consulting.amexgbt.com Open in urlscan Pro
194.36.51.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://consulting.amexgbt.com/
Effective URL:
https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
Submission: On February 02 via manual (February 2nd 2022, 7:31:02 am UTC) from US — Scanned from GB

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 194.36.51.188, located in United Kingdom and belongs to EQUINIX-CONNECT, GB. The main domain is consulting.amexgbt.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on December 9th 2021. Valid for: a year.

This is the only time consulting.amexgbt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	194.36.51.188 194.36.51.188	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	194.36.51.176 194.36.51.176	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
13	4

10 194.36.51.188 (United Kingdom) 1 redirects

ASN15830 (EQUINIX-CONNECT, GB)

consulting.amexgbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.36.51.176 (United Kingdom)

ASN15830 (EQUINIX-CONNECT, GB)

dataviz.hrgworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	amexgbt.com 1 redirects consulting.amexgbt.com	364 KB
2	hrgworldwide.com dataviz.hrgworldwide.com	58 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 934	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
13	4

	Domain	Requested by
10	consulting.amexgbt.com	1 redirects consulting.amexgbt.com
2	dataviz.hrgworldwide.com	consulting.amexgbt.com dataviz.hrgworldwide.com
1	use.fontawesome.com	consulting.amexgbt.com
1	fonts.googleapis.com	consulting.amexgbt.com
13	4

This site contains no links.

Subject Issuer	Validity	Valid
consulting.amexgbt.com Sectigo RSA Organization Validation Secure Server CA	`2021-12-09` - `2022-12-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
dataviz.hrgworldwide.com Sectigo RSA Organization Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
Frame ID: 4434904C98516DB9F3723A6F03CB4DB5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GBC - Log in

Page URL History Show full URLs

https://consulting.amexgbt.com/ HTTP 302
http://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F HTTP 307
https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

436 kB
Transfer

831 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://consulting.amexgbt.com/ HTTP 302
http://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F HTTP 307
https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Login Show response
consulting.amexgbt.com/Account/
Redirect Chain

https://consulting.amexgbt.com/
http://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

4 KB
4 KB

107ms
106ms

Document
text/html

194.36.51.188
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.36.51.188 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3db9d382acc101d32f3febbffafcb4d164dac134b2fd5df3a42fe3268e908835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-Frame-Options: SAMEORIGIN
X-AspNet-Version: 4.0.30319
Strict-Transport-Security: max-age=31536001; includeSubdomains
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Date: Wed, 02 Feb 2022 07:30:57 GMT
Content-Length: 3836

Redirect headers

Location: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
Non-Authoritative-Reason: HSTS

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 179ms
63ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 06:31:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Feb 2022 07:30:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Feb 2022 07:30:57 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.12.0/css/ 56 KB
13 KB 147ms
55ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Requested by: Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 07:30:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8525318
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2HZDRW72VY22KNQC
x-amz-id-2: yzZG97B8IPNxnCtu3R7A5F9uSw2rBKLn8oPdu/j09i3ZmEqGNh3mmk9FxSyPgQ4gmySK8CQpLIs=
last-modified: Wed, 30 Jun 2021 15:37:55 GMT
server: cloudflare
etag: W/"500d1a92f875b1d96d37a3a3f8f0438c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BookVxmLUdw38G7sxL2%2BPUGEb6CAMDHCDrHEJTe03EvcXFBDfCTccEmR%2Blpvi77wDQxNhldYthxqtPPxk6zhGHRhR8%2BlFJUNndCd%2F5Lwd15bwj4pOPGJDSEqO9NiLtHvKCz9YwEEIM0QVnxZL%2BjAjp2L"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6d71b7964c57771a-LHR

GET
H/1.1 200
OK polyfills Show response
consulting.amexgbt.com/bundles/ 516 B
981 B 59ms
58ms Script
text/javascript 194.36.51.188
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting.amexgbt.com/bundles/polyfills?v=FsLxgMDiIEziyb8D2DVJNt5eESm3pzoDqXYEAO7dtao1

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.36.51.188 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

7f65eaa9eed36afefb96b6cddf461ec4c4df649ffae351a6d5292441a71d44cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536001; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Feb 2022 07:30:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Date: Wed, 02 Feb 2022 07:30:57 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Vary: User-Agent
Content-Length: 516
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Feb 2023 07:30:57 GMT

GET
H/1.1 200
OK modernizr Show response
consulting.amexgbt.com/bundles/ 11 KB
11 KB 159ms
70ms Script
text/javascript 194.36.51.188
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting.amexgbt.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.36.51.188 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536001; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Feb 2022 07:30:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Date: Wed, 02 Feb 2022 07:30:57 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Vary: User-Agent
Content-Length: 11095
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Feb 2023 07:30:57 GMT

GET
H/1.1 200
OK jquery Show response
consulting.amexgbt.com/bundles/ 85 KB
85 KB 162ms
72ms Script
text/javascript 194.36.51.188
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting.amexgbt.com/bundles/jquery?v=cjkatXG-b8pWdru8bbf4BKCR-I5rhBnHAIcKH449VZM1

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.36.51.188 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e65e86fddc1b72935d9b37afd5e5589ca9ee4eecf1878acb3ab8a6074ffdf64d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536001; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Feb 2022 07:30:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Date: Wed, 02 Feb 2022 07:30:57 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Vary: User-Agent
Content-Length: 86715
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Feb 2023 07:30:57 GMT

GET
H/1.1 200
OK popper Show response
consulting.amexgbt.com/bundles/ 31 KB
31 KB 160ms
70ms Script
text/javascript 194.36.51.188
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting.amexgbt.com/bundles/popper?v=-p-EoB3YD6Re3tSXZG-R7DHmMx_XSXGWeKfIHlJYZeE1

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.36.51.188 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

f7e74bb9ad20e2ee567223c719614f7c3bca6b374debaad915c69f35a9111f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536001; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Feb 2022 07:30:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Date: Wed, 02 Feb 2022 07:30:57 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Vary: User-Agent
Content-Length: 31276
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Feb 2023 07:30:57 GMT

GET
H/1.1 200
OK bootstrap Show response
consulting.amexgbt.com/bundles/ 54 KB
54 KB 163ms
73ms Script
text/javascript 194.36.51.188
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting.amexgbt.com/bundles/bootstrap?v=D5v2Fc1nquAIX2MXLuh_tPbeWxxSGwyyv1yfBjKFodk1

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.36.51.188 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

09cb47af27a955f52031fb2eaf885be33476ae411ee5e77de9588a437aae4cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536001; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Feb 2022 07:30:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Date: Wed, 02 Feb 2022 07:30:57 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Vary: User-Agent
Content-Length: 55122
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Feb 2023 07:30:57 GMT

GET
H/1.1 200
OK tableau-2.js Show response
dataviz.hrgworldwide.com/javascripts/api/ 871 B
1 KB 355ms
207ms Script
text/javascript 194.36.51.176
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://dataviz.hrgworldwide.com/javascripts/api/tableau-2.js

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.36.51.176 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Tableau /

Resource Hash

0d15eca55a916a21eb60aff0309f98fda6a2f5eecf498e4dae19f26f5be6ac24

Security Headers

Name	Value
X-Content-Security-Policy	default-src
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 07:30:57 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: connect-src * https://*.tiles.mapbox.com https://api.mapbox.com; default-src blob:; font-src * data:; frame-src * data:; img-src * data: blob:; object-src data:; report-uri /vizql/csp-report; script-src * blob:; style-src * 'unsafe-inline'
P3P: CP="NON"
X-Tableau: Tableau Server
Connection: Keep-Alive
Content-Length: 334
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 18 Aug 2020 11:01:24 GMT
Server: Tableau
ETag: "14e-5ad24ced44900"
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Thu, 02 Feb 2023 07:30:57 GMT
Cache-Control: no-cache, no-store
Accept-Ranges: bytes
Keep-Alive: timeout=8, max=100
X-Content-Security-Policy: default-src

GET
H/1.1 200
OK shared
consulting.amexgbt.com/Content/ 145 KB
146 KB 117ms
58ms Stylesheet
text/css 194.36.51.188
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting.amexgbt.com/Content/shared?v=UZd9hSqeiSTPF3UIzrfZqXK2Ulv0zzxYEcRrZ9HvL7o1

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.36.51.188 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

63d1bc30a803bef64d6c315c06c2aec354a83010a7eadbfdcdb84d60f9485e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536001; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Feb 2022 07:30:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Date: Wed, 02 Feb 2022 07:30:57 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public
Vary: User-Agent
Content-Length: 148764
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Feb 2023 07:30:57 GMT

GET
H/1.1 200
OK account
consulting.amexgbt.com/Content/ 1 KB
2 KB 156ms
69ms Stylesheet
text/css 194.36.51.188
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting.amexgbt.com/Content/account?v=eEGPbxixL4_Xf1jp62DVT-vyI9VlLL8Gli4nDn1d18A1

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.36.51.188 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

4f23dbfd4f3665222d8450fa23cf4c779b9d69cc2f95e62f9accf293e90be326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536001; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Feb 2022 07:30:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Date: Wed, 02 Feb 2022 07:30:57 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public
Vary: User-Agent
Content-Length: 1325
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Feb 2023 07:30:57 GMT

GET
H/1.1 200
OK jqueryval Show response
consulting.amexgbt.com/bundles/ 29 KB
29 KB 215ms
58ms Script
text/javascript 194.36.51.188
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://consulting.amexgbt.com/bundles/jqueryval?v=pa3LXvOg2TMWbRbAKNdIRmk9DKF6dJzmJZAX2yFH8441

Requested by

Host: consulting.amexgbt.com
URL: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.36.51.188 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

667922d5315e2f71ee7c4b42408013f26324fbc0a2738e4c1d33aa54ce296578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consulting.amexgbt.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536001; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Feb 2022 07:30:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Date: Wed, 02 Feb 2022 07:30:57 GMT
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Vary: User-Agent
Content-Length: 29367
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Feb 2023 07:30:57 GMT

GET
H/1.1 200
OK tableau-2.5.1.js Show response
dataviz.hrgworldwide.com/javascripts/api/ 412 KB
57 KB 68ms
68ms Script
text/javascript 194.36.51.176
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL

https://dataviz.hrgworldwide.com/javascripts/api/tableau-2.5.1.js

Requested by

Host: dataviz.hrgworldwide.com
URL: https://dataviz.hrgworldwide.com/javascripts/api/tableau-2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.36.51.176 , United Kingdom, ASN15830 (EQUINIX-CONNECT, GB),

Reverse DNS

Software

Tableau /

Resource Hash

29cca8d97457565bab777bee43d6e3a343bb4c458f6aafef8c59348b81d071b0

Security Headers

Name	Value
X-Content-Security-Policy	default-src
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://consulting.amexgbt.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 02 Feb 2022 07:30:57 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: connect-src * https://*.tiles.mapbox.com https://api.mapbox.com; default-src blob:; font-src * data:; frame-src * data:; img-src * data: blob:; object-src data:; report-uri /vizql/csp-report; script-src * blob:; style-src * 'unsafe-inline'
P3P: CP="NON"
X-Tableau: Tableau Server
Connection: Keep-Alive
Content-Length: 57759
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 18 Aug 2020 11:02:16 GMT
Server: Tableau
ETag: "e19f-5ad24d1edbe00"
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Thu, 02 Feb 2023 07:30:57 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Keep-Alive: timeout=8, max=99
X-Content-Security-Policy: default-src

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			consulting.amexgbt.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: zKEn5jDJArqf7-yl7-xDZoid1dQJcHXWnNIlkamm2gYKfFfgys9773A1RfaMiJAvVF1m4olTqZttcEyiI1GShfAGlqg2-tTW9uUWBKQycl01

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://dataviz.hrgworldwide.com/javascripts/api/tableau-2.js(Line 27) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dataviz.hrgworldwide.com/javascripts/api/tableau-2.5.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dataviz.hrgworldwide.com/javascripts/api/tableau-2.js(Line 27) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dataviz.hrgworldwide.com/javascripts/api/tableau-2.5.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536001; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consulting.amexgbt.com
dataviz.hrgworldwide.com
fonts.googleapis.com
use.fontawesome.com
194.36.51.176
194.36.51.188
2606:4700:3031::ac43:d645
2a00:1450:4001:82b::200a
09cb47af27a955f52031fb2eaf885be33476ae411ee5e77de9588a437aae4cd2
0d15eca55a916a21eb60aff0309f98fda6a2f5eecf498e4dae19f26f5be6ac24
29cca8d97457565bab777bee43d6e3a343bb4c458f6aafef8c59348b81d071b0
3db9d382acc101d32f3febbffafcb4d164dac134b2fd5df3a42fe3268e908835
4f23dbfd4f3665222d8450fa23cf4c779b9d69cc2f95e62f9accf293e90be326
63d1bc30a803bef64d6c315c06c2aec354a83010a7eadbfdcdb84d60f9485e81
667922d5315e2f71ee7c4b42408013f26324fbc0a2738e4c1d33aa54ce296578
6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e
7f65eaa9eed36afefb96b6cddf461ec4c4df649ffae351a6d5292441a71d44cd
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
e65e86fddc1b72935d9b37afd5e5589ca9ee4eecf1878acb3ab8a6074ffdf64d
f7e74bb9ad20e2ee567223c719614f7c3bca6b374debaad915c69f35a9111f5e

consulting.amexgbt.com Open in urlscan Pro 194.36.51.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

436 kBTransfer

831 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

consulting.amexgbt.com Open in urlscan Pro
194.36.51.188 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

436 kB
Transfer

831 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions