cloud.email.departures.com
Open in
urlscan Pro
13.111.44.218
Public Scan
Effective URL: https://cloud.email.departures.com/preferences?qs=9db79a6d188204337bd52638a133805aa0f66a46534f355462a3af6e10de90d20c93a55d5f5fa513c...
Submission: On October 13 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 25th 2022. Valid for: a year.
This is the only time cloud.email.departures.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.45.172 13.111.45.172 | 22606 (EXACT-7) (EXACT-7) | |
13 | 13.111.44.218 13.111.44.218 | 22606 (EXACT-7) (EXACT-7) | |
3 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:bac1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::2002 | 15169 (GOOGLE) (GOOGLE) | |
4 | 3.124.173.63 3.124.173.63 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 5 |
ASN22606 (EXACT-7, US)
PTR: click.email.departures.com
click.email.departures.com |
ASN22606 (EXACT-7, US)
PTR: cloud.email.departures.com
cloud.email.departures.com |
ASN20940 (AKAMAI-ASN1, NL)
image.email.departures.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
tms.americanexpress.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
departures.com
1 redirects
click.email.departures.com cloud.email.departures.com image.email.departures.com |
1 MB |
4 |
americanexpress.com
tms.americanexpress.com — Cisco Umbrella Rank: 20456 |
5 KB |
2 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 |
125 KB |
22 | 3 |
Domain | Requested by | |
---|---|---|
13 | cloud.email.departures.com |
cloud.email.departures.com
|
4 | tms.americanexpress.com |
cloud.email.departures.com
|
3 | image.email.departures.com |
cloud.email.departures.com
|
2 | securepubads.g.doubleclick.net |
cloud.email.departures.com
|
1 | click.email.departures.com | 1 redirects |
22 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
departures.com |
www.americanexpress.com |
info.evidon.com |
www.instagram.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cloud.email.departures.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-25 - 2023-04-25 |
a year | crt.sh |
san-5-s7.tlsprovisioning.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-02 - 2023-03-07 |
9 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
tms.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2022-02-07 - 2023-03-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cloud.email.departures.com/preferences?qs=9db79a6d188204337bd52638a133805aa0f66a46534f355462a3af6e10de90d20c93a55d5f5fa513c9db27dacfd3c7962aaff11104da1a60365608e01e5d56184b9ee417a24355ee
Frame ID: C60F50CAA53E5F38686EA44B673049E1
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Departures | Life From Unexpected PerspectivesPage URL History Show full URLs
-
https://click.email.departures.com/?qs=4caca63d465d4ee73ce43fcb893de20a0e852c6aa86409dedd6afb57b3e842dfe141e7a7...
HTTP 302
https://cloud.email.departures.com/preferences?qs=9db79a6d188204337bd52638a133805aa0f66a46534f355462a3af6e10de9... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Newsletter
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: AdChoices
Search URL Search Domain Scan URL
Title: Follow Us
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.email.departures.com/?qs=4caca63d465d4ee73ce43fcb893de20a0e852c6aa86409dedd6afb57b3e842dfe141e7a74e99c597297c03ce91f6dbf0a8143e6c29d40accdab5ba9d03c0f300
HTTP 302
https://cloud.email.departures.com/preferences?qs=9db79a6d188204337bd52638a133805aa0f66a46534f355462a3af6e10de90d20c93a55d5f5fa513c9db27dacfd3c7962aaff11104da1a60365608e01e5d56184b9ee417a24355ee Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
preferences
cloud.email.departures.com/ Redirect Chain
|
32 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s01344294027219
cloud.email.departures.com/ |
159 B 379 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s0433123404803
cloud.email.departures.com/ |
159 B 379 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-css
cloud.email.departures.com/ |
1006 KB 565 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default-css
cloud.email.departures.com/ |
186 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch-5a77dcd96b5f-staging
cloud.email.departures.com/ |
302 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EX9c00809dfbd04cfabc246e2f387da5e0-libraryCode_source
cloud.email.departures.com/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gpt
cloud.email.departures.com/ |
81 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pubads_impl_2022031401
cloud.email.departures.com/ |
365 KB 123 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RC2faef58e39844e5ca4a57ba8ed855bb2-source
cloud.email.departures.com/ |
1014 B 718 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instagram.png
image.email.departures.com/lib/fe2f11717d64047e7d1477/m/1/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter-img.png
image.email.departures.com/lib/fe2f11717d64047e7d1477/m/1/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainjs
cloud.email.departures.com/ |
207 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
htmxjs
cloud.email.departures.com/ |
112 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap
cloud.email.departures.com/ |
80 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
221 KB 221 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
40 KB 40 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
39 KB 39 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
220 KB 220 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
39 KB 39 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
40 KB 40 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NEWSLETTER_PAGE_RESIZED.gif
image.email.departures.com/lib/fe2f11717d64047e7d1477/m/1/ |
504 KB 505 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2022031401.js
securepubads.g.doubleclick.net/gpt/ |
364 KB 124 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
151 B 751 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
tms.americanexpress.com/amex/tag-qa/ |
281 B 535 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
tms.americanexpress.com/amex/ |
296 B 543 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
05ed9f5fc3e3f63d88a192e33a9ac43a.js
tms.americanexpress.com/amex/tag-qa/code/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
238d5442b83f455d6e8b13f54e4fa75d.js
tms.americanexpress.com/amex/prod/code/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
54 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| digitalData function| enableRadios function| disableRadios function| toggleRadios string| csrfTokenName string| csrfTokenValue boolean| isCardMember function| aqh object| gsapVersions function| initializeAnimation function| s_doPlugins function| s_cleanQS function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq object| s string| s_account object| s_rmvars string| s_rmact number| s_rmi number| omn_temp boolean| cookieCombiningUtility function| removeExpiredCookies function| cookieRead function| cookieWrite function| cookieDelete object| s_c_il number| s_c_in function| DIL number| s_objectID number| s_giq object| googletag object| ggeac object| google_js_reporting_queue object| htmx object| ensBootstraps object| Bootstrapper string| k object| o object| onetag undefined| google_measure_js_timing function| loadNGAMUTracking function| iTagRuleCheckTimer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.email.departures.com
cloud.email.departures.com
image.email.departures.com
securepubads.g.doubleclick.net
tms.americanexpress.com
13.111.44.218
13.111.45.172
2a00:1450:4001:82b::2002
2a02:26f0:6c00::210:bac1
3.124.173.63
0242f0658bd90e847ab6baad25c32919cd5606c6b83532464523996f058bc902
02f90dee5b002af7db35d0406e9346dfa43eb2e311e86acd0b8645ca0d55f4dd
050142ea59cfaec6159f0dc70a62003207dd3ac5361b389ffdb4e785d897e5ce
06f6faf0e9a94d4fafaba2be94cc596c71797fd6455551342ccc57e2dda720cb
14d3a2417c5618a1404accb349aeb0f8dcdcfbe1e1b9e4b41ceb46f53b0182ce
1cafdcb8db29a261f0033f96bcd2e42bac316bdee496214e38343e3eb76361f2
401528ac815fe0cc6e88c76d3b0caffe134d83bf64d4344029b6daf2fb5fac43
48a1ed36a03dfcd07f0215cd14fb8c859b5993d58cc2285b62afc0fee3a438d8
48effec128521fe0a5dbe7cd0e7c4a42aff9691d4c4306e90afd7e1fd3cecd30
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
57b7ef076c579835d62a46128243ef25657202faf26afd79839faaddd8476f6d
58190e41c654a43cb9a6f25f8f485950e8b2f90bdd3ef9ba0cd5dc89b664b044
606b73ba97bbd6ce7895f8ddf9fe6e5ed386837b71f978c520d2fde19bd3a76e
6d8562e9041b1a30ad738e29f71a089256998b42dcb31e1caf1c273ac6458f24
6f46dd00fa1d93f1c95b0a90d83234044169c3629c8af87cc9b93f346d959c2c
6f7c53030f1191142394dd2df0af4a71f3d71858f705c6474a061497ddc87614
7bcb931e411106cad7661417bf784f8fef1418d6384af9760cc126b3695f348f
7e0f09be5f968b89f7f99fb37d0976f21948244853dab7e67b2116930c03322d
7ee365e2c6637edc4c714f4ab6bd75d2b912f54d3448ecfe69d674190b805956
8b73115d4eee3c7a08c6a2c0ba23191995f09bbcb8e1d21990115fc3614e3fb7
8c51c26e7f9d395db6f2e2f1145ffd2dbe5e88f4faa896534a8f33b5bca6479d
95e7236ce862d88e9b0bc1e0145fb69af540b2d362e6430ac22063d7f8096861
9772b7665ccbc264735a622e692c9f73ca6912a77295a9353c1b23362f71e02c
ab7a73ff3f21b94d8f4e809c519705fd62962e1e474bf4d9586f203672c21ef4
bf7d52f77aad7484b3c43c939c080199a3603f2c733d307b0d886db1a0456048
c4fb9ec35584bd8855e04e28797f068b31726790f4ac86a58559d8143dff2136
f4a424748abf31a58b9f11f518968b95c0d26cb6cf7d3f8d2b2bb149b23d93c7