privacy.amexgbt.com Open in urlscan Pro
194.36.55.5  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	Primary Request / Show response privacy.amexgbt.com/	12 KB 10 KB	219ms 113ms	Document text/html	194.36.55.5 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://privacy.amexgbt.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0ae437c1593c19034da49c36fe637e7d45003776656c72acfef7c9b930b9ed19 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out wRRen3NeaeLfckiAkmZG4+efyGRsxliw2scLlJYMWIEyLJV4HG1D1proAa5ywVyQ5+2Fz9tKO0tH/2p7711OHF/LBPFfYzWGeS+XG99kRAml/NszH9ADBe7GXidOTWY0RwLUvbiwa01OXCZJCbT2gA==$A1AHYG6tYRgYVKcgHqh/fw== cf-mitigated challenge cf-ray 8cfe4d7a3a33bef8-LHR content-encoding gzip content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Wed, 09 Oct 2024 12:16:34 GMT expires Thu, 01 Jan 1970 00:00:01 GMT origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare strict-transport-security max-age=63072000; includeSubDomains vary Accept-Encoding x-content-options nosniff x-frame-options SAMEORIGIN
GET H2	200	v1 Show response privacy.amexgbt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/	162 KB 59 KB	120ms 120ms	Script application/javascript	194.36.55.5 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://privacy.amexgbt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8cfe4d7a3a33bef8 Requested by Host: privacy.amexgbt.com URL: https://privacy.amexgbt.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 1abd2b739094994b35840928e1a583ff9a8113e18e54667e895dbe5a32dc2fe6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://privacy.amexgbt.com/?__cf_chl_rt_tk=kzH6lX.QXj3oL6xozfBlwIxgcMuzbv_7_wc92N7S6xo-1728476194-1.0.1.1-M4ngut9FFL0A3YDHX6uja4ozXjc0VgAGrLzRgDtEpzg Response headers strict-transport-security max-age=63072000; includeSubDomains cf-ray 8cfe4d7b5b8cbef8-LHR cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip date Wed, 09 Oct 2024 12:16:35 GMT content-type application/javascript; charset=UTF-8 server cloudflare
GET		a0c064be-ee9f-4c7b-814c-1bd119880bf1 https://privacy.amexgbt.com/ Frame	0 0
GET H3	200	api.js Show response challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/	46 KB 16 KB	83ms 44ms	Script application/javascript	104.18.94.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit Requested by Host: privacy.amexgbt.com URL: https://privacy.amexgbt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8cfe4d7a3a33bef8 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://privacy.amexgbt.com Referer Response headers cache-control max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public content-encoding br cross-origin-resource-policy cross-origin cf-ray 8cfe4d7cd9a548b9-LHR access-control-allow-origin * date Wed, 09 Oct 2024 12:16:35 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 01 Oct 2024 14:19:56 GMT server cloudflare vary Accept-Encoding
GET H2	403	favicon.ico privacy.amexgbt.com/	4 KB 4 KB	106ms 106ms	Image text/html	194.36.55.5 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://privacy.amexgbt.com/favicon.ico Requested by Host: privacy.amexgbt.com URL: https://privacy.amexgbt.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash a81d364eba629eec3e2a10731134005cafca9ac24488b9849246a91b59d09690 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://privacy.amexgbt.com/ Response headers content-encoding gzip critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA expires Thu, 01 Jan 1970 00:00:01 GMT x-content-options nosniff date Wed, 09 Oct 2024 12:16:35 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-frame-options SAMEORIGIN cf-mitigated challenge cf-chl-out /6P5LXrlERHL6vKBBnD1ZZKtR8/uoMNiqx1oe02Vk7CepM2MSnF9ipBOGslkvQTiMghSrKIFTarGTZ44/pg9OMD8G2ivBNc81IM27OibXJQZ1LDfbIstMOvdYPWFS56N7L+Rz+FtA9NYrqgdISfawA==$qZ7bIW5k3AOftg+2oYzIqQ== strict-transport-security max-age=63072000; includeSubDomains cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cross-origin-opener-policy same-origin accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-resource-policy same-origin referrer-policy same-origin cf-ray 8cfe4d7cbcf1bef8-LHR cross-origin-embedder-policy require-corp permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() origin-agent-cluster ?1 server cloudflare
POST H2	200	0fe18da5f4ccc36 Show response privacy.amexgbt.com/cdn-cgi/challenge-platform/h/b/flow/ov1/140361916:1728472437:A1M80vCUqStMj6skTqtaL69pxYOcxkqfJfoUedKSxRo/8cfe4d7a3a33bef8/	17 KB 13 KB	119ms 117ms	XHR text/plain	194.36.55.5 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://privacy.amexgbt.com/cdn-cgi/challenge-platform/h/b/flow/ov1/140361916:1728472437:A1M80vCUqStMj6skTqtaL69pxYOcxkqfJfoUedKSxRo/8cfe4d7a3a33bef8/0fe18da5f4ccc36 Requested by Host: privacy.amexgbt.com URL: https://privacy.amexgbt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8cfe4d7a3a33bef8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 079074dfb6ca2afb93ad4cedd74ec88613e724d0863a2b346bd424879441bc74 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers Referer https://privacy.amexgbt.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded CF-Challenge 0fe18da5f4ccc36 Response headers strict-transport-security max-age=63072000; includeSubDomains cf-ray 8cfe4d7d6dabbef8-LHR content-encoding gzip date Wed, 09 Oct 2024 12:16:35 GMT content-type text/plain; charset=UTF-8 cf-chl-gen wDbAqJugNuFNV1/P7rViu8+KHauu+VqsVkDcDTLAMOfacqZItwVQW83oatPS/B9FthgOoTfjIg==$REI+1cBnn+Fl/smC server cloudflare
GET H2	403	favicon.ico privacy.amexgbt.com/	10 KB 7 KB	125ms 124ms	Other text/html	194.36.55.5 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://privacy.amexgbt.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.36.55.5 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 792befc9377d40069b768bf8062ff37ac768420922445dc2aa7821b76c129689 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://privacy.amexgbt.com/ Response headers content-encoding gzip report-to {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=LP7dLV_cWAK0BW7yOSU0_1kuWLCGJy2TV7E09V3Gv9Y-1728476195-1.0.1.1-Bw_RsYpLrRFQaCKVwD4NqDHR3laNwip.kRmzVvXoFlNM8_3QRkm0hB7dILq0Q5BaOdffA3kufmB.A.m1nrVJraJq.XAttwttL_ZaDHIBvJ6RBRlLIkViE5vUUxHNhmtKNGIAhNi90qrPzZN.bT9OjEkWe1_.F9iBTuDaxb_MdBk"}],"group":"cf-csp-endpoint","max_age":86400} critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA expires Thu, 01 Jan 1970 00:00:01 GMT x-content-options nosniff date Wed, 09 Oct 2024 12:16:35 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-frame-options SAMEORIGIN cf-mitigated challenge cf-chl-out pDk6z2zk9U9aIq+U7gmfszqP9Kz+qq0qGET0PPhCgYFeQUuhdl437vO7mrTyndxHOZP4xc8KPjjo4Ccn2B9yVCpxqm23vbs1x/rTfZIfrdrtJUwaq+kc1LyF+qjfLMKXji0ZIB7mcNtsuA7gduHfcw==$Cy0O62P1BA5nJETX72m2zQ== strict-transport-security max-age=63072000; includeSubDomains cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cross-origin-opener-policy same-origin accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-resource-policy same-origin referrer-policy same-origin content-security-policy-report-only script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=LP7dLV_cWAK0BW7yOSU0_1kuWLCGJy2TV7E09V3Gv9Y-1728476195-1.0.1.1-Bw_RsYpLrRFQaCKVwD4NqDHR3laNwip.kRmzVvXoFlNM8_3QRkm0hB7dILq0Q5BaOdffA3kufmB.A.m1nrVJraJq.XAttwttL_ZaDHIBvJ6RBRlLIkViE5vUUxHNhmtKNGIAhNi90qrPzZN.bT9OjEkWe1_.F9iBTuDaxb_MdBk; report-to cf-csp-endpoint cf-ray 8cfe4d7dbe08bef8-LHR cross-origin-embedder-policy require-corp permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() origin-agent-cluster ?1 server cloudflare
GET		3fcd6f77-4c20-4ae4-82bb-ce23cb8f73b5 https://privacy.amexgbt.com/ Frame	0 0
GET H3	200	/ challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9d9m7/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 23E7	0 0	131ms 92ms	Document text/html	104.18.94.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9d9m7/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8cfe4d7f1c30889d-LHR content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Wed, 09 Oct 2024 12:16:35 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

privacy.amexgbt.com

URL

blob:https://privacy.amexgbt.com/a0c064be-ee9f-4c7b-814c-1bd119880bf1

Domain

privacy.amexgbt.com

URL

blob:https://privacy.amexgbt.com/3fcd6f77-4c20-4ae4-82bb-ce23cb8f73b5

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| HFmwV6 function| iHCC5 object| dSJo7 object| lajwG7 function| VBYM6 function| brdWQ0 function| ZcHV6 function| DXjyL6 boolean| Pjghl3 function| jXVRZ7 object| PZKL0 number| BuTN0 object| angular object| FnNf4 object| turnstile boolean| qVQK0 string| FUWvI4 boolean| YGymh1

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.amexgbt.com/	1970-01-21 00:07:57	Name: __cf_bm Value: zFju8QUJe8Obb1q0eIWSwZoRMF1jyFb.We0PQic2kSc-1728476194-1.0.1.1-SpNc2rnfqj_o23ZNZ5U_jIMLbb06j7CB6TMEm8G2t1NAxlikGIcVenfpODJ.yNcywO_eFWbjRlgz3SdarnlQxw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://privacy.amexgbt.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://privacy.amexgbt.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://privacy.amexgbt.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
privacy.amexgbt.com
privacy.amexgbt.com
104.18.94.41
194.36.55.5
079074dfb6ca2afb93ad4cedd74ec88613e724d0863a2b346bd424879441bc74
0ae437c1593c19034da49c36fe637e7d45003776656c72acfef7c9b930b9ed19
1abd2b739094994b35840928e1a583ff9a8113e18e54667e895dbe5a32dc2fe6
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611
792befc9377d40069b768bf8062ff37ac768420922445dc2aa7821b76c129689
a81d364eba629eec3e2a10731134005cafca9ac24488b9849246a91b59d09690