cits-tracking-prod.americanexpress.com Open in urlscan Pro
148.173.98.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.americanexpress.com/Tracking?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanexpress.com...
Effective URL:
http://cits-tracking-prod.americanexpress.com/clicktrk/Tracking?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanex...
Submission: On December 04 via manual (December 4th 2019, 12:52:49 pm UTC) from IN

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 1 domains to perform 1 HTTP transactions. The main IP is 148.173.98.36, located in Fort Lauderdale, United States and belongs to AMERICAN-EXPRESS - American Express Company, US. The main domain is cits-tracking-prod.americanexpress.com.

This is the only time cits-tracking-prod.americanexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	23.67.137.77 23.67.137.77	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	148.173.96.54 148.173.96.54	6307 (AMERICAN-...) (AMERICAN-EXPRESS - American Express Company)
1	148.173.98.36 148.173.98.36	6307 (AMERICAN-...) (AMERICAN-EXPRESS - American Express Company)
1	1

3 23.67.137.77 (Netherlands) 3 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-137-77.deploy.static.akamaitechnologies.com

www.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.173.96.54 (Fort Lauderdale, United States) 1 redirects

ASN6307 (AMERICAN-EXPRESS - American Express Company, US)
PTR: www306.americanexpress.com

www306.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.173.98.36 (Fort Lauderdale, United States)

ASN6307 (AMERICAN-EXPRESS - American Express Company, US)
PTR: cits-tracking-prod.americanexpress.com

cits-tracking-prod.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	americanexpress.com 4 redirects www.americanexpress.com www306.americanexpress.com cits-tracking-prod.americanexpress.com	4 KB
1	1

	Domain	Requested by
3	www.americanexpress.com	3 redirects
1	cits-tracking-prod.americanexpress.com
1	www306.americanexpress.com	1 redirects
1	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://cits-tracking-prod.americanexpress.com/clicktrk/Tracking?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter&data=02|01|suspectemail@herbalife.com|e2debf51275b4b83fb4408d778b32fbf|101f87a76d6b4c6c9d9c223592a2ba50|0|0|637110583301219917&sdata=qkNcabe9kRjvs9sOb5/gbK95qQ46UtkjkHjnw79IASc=&reserved=0
Frame ID: C7626D6F163E7A45720C4EECC39745F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	400 Bad Request	Primary Request Cookie set Tracking Show response cits-tracking-prod.americanexpress.com/clicktrk/ Redirect Chain http://www.americanexpress.com/Tracking?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter... https://www.americanexpress.com/Tracking?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcente... https://www.americanexpress.com/Tracking/?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcent... http://www306.americanexpress.com/clicktrk/Tracking?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-foote... http://cits-tracking-prod.americanexpress.com/clicktrk/Tracking?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-e...	0 246 B	391ms 226ms	Document text/plain	148.173.98.36 American Express ...
General Check archive.org Show headers Download Go to Full URL http://cits-tracking-prod.americanexpress.com/clicktrk/Tracking?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter&data=02\|01\|suspectemail@herbalife.com\|e2debf51275b4b83fb4408d778b32fbf\|101f87a76d6b4c6c9d9c223592a2ba50\|0\|0\|637110583301219917&sdata=qkNcabe9kRjvs9sOb5/gbK95qQ46UtkjkHjnw79IASc=&reserved=0 Protocol HTTP/1.1 Server 148.173.98.36 Fort Lauderdale, United States, ASN6307 (AMERICAN-EXPRESS - American Express Company, US), Reverse DNS cits-tracking-prod.americanexpress.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Host cits-tracking-prod.americanexpress.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Cookie bm_sz=ADF3C416DFA87780E9B429AD631C0882~YAAQ0V4OF3KOA4puAQAA3B740AYzjrcQIqtqq3EcZyiRgvvSGVTk/ErlfYP+d5rUE4I3xJqbAMrPenwT2zSGPybhWQ6d28d7mbmb2Q0I5iisE2I0QT+6MftZU8u65ghPm5axseVcMRJdwpSoRxg0NidtNFBsJcHCnNdMN8s7Q3jalmlNJQmZE5Nu2lE4k7n+Kwdu++0OBh8s; _abck=CDB9096968A6E49639EC591C5B489002~-1~YAAQ0V4OF3OOA4puAQAA3B740APen16hKqzJg/pu5PqhPjPHS36JinhvqFtRmmeCH5yIQPIeGPkVXuH9vFexeK1I0oO5cfol6wNMCaa5JtlVZoMghSc48QDb/jCVW7BnwFeBUWts5MGIR7adUfrhghRCtbYCbmU1PcTlhhKlUrFq/3UY3P5BWth36Eby0UfhW1txdhEMpd9D0KezaQ0kYIX5AC578NUieSZmSZJCgX5w/4LxPZ+WC1K7M0liSCt8dkg1fmsgLn56INNxEbNrjugH1BErRaYavMVwK2oK~-1~-1~-1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 04 Dec 2019 12:52:32 GMT Content-Length 0 Connection close Content-Type text/plain Set-Cookie TS0139a03f=018378d52a10ede7a9ca36cd73b8e15efe3684cda09bff34f9cf19627c761b7778dc7465eb; Path=/; HTTPOnly Redirect headers Location http://cits-tracking-prod.americanexpress.com/clicktrk/Tracking?mid=G32CAS2019120317025200010699&msrc=MYCA&url=https%3A%2F%2Fglobal.americanexpress.com%2Fhelp%3Finav%3DiNUtlContact%26extlink%3Dus-em-serv-footer-helpcenter&data=02\|01\|suspectemail@herbalife.com\|e2debf51275b4b83fb4408d778b32fbf\|101f87a76d6b4c6c9d9c223592a2ba50\|0\|0\|637110583301219917&sdata=qkNcabe9kRjvs9sOb5/gbK95qQ46UtkjkHjnw79IASc=&reserved=0 Server BigIP Connection Keep-Alive Content-Length 0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.americanexpress.com/	1970-01-19 14:23:19	Name: _abck Value: CDB9096968A6E49639EC591C5B489002~-1~YAAQ0V4OF3OOA4puAQAA3B740APen16hKqzJg/pu5PqhPjPHS36JinhvqFtRmmeCH5yIQPIeGPkVXuH9vFexeK1I0oO5cfol6wNMCaa5JtlVZoMghSc48QDb/jCVW7BnwFeBUWts5MGIR7adUfrhghRCtbYCbmU1PcTlhhKlUrFq/3UY3P5BWth36Eby0UfhW1txdhEMpd9D0KezaQ0kYIX5AC578NUieSZmSZJCgX5w/4LxPZ+WC1K7M0liSCt8dkg1fmsgLn56INNxEbNrjugH1BErRaYavMVwK2oK~-1~-1~-1
cits-tracking-prod.americanexpress.com/	1969-12-31 23:59:59	Name: TS0139a03f Value: 018378d52a10ede7a9ca36cd73b8e15efe3684cda09bff34f9cf19627c761b7778dc7465eb
.americanexpress.com/	1970-01-19 05:37:58	Name: bm_sz Value: ADF3C416DFA87780E9B429AD631C0882~YAAQ0V4OF3KOA4puAQAA3B740AYzjrcQIqtqq3EcZyiRgvvSGVTk/ErlfYP+d5rUE4I3xJqbAMrPenwT2zSGPybhWQ6d28d7mbmb2Q0I5iisE2I0QT+6MftZU8u65ghPm5axseVcMRJdwpSoRxg0NidtNFBsJcHCnNdMN8s7Q3jalmlNJQmZE5Nu2lE4k7n+Kwdu++0OBh8s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cits-tracking-prod.americanexpress.com
www.americanexpress.com
www306.americanexpress.com
148.173.96.54
148.173.98.36
23.67.137.77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

cits-tracking-prod.americanexpress.com Open in urlscan Pro 148.173.98.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

1 Requests

0 %HTTPS

0 %IPv6

1 Domains

3 Subdomains

1 IPs

2 Countries

0 kBTransfer

0 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Indicators

cits-tracking-prod.americanexpress.com Open in urlscan Pro
148.173.98.36 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

3
Cookies

1 HTTP transactions
0 data transactions