cloud.msg.flysas.com
Open in
urlscan Pro
161.71.49.216
Public Scan
Submitted URL: https://click.msg.flysas.com/?qs=e5bbbc3a550fd82a38d4ee6c7739f67b2e6152e0fe6c48b7a6e257df3a1bf789596f4c8e3a03214300ee6b94351b...
Effective URL: https://cloud.msg.flysas.com/preferences?qs=0448cbb054590137cbc09def2041fcb54a5bf16a92ba38130bcaef48ecc4751939f54e15c274dfbd8...
Submission: On October 04 via manual from DK — Scanned from GB
Effective URL: https://cloud.msg.flysas.com/preferences?qs=0448cbb054590137cbc09def2041fcb54a5bf16a92ba38130bcaef48ecc4751939f54e15c274dfbd8...
Submission: On October 04 via manual from DK — Scanned from GB
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 15 HTTP transactions.
The main IP is 161.71.49.216, located in
London, United Kingdom and
belongs to SALESFORCE, US.
The main domain is cloud.msg.flysas.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 2nd 2023. Valid for: a year.
This is the only time cloud.msg.flysas.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 2nd 2023. Valid for: a year.
This is the only time cloud.msg.flysas.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 161.71.51.159 161.71.51.159 | 14340 (SALESFORCE) (SALESFORCE) | |
| 7 | 161.71.49.216 161.71.49.216 | 14340 (SALESFORCE) (SALESFORCE) | |
| 5 | 2a02:26f0:480... 2a02:26f0:480:999::2ac6 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 15 | 3 |
1
161.71.51.159
(London, United Kingdom)
ASN14340 (SALESFORCE, US)
PTR: click.msg.flysas.com
ASN14340 (SALESFORCE, US)
PTR: click.msg.flysas.com
| click.msg.flysas.com |
7
161.71.49.216
(London, United Kingdom)
ASN14340 (SALESFORCE, US)
PTR: cloud.msg.flysas.com
ASN14340 (SALESFORCE, US)
PTR: cloud.msg.flysas.com
| cloud.msg.flysas.com |
5
2a02:26f0:480:999::2ac6
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| image.msg.flysas.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
flysas.com
1 redirects
click.msg.flysas.com cloud.msg.flysas.com image.msg.flysas.com |
459 KB |
| 0 |
neolane.net
Failed
sas-r.neolane.net Failed |
|
| 15 | 2 |
| Domain | Requested by | |
|---|---|---|
| 7 | cloud.msg.flysas.com |
cloud.msg.flysas.com
|
| 5 | image.msg.flysas.com |
cloud.msg.flysas.com
|
| 1 | click.msg.flysas.com | 1 redirects |
| 0 | sas-r.neolane.net Failed |
cloud.msg.flysas.com
|
| 15 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| twitter.com |
| www.youtube.com |
| www.instagram.com |
| www.facebook.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| cloud.msg.flysas.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-02 - 2024-03-04 |
a year | crt.sh |
| akamai-san90.exacttarget.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-30 - 2024-03-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cloud.msg.flysas.com/preferences?qs=0448cbb054590137cbc09def2041fcb54a5bf16a92ba38130bcaef48ecc4751939f54e15c274dfbd8fb11000f7d4b57dc31b4dd72156f352d85f0042ed8e0e98&utm_source=sfmc&utm_medium=email&utm_campaign=231003___EN_B_&utm_term=&utm_id=359397&sfmc_id=146353057&Type=&SubType=&FreeText=&sfmc_mg=e46a6e9f-2990-462c-bdba-3c276e225228
Frame ID: A67FAC8A5290346EFD5543BE1E6FA562
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
TRAVELERS LOVE TO STAY IN TOUCH. WE HOPE TO SEE YOU SOON AGAIN.Page URL History Show full URLs
-
https://click.msg.flysas.com/?qs=e5bbbc3a550fd82a38d4ee6c7739f67b2e6152e0fe6c48b7a6e257df3a1bf789596f4c8e...
HTTP 302
https://cloud.msg.flysas.com/preferences?qs=0448cbb054590137cbc09def2041fcb54a5bf16a92ba38130bcaef48ecc47... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://twitter.com/sas
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/flysas
Search URL Search Domain Scan URL
URL: https://www.instagram.com/flysas/
Search URL Search Domain Scan URL
URL: https://www.facebook.com/SAS
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.msg.flysas.com/?qs=e5bbbc3a550fd82a38d4ee6c7739f67b2e6152e0fe6c48b7a6e257df3a1bf789596f4c8e3a03214300ee6b94351bdec7d5f68ca9d8dd8cedb977b64d31834656
HTTP 302
https://cloud.msg.flysas.com/preferences?qs=0448cbb054590137cbc09def2041fcb54a5bf16a92ba38130bcaef48ecc4751939f54e15c274dfbd8fb11000f7d4b57dc31b4dd72156f352d85f0042ed8e0e98&utm_source=sfmc&utm_medium=email&utm_campaign=231003___EN_B_&utm_term=&utm_id=359397&sfmc_id=146353057&Type=&SubType=&FreeText=&sfmc_mg=e46a6e9f-2990-462c-bdba-3c276e225228 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
preferences
cloud.msg.flysas.com/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap-reboot.min.css
cloud.msg.flysas.com/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap-grid.min.css
cloud.msg.flysas.com/ |
47 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
cloud.msg.flysas.com/ |
115 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Main.min.css
cloud.msg.flysas.com/ |
73 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2e6258a7-b970-4279-96fe-b60fe85b35e8.png
image.msg.flysas.com/lib/fe3911717564047a761171/m/1/ |
157 KB 158 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3fb16337-4965-4c6f-9232-76510d7f1fdb.png
image.msg.flysas.com/lib/fe3911717564047a761171/m/1/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
de765b4d-7a35-4e47-94da-9a631151afd7.png
image.msg.flysas.com/lib/fe3911717564047a761171/m/1/ |
44 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3006867e-bb16-4047-ab86-37ef11612bd8.png
image.msg.flysas.com/lib/fe3911717564047a761171/m/1/ |
50 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9e8cd931-a9a1-4d0b-b2d4-dab02653f683.png
image.msg.flysas.com/lib/fe3911717564047a761171/m/1/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.3.1.min.js
cloud.msg.flysas.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr-custom.js
cloud.msg.flysas.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
glyphicons-halflings-regular.woff2
sas-r.neolane.net/res/sas_r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
glyphicons-halflings-regular.woff
sas-r.neolane.net/res/sas_r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
glyphicons-halflings-regular.ttf
sas-r.neolane.net/res/sas_r/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
26 KB 26 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
26 KB 26 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sas-r.neolane.net
- URL
- http://sas-r.neolane.net/res/sas_r/glyphicons-halflings-regular.woff2
- Domain
- sas-r.neolane.net
- URL
- http://sas-r.neolane.net/res/sas_r/glyphicons-halflings-regular.woff
- Domain
- sas-r.neolane.net
- URL
- http://sas-r.neolane.net/res/sas_r/glyphicons-halflings-regular.ttf
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery object| Modernizr0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.msg.flysas.com
cloud.msg.flysas.com
image.msg.flysas.com
sas-r.neolane.net
sas-r.neolane.net
161.71.49.216
161.71.51.159
2a02:26f0:480:999::2ac6
1b31b0897c5a46dd32165d628875c6de445086ed98efa145b361ce56a17935fa
1da79f2e99f5425c9f629f0b916f657da076294fee138a6803ae0565dcfd53ba
233fc44d8f191d11a4017177a28d42e17b5d130520e9b33022e35ae1b1c2e651
4dc19cc3903400e7446b8b62d591220dfd9aa5e967e832c5fab63ecba66ce8d6
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
64ebd7035f39b962100740f2d67461b2f4f72ff589e70d73d3ef5e617e7de490
6d820b1c55408751bc7b9dbe6b0a7b24fe5791656043f1f2e294f79b48546fd2
839b50ee4d2a871648b2e7c013440431a15f77e730b727fff8a80320823931af
94982147b2aa074601c8d910dbeb216ae5af8ef486d3efdd444aa64d77b30df6
bdd4854405abe8b4e8827466c728ba42548ee4ef8c0be546c8c6f3893ac19814
d73eec473c0dcaaa5c4eba8f77f897bb3a00a6a0dd8e945b1f08c067c40c84e9
d8b7cc5694feff278c0dabc8ab19acda7f178f47e2bf773b5262f2467b7c2207
dae155c6672fe5cedb47801be15b20aca20d85344e533906fa8c40f7f1e45e6f
fd40632de675ec9ef0a24d7cc346a973dc1349525544db943e4d66a3486c9c1c