clicks.messengeo.net Open in urlscan Pro
51.77.248.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI=
Submission: On November 20 via api (November 20th 2023, 5:26:20 pm UTC) from ES — Scanned from FR

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 8 HTTP transactions. The main IP is 51.77.248.12, located in France and belongs to OVH, FR. The main domain is clicks.messengeo.net.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 11th 2023. Valid for: a year.

This is the only time clicks.messengeo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	51.77.248.12 51.77.248.12	16276 (OVH) (OVH)
5	13.32.27.16 13.32.27.16	16509 (AMAZON-02) (AMAZON-02)
8	2

4 51.77.248.12 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip12.ip-51-77-248.eu

clicks.messengeo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.27.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-16.fra56.r.cloudfront.net

datas.messengeo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	messengeo.net 1 redirects clicks.messengeo.net datas.messengeo.net	617 KB
8	1

	Domain	Requested by
5	datas.messengeo.net	clicks.messengeo.net
4	clicks.messengeo.net	1 redirects clicks.messengeo.net
8	2

This site contains no links.

Subject Issuer	Validity	Valid
*.messengeo.net Thawte TLS RSA CA G1	`2023-09-11` - `2024-10-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI=
Frame ID: BF4B72636063EA394CBB132B30E61F84
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

617 kB
Transfer

656 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://clicks.messengeo.net/?i=81e5c11843faadc3fef8732bdf43bdf5&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= HTTP 302
https://clicks.messengeo.net/blank.gif

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response clicks.messengeo.net/	48 KB 6 KB	618ms 578ms	Document text/html	51.77.248.12 OVH
General Check archive.org Show headers Download Go to Full URL https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.77.248.12 , France, ASN16276 (OVH, FR), Reverse DNS ip12.ip-51-77-248.eu Software / Resource Hash `76de9aff6a54cf20679d02f0af6581ac3bac93021209c45e1e0c5e85f60408dd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers content-encoding gzip content-length 5710 content-type text/html; charset=UTF-8 date Mon, 20 Nov 2023 17:26:15 GMT vary Accept-Encoding
GET H2	404	font-awesome.min.css clicks.messengeo.net/font-awesome/css/	0 0	18ms 17ms	Stylesheet text/html	51.77.248.12 OVH
General Check archive.org Show headers Download Go to Full URL https://clicks.messengeo.net/font-awesome/css/font-awesome.min.css?00046 Requested by Host: clicks.messengeo.net URL: https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.77.248.12 , France, ASN16276 (OVH, FR), Reverse DNS ip12.ip-51-77-248.eu Software / Resource Hash Request headers accept-language fr-FR,fr;q=0.9 Referer https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 17:26:15 GMT content-encoding gzip content-type text/html; charset=iso-8859-1
GET H2	200	HeaderSY.png datas.messengeo.net/f229479f46773d0b8fc83fc7c7312b6d/a7079415c42688fe8ad08079cda43fa2/	12 KB 12 KB	147ms 28ms	Image image/png	13.32.27.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://datas.messengeo.net/f229479f46773d0b8fc83fc7c7312b6d/a7079415c42688fe8ad08079cda43fa2/HeaderSY.png Requested by Host: clicks.messengeo.net URL: https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-16.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `8cbfcb1cce736a8495156dd60ae3719e59507958aa60a1c0ea8b28b13db518fd` Request headers accept-language fr-FR,fr;q=0.9 Referer https://clicks.messengeo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sun, 19 Nov 2023 18:43:14 GMT via 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 81782 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 12118 last-modified Tue, 10 Oct 2023 10:21:27 GMT server AmazonS3 etag "bdf8f2d7a714a665484c124daf14f00e" access-control-max-age 3000 access-control-allow-methods GET content-type image/png access-control-allow-origin * vary Origin accept-ranges bytes x-amz-cf-id Z8AaQGfYqzPNoiJ_PXe16Cd33XkYbXKOFCQMce2PlRyJvDmwWcoFzQ==
GET H2	200	PRUEBA_vn.gif datas.messengeo.net/7237a218a834227f7304a8ada4a5b719/a7079415c42688fe8ad08079cda43fa2/	179 KB 180 KB	147ms 27ms	Image image/gif	13.32.27.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://datas.messengeo.net/7237a218a834227f7304a8ada4a5b719/a7079415c42688fe8ad08079cda43fa2/PRUEBA_vn.gif Requested by Host: clicks.messengeo.net URL: https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-16.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `5abd2580a7fa8b0ec61490b8f0fcb3a7097a58cad5494e2f91b21983b80f5785` Request headers accept-language fr-FR,fr;q=0.9 Referer https://clicks.messengeo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 13:12:55 GMT via 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 15201 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 183747 last-modified Wed, 15 Nov 2023 09:07:40 GMT server AmazonS3 etag "e64561eecf9dc0d0a9402ecbf283f145" access-control-max-age 3000 access-control-allow-methods GET content-type image/gif access-control-allow-origin * vary Origin accept-ranges bytes x-amz-cf-id Re8Ibja3XwVDDdgCQZSSAw1Jj0RDtbpy92lZhJ1OV9zfpv1MwyNAjw==
GET H2	200	SY_-_Adaptaciones_campana_Spoticar_Tercer_Aniversario_EMAILING_BannerPrincipal_Octubre.png datas.messengeo.net/06215e60a5fe43ea505605ccb5c2fefd/eb3a00f63d313fd7afc9b27482dcd552/	283 KB 284 KB	145ms 27ms	Image image/png	13.32.27.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://datas.messengeo.net/06215e60a5fe43ea505605ccb5c2fefd/eb3a00f63d313fd7afc9b27482dcd552/SY_-_Adaptaciones_campana_Spoticar_Tercer_Aniversario_EMAILING_BannerPrincipal_Octubre.png Requested by Host: clicks.messengeo.net URL: https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-16.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `0f44e615ed219ce25aeecf0b1e4f0fda3d4e172e23c32ddb6c329e5922a95dd5` Request headers accept-language fr-FR,fr;q=0.9 Referer https://clicks.messengeo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 13:12:55 GMT via 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 15201 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 290113 last-modified Tue, 17 Oct 2023 14:47:26 GMT server AmazonS3 etag "f182eab19bff6edbecd02ead4e48afa1" access-control-max-age 3000 access-control-allow-methods GET content-type image/png access-control-allow-origin * vary Origin accept-ranges bytes x-amz-cf-id 6LC6d2Ss1geILZHI6tNlDO9dQVfQy_nPXNM-Z_Iu2DSwElfeELDXYw==
GET H2	200	banner_apv.gif datas.messengeo.net/275b79beac42f650ba9d200fd10835df/a7079415c42688fe8ad08079cda43fa2/	113 KB 113 KB	146ms 28ms	Image image/gif	13.32.27.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://datas.messengeo.net/275b79beac42f650ba9d200fd10835df/a7079415c42688fe8ad08079cda43fa2/banner_apv.gif Requested by Host: clicks.messengeo.net URL: https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-16.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `0815af4d3506f3e8e13d1f65b769d7763135ab1bc4274a433185626d7de131da` Request headers accept-language fr-FR,fr;q=0.9 Referer https://clicks.messengeo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 12:44:58 GMT via 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 16878 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 115296 last-modified Tue, 10 Oct 2023 11:00:28 GMT server AmazonS3 etag "05cc42b08daff7e8daa3c3d1c418e73f" access-control-max-age 3000 access-control-allow-methods GET content-type image/gif access-control-allow-origin * vary Origin accept-ranges bytes x-amz-cf-id rB3-BkdjgWBIgq-c_FTvJ8-ljPBB3QnR9bgbmcm9XVH6AvDNHTxj-A==
GET H2	200	FooterSY.png datas.messengeo.net/87afd0f382e0250b19291d3b1ca4070c/a7079415c42688fe8ad08079cda43fa2/	20 KB 21 KB	146ms 29ms	Image image/png	13.32.27.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://datas.messengeo.net/87afd0f382e0250b19291d3b1ca4070c/a7079415c42688fe8ad08079cda43fa2/FooterSY.png Requested by Host: clicks.messengeo.net URL: https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-16.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `faa577e0a3d056cbfab9923dc38eda552e8be1043a5248f88a5bdf4139a2fed9` Request headers accept-language fr-FR,fr;q=0.9 Referer https://clicks.messengeo.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 13:16:09 GMT via 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 15007 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 20926 last-modified Tue, 10 Oct 2023 11:07:58 GMT server AmazonS3 etag "7c366b319ae4689e67ade77bd1cddc74" access-control-max-age 3000 access-control-allow-methods GET content-type image/png access-control-allow-origin * vary Origin accept-ranges bytes x-amz-cf-id _-lXDh6pLGUNqF4uh_W2pFuoYs6rd9FO7CpSWsrr_Xuk5oOLUkEvAg==
GET H2	200	blank.gif clicks.messengeo.net/ Redirect Chain https://clicks.messengeo.net/?i=81e5c11843faadc3fef8732bdf43bdf5&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= https://clicks.messengeo.net/blank.gif	807 B 935 B	19ms 18ms	Image image/gif	51.77.248.12 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://clicks.messengeo.net/blank.gif Requested by Host: clicks.messengeo.net URL: https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= Protocol H2 Server 51.77.248.12 , France, ASN16276 (OVH, FR), Reverse DNS ip12.ip-51-77-248.eu Software / Resource Hash `1daff9a9c6d7f19de562a7bfa8b9082c1713c808bc003a206d9c762d13971c66` Request headers accept-language fr-FR,fr;q=0.9 Referer https://clicks.messengeo.net/?i=48661f3a232eaeb71d49b8d3c5b1fe4e&c=c2UucmVkbmF0bmFzb3B1cmdAcmV1Z2xpZ2o6OjI2MTU0Nzc2NDI= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 17:26:15 GMT last-modified Mon, 25 Sep 2023 12:53:37 GMT accept-ranges bytes etag "327-6062e72599640" content-length 807 content-type image/gif Redirect headers location https://clicks.messengeo.net/blank.gif date Mon, 20 Nov 2023 17:26:15 GMT content-type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://clicks.messengeo.net/font-awesome/css/font-awesome.min.css?00046 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicks.messengeo.net
datas.messengeo.net
13.32.27.16
51.77.248.12
0815af4d3506f3e8e13d1f65b769d7763135ab1bc4274a433185626d7de131da
0f44e615ed219ce25aeecf0b1e4f0fda3d4e172e23c32ddb6c329e5922a95dd5
1daff9a9c6d7f19de562a7bfa8b9082c1713c808bc003a206d9c762d13971c66
5abd2580a7fa8b0ec61490b8f0fcb3a7097a58cad5494e2f91b21983b80f5785
76de9aff6a54cf20679d02f0af6581ac3bac93021209c45e1e0c5e85f60408dd
8cbfcb1cce736a8495156dd60ae3719e59507958aa60a1c0ea8b28b13db518fd
faa577e0a3d056cbfab9923dc38eda552e8be1043a5248f88a5bdf4139a2fed9

clicks.messengeo.net Open in urlscan Pro 51.77.248.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

2 IPs

2 Countries

617 kBTransfer

656 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

clicks.messengeo.net Open in urlscan Pro
51.77.248.12 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

617 kB
Transfer

656 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions