cloud.email.departures.com
Open in
urlscan Pro
13.111.44.218
Public Scan
Effective URL: https://cloud.email.departures.com/unsubscribed?qs=4d3b32c5a8f7d3dff2280170055f56565f97e0c35767b3a7a036d2f56c785d72bc4ad7a41b954ebd...
Submission: On July 06 via manual from MX — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 22nd 2023. Valid for: a year.
This is the only time cloud.email.departures.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.45.172 13.111.45.172 | 22606 (EXACT-7) (EXACT-7) | |
1 1 | 136.147.129.3 136.147.129.3 | 22606 (EXACT-7) (EXACT-7) | |
13 | 13.111.44.218 13.111.44.218 | 22606 (EXACT-7) (EXACT-7) | |
3 | 2a02:26f0:350... 2a02:26f0:3500:1b::1724:a394 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
5 | 3.124.173.63 3.124.173.63 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::2002 | 15169 (GOOGLE) (GOOGLE) | |
23 | 5 |
ASN22606 (EXACT-7, US)
PTR: click.email.departures.com
click.email.departures.com |
ASN22606 (EXACT-7, US)
mc19w-vtvl-75yzmlfby1wvzzsky.pub.sfmc-content.com |
ASN22606 (EXACT-7, US)
PTR: cloud.email.departures.com
cloud.email.departures.com |
ASN20940 (AKAMAI-ASN1, NL)
image.email.departures.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
tms.americanexpress.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
departures.com
1 redirects
click.email.departures.com cloud.email.departures.com image.email.departures.com |
2 MB |
5 |
americanexpress.com
tms.americanexpress.com — Cisco Umbrella Rank: 21316 |
9 KB |
2 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 |
125 KB |
1 |
sfmc-content.com
1 redirects
mc19w-vtvl-75yzmlfby1wvzzsky.pub.sfmc-content.com |
402 B |
23 | 4 |
Domain | Requested by | |
---|---|---|
13 | cloud.email.departures.com |
cloud.email.departures.com
|
5 | tms.americanexpress.com |
cloud.email.departures.com
|
3 | image.email.departures.com |
cloud.email.departures.com
|
2 | securepubads.g.doubleclick.net |
cloud.email.departures.com
|
1 | mc19w-vtvl-75yzmlfby1wvzzsky.pub.sfmc-content.com | 1 redirects |
1 | click.email.departures.com | 1 redirects |
23 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
departures.com |
www.americanexpress.com |
info.evidon.com |
www.instagram.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cloud.email.departures.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-22 - 2024-04-21 |
a year | crt.sh |
san-5-s7.tlsprovisioning.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-25 - 2024-02-25 |
a year | crt.sh |
tms.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2023-02-01 - 2024-01-31 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cloud.email.departures.com/unsubscribed?qs=4d3b32c5a8f7d3dff2280170055f56565f97e0c35767b3a7a036d2f56c785d72bc4ad7a41b954ebd1872a8ae5afcfa9d93c9b765aaf1e703d686ab55791f65e7f81083ca01ad6a2cdec61123ac8333e0aebedb25bfbb47cb
Frame ID: AD8E11F2CA268A5FC542D19C470AFF6D
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Departures | Life From Unexpected PerspectivesPage URL History Show full URLs
-
https://click.email.departures.com/?qs=bc1c04b2ff39a90034a0b36eddec6554a1a66a20093149c6c4ad2acf5a2c3bec1757a9e5...
HTTP 302
https://mc19w-vtvl-75yzmlfby1wvzzsky.pub.sfmc-content.com/w3qg0wqc2ds?qs=4d3b32c5a8f7d3dff2280170055f56565f97e0c35767b3a7a036d2f56c785... HTTP 302
https://cloud.email.departures.com/unsubscribed?qs=4d3b32c5a8f7d3dff2280170055f56565f97e0c35767b3a7a036d2f56c78... Page URL
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Newsletter
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Title: Follow Us
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.email.departures.com/?qs=bc1c04b2ff39a90034a0b36eddec6554a1a66a20093149c6c4ad2acf5a2c3bec1757a9e532756c5831caf6223c15b757a062003beb4990d9
HTTP 302
https://mc19w-vtvl-75yzmlfby1wvzzsky.pub.sfmc-content.com/w3qg0wqc2ds?qs=4d3b32c5a8f7d3dff2280170055f56565f97e0c35767b3a7a036d2f56c785d72bc4ad7a41b954ebddca7915728a99edbc8bf164c84865fa52cecaa5f4ad07b8f582e1151426d7a60ced3d8a38d48e041 HTTP 302
https://cloud.email.departures.com/unsubscribed?qs=4d3b32c5a8f7d3dff2280170055f56565f97e0c35767b3a7a036d2f56c785d72bc4ad7a41b954ebd1872a8ae5afcfa9d93c9b765aaf1e703d686ab55791f65e7f81083ca01ad6a2cdec61123ac8333e0aebedb25bfbb47cb Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
unsubscribed
cloud.email.departures.com/ Redirect Chain
|
29 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s01344294027219
cloud.email.departures.com/ |
159 B 379 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s0433123404803
cloud.email.departures.com/ |
159 B 379 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-css
cloud.email.departures.com/ |
1006 KB 565 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default-css
cloud.email.departures.com/ |
186 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch-5a77dcd96b5f-staging
cloud.email.departures.com/ |
302 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EX9c00809dfbd04cfabc246e2f387da5e0-libraryCode_source
cloud.email.departures.com/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gpt
cloud.email.departures.com/ |
81 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pubads_impl_2022031401
cloud.email.departures.com/ |
365 KB 123 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RC2faef58e39844e5ca4a57ba8ed855bb2-source
cloud.email.departures.com/ |
1014 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instagram.png
image.email.departures.com/lib/fe2f11717d64047e7d1477/m/1/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter-img.png
image.email.departures.com/lib/fe2f11717d64047e7d1477/m/1/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainjs
cloud.email.departures.com/ |
207 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
htmxjs
cloud.email.departures.com/ |
112 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap
cloud.email.departures.com/ |
80 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
221 KB 221 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
40 KB 40 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
40 KB 40 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
39 KB 39 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NEWSLETTER_PAGE_sm.gif
image.email.departures.com/lib/fe2f11717d64047e7d1477/m/1/ |
747 KB 748 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
220 KB 220 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
tms.americanexpress.com/amex/tag-qa/ |
281 B 547 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
tms.americanexpress.com/amex/ |
401 B 589 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ |
364 KB 124 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
86 B 610 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
05ed9f5fc3e3f63d88a192e33a9ac43a.js
tms.americanexpress.com/amex/tag-qa/code/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72a88182d128857a270cc984b9a1130a.js
tms.americanexpress.com/amex/prod/code/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8988f784a2b775ede9e1773f595bf184.js
tms.americanexpress.com/amex/prod/code/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
45 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| digitalData string| csrfTokenName string| csrfTokenValue boolean| isCardMember function| aqh object| gsapVersions function| initializeAnimation object| htmx function| s_doPlugins function| s_cleanQS function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq object| s string| s_account object| s_rmvars string| s_rmact number| s_rmi number| omn_temp boolean| cookieCombiningUtility function| removeExpiredCookies function| cookieRead function| cookieWrite function| cookieDelete object| s_c_il number| s_c_in function| DIL number| s_objectID number| s_giq object| ensBootstraps object| Bootstrapper string| k object| o object| onetag object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| loadNGAMUTracking function| iTagRuleCheckTimer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.email.departures.com
cloud.email.departures.com
image.email.departures.com
mc19w-vtvl-75yzmlfby1wvzzsky.pub.sfmc-content.com
securepubads.g.doubleclick.net
tms.americanexpress.com
13.111.44.218
13.111.45.172
136.147.129.3
2a00:1450:4001:80e::2002
2a02:26f0:3500:1b::1724:a394
3.124.173.63
050142ea59cfaec6159f0dc70a62003207dd3ac5361b389ffdb4e785d897e5ce
14d3a2417c5618a1404accb349aeb0f8dcdcfbe1e1b9e4b41ceb46f53b0182ce
14ff67880506eadc2cd4e693ee8aa96f832cd21096f65b6b7ded074dd802834e
1af883542c1400a5d6f6d3a87b4ed4886174b48f4911cce2bb72982ed2953dd0
1cafdcb8db29a261f0033f96bcd2e42bac316bdee496214e38343e3eb76361f2
401528ac815fe0cc6e88c76d3b0caffe134d83bf64d4344029b6daf2fb5fac43
48a1ed36a03dfcd07f0215cd14fb8c859b5993d58cc2285b62afc0fee3a438d8
48effec128521fe0a5dbe7cd0e7c4a42aff9691d4c4306e90afd7e1fd3cecd30
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
57b7ef076c579835d62a46128243ef25657202faf26afd79839faaddd8476f6d
58190e41c654a43cb9a6f25f8f485950e8b2f90bdd3ef9ba0cd5dc89b664b044
606b73ba97bbd6ce7895f8ddf9fe6e5ed386837b71f978c520d2fde19bd3a76e
6d8562e9041b1a30ad738e29f71a089256998b42dcb31e1caf1c273ac6458f24
6f46dd00fa1d93f1c95b0a90d83234044169c3629c8af87cc9b93f346d959c2c
7bcb931e411106cad7661417bf784f8fef1418d6384af9760cc126b3695f348f
7ee365e2c6637edc4c714f4ab6bd75d2b912f54d3448ecfe69d674190b805956
80af6817a7aba3f258fb0aade1457ebf0031d8e8f42efcaf0010d2f2cea80749
8c51c26e7f9d395db6f2e2f1145ffd2dbe5e88f4faa896534a8f33b5bca6479d
8f9c09452541bc09c384da396f16f08141fa5e4029f390b9cb07662abc0f4442
95e7236ce862d88e9b0bc1e0145fb69af540b2d362e6430ac22063d7f8096861
9868639a4023870d9060f7665f7b5ceabe4ebf9196995f7d0468687ac118aa57
a788a79db7f9f20981d1305da2b456adbbe3a48aafdb18c69e6aa35a22e80ad0
a8efe2961648f2a87af19b87f069fba0361f8ba9566aaf8715b9f8ce4e395876
ab7a73ff3f21b94d8f4e809c519705fd62962e1e474bf4d9586f203672c21ef4
bf7d52f77aad7484b3c43c939c080199a3603f2c733d307b0d886db1a0456048
c4fb9ec35584bd8855e04e28797f068b31726790f4ac86a58559d8143dff2136
f4a424748abf31a58b9f11f518968b95c0d26cb6cf7d3f8d2b2bb149b23d93c7