urlscan.io logo urlscan.io
SecurityTrails logo

menlomail.com Open in urlscan Pro
149.56.26.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.lesinfos.ma/newsletter/menlomailTracker/url_clicked/aHR0cHM6Ly9tZW5sb21haWwuY29tL2VuL3ZpZXdzL25ld3NsZXR0ZXIv...
Effective URL: https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5
Submission Tags: falconsandbox
Submission: On January 25 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 149.56.26.188, located in Montreal, Canada and belongs to OVH, FR. The main domain is menlomail.com.
TLS certificate: Issued by R3 on November 28th 2022. Valid for: 3 months.
This is the only time menlomail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 149.56.26.188 16276 (OVH)
3 1
Apex Domain
Subdomains		 Transfer
3 lesinfos.ma
www.lesinfos.ma
442 KB
2 menlomail.com
menlomail.com
3 KB
3 2
Domain Requested by
3 www.lesinfos.ma 2 redirects menlomail.com
2 menlomail.com menlomail.com
3 2

This site contains no links.

Subject Issuer Validity Valid
newsletters.binga.ma
R3		 2022-11-28 -
2023-02-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5
Frame ID: 996F523D472EC3C813844254C72769C1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Une Journée Portes Ouvertes pour tout savoir sur les programmes courts et certifiants de Collège LaSalle !

Page URL History Show full URLs

  1. https://www.lesinfos.ma/newsletter/menlomailTracker/url_clicked/aHR0cHM6Ly9tZW5sb21haWwuY29tL2VuL3Zp... HTTP 302
    https://www.lesinfos.ma/newsletter/en/menlomailTracker/url_clicked/aHR0cHM6Ly9tZW5sb21haWwuY29tL2VuL... HTTP 302
    https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5 Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

444 kB
Transfer

443 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.lesinfos.ma/newsletter/menlomailTracker/url_clicked/aHR0cHM6Ly9tZW5sb21haWwuY29tL2VuL3ZpZXdzL25ld3NsZXR0ZXIvTlRjMGZHMWxibXh2YldGcGJId3hNekkyZkRFNE5qUTFORFI4T0N3NExETTV8bWVubG9tYWlsfDEzMjZ8MTg2NDU0NHwxMCwxMQ==/ HTTP 302
    https://www.lesinfos.ma/newsletter/en/menlomailTracker/url_clicked/aHR0cHM6Ly9tZW5sb21haWwuY29tL2VuL3ZpZXdzL25ld3NsZXR0ZXIvTlRjMGZHMWxibXh2YldGcGJId3hNekkyZkRFNE5qUTFORFI4T0N3NExETTV8bWVubG9tYWlsfDEzMjZ8MTg2NDU0NHwxMCwxMQ== HTTP 302
    https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5
menlomail.com/en/views/newsletter/
Redirect Chain
  • https://www.lesinfos.ma/newsletter/menlomailTracker/url_clicked/aHR0cHM6Ly9tZW5sb21haWwuY29tL2VuL3ZpZXdzL25ld3NsZXR0ZXIvTlRjMGZHMWxibXh2YldGcGJId3hNekkyZkRFNE5qUTFORFI4T0N3NExETTV8bWVubG9tYWlsfDEzM...
  • https://www.lesinfos.ma/newsletter/en/menlomailTracker/url_clicked/aHR0cHM6Ly9tZW5sb21haWwuY29tL2VuL3ZpZXdzL25ld3NsZXR0ZXIvTlRjMGZHMWxibXh2YldGcGJId3hNekkyZkRFNE5qUTFORFI4T0N3NExETTV8bWVubG9tYWlsfD...
  • https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.26.188 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns532468.ip-149-56-26.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
e1e7f550cad8d874d3d4668a48390b412cba8ec53f7f4dc60f08b35e5177752b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
2456
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 Jan 2023 13:58:15 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16

Redirect headers

Cache-Control
max-age=604800
Connection
Keep-Alive
Content-Length
145
Content-Type
image/png;
Date
Wed, 25 Jan 2023 13:58:11 GMT
Expires
Wed, 01 Feb 2023 13:58:11 GMT
Keep-Alive
timeout=5, max=99
Location
https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Vary
User-Agent,Accept-Encoding
X-Powered-By
PHP/5.4.16
1864544
menlomail.com/en/tracker/campaign/1326/ 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://menlomail.com/en/tracker/campaign/1326/1864544
Requested by
Host: menlomail.com
URL: https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.26.188 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns532468.ip-149-56-26.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
public
Date
Wed, 25 Jan 2023 13:58:15 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Content-Type
text/html; charset=UTF-8
Cache-Control
must-revalidate, post-check=0, pre-check=0, private
Content-Transfer-Encoding
binary
Content-Disposition
attachment; filename="px.gif"
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
43
Expires
0
478ee-jpo-fc-datarget-26-janvier.jpg
www.lesinfos.ma/newsletter/assets/uploads/banner/ 		440 KB
440 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lesinfos.ma/newsletter/assets/uploads/banner/478ee-jpo-fc-datarget-26-janvier.jpg
Requested by
Host: menlomail.com
URL: https://menlomail.com/en/views/newsletter/NTc0fG1lbmxvbWFpbHwxMzI2fDE4NjQ1NDR8OCw4LDM5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.26.188 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns532468.ip-149-56-26.net
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash
e04823604345931033aa06dd1558234f5cd388e92aa7c8438ac6df10bdf46fb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://menlomail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 13:58:15 GMT
Last-Modified
Mon, 23 Jan 2023 10:57:56 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
450677
Expires
Wed, 01 Feb 2023 13:58:15 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

2 Cookies

Domain/Path Name / Value
www.lesinfos.ma/ Name: user_lang
Value: en
menlomail.com/ Name: user_lang
Value: en

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

menlomail.com
www.lesinfos.ma
149.56.26.188
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
e04823604345931033aa06dd1558234f5cd388e92aa7c8438ac6df10bdf46fb3
e1e7f550cad8d874d3d4668a48390b412cba8ec53f7f4dc60f08b35e5177752b