.php?p=wLknR2vnXL_117665_4942090_1_5&ems_l=6751232&i=1&d=NDk0MjM0NDYw%7Cd0xrblIydm5YTA==%7COTI2YTgzMDJmYjUxYjI5ZjE=%7C&_esuh=_11_68250ca2b017a1a6b9ee28af111479981d797...
  • https://app.shein.com/1/3m171d2tw70y?sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.shein.com/1/3m171d2tw70y?sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.89.19.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-19-141.us-west-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
69d838e498d6b2ad070013e70b4c2fe97eec99df7aa754c409530a2d0b193354

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Language
nl-NL
Content-Type
text/html;charset=UTF-8
Date
Thu, 02 May 2024 19:10:25 GMT
Server
openresty/1.15.8.2
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87da4fab0a0e9f78-AMS
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 02 May 2024 19:10:24 GMT
location
https://app.shein.com/1/3m171d2tw70y?sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1
pragma
no-cache
server
cloudflare
x-af
suite38-web01c
x-fe
suite38-web01c
x-hf
suite-haproxy01c
favicon.ico
app.shein.com/ 		552 B
728 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.shein.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.89.19.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-19-141.us-west-2.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
ba06358e68429145a15d0c1cfb211cb1b82680ef0a0b3efa376c68e9c1e4ea03

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.shein.com/1/3m171d2tw70y?sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 02 May 2024 19:10:25 GMT
Server
openresty/1.15.8.2
Connection
keep-alive
Content-Length
552
Content-Type
text/html; charset=UTF-8
selectcategory
applink/ 		0
0
Primary Request TUR-Hotsale-sc-003142114.html
nl.shein.com/hotsale/ 		96 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nl.shein.com/hotsale/TUR-Hotsale-sc-003142114.html?onelink=1/3m171d2tw70y&requestId=476151348754022413&sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1&url_from=msp_194609_4912904_20240501_Tnavbar03_nl_couponexpire_5D_EM_nl_nl_de_LVMTBSEI14
Requested by
Host: app.shein.com
URL: https://app.shein.com/1/3m171d2tw70y?sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.232 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://oa.sheincorp.cn https://activity-admin.biz.sheincorp.cn https://csp.sheincorp.cn https://sqs-admin.biz.sheincorp.cn https://sqs-admin.biz.sheinbackend.com https://sqs-admin-gray01.biz.sheinbackend.com https://sqs-admin-eur.biz.sheinbackend.com https://grey-sqs-admin.biz.sheincorp.cn https://sqs-admin-gray01-eur.biz.sheinbackend.com https://ccc.biz.sheincorp.cn https://ccc-store.biz.sheincorp.cn https://ccc-store.shein.com *.shein.com https://www.shein.com.hk https://www.shein.com.vn https://www.shein.com.mx https://www.shein.co.uk https://www.shein.tw https://www.shein.se https://co.shein.com https://www.shein.com.co
Strict-Transport-Security max-age=7776000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://oa.sheincorp.cn
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://app.shein.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors https://oa.sheincorp.cn https://activity-admin.biz.sheincorp.cn https://csp.sheincorp.cn https://sqs-admin.biz.sheincorp.cn https://sqs-admin.biz.sheinbackend.com https://sqs-admin-gray01.biz.sheinbackend.com https://sqs-admin-eur.biz.sheinbackend.com https://grey-sqs-admin.biz.sheincorp.cn https://sqs-admin-gray01-eur.biz.sheinbackend.com https://ccc.biz.sheincorp.cn https://ccc-store.biz.sheincorp.cn https://ccc-store.shein.com *.shein.com https://www.shein.com.hk https://www.shein.com.vn https://www.shein.com.mx https://www.shein.co.uk https://www.shein.tw https://www.shein.se https://co.shein.com https://www.shein.com.co
content-type
text/html; charset=utf-8
date
Thu, 02 May 2024 19:10:27 GMT
etag
W/"1852b2-4jc6ViW9DootupV1YuElZxP/b8o"
expires
Thu, 02 May 2024 19:10:27 GMT
gateway-waf-reject
A005-Pass
referrer-policy
no-referrer-when-downgrade
server
openresty
server-timing
g;dur=1548
strict-transport-security
max-age=7776000000; includeSubDomains
vary
Accept-Encoding
via-shein-gateway
c-shein-pc
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-frame-options
ALLOW-FROM https://oa.sheincorp.cn
x-sw-skip
836100
x-tracer-name
/selectionCategoryList-RE
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
applink
URL
sheinlink://applink/selectcategory?data=%7B%22category_id%22%3A%22003142114%22%2C%22url_from%22%3A%22msp_194609_4912904_20240501_Tnavbar03_nl_couponexpire_5D_EM_nl_nl_de_LVMTBSEI14%22%2C%22requestId%22%3A%22476151348754022413%22%7D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
app.shein.com/ Name: onelink_cookie
Value: 476151348754022412

2 Console Messages

Source Level URL
Text
network error URL: https://app.shein.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other error URL: https://app.shein.com/1/3m171d2tw70y?sc_src=email_4942090&sc_lid=494234460&sc_uid=wLknR2vnXL&sc_llid=117665&sc_eh=926a8302fb51b29f1
Message:
Not allowed to launch 'sheinlink://applink/selectcategory?data=%7B%22category_id%22%3A%22003142114%22%2C%22url_from%22%3A%22msp_194609_4912904_20240501_Tnavbar03_nl_couponexpire_5D_EM_nl_nl_de_LVMTBSEI14%22%2C%22requestId%22%3A%22476151348754022413%22%7D' because a user gesture is required.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.shein.com
applink
link-nl.shein.com
nl.shein.com
applink
104.18.39.2
2.17.100.232
52.89.19.141
69d838e498d6b2ad070013e70b4c2fe97eec99df7aa754c409530a2d0b193354
ba06358e68429145a15d0c1cfb211cb1b82680ef0a0b3efa376c68e9c1e4ea03