ebm.email.americanexpress.com Open in urlscan Pro
206.132.204.236 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue1?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQY...
Effective URL:
https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJ...
Submission: On July 15 via manual (July 15th 2020, 5:47:01 pm UTC) from US

Summary HTTP 14 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 206.132.204.236, located in United States and belongs to ASN-CHEETA-MAIL, US. The main domain is ebm.email.americanexpress.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 11th 2019. Valid for: 2 years.

This is the only time ebm.email.americanexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	72.165.34.107 72.165.34.107	209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST)
1 3	206.132.204.236 206.132.204.236	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
6 12	63.148.46.42 63.148.46.42	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
5	2.16.186.106 2.16.186.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	4

2 72.165.34.107 (United States) 1 redirects

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)

email.bluebird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 206.132.204.236 (United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL, US)

ebm.email.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 63.148.46.42 (United States) 6 redirects

ASN53316 (ASN-CHEETA-MAIL, US)

f.email.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.186.106 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

f.email.bluebird.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	americanexpress.com 7 redirects ebm.email.americanexpress.com f.email.americanexpress.com	71 KB
7	bluebird.com 1 redirects email.bluebird.com f.email.bluebird.com	352 KB
14	2

	Domain	Requested by
12	f.email.americanexpress.com	6 redirects ebm.email.americanexpress.com
5	f.email.bluebird.com	ebm.email.americanexpress.com
3	ebm.email.americanexpress.com	1 redirects ebm.email.americanexpress.com
2	email.bluebird.com	1 redirects ebm.email.americanexpress.com
14	4

This site contains links to these domains. Also see Links.

Domain
email.bluebird.com
www.bluebird.com

Subject Issuer	Validity	Valid
ebm.email.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2019-04-11` - `2021-04-15`	2 years	crt.sh
f.email.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2020-06-12` - `2022-06-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Frame ID: 8D197D51969D4B09358F1FAE4C465715
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue1?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nK... HTTP 307
http://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzh... HTTP 302
https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzh... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

14
Requests

57 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

421 kB
Transfer

418 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue4

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue12

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue6

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue8
Title: here

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue13
Title: here

Search URL Search Domain Scan URL

URL: https://www.bluebird.com/?anchor=contact-us
Title: Contact Customer Service

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue10
Title: View Privacy Statement

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue5
Title: Update E-mail Address

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue15?ENCRYPTED_EMAIL=5bf6106102bfdb0fff797c1ced7c541d8b0fc09cc6d3fd82
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue2

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue3

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue9
Title: americanexpress.com/shopsmallonline

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue7
Title: americanexpress.com/phishing

Search URL Search Domain Scan URL

URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue14
Title: Member Agreement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue1?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW HTTP 307
http://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW HTTP 302
https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://f.email.americanexpress.com/i/21/2095486037/amex_greeting_background_85h.gif HTTP 302
https://f.email.americanexpress.com//i/21/2095486037/amex_greeting_background_85h.gif

Request Chain 2

http://f.email.americanexpress.com/i/21/2095486037/securitylock_11x13.gif HTTP 302
https://f.email.americanexpress.com//i/21/2095486037/securitylock_11x13.gif

Request Chain 3

http://f.email.americanexpress.com/i/21/2095486037/amex_bluebird_newsecurity_login_button.gif HTTP 302
https://f.email.americanexpress.com//i/21/2095486037/amex_bluebird_newsecurity_login_button.gif

Request Chain 6

http://f.email.americanexpress.com/i/21/2095486037/bb_wrapper_bkg.jpg HTTP 302
https://f.email.americanexpress.com//i/21/2095486037/bb_wrapper_bkg.jpg

Request Chain 9

http://f.email.americanexpress.com/i/21/2095486037/srv00405-iosapp.jpg HTTP 302
https://f.email.americanexpress.com//i/21/2095486037/srv00405-iosapp.jpg

Request Chain 10

http://f.email.americanexpress.com/i/21/2095486037/srv00405-googapp.jpg HTTP 302
https://f.email.americanexpress.com//i/21/2095486037/srv00405-googapp.jpg

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request doc.html Show response
ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/
Redirect Chain

http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/blue1?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6Qv...
http://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4m...
https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4...

43 KB
43 KB

924ms
162ms

Document
text/html

206.132.204.236
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.132.204.236 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: Apache /
Resource Hash: ca6f319707dd3e96ff67745d9c725c2211442e4a3df8181c19dcb833a0b78d37

Request headers

Host: ebm.email.americanexpress.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:43 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

Redirect headers

Location: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1

200
OK

amex_greeting_background_85h.gif
f.email.americanexpress.com//i/21/2095486037/
Redirect Chain

http://f.email.americanexpress.com/i/21/2095486037/amex_greeting_background_85h.gif
https://f.email.americanexpress.com//i/21/2095486037/amex_greeting_background_85h.gif

15 KB
16 KB

876ms
135ms

Image
image/gif

63.148.46.42
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f.email.americanexpress.com//i/21/2095486037/amex_greeting_background_85h.gif
Requested by: Host: ebm.email.americanexpress.com
URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.148.46.42 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: nginx /
Resource Hash: c00c3fd64d3c8a5d1a7a5255417d260feb72008f2836d33379d44a9a82fbbdfc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:45 GMT
Last-Modified: Wed, 14 Mar 2018 20:24:43 GMT
Server: nginx
ETag: "5aa9850b-3d61"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15713

Redirect headers

Location: https://f.email.americanexpress.com//i/21/2095486037/amex_greeting_background_85h.gif
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK BB_Card_EMAIL_New_38x60.jpg
f.email.bluebird.com/i/21/2095486037/ 66 KB
66 KB 196ms
158ms Image
image/jpeg 2.16.186.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://f.email.bluebird.com/i/21/2095486037/BB_Card_EMAIL_New_38x60.jpg

Requested by

Host: ebm.email.americanexpress.com
URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW

Protocol

HTTP/1.1

Server

2.16.186.106 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

64e88f41a8af979e929ddc683842babb5f386caede42e8ace0cf18753406bf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Jun 2019 17:29:29 GMT
Server: nginx
ETag: "5d164e79-107c8"
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67528
X-Content-Security-Policy: default-src 'none'

GET
H/1.1

200
OK

securitylock_11x13.gif
f.email.americanexpress.com//i/21/2095486037/
Redirect Chain

http://f.email.americanexpress.com/i/21/2095486037/securitylock_11x13.gif
https://f.email.americanexpress.com//i/21/2095486037/securitylock_11x13.gif

139 B
369 B

870ms
142ms

Image
image/gif

63.148.46.42
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f.email.americanexpress.com//i/21/2095486037/securitylock_11x13.gif
Requested by: Host: ebm.email.americanexpress.com
URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.148.46.42 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: nginx /
Resource Hash: 89a147d5b33de4d49cc107304fd4f441b8a641f7ec6aacd5bdecc3cc75944173

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:45 GMT
Last-Modified: Thu, 22 Dec 2016 18:59:04 GMT
Server: nginx
ETag: "585c2278-8b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 139

Redirect headers

Location: https://f.email.americanexpress.com//i/21/2095486037/securitylock_11x13.gif
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1

200
OK

amex_bluebird_newsecurity_login_button.gif
f.email.americanexpress.com//i/21/2095486037/
Redirect Chain

http://f.email.americanexpress.com/i/21/2095486037/amex_bluebird_newsecurity_login_button.gif
https://f.email.americanexpress.com//i/21/2095486037/amex_bluebird_newsecurity_login_button.gif

526 B
757 B

985ms
262ms

Image
image/gif

63.148.46.42
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f.email.americanexpress.com//i/21/2095486037/amex_bluebird_newsecurity_login_button.gif
Requested by: Host: ebm.email.americanexpress.com
URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.148.46.42 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: nginx /
Resource Hash: 95cf30dbb195af05af66e26817f9724a25c510246dda390700b33bbdc0a35479

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:45 GMT
Last-Modified: Wed, 08 Apr 2015 14:41:40 GMT
Server: nginx
ETag: "55253e24-20e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 526

Redirect headers

Location: https://f.email.americanexpress.com//i/21/2095486037/amex_bluebird_newsecurity_login_button.gif
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK 113018_AMEX_BB_Speedway_01.jpg
f.email.bluebird.com/i/21/2095486037/ 10 KB
10 KB 201ms
163ms Image
image/jpeg 2.16.186.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://f.email.bluebird.com/i/21/2095486037/113018_AMEX_BB_Speedway_01.jpg

Requested by

Protocol

HTTP/1.1

Server

2.16.186.106 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

fbdd9ba7606cce017fd349571f75892e1b1c5e954929787b9f8bc08c9891f275

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Dec 2018 16:01:38 GMT
Server: nginx
ETag: "5c1bbce2-2857"
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10327
X-Content-Security-Policy: default-src 'none'

GET
H/1.1 200
OK Shop_Small_BB_Mobile_50_580x375_062520.jpg
f.email.bluebird.com/i/21/2095486037/ 147 KB
148 KB 124ms
92ms Image
image/jpeg 2.16.186.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://f.email.bluebird.com/i/21/2095486037/Shop_Small_BB_Mobile_50_580x375_062520.jpg

Requested by

Protocol

HTTP/1.1

Server

2.16.186.106 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

2ae891fdf4d3f3f243ffa0a1243a324eb00412d940cc8f4bf8ebafbed64d0c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Jun 2020 18:19:35 GMT
Server: nginx
ETag: "5ef63c37-24d4b"
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 150859
X-Content-Security-Policy: default-src 'none'

GET
H/1.1

200
OK

bb_wrapper_bkg.jpg
f.email.americanexpress.com//i/21/2095486037/
Redirect Chain

http://f.email.americanexpress.com/i/21/2095486037/bb_wrapper_bkg.jpg
https://f.email.americanexpress.com//i/21/2095486037/bb_wrapper_bkg.jpg

4 KB
4 KB

795ms
138ms

Image
image/jpeg

63.148.46.42
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f.email.americanexpress.com//i/21/2095486037/bb_wrapper_bkg.jpg
Requested by: Host: ebm.email.americanexpress.com
URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.148.46.42 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d34241ca63df9110ed3b26c86c90222375bc88d73d78bd8778e25a9f4753d1b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:45 GMT
Last-Modified: Thu, 23 Apr 2015 18:09:49 GMT
Server: nginx
ETag: "5539356d-10b4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4276

Redirect headers

Location: https://f.email.americanexpress.com//i/21/2095486037/bb_wrapper_bkg.jpg
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK 62020Shop_Small_BB_Desk_50_580x275_062520.jpg
f.email.bluebird.com/i/21/2095486037/ 124 KB
124 KB 125ms
92ms Image
image/jpeg 2.16.186.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://f.email.bluebird.com/i/21/2095486037/62020Shop_Small_BB_Desk_50_580x275_062520.jpg

Requested by

Protocol

HTTP/1.1

Server

2.16.186.106 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

5e34f71ccf47d1b183eef61218a640a6671a04aadd8665a3d5c90536e55d0f4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Jun 2020 20:04:41 GMT
Server: nginx
ETag: "5efa4959-1f020"
Strict-Transport-Security: max-age=15552000
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127008
X-Content-Security-Policy: default-src 'none'

GET
H/1.1 200
OK 62020BB_Shop_Small_CTA.png
f.email.bluebird.com/i/21/2095486037/ 2 KB
2 KB 115ms
84ms Image
image/png 2.16.186.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://f.email.bluebird.com/i/21/2095486037/62020BB_Shop_Small_CTA.png

Requested by

Protocol

HTTP/1.1

Server

2.16.186.106 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

05c14a6b2368143b1a31f14ce2ba71df2272e1bc2cb36a097bb3db24292998f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Jun 2020 20:04:41 GMT
Server: nginx
ETag: "5efa4959-792"
Strict-Transport-Security: max-age=15552000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1938
X-Content-Security-Policy: default-src 'none'

GET
H/1.1

200
OK

srv00405-iosapp.jpg
f.email.americanexpress.com//i/21/2095486037/
Redirect Chain

http://f.email.americanexpress.com/i/21/2095486037/srv00405-iosapp.jpg
https://f.email.americanexpress.com//i/21/2095486037/srv00405-iosapp.jpg

3 KB
3 KB

917ms
269ms

Image
image/jpeg

63.148.46.42
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f.email.americanexpress.com//i/21/2095486037/srv00405-iosapp.jpg
Requested by: Host: ebm.email.americanexpress.com
URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.148.46.42 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ddd3c4252ce505febe8e5ee15395b926fb8f75127f1e6c233766a39618d999a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:45 GMT
Last-Modified: Tue, 09 Dec 2014 18:22:01 GMT
Server: nginx
ETag: "54873dc9-aaa"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2730

Redirect headers

Location: https://f.email.americanexpress.com//i/21/2095486037/srv00405-iosapp.jpg
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1

200
OK

srv00405-googapp.jpg
f.email.americanexpress.com//i/21/2095486037/
Redirect Chain

http://f.email.americanexpress.com/i/21/2095486037/srv00405-googapp.jpg
https://f.email.americanexpress.com//i/21/2095486037/srv00405-googapp.jpg

3 KB
3 KB

795ms
145ms

Image
image/jpeg

63.148.46.42
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f.email.americanexpress.com//i/21/2095486037/srv00405-googapp.jpg
Requested by: Host: ebm.email.americanexpress.com
URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.148.46.42 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: nginx /
Resource Hash: 41f5a1356fc9fffe7744674b14fff74483b127b4d6f8663c4d62064d5e59e47a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:45 GMT
Last-Modified: Tue, 09 Dec 2014 18:22:01 GMT
Server: nginx
ETag: "54873dc9-a8d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2701

Redirect headers

Location: https://f.email.americanexpress.com//i/21/2095486037/srv00405-googapp.jpg
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 404
Not Found ns.js
ebm.email.americanexpress.com/2c7c18e609926045756c972800ff6a2085103eec93d18b7b5563a62b0d706143/ 0
0 153ms
152ms Script
text/html 206.132.204.236
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://ebm.email.americanexpress.com/2c7c18e609926045756c972800ff6a2085103eec93d18b7b5563a62b0d706143/ns.js
Requested by: Host: ebm.email.americanexpress.com
URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.132.204.236 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 33
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK spacer.gif
email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/ 43 B
447 B 516ms
484ms Image
image/gif 72.165.34.107
CENTURYLINK-US-LE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://email.bluebird.com/a/hBfDzYXB85pRVB92V1CNvaZLkoL/spacer.gif
Requested by: Host: ebm.email.americanexpress.com
URL: https://ebm.email.americanexpress.com/c/tag/hBfDzYXB85pRVB92V1CNvaZLkoL/doc.html?t_sparams=pozutFauxXbwgNgv$oeHdzhqp8o8nKlKV4i3RHnhDAJFpUAvQYj6wnpQM8g8x46Ie5rqTSeAJMJwLWSFbpUyAdDDJMbKmpUlqZIrns9PM4mTIKRusbMLIhpoMr6QvrsrsddWvb2MiFZKz7QL1Ieb6TJxIvdiAtH-C4wMmv29FddwToqWNb$K8wnSN2EBlDRhkzVie1bcvYJW
Protocol: HTTP/1.1
Server: 72.165.34.107 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software: Apache /
Resource Hash: 4c791f4ef7b857ef4db4a3e21bbcb91cefb5447bbef49db65879876a5d0894e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 17:46:44 GMT
Cache-Control: no-cache="set-cookie", private
Server: Apache
Connection: close
P3P: policyref="/w3c/p3p.xml",CP="NON DSP COR CURo ADMo DEVo TAIo IVAo IVDo OUR DELo IND UNI NAV"
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ebm.email.americanexpress.com
email.bluebird.com
f.email.americanexpress.com
f.email.bluebird.com
2.16.186.106
206.132.204.236
63.148.46.42
72.165.34.107
05c14a6b2368143b1a31f14ce2ba71df2272e1bc2cb36a097bb3db24292998f0
2ae891fdf4d3f3f243ffa0a1243a324eb00412d940cc8f4bf8ebafbed64d0c1a
41f5a1356fc9fffe7744674b14fff74483b127b4d6f8663c4d62064d5e59e47a
4c791f4ef7b857ef4db4a3e21bbcb91cefb5447bbef49db65879876a5d0894e8
5ddd3c4252ce505febe8e5ee15395b926fb8f75127f1e6c233766a39618d999a
5e34f71ccf47d1b183eef61218a640a6671a04aadd8665a3d5c90536e55d0f4d
64e88f41a8af979e929ddc683842babb5f386caede42e8ace0cf18753406bf37
7d34241ca63df9110ed3b26c86c90222375bc88d73d78bd8778e25a9f4753d1b
89a147d5b33de4d49cc107304fd4f441b8a641f7ec6aacd5bdecc3cc75944173
95cf30dbb195af05af66e26817f9724a25c510246dda390700b33bbdc0a35479
c00c3fd64d3c8a5d1a7a5255417d260feb72008f2836d33379d44a9a82fbbdfc
ca6f319707dd3e96ff67745d9c725c2211442e4a3df8181c19dcb833a0b78d37
fbdd9ba7606cce017fd349571f75892e1b1c5e954929787b9f8bc08c9891f275

ebm.email.americanexpress.com Open in urlscan Pro 206.132.204.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

57 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

4 IPs

2 Countries

421 kBTransfer

418 kBSize

0 Cookies

14 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

ebm.email.americanexpress.com Open in urlscan Pro
206.132.204.236 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

57 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

421 kB
Transfer

418 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions