www.americanexpress.com.lb Open in urlscan Pro
45.60.47.115 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://americanexpress.com.lb/
Effective URL:
https://www.americanexpress.com.lb/en-lb/
Submission Tags: falconsandbox
Submission: On May 29 via api (May 29th 2024, 1:06:41 pm UTC) from US — Scanned from DE

Summary HTTP 38 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 38 HTTP transactions. The main IP is 45.60.47.115, located in United States and belongs to INCAPSULA, US. The main domain is www.americanexpress.com.lb.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1 on March 6th 2024. Valid for: 6 months.

This is the only time www.americanexpress.com.lb was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

	IP Address	AS Autonomous System
4 19	45.60.47.115 45.60.47.115	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
12	23.36.235.165 23.36.235.165	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2606:4700:440... 2606:4700:4400::6812:297e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
38	6

19 45.60.47.115 (United States) 4 redirects

ASN19551 (INCAPSULA, US)

americanexpress.com.lb	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.americanexpress.com.lb	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.36.235.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-235-165.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::6812:297e (United States)

ASN13335 (CLOUDFLARENET, US)

www.datocms-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	americanexpress.com.lb 4 redirects americanexpress.com.lb www.americanexpress.com.lb	257 KB
12	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 12649	295 KB
8	datocms-assets.com www.datocms-assets.com — Cisco Umbrella Rank: 27266	1 MB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	179 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	253 B
38	5

	Domain	Requested by
17	www.americanexpress.com.lb	2 redirects www.americanexpress.com.lb
12	www.aexp-static.com	www.americanexpress.com.lb
8	www.datocms-assets.com	www.americanexpress.com.lb
2	www.googletagmanager.com	www.americanexpress.com.lb www.googletagmanager.com
2	americanexpress.com.lb	2 redirects
1	region1.google-analytics.com	www.googletagmanager.com
38	6

This site contains links to these domains. Also see Links.

Domain
www.datocms-assets.com
secure.americanexpress.com.bh
www.membershiprewards.com.bh
www.americanexpress.ae
play.google.com
www.instagram.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2024-09-02`	6 months	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-03-06` - `2025-03-06`	a year	crt.sh
datocms-assets.com GTS CA 1P5	`2024-04-04` - `2024-07-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.americanexpress.com.lb/en-lb/
Frame ID: CDB506E10E1CFB32E9E9B064529469A3
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

American Express | Lebanon

Page URL History Show full URLs

http://americanexpress.com.lb/ HTTP 307
https://americanexpress.com.lb/ HTTP 301
https://www.americanexpress.com.lb/ HTTP 307
http://americanexpress.com.lb/ HTTP 307
https://americanexpress.com.lb/ HTTP 301
https://www.americanexpress.com.lb/ HTTP 301
https://www.americanexpress.com.lb/en-lb HTTP 301
https://www.americanexpress.com.lb/en-lb/ Page URL

Detected technologies

DatoCMS (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+https://www\.datocms-assets\.com

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

38
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

2120 kB
Transfer

3725 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.datocms-assets.com/93849/1680264429-32565_amex_knowyourcardmember-formpersonalization_v16_2.pdf
Title: Update your information

Search URL Search Domain Scan URL

URL: https://secure.americanexpress.com.bh/wps/portal/merchant/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zijQ09XQ2MnA283L2cnQ0cQ8I8ff0MvY0NDMz0wwkpiAJKG-AAjgZA_VFgJc7ujh4m5j5AwVB3FwNP80CnUH9foAmeZlAFeMwoyI0wyHRUVAQAfDeoZw!!/dz/d5/L2dBISEvZ0FBIS9nQSEh/#/
Title: Log in to Online Merchant Services

Search URL Search Domain Scan URL

URL: https://www.membershiprewards.com.bh/
Title: Membership Rewards®

Search URL Search Domain Scan URL

URL: https://www.americanexpress.ae/online/offers
Title: Amex Offers

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.AmexApp

Search URL Search Domain Scan URL

URL: https://www.instagram.com/amexmena/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://americanexpress.com.lb/ HTTP 307
https://americanexpress.com.lb/ HTTP 301
https://www.americanexpress.com.lb/ HTTP 307
http://americanexpress.com.lb/ HTTP 307
https://americanexpress.com.lb/ HTTP 301
https://www.americanexpress.com.lb/ HTTP 301
https://www.americanexpress.com.lb/en-lb HTTP 301
https://www.americanexpress.com.lb/en-lb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.americanexpress.com.lb/en-lb/
Redirect Chain

http://americanexpress.com.lb/
https://americanexpress.com.lb/
https://www.americanexpress.com.lb/
http://americanexpress.com.lb/
https://americanexpress.com.lb/
https://www.americanexpress.com.lb/
https://www.americanexpress.com.lb/en-lb
https://www.americanexpress.com.lb/en-lb/

58 KB
13 KB

164ms
164ms

Document
text/html

45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ee909a75e7728d97e5ac7e5ca5394076581fe66c329cae3207fe7e359669117b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.americanexpress.com.bh https://www.americanexpress.ae http://image.message.americanexpress.com.bh;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://secure.americanexpress.com.bh https://www.americanexpress.ae http://image.message.americanexpress.com.bh;
content-type: text/html
date: Wed, 29 May 2024 13:06:26 GMT
etag: "e890-6191c058b994c"
last-modified: Thu, 23 May 2024 09:53:23 GMT
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 13-115159463-115160145 PNYN RT(1716987974559 10698) q(0 0 0 -1) r(1 1) U12

Redirect headers

content-length: 249
content-type: text/html; charset=iso-8859-1
date: Wed, 29 May 2024 13:06:25 GMT
location: https://www.americanexpress.com.lb/en-lb/
strict-transport-security: max-age=31536000
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 13-115159463-115160145 PNNN RT(1716987974559 10534) q(0 0 0 -1) r(2 2) U11

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 162ms
67ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-P4KXRH5

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70cf324768a1fff1cddf6e2165e1282e7e7e4d371ce8e5ca23c522af6ddb329a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78400
x-xss-protection: 0
last-modified: Wed, 29 May 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 May 2024 13:06:26 GMT

GET
H2 200 a6db09bde24dc5e9.css
www.americanexpress.com.lb/_next/static/css/ 368 KB
51 KB 7828ms
7828ms Stylesheet
text/css 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/css/a6db09bde24dc5e9.css

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

428f599b370129e4f667370cb0e734de7656c9dde9dbe994c37eb336578a7f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 09:23:34 GMT
x-cdn: Imperva
etag: "5be73-6191b9af119c6"
content-type: text/css
x-iinfo: 13-115159463-115155715 2VNN RT(1716987974559 11099) q(0 0 0 -1) r(78 78)
cache-control: max-age=1, public
x-incap-sess-cookie-hdr: SwSAZRVHrmNW+DF7iVwGFVkoV2YAAAAA1ZV5+hdJbgJuF9NDBBqd5w==
content-length: 52263
expires: Wed, 29 May 2024 13:06:34 GMT

GET
H2 200 858a1d804d05f2c8.css
www.americanexpress.com.lb/_next/static/css/ 12 KB
4 KB 7882ms
7882ms Stylesheet
text/css 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/css/858a1d804d05f2c8.css

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ebbf4dd9a30f7bd59c6f77fc3bf50052ddf8ef7c70817cc31e54df3ceebb1d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 09:23:34 GMT
x-cdn: Imperva
etag: "2e59-6191b9af193d8"
content-type: text/css
x-iinfo: 13-115159463-115154410 2VNN RT(1716987974559 11103) q(0 0 0 -1) r(78 78)
cache-control: max-age=1, public
x-incap-sess-cookie-hdr: 9YCNCVQxJAJW+DF7iVwGFVkoV2YAAAAAO4WIR4TasWk1905iw7F7oA==
content-length: 3659
expires: Wed, 29 May 2024 13:06:34 GMT

GET
H2 200 webpack-e81585bb9a6b8f4d.js Show response
www.americanexpress.com.lb/_next/static/chunks/ 2 KB
1 KB 7881ms
7879ms Script
application/x-javascript 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/chunks/webpack-e81585bb9a6b8f4d.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

82c1f4a7cb54d4960c31bcd0da743f06882042827366f973b1799b07163646f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 09:23:34 GMT
x-cdn: Imperva
etag: "835-6191b9af20deb"
content-type: application/x-javascript
x-iinfo: 13-115159463-115155717 2VNN RT(1716987974559 11106) q(0 0 0 -1) r(78 78)
cache-control: max-age=1, public
x-incap-sess-cookie-hdr: z9RdINcjxzBW+DF7iVwGFVkoV2YAAAAAts5yqrg37eDwzohReU990A==
content-length: 1000
expires: Wed, 29 May 2024 13:06:34 GMT

GET
H2 200 framework-92a422f151f77ddb.js Show response
www.americanexpress.com.lb/_next/static/chunks/ 137 KB
44 KB 7904ms
7903ms Script
application/x-javascript 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/chunks/framework-92a422f151f77ddb.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2386a5f1944b926b1abe4b5d0fb8eda1349b0b44dc6b8baa574a917085a3be4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 09:23:34 GMT
x-cdn: Imperva
etag: "226b9-6191b9af20deb"
content-type: application/x-javascript
x-iinfo: 13-115159463-115154375 2VNN RT(1716987974559 11108) q(0 0 0 -1) r(79 79)
cache-control: max-age=1, public
x-incap-sess-cookie-hdr: XoIoPVESJW1W+DF7iVwGFVkoV2YAAAAAqu0mIQT/ULPlHzGA3sjQXQ==
content-length: 44983
expires: Wed, 29 May 2024 13:06:34 GMT

GET
H2 200 main-0c06a0d3c5bc7313.js Show response
www.americanexpress.com.lb/_next/static/chunks/ 107 KB
31 KB 7971ms
7970ms Script
application/x-javascript 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/chunks/main-0c06a0d3c5bc7313.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

479796d84456ee2fca7659fffb62bd02aea72bdc60e5b17f314f26e34b002b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 09:23:34 GMT
x-cdn: Imperva
etag: "1aad1-6191b9af119c6"
content-type: application/x-javascript
x-iinfo: 13-115159463-115156912 2VNN RT(1716987974559 11110) q(0 0 0 -1) r(79 79)
cache-control: max-age=1, public
x-incap-sess-cookie-hdr: 0EanXmwwyW5W+DF7iVwGFVkoV2YAAAAAQ8swZXWKCh8LyQXWHafkww==
content-length: 31776
expires: Wed, 29 May 2024 13:06:34 GMT

GET
H2 200 _app-173cde4721e1f689.js Show response
www.americanexpress.com.lb/_next/static/chunks/pages/ 131 KB
34 KB 7970ms
7969ms Script
application/x-javascript 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/chunks/pages/_app-173cde4721e1f689.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

07b9c2a1f6825ec16659b530e2f330e63c138668f6504c9fec2fe3123b274aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 09:23:34 GMT
x-cdn: Imperva
etag: "20c6f-6191b9af119c6"
content-type: application/x-javascript
x-iinfo: 13-115159463-115150948 2VNN RT(1716987974559 11112) q(0 2 2 -1) r(79 79)
cache-control: max-age=1, public
x-incap-sess-cookie-hdr: /anfdIGTYXpW+DF7iVwGFVkoV2YAAAAAQkapKsaLmOLWHDsAXDNWnw==
content-length: 34179
expires: Wed, 29 May 2024 13:06:34 GMT

GET
H2 200 5383-d3a83d3575cec79b.js Show response
www.americanexpress.com.lb/_next/static/chunks/ 94 KB
28 KB 173ms
172ms Script
application/x-javascript 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/chunks/5383-d3a83d3575cec79b.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8c2c3b598d640fa8277365b29cedde1ac1aed47cd110265468892f5df43e50eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 09:23:34 GMT
x-cdn: Imperva
etag: "176bd-6191b9af20deb"
content-type: application/x-javascript
x-iinfo: 13-115159463-115154410 2VNN RT(1716987974559 18994) q(0 0 0 -1) r(1 1)
cache-control: max-age=1, public
x-incap-sess-cookie-hdr: a11+KP14qR1W+DF7iVwGFVkoV2YAAAAAvmLZmbt4ksorBTGlPNHvyQ==
content-length: 28070
expires: Wed, 29 May 2024 13:06:34 GMT

GET
H2 200 755-cca0720f0014e2a5.js Show response
www.americanexpress.com.lb/_next/static/chunks/ 13 KB
5 KB 186ms
186ms Script
application/x-javascript 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/chunks/755-cca0720f0014e2a5.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

37afa32a2bf1e8fac91385551803ba169a68d388c8b20efbfac695f010afe21f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 09:23:34 GMT
x-cdn: Imperva
etag: "35ed-6191b9af20deb"
content-type: application/x-javascript
x-iinfo: 13-115159463-115154375 2VNN RT(1716987974559 18998) q(0 0 0 -1) r(1 1)
cache-control: max-age=1, public
x-incap-sess-cookie-hdr: dN5ffyJOCjpW+DF7iVwGFVkoV2YAAAAAGWVYs+Su1qKM3Tkcm+BAvQ==
content-length: 5056
expires: Wed, 29 May 2024 13:06:34 GMT

GET
H2 503 %5Blanguage_country%5D-fa070bb96b1c4728.js
www.americanexpress.com.lb/_next/static/chunks/pages/ 0
0 406ms
406ms Script
text/html 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/chunks/pages/%5Blanguage_country%5D-fa070bb96b1c4728.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-cdn: Imperva
content-type: text/html
x-iinfo: 15-4338588-0 NNNN RT(1716987988824 5078) q(0 0 -1 -1) r(3 -1) b6, 13-115159463-115162396 2NYN RT(1716987974559 19005) q(0 0 0 -1) r(4 4) b6 U22
cache-control: no-cache, no-store
x-incap-sess-cookie-hdr: S1zyXgh8tEhW+DF7iVwGFVkoV2YAAAAAOhEVxf53gaDUXrSTuiLJEQ==
retry-after: 5

GET
H2 503 _buildManifest.js
www.americanexpress.com.lb/_next/static/ymWNrgWPRjEva8ZP5jDOg/ 0
0 386ms
386ms Script
text/html 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/ymWNrgWPRjEva8ZP5jDOg/_buildManifest.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-cdn: Imperva
content-type: text/html
x-iinfo: 14-6297329-0 NNNN RT(1716987963310 30100) q(0 0 -1 -1) r(3 -1) b6, 13-115159463-115156910 2NYN RT(1716987974559 19011) q(0 0 0 -1) r(4 4) b6 U22
cache-control: no-cache, no-store
x-incap-sess-cookie-hdr: mLySdb+tZGVW+DF7iVwGFVkoV2YAAAAAmVslJajlBxodAnVUCoe4lQ==
retry-after: 5

GET
H2 503 _ssgManifest.js
www.americanexpress.com.lb/_next/static/ymWNrgWPRjEva8ZP5jDOg/ 0
0 371ms
371ms Script
text/html 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_next/static/ymWNrgWPRjEva8ZP5jDOg/_ssgManifest.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-cdn: Imperva
content-type: text/html
x-iinfo: 18-11901313-0 NNNN RT(1716987951917 42056) q(0 0 -1 -1) r(3 -1) b6, 13-115159463-115154388 2NYN RT(1716987974559 19075) q(0 0 0 -1) r(3 3) b6 U22
cache-control: no-cache, no-store
x-incap-sess-cookie-hdr: xL3NAu7o+whW+DF7iVwGFVkoV2YAAAAAzdlZeAq4fIR4mNV+uq1BWg==
retry-after: 5

GET
H2 200 dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/logos/ 2 KB
1 KB 177ms
55ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/logos/dls-logo-bluebox-solid.svg
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:26 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-962"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 989

GET
H2 200 dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.28.0/package/dist/img/logos/ 2 KB
922 B 178ms
57ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.28.0/package/dist/img/logos/dls-logo-stack.svg
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:26 GMT
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 16:52:20 GMT
etag: W/"63f3a544-66e"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 743

GET
H2 200 1684843508-1679787490-rewards_amex.webp
www.datocms-assets.com/93849/ 25 KB
25 KB 240ms
147ms Image
image/webp 2606:4700:4400::6812:297e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datocms-assets.com/93849/1684843508-1679787490-rewards_amex.webp

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e885aa2b519b3df31cbb9b9c85ca11441df41de3bae6db000fa222edab1ae5d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
date: Wed, 29 May 2024 13:06:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 126818
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
x-imgix-id: dda5ef69c084032c9766f07d01f60128afe749ae
x-status: HIT
content-length: 25342
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10075-SJC, cache-iad-kiad7000125-IAD
last-modified: Thu, 02 May 2024 18:06:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88b6b3a4a881383c-FRA
timing-allow-origin: *
expires: Thu, 29 May 2025 13:06:26 GMT

GET
H2 200 1686721250-refer-a-friend-1.webp
www.datocms-assets.com/93849/ 145 KB
145 KB 240ms
148ms Image
image/webp 2606:4700:4400::6812:297e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datocms-assets.com/93849/1686721250-refer-a-friend-1.webp

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a3d758eaed5f47372525522941e529427bea07aec1f0e31d1480ec48bfc47db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
date: Wed, 29 May 2024 13:06:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 126818
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
x-imgix-id: 8bc0517c2fff30dd7b19640325248226cd441008
x-status: HIT
content-length: 148342
x-xss-protection: 1; mode=block
x-served-by: cache-sjc1000100-SJC, cache-iad-kiad7000088-IAD
last-modified: Sat, 27 Apr 2024 00:25:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88b6b3a4a887383c-FRA
timing-allow-origin: *
expires: Thu, 29 May 2025 13:06:26 GMT

GET
H2 200 1685081500-1.webp
www.datocms-assets.com/93849/ 85 KB
86 KB 196ms
103ms Image
image/webp 2606:4700:4400::6812:297e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datocms-assets.com/93849/1685081500-1.webp

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

309c0254b75fc1df780e26b93e7584c6f968d95c5858c68cfdd189a01d5e54e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
date: Wed, 29 May 2024 13:06:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 962016
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
x-imgix-id: a7fd92d9b4e44169948e3848ca98572b70e2280b
x-status: HIT
content-length: 87126
x-xss-protection: 1; mode=block
x-served-by: cache-sjc1000085-SJC, cache-iad-kiad7000082-IAD
last-modified: Fri, 03 May 2024 10:22:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88b6b3a4a883383c-FRA
timing-allow-origin: *
expires: Thu, 29 May 2025 13:06:26 GMT

GET
H2 200 badge-apple-app-store-md.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/badges/ 7 KB
3 KB 62ms
56ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/badges/badge-apple-app-store-md.svg
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cc37c9792d18b6792110c1402cc4c06dc10dd49047e0e74cb422ce8828a2316d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:26 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-1c00"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 3003

GET
H2 200 badge-google-play-md.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/badges/ 6 KB
3 KB 68ms
67ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/badges/badge-google-play-md.svg
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f7a1235fb36cb2f91ecb2899041002cba9c2877d31f0e2a7df002184e86dec4d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:26 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-1854"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 2543

GET
H2 200 badge-apple-app-store-md.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/badges/ 7 KB
0 30ms
30ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/badges/badge-apple-app-store-md.svg
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cc37c9792d18b6792110c1402cc4c06dc10dd49047e0e74cb422ce8828a2316d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:26 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-1c00"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 3003

GET
H2 200 dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/logos/ 2 KB
890 B 66ms
65ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/logos/dls-logo-line.svg
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:26 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-693"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 712

GET
H2 200 social-network-instagram.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/social/ 7 KB
3 KB 54ms
53ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/social/social-network-instagram.svg
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: adafbb8ec7a3eea7e9969761ea780bc9ed807d73522bdfddfe22bc110b783b4d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:26 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-1dfb"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 2733

GET
H2 200 _Incapsula_Resource Show response
www.americanexpress.com.lb/ 148 KB
21 KB 58ms
57ms Script
application/javascript 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=4&cb=734368800

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7edbefc1f396de38593dfc07339deec650bc2b2272a5960cd2b48f12daceaf7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 21234
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
102 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TJLPBXF5GF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-P4KXRH5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3053e2add0143e277680c9a84ec76c8a356a4a35f0dab502d974e13f4139a7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 May 2024 13:06:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 178ms
55ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TJLPBXF5GF&gtm=45je45m0v894394971z8847218526za200zb847218526&_p=1716987986453&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1343939680.1716987987&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716987986&sct=1&seg=0&dl=https%3A%2F%2Fwww.americanexpress.com.lb%2Fen-lb%2F&dt=American%20Express%20%7C%20Lebanon&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page=%2F&tfd=11671
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJLPBXF5GF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 29 May 2024 13:06:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.americanexpress.com.lb
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1698924787-42740_amex_homepage_banner_en-04.jpg
www.datocms-assets.com/93849/ 783 KB
784 KB 106ms
106ms Image
image/jpeg 2606:4700:4400::6812:297e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datocms-assets.com/93849/1698924787-42740_amex_homepage_banner_en-04.jpg

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b8625ded92b26455e74a0e1674ee992268280e9e649467dbaa6be8dc8b64e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
date: Wed, 29 May 2024 13:06:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23259
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
x-imgix-id: 52f01a9baa3d61021bb8c003830c40e27cb4f57c
x-status: HIT
content-length: 801490
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10078-SJC, cache-iad-kiad7000120-IAD
last-modified: Mon, 06 May 2024 18:38:56 GMT
cf-bgj: h2pri
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88b6b3a6cbae383c-FRA
timing-allow-origin: *
expires: Thu, 29 May 2025 13:06:27 GMT

GET
H2 200 1685084992-2.webp
www.datocms-assets.com/93849/ 119 KB
119 KB 146ms
145ms Image
image/webp 2606:4700:4400::6812:297e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datocms-assets.com/93849/1685084992-2.webp

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b611c7646f8b13aeba51d8af0ebef83990ee863dbfc84f68b1d4cbc26a6665

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
date: Wed, 29 May 2024 13:06:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19716
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
x-imgix-id: 68553751d15755dc20c530643ed52bb2854d9e00
x-status: HIT
content-length: 121568
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10038-SJC, cache-iad-kiad7000152-IAD
last-modified: Wed, 15 May 2024 12:20:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88b6b3a6cbb8383c-FRA
timing-allow-origin: *
expires: Thu, 29 May 2025 13:06:27 GMT

GET
H2 200 1684336680-why-amex-01.webp
www.datocms-assets.com/93849/ 221 KB
222 KB 145ms
145ms Image
image/webp 2606:4700:4400::6812:297e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datocms-assets.com/93849/1684336680-why-amex-01.webp

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

238967ffb02d40926fb997519d3256df86f3629c30e010eab6125d7259d647ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
date: Wed, 29 May 2024 13:06:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 126818
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
x-imgix-id: a3cf6fbee0bbee6bdb1d9d8f64e22cab97f062e7
x-status: HIT
content-length: 226462
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10056-SJC, cache-iad-kiad7000091-IAD
last-modified: Wed, 01 May 2024 03:17:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88b6b3a6cbc0383c-FRA
timing-allow-origin: *
expires: Thu, 29 May 2025 13:06:27 GMT

GET
H2 200 1677738226-contactlessimage.webp
www.datocms-assets.com/93849/ 8 KB
8 KB 102ms
102ms Image
image/webp 2606:4700:4400::6812:297e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.datocms-assets.com/93849/1677738226-contactlessimage.webp

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cabcd7c696034465f6f3ddfcd45190b6b0421db7f7665f4281a868d30bcb68a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
date: Wed, 29 May 2024 13:06:27 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 126819
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
x-imgix-id: b3932213577d5b31c0788d66a825021e2b457f36
x-status: HIT
content-length: 8008
x-xss-protection: 1; mode=block
x-served-by: cache-sjc1000138-SJC, cache-iad-kiad7000030-IAD
last-modified: Thu, 02 May 2024 16:55:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88b6b3a6cbc2383c-FRA
timing-allow-origin: *
expires: Thu, 29 May 2025 13:06:27 GMT

GET
H2 200 worldservice-tile-gray.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/brand/ 78 KB
22 KB 64ms
64ms Image
image/svg+xml 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.24.1/package/dist/img/brand/worldservice-tile-gray.svg
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 988699a420f0dfd5826e362f3968c397614e74a47e696e59574a60cc189b7f9b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:27 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 15:34:07 GMT
etag: W/"60dde06f-13680"
vary: Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *
content-length: 22582

GET
DATA 200
OK truncated
/ 271 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeee4bd51e2feb43c539f27fb60f427134033aa7f8a6bec0b66c5aa4bfe391fe

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/ 68 KB
68 KB 175ms
55ms Font
font/woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/_next/static/css/a6db09bde24dc5e9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:34 GMT
last-modified: Mon, 01 Aug 2022 18:53:00 GMT
etag: "62e8210c-11086"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com.lb
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 69766

GET
H2 200 3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/ 36 KB
37 KB 284ms
165ms Font
font/woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/_next/static/css/a6db09bde24dc5e9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:34 GMT
last-modified: Mon, 01 Aug 2022 18:53:00 GMT
etag: "62e8210c-9121"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com.lb
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 37153

GET
H2 200 dls-icons.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/ 55 KB
56 KB 256ms
137ms Font
font/woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.27.0/package/dist/iconfont/dls-icons.woff?v=2.27.0
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/_next/static/css/a6db09bde24dc5e9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3530f9432334e47cf7e84f8e0ce64f80d45d7329f44f691a3eb30977a4bbf052

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Origin: https://www.americanexpress.com.lb
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:34 GMT
last-modified: Mon, 01 Aug 2022 18:53:07 GMT
etag: "62e82113-ddf8"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: https://www.americanexpress.com.lb
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 56824

GET
H2 200 _Incapsula_Resource
www.americanexpress.com.lb/ 1 B
36 B 51ms
51ms Image
text/plain 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americanexpress.com.lb/_Incapsula_Resource?SWKMTFSR=1&e=0.24555418388191597

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/en-lb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 1678195648-dls-logo-bluebox-alt.svg
www.datocms-assets.com/93849/ 643 B
737 B 113ms
113ms Other
image/svg+xml 2606:4700:4400::6812:297e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.datocms-assets.com/93849/1678195648-dls-logo-bluebox-alt.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:297e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76d2819f7d2c9188c16c19e310abea9d44ae42a295c189023bc5ffff182e56f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 2
date: Wed, 29 May 2024 13:06:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; form-action 'none'; sandbox
age: 46881
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
x-imgix-id: a6e7536ea4009ad6d173adcd64f068489a31fb9f
x-status: HIT
x-xss-protection: 1; mode=block
x-served-by: cache-sjc10061-SJC, cache-iad-kiad7000043-IAD
last-modified: Mon, 29 Apr 2024 14:26:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 88b6b3d7be92383c-FRA
timing-allow-origin: *
expires: Thu, 29 May 2025 13:06:34 GMT

GET
H2 200 dls.min.js Show response
www.americanexpress.com.lb/website-assets/assets/scripts/ 118 KB
25 KB 164ms
163ms Script
application/x-javascript 45.60.47.115
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.americanexpress.com.lb/website-assets/assets/scripts/dls.min.js

Requested by

Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/_next/static/chunks/main-0c06a0d3c5bc7313.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.115 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c6d599b4d42b301dd108089b7afe793a6a277c0271b060df225d99a5f6a72eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/en-lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 09:22:02 GMT
x-cdn: Imperva
etag: "1d655-6191b956d94e2"
content-type: application/x-javascript
x-iinfo: 13-115159463-115156912 2VNN RT(1716987974559 19491) q(0 0 0 -1) r(1 1)
cache-control: max-age=1, public
content-length: 25443
expires: Wed, 29 May 2024 13:06:35 GMT

GET
H2 200 dls-icons.min.js Show response
www.aexp-static.com/akamai/one/statics/@americanexpress/dls-icons/0.5.0/package/dist/browser/ 362 KB
101 KB 344ms
344ms Script
application/javascript 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/akamai/one/statics/@americanexpress/dls-icons/0.5.0/package/dist/browser/dls-icons.min.js
Requested by: Host: www.americanexpress.com.lb
URL: https://www.americanexpress.com.lb/_next/static/chunks/main-0c06a0d3c5bc7313.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b991d6bcc69567051213e46c772a8910437445ab997abd75a73181fc65ce25aa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.americanexpress.com.lb/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 13:06:35 GMT
content-encoding: gzip
last-modified: Thu, 24 Nov 2022 17:28:19 GMT
etag: W/"637fa9b3-5a842"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.americanexpress.com.lb/	1970-01-21 05:41:13	Name: visid_incap_1635279 Value: PfA5pr9zRseqjgr0jIoe2UYoV2YAAAAAQUIPAAAAAAB0HvwfLw8eakAsH75aNsG6
.americanexpress.com.lb/	1969-12-31 23:59:59	Name: nlbi_1635279 Value: DHF5VJpOxh1upy/J8n7k0QAAAABB09M5CY39dQLgssdooTXV
.americanexpress.com.lb/	1969-12-31 23:59:59	Name: incap_ses_1515_1635279 Value: SYyhJfLsLRNW+DF7iVwGFVEoV2YAAAAAl1W3YAQpoPcRa1gFT81pHQ==
.americanexpress.com.lb/	1970-01-21 06:32:27	Name: _ga_TJLPBXF5GF Value: GS1.1.1716987986.1.0.1716987986.0.0.0
.americanexpress.com.lb/	1970-01-21 06:32:27	Name: _ga Value: GA1.1.1343939680.1716987987

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.americanexpress.com.lb/_next/static/chunks/pages/%5Blanguage_country%5D-fa070bb96b1c4728.js Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://www.americanexpress.com.lb/_next/static/ymWNrgWPRjEva8ZP5jDOg/_buildManifest.js Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://www.americanexpress.com.lb/_next/static/ymWNrgWPRjEva8ZP5jDOg/_ssgManifest.js Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.americanexpress.com.bh https://www.americanexpress.ae http://image.message.americanexpress.com.bh;
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

americanexpress.com.lb
region1.google-analytics.com
www.aexp-static.com
www.americanexpress.com.lb
www.datocms-assets.com
www.googletagmanager.com
2001:4860:4802:34::36
23.36.235.165
2606:4700:4400::6812:297e
2a00:1450:4001:82f::2008
45.60.47.115
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
07b9c2a1f6825ec16659b530e2f330e63c138668f6504c9fec2fe3123b274aab
2386a5f1944b926b1abe4b5d0fb8eda1349b0b44dc6b8baa574a917085a3be4e
238967ffb02d40926fb997519d3256df86f3629c30e010eab6125d7259d647ee
2a3d758eaed5f47372525522941e529427bea07aec1f0e31d1480ec48bfc47db
3053e2add0143e277680c9a84ec76c8a356a4a35f0dab502d974e13f4139a7e8
309c0254b75fc1df780e26b93e7584c6f968d95c5858c68cfdd189a01d5e54e4
31b611c7646f8b13aeba51d8af0ebef83990ee863dbfc84f68b1d4cbc26a6665
3530f9432334e47cf7e84f8e0ce64f80d45d7329f44f691a3eb30977a4bbf052
37afa32a2bf1e8fac91385551803ba169a68d388c8b20efbfac695f010afe21f
3b8625ded92b26455e74a0e1674ee992268280e9e649467dbaa6be8dc8b64e89
428f599b370129e4f667370cb0e734de7656c9dde9dbe994c37eb336578a7f88
479796d84456ee2fca7659fffb62bd02aea72bdc60e5b17f314f26e34b002b08
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
70cf324768a1fff1cddf6e2165e1282e7e7e4d371ce8e5ca23c522af6ddb329a
76d2819f7d2c9188c16c19e310abea9d44ae42a295c189023bc5ffff182e56f3
7edbefc1f396de38593dfc07339deec650bc2b2272a5960cd2b48f12daceaf7a
82c1f4a7cb54d4960c31bcd0da743f06882042827366f973b1799b07163646f5
8c2c3b598d640fa8277365b29cedde1ac1aed47cd110265468892f5df43e50eb
988699a420f0dfd5826e362f3968c397614e74a47e696e59574a60cc189b7f9b
adafbb8ec7a3eea7e9969761ea780bc9ed807d73522bdfddfe22bc110b783b4d
aeee4bd51e2feb43c539f27fb60f427134033aa7f8a6bec0b66c5aa4bfe391fe
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
b991d6bcc69567051213e46c772a8910437445ab997abd75a73181fc65ce25aa
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
c6d599b4d42b301dd108089b7afe793a6a277c0271b060df225d99a5f6a72eaf
cabcd7c696034465f6f3ddfcd45190b6b0421db7f7665f4281a868d30bcb68a3
cc37c9792d18b6792110c1402cc4c06dc10dd49047e0e74cb422ce8828a2316d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885aa2b519b3df31cbb9b9c85ca11441df41de3bae6db000fa222edab1ae5d7
ebbf4dd9a30f7bd59c6f77fc3bf50052ddf8ef7c70817cc31e54df3ceebb1d6e
ee909a75e7728d97e5ac7e5ca5394076581fe66c329cae3207fe7e359669117b
f7a1235fb36cb2f91ecb2899041002cba9c2877d31f0e2a7df002184e86dec4d
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

www.americanexpress.com.lb Open in urlscan Pro 45.60.47.115 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

2120 kBTransfer

3725 kBSize

5 Cookies

6 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.americanexpress.com.lb Open in urlscan Pro
45.60.47.115 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

2120 kB
Transfer

3725 kB
Size

5
Cookies

38 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!