prefunds.aa.com
Open in
urlscan Pro
144.9.35.37
Public Scan
Submitted URL: https://link.info.email.aa.com/ls/click?upn=6Bg-2BgqSVznbULFxyD8xRE-2FpfRPzT74c0z0ELXmzO-2FGgjh22MzIZUwyIoHuJOukTZE06Yz48vPbEgV...
Effective URL: https://prefunds.aa.com/refunds/?ntf=cne,ivr,eml,cta
Submission: On October 16 via manual from US — Scanned from DE
Effective URL: https://prefunds.aa.com/refunds/?ntf=cne,ivr,eml,cta
Submission: On October 16 via manual from US — Scanned from DE
Summary
This website contacted 17 IPs
in 4 countries
across 13 domains to perform 86 HTTP transactions.
The main IP is 144.9.35.37, located in
United States and
belongs to PHOENIX-PLANO-EDS, US.
The main domain is prefunds.aa.com.
The Cisco Umbrella rank of the primary domain is 815916.
TLS certificate: Issued by Entrust Certification Authority - L1M on January 24th 2023. Valid for: a year.
This is the only time prefunds.aa.com was scanned on urlscan.io!
TLS certificate: Issued by Entrust Certification Authority - L1M on January 24th 2023. Valid for: a year.
This is the only time prefunds.aa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
167.89.115.150
(Herndon, United States)
ASN11377 (SENDGRID, US)
PTR: o16789115x150.outbound-mail.sendgrid.net
ASN11377 (SENDGRID, US)
PTR: o16789115x150.outbound-mail.sendgrid.net
| link.info.email.aa.com |
4
2.23.198.17
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-23-198-17.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-23-198-17.deploy.static.akamaitechnologies.com
| aa.com |
7
69.192.162.114
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a69-192-162-114.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a69-192-162-114.deploy.static.akamaitechnologies.com
| www.aa.com |
1
2.19.70.207
(Glattbrugg, Switzerland)
ASN16625 (AKAMAI-AS, US)
PTR: a2-19-70-207.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-19-70-207.deploy.static.akamaitechnologies.com
| www.everestjs.net |
2
34.247.108.36
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-108-36.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-108-36.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
52.210.141.111
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-141-111.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-141-111.eu-west-1.compute.amazonaws.com
| americanairlines.demdex.net |
3
63.140.62.22
(United States)
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-22.data.adobedc.net
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-22.data.adobedc.net
| metrics.aa.com | |
| smetrics.aa.com |
1
3.248.147.241
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-147-241.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-147-241.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
3
107.178.244.119
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com
| pixel.sojern.com |
1
3.127.56.68
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-56-68.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-56-68.eu-central-1.compute.amazonaws.com
| uconnect.tealiumiq.com |
4
172.217.16.194
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
| cm.g.doubleclick.net |
2
185.89.210.141
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
| ib.adnxs.com |
4
104.197.213.79
(Council Bluffs, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.213.197.104.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.213.197.104.bc.googleusercontent.com
| aa-app.quantummetric.com |
1
34.133.249.191
(Council Bluffs, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 191.249.133.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 191.249.133.34.bc.googleusercontent.com
| aa-sync.quantummetric.com |
2
34.66.3.160
(Council Bluffs, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.3.66.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.3.66.34.bc.googleusercontent.com
| rl.quantummetric.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 61 |
aa.com
5 redirects
link.info.email.aa.com — Cisco Umbrella Rank: 75846 prefunds.aa.com — Cisco Umbrella Rank: 815916 aa.com — Cisco Umbrella Rank: 15244 www.aa.com — Cisco Umbrella Rank: 19664 metrics.aa.com — Cisco Umbrella Rank: 488889 smetrics.aa.com — Cisco Umbrella Rank: 29830 |
3 MB |
| 9 |
quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2457 aa-app.quantummetric.com — Cisco Umbrella Rank: 23678 aa-sync.quantummetric.com — Cisco Umbrella Rank: 25806 rl.quantummetric.com — Cisco Umbrella Rank: 3974 |
117 KB |
| 9 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1241 |
134 KB |
| 4 |
doubleclick.net
4 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 255 |
1 KB |
| 3 |
sojern.com
pixel.sojern.com — Cisco Umbrella Rank: 8495 |
1 KB |
| 3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242 americanairlines.demdex.net — Cisco Umbrella Rank: 36130 |
5 KB |
| 2 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 261 |
2 KB |
| 2 |
go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1562 c.go-mpulse.net — Cisco Umbrella Rank: 689 |
47 KB |
| 1 |
youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 4036 |
432 B |
| 1 |
google.com
1 redirects
fcmatch.google.com — Cisco Umbrella Rank: 4031 |
391 B |
| 1 |
tealiumiq.com
uconnect.tealiumiq.com — Cisco Umbrella Rank: 30582 |
454 B |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1318 |
517 B |
| 1 |
everestjs.net
www.everestjs.net — Cisco Umbrella Rank: 9033 |
4 KB |
| 86 | 13 |
| Domain | Requested by | |
|---|---|---|
| 46 | prefunds.aa.com |
prefunds.aa.com
|
| 9 | tags.tiqcdn.com |
prefunds.aa.com
tags.tiqcdn.com |
| 7 | www.aa.com |
prefunds.aa.com
tags.tiqcdn.com www.aa.com |
| 4 | aa-app.quantummetric.com |
cdn.quantummetric.com
|
| 4 | cm.g.doubleclick.net | 4 redirects |
| 4 | aa.com | 4 redirects |
| 3 | pixel.sojern.com |
tags.tiqcdn.com
prefunds.aa.com |
| 2 | rl.quantummetric.com |
cdn.quantummetric.com
|
| 2 | ib.adnxs.com | 2 redirects |
| 2 | cdn.quantummetric.com |
tags.tiqcdn.com
cdn.quantummetric.com |
| 2 | smetrics.aa.com |
prefunds.aa.com
|
| 2 | dpm.demdex.net |
tags.tiqcdn.com
prefunds.aa.com |
| 1 | aa-sync.quantummetric.com |
cdn.quantummetric.com
|
| 1 | fcmatch.youtube.com |
prefunds.aa.com
|
| 1 | fcmatch.google.com | 1 redirects |
| 1 | uconnect.tealiumiq.com |
prefunds.aa.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | metrics.aa.com |
tags.tiqcdn.com
|
| 1 | americanairlines.demdex.net |
tags.tiqcdn.com
|
| 1 | c.go-mpulse.net |
s.go-mpulse.net
|
| 1 | s.go-mpulse.net |
www.aa.com
|
| 1 | www.everestjs.net |
tags.tiqcdn.com
|
| 1 | link.info.email.aa.com | 1 redirects |
| 86 | 23 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.aa.com |
| phx.corporate-ir.net |
| hub.aa.com |
| www.aavacations.com |
| twitter.com |
| youtube.com |
| facebook.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| refunds.pdc.aa.com Entrust Certification Authority - L1M |
2023-01-24 - 2024-01-24 |
a year | crt.sh |
| tags.tiqcdn.com Amazon RSA 2048 M01 |
2023-04-18 - 2024-05-17 |
a year | crt.sh |
| www.aa.com Entrust Certification Authority - L1M |
2023-02-08 - 2024-02-08 |
a year | crt.sh |
| www.everestjs.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-25 - 2024-10-25 |
a year | crt.sh |
| akstat.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
| *.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
| smetrics.aa.com Entrust Certification Authority - L1M |
2023-08-21 - 2024-08-21 |
a year | crt.sh |
| *.sojern.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-17 - 2024-02-17 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-17 - 2024-05-16 |
a year | crt.sh |
| *.tealiumiq.com Amazon RSA 2048 M01 |
2023-07-26 - 2024-08-23 |
a year | crt.sh |
| *.quantummetric.com Sectigo RSA Domain Validation Secure Server CA |
2023-01-18 - 2024-02-13 |
a year | crt.sh |
| rl.quantummetric.com R3 |
2023-09-22 - 2023-12-21 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://prefunds.aa.com/refunds/?ntf=cne,ivr,eml,cta
Frame ID: F2B21B3B7D67C7E75F4F7592EDFCAC79
Requests: 72 HTTP requests in this frame
Frame:
https://www.aa.com/assets/html/gdpr/sync.html
Frame ID: B54FA8913E5807B8ACBCAAC3CA11EB3F
Requests: 5 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/JUJL4-2QKWZ-FENBC-AM6H5-MUCW4
Frame ID: 983F962FED642DA686D12A34FE24FA77
Requests: 2 HTTP requests in this frame
Frame:
https://americanairlines.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 58008ACBB1E2C7260162AA1982419DF9
Requests: 1 HTTP requests in this frame
Frame:
https://aa-app.quantummetric.com/?T=B&u=https%3A%2F%2Fprefunds.aa.com%2Frefunds%2F%3Fntf%3Dcne%252Civr%252Ceml%252Ccta&t=1697465831433&v=1697465832064&z=1&S=0&N=0&P=0
Frame ID: C2F65DEF1F0A7EBA5E66D656D7DBF0F5
Requests: 6 HTTP requests in this frame
Frame:
https://cdn.quantummetric.com/helpers/blank
Frame ID: DA4866135B44810300BD90EBA6708B63
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Refund | StartPage URL History Show full URLs
-
https://link.info.email.aa.com/ls/click?upn=6Bg-2BgqSVznbULFxyD8xRE-2FpfRPzT74c0z0ELXmzO-2FGgjh22MzIZUwyIoH...
HTTP 302
https://prefunds.aa.com/refunds/?ntf=cne,ivr,eml,cta Page URL
Detected technologies
Akamai Bot Manager
(Security)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui[.-]([\d.]*\d)[^/]*\.js
- jquery-ui.*\.js
Page Statistics
29 Outgoing links
These are links going to different origins than the main page.
URL: https://www.aa.com/i18n/travel-info/coronavirus-updates.jsp
Title: Coronavirus travel updates >>
Title: Coronavirus travel updates >>
Search URL Search Domain Scan URL
URL: http://www.aa.com/homePage.do
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/AAdvantage/programInformation/oneworld/overview.jsp
Search URL Search Domain Scan URL
URL: https://www.aa.com/reservation/reservationsHomeAccess.do
Title: My Reservations
Title: My Reservations
Search URL Search Domain Scan URL
URL: https://www.aa.com/AAdvantage/aadvantageHomeAccess.do?anchorEvent=false&from=Nav&v_locale=en_US&v_mobileUAFlag=AA&anchorEvent=false&from=Nav
Title: AAdvantage section
Title: AAdvantage section
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/aboutUs/main.jsp?anchorEvent=false&from=footer
Title: About Us
Title: About Us
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/amrcorp/newsroom/corporate-information.jsp?anchorEvent=false&from=footer
Title: Corporate Information
Title: Corporate Information
Search URL Search Domain Scan URL
URL: http://phx.corporate-ir.net/phoenix.zhtml?c=117098&p=irol-IRHome
Title: Investor Relations
Title: Investor Relations
Search URL Search Domain Scan URL
URL: http://hub.aa.com/en/nr/home
Title: Newsroom
Title: Newsroom
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/productsGifts/tripInsurance.jsp?anchorEvent=false&from=footer
Title: Trip Insurance
Title: Trip Insurance
Search URL Search Domain Scan URL
URL: http://www.aa.com/myAccount/emailSubscriptionAlertsAccess.do?anchorEvent=false&from=footer
Title: Email Subscriptions
Title: Email Subscriptions
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/businessPrograms/groupsMeetings/main.jsp?anchorEvent=false&from=footer
Title: Group & Meeting Travel
Title: Group & Meeting Travel
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/businessPrograms/main.jsp?anchorEvent=false&from=footer
Title: Business Programs
Title: Business Programs
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/businessPrograms/cargo.jsp?anchorEvent=false&from=footer
Title: Cargo
Title: Cargo
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/travelInformation/airportAmenities/AACreditCard.jsp?anchorEvent=false&from=footer
Title: American Airlines Credit Card
Title: American Airlines Credit Card
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/productsGifts/giftCard.jsp?anchorEvent=false&from=footer
Title: Gift Cards
Title: Gift Cards
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/urls/fivestarservice.jsp?anchorEvent=false&from=footer
Title: Five Star Service
Title: Five Star Service
Search URL Search Domain Scan URL
URL: https://www.aavacations.com/deals/Shop_By_Theme-Last_Minute_Vacations?ADID=AACM-LML-ALL-13-14
Title: Last Minute Packages
Title: Last Minute Packages
Search URL Search Domain Scan URL
URL: http://www.aa.com/contactAA/viewContactAAAccess.do?anchorEvent=false&from=footer
Title: Contact American
Title: Contact American
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/utility/aacom_services_charges.jsp?anchorEvent=false&from=footer
Title: Baggage & Optional Service Charges
Title: Baggage & Optional Service Charges
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/aboutUs/customerCommitment/main.jsp?anchorEvent=false&from=footer
Title: Customer Service Plan & Flight Irregularities
Title: Customer Service Plan & Flight Irregularities
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/footer/privacyPolicy.jsp?anchorEvent=false&from=footer
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/footer/legal.jsp?anchorEvent=false&from=footer
Title: Legal
Title: Legal
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/footer/copyright.jsp?anchorEvent=false&from=footer
Title: Copyright
Title: Copyright
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/utility/siteMap/siteMap.jsp?anchorEvent=false&from=footer
Title: Site Map
Title: Site Map
Search URL Search Domain Scan URL
URL: http://www.aa.com/i18n/footer/browserRequirements.jsp?anchorEvent=false&from=footer
Title: Browser Compatibility
Title: Browser Compatibility
Search URL Search Domain Scan URL
URL: http://twitter.com/americanair
Search URL Search Domain Scan URL
URL: http://youtube.com/americanairlines
Search URL Search Domain Scan URL
URL: http://facebook.com/aa
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://link.info.email.aa.com/ls/click?upn=6Bg-2BgqSVznbULFxyD8xRE-2FpfRPzT74c0z0ELXmzO-2FGgjh22MzIZUwyIoHuJOukTZE06Yz48vPbEgVThIg2tQdg-3D-3Dk8pw_CTjYQnnmRvbJBQc9BrJ-2FkVneF4Am4-2B9-2BRInMLNFQ-2BNmOEO1oQZ0SH-2BSphB03Nw8HXK335D27sXEv-2F4237yrZOK9q50wFAM3-2BfD5WCpBC4RfDNiibaDA88nPbiIB8lBAADH1iQ38m-2BEcL8JLti3g6I2kQMh4RUerYQAZT-2BiCbZkr7G2UUtivTGVTlZWqKAt3GMzZ13UYERfWLVbw1-2FSIFm18syES6EOV1WMwFZlStTkzjLjqhUkd5DbYveod2cT2tS1VPLvm2hGOz8ZmScIJ6XmZ-2B-2F6Hzh30JPL30C1YkvNsBLlJfyCBggHij6-2F2br5vQn9CQD4L1bVG2MYU8SesxNwrti6633Kr5Q1cFoNyEL3c-3D
HTTP 302
https://prefunds.aa.com/refunds/?ntf=cne,ivr,eml,cta Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://aa.com/content/images/chrome/rebrand/icon-footer-twitter.png HTTP 301
- https://www.aa.com/content/images/chrome/rebrand/icon-footer-twitter.png
- https://aa.com/content/images/chrome/rebrand/icon-footer-youtube.png HTTP 301
- https://www.aa.com/content/images/chrome/rebrand/icon-footer-youtube.png
- https://aa.com/content/images/chrome/rebrand/icon-footer-facebook.png HTTP 301
- https://www.aa.com/content/images/chrome/rebrand/icon-footer-facebook.png
- https://aa.com/content/common/styles/onlineopinionV5/oo_float_icon.gif HTTP 301
- https://www.aa.com/content/common/styles/onlineopinionV5/oo_float_icon.gif
- https://cm.everesttech.net/cm/dd?d_uuid=38302569958820613701150268338649406213 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZS1F5QAAAFXd9AN-
- https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=Lv9ERfnJVQ5n5R8dK0sg0Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=O7cRsUYsxw5qRi6Xkk9ME4Ct4dLOa-KWn0L02vgpJUgboJK_-1WgWj2TJ_gvNGCs HTTP 302
- https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=Lv9ERfnJVQ5n5R8dK0sg0Q&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=O7cRsUYsxw5qRi6Xkk9ME4Ct4dLOa-KWn0L02vgpJUgboJK_-1WgWj2TJ_gvNGCs&google_tc= HTTP 302
- https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=O7cRsUYsxw5qRi6Xkk9ME4Ct4dLOa-KWn0L02vgpJUgboJK_-1WgWj2TJ_gvNGCs&google_gid=CAESEK0UlVopbjULIwlWqCmWJNI&google_cver=1
- https://cm.g.doubleclick.net/pixel?google_hm=Lv9ERfnJVQ5n5R8dK0sg0Q&google_nid=sojern_adh HTTP 302
- https://cm.g.doubleclick.net/pixel?google_hm=Lv9ERfnJVQ5n5R8dK0sg0Q&google_nid=sojern_adh&google_tc= HTTP 302
- https://fcmatch.google.com/pixel?google_gm=AMnCDopIVzXMJTr6fLlDN1Pw7rkuy8cYTYDKhjwTGr-PO_KNTNCmLCi49MqiGn8KqUw_slnK9XIvE4wSstEN4SWt8i9hp6C_jXRbuC3pPBlA5UAOvA7drX4 HTTP 302
- https://fcmatch.youtube.com/pixel?google_gm=AMnCDopIVzXMJTr6fLlDN1Pw7rkuy8cYTYDKhjwTGr-PO_KNTNCmLCi49MqiGn8KqUw_slnK9XIvE4wSstEN4SWt8i9hp6C_jXRbuC3pPBlA5UAOvA7drX4
- https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=O7cRsUYsxw5qRi6Xkk9ME4Ct4dLOa-KWn0L02vgpJUgboJK_-1WgWj2TJ_gvNGCs HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DO7cRsUYsxw5qRi6Xkk9ME4Ct4dLOa-KWn0L02vgpJUgboJK_-1WgWj2TJ_gvNGCs HTTP 302
- https://pixel.sojern.com/idsync/apn?id=7443043472498905979&sjrn_id=O7cRsUYsxw5qRi6Xkk9ME4Ct4dLOa-KWn0L02vgpJUgboJK_-1WgWj2TJ_gvNGCs
86 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
prefunds.aa.com/refunds/ Redirect Chain
|
26 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ruxitagentjs_ICA2NVfgjqru_10261230220152234.js
prefunds.aa.com/refunds/ |
221 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
core.css
prefunds.aa.com/refunds/static/styles/ |
248 KB 249 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
data-behavior.css
prefunds.aa.com/refunds/static/styles/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
placeholder.css
prefunds.aa.com/refunds/static/styles/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aa-jquery-ui-1.7.2.css
prefunds.aa.com/refunds/static/styles/ |
31 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
alert-banner.css
prefunds.aa.com/refunds/static/styles/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
engine.js
prefunds.aa.com/refunds/js/ |
44 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.9.1.js
prefunds.aa.com/refunds/js/ |
262 KB 263 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
preload.js
prefunds.aa.com/refunds/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CountryLanguageSelectAjaxUtils.js
prefunds.aa.com/refunds/js/ |
510 B 928 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aacom.js
prefunds.aa.com/refunds/js/ |
0 442 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aaPillboxRadio.js
prefunds.aa.com/refunds/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aaDropDownPanel.js
prefunds.aa.com/refunds/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aaCountryLanSelect.js
prefunds.aa.com/refunds/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aaTabs.js
prefunds.aa.com/refunds/js/ |
851 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aa-logo.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
oneworld.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.9.2.js
prefunds.aa.com/refunds/js/ |
440 KB 440 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.validate.js
prefunds.aa.com/refunds/js/ |
38 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
validate_start.js
prefunds.aa.com/refunds/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
additional-methods.js
prefunds.aa.com/refunds/js/ |
24 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aad_tkt2.gif
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
15 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aad_tds.gif
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
25 KB 25 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aa-email.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
64 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aaEtds.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
115 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aaUtilities.js
prefunds.aa.com/refunds/js/ |
14 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aadvantage_logo.gif
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-footer-twitter.png
www.aa.com/content/images/chrome/rebrand/ Redirect Chain
|
953 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-footer-youtube.png
www.aa.com/content/images/chrome/rebrand/ Redirect Chain
|
442 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-footer-facebook.png
www.aa.com/content/images/chrome/rebrand/ Redirect Chain
|
834 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oo_float_icon.gif
www.aa.com/content/common/styles/onlineopinionV5/ Redirect Chain
|
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/aa/main/prod/ |
505 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync.html
www.aa.com/assets/html/gdpr/ Frame B54F |
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.currency.js
tags.tiqcdn.com/utag/tiqapp/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.147.js
tags.tiqcdn.com/utag/aa/main/prod/ |
173 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
last-event-tag-latest.min.js
www.everestjs.net/static/le/ |
8 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
76f1f838
www.aa.com/akam/13/ Frame B54F |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JUJL4-2QKWZ-FENBC-AM6H5-MUCW4
s.go-mpulse.net/boomerang/ Frame 983F |
187 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame B54F |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame B54F |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
375 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.json
c.go-mpulse.net/api/ Frame 983F |
49 B 321 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
americanairlines.demdex.net/ Frame 5800 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
metrics.aa.com/ |
48 B 455 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=ZS1F5QAAAFXd9AN-
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s27784162762188
smetrics.aa.com/b/ss/aaproduction/1/JS-2.17.0/ |
43 B 303 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
americansans-light-webfont.woff
prefunds.aa.com/refunds/static/content/fonts/american/ |
30 KB 30 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
american-icons-v4.woff
prefunds.aa.com/refunds/static/content/fonts/american/ |
65 KB 65 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
core.css
prefunds.aa.com/refunds/static/styles/ |
248 KB 249 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shadow12-down.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
307 B 712 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shadow12-up.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
303 B 708 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
pixel_76f1f838
www.aa.com/akam/13/ Frame B54F |
0 963 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.9.1.js
prefunds.aa.com/refunds/js/ |
262 KB 263 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aaTabs.js
prefunds.aa.com/refunds/js/ |
851 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.9.2.js
prefunds.aa.com/refunds/js/ |
440 KB 440 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
americansans-regular-webfont.woff
prefunds.aa.com/refunds/static/content/fonts/american/ |
29 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
americansans-medium-webfont.woff
prefunds.aa.com/refunds/static/content/fonts/american/ |
30 KB 30 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.218.js
tags.tiqcdn.com/utag/aa/main/prod/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.380.js
tags.tiqcdn.com/utag/aa/main/prod/ |
31 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.293.js
tags.tiqcdn.com/utag/aa/main/prod/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.438.js
tags.tiqcdn.com/utag/aa/main/prod/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.445.js
tags.tiqcdn.com/utag/aa/main/prod/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aad_tkt2.gif
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
15 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aad_tds.gif
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
25 KB 25 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aa-email.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
64 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aaEtds.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
115 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hp
pixel.sojern.com/partner/u92U4k5zXBaHHCr9/ |
2 KB 861 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
quantum-aa.js
cdn.quantummetric.com/qscripts/ |
549 KB 113 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 433 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_error
uconnect.tealiumiq.com/ulog/ |
43 B 454 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AdX
pixel.sojern.com/idSync/ Redirect Chain
|
42 B 272 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel
fcmatch.youtube.com/ Redirect Chain
|
170 B 432 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apn
pixel.sojern.com/idsync/ Redirect Chain
|
42 B 275 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s24249205158358
smetrics.aa.com/b/ss/aaproduction/1/JS-2.17.0/ |
43 B 291 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
e4b10fc2-419c-41fe-9766-b0a7e2bff728
https://prefunds.aa.com/ |
17 KB 0 |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
aa-app.quantummetric.com/ Frame C2F6 |
90 B 790 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
aa-sync.quantummetric.com/ Frame C2F6 |
0 680 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shadow12-down.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
307 B 739 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
shadow12-up.png
prefunds.aa.com/refunds/static/content/images/chrome/rebrand/ |
303 B 708 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
rb_daa15b35-f63b-46fe-8465-781f95df871a
prefunds.aa.com/refunds/ |
119 B 276 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
aa-app.quantummetric.com/ Frame C2F6 |
28 B 748 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
aa-app.quantummetric.com/ Frame C2F6 |
0 653 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
aa-app.quantummetric.com/ Frame C2F6 |
0 653 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
hash-check
rl.quantummetric.com/aa/ Frame C2F6 |
2 B 227 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
hash-check
rl.quantummetric.com/aa/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
blank
cdn.quantummetric.com/helpers/ Frame DA48 |
209 B 242 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
rb_daa15b35-f63b-46fe-8465-781f95df871a
prefunds.aa.com/refunds/ |
119 B 276 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
182 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 function| Animation object| event object| dT_ object| dtrum object| dynatrace object| utag_data object| utag_err boolean| utag_condload object| noview_list boolean| utdebug object| tag_ld_rule object| gdpr_ex object| utag boolean| hasLoadRuleMatch boolean| hasExemptionMatch function| rdcook function| utaglog function| getParameterByName function| poll function| wa_dataattBase function| pdate function| datediff function| clean function| onlyUnique function| ondsplit_new function| create_UUID function| ScSelAuto function| cssbuilder_main function| cssbuilder_carg function| cssbuilder_bgt function| htmlbuilder_main function| htmlbuilder_carg function| htmlbuilder_bgt function| _tealium_old_error boolean| __tealium_twc_switch object| utag_cfg_ovrd object| TlIq_CustmVals boolean| nvm function| e string| f object| AADA object| TlIqCustmFun object| utag2 object| tealiumCmpIntegration object| url string| tl_profile string| ctrvaltmp object| utag_gdpr object| dt_defaults function| _json_sync_function function| _json_sync_function02 object| _json_sync function| _json_sync_resetValues object| block_state object| tealiumiq_currency string| scache_objnm string| scache_key object| spaTrackCalls object| utag_data_trackcalls_merged object| utag_data_trackcalls string| temp_prd_dt object| qsp_dfnd object| qsp_from_url object| qsp_url object| qsp_url_k object| qsp_url1 string| queryString_concat object| elgArr object| s boolean| temp_sync undefined| consent_cat undefined| consent object| visitor function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| adobe function| Visitor number| s_objectID number| s_giq string| dt object| tl number| pt string| sp function| AdCloudEvent object| s_i_aaproduction object| dwr object| DWREngine function| $ function| HM_f_PopUp function| HM_f_PopDown object| preloadArray string| menuItem number| menuNum object| myimages function| preloadimages function| contactAA function| printPage function| printViewMiles function| rollover function| viewAvailableSeats undefined| winViewSeats function| openViewAvailableSeats function| popUp function| popDown number| HM_PG_MenuWidth string| HM_PG_FontFamily number| HM_PG_FontSize number| HM_PG_FontBold number| HM_PG_FontItalic string| HM_PG_FontColor string| HM_PG_FontColorOver string| HM_PG_BGColor string| HM_PG_BGColorOver number| HM_PG_ItemPadding number| HM_PG_BorderWidth string| HM_PG_BorderColor string| HM_PG_BorderStyle number| HM_PG_SeparatorSize string| HM_PG_SeparatorColor string| HM_PG_ImageSrc string| HM_PG_ImageSrcLeft number| HM_PG_ImageSize number| HM_PG_ImageHorizSpace number| HM_PG_ImageVertSpace boolean| HM_PG_KeepHilite number| HM_PG_ClickStart boolean| HM_PG_ClickKill number| HM_PG_ChildOverlap number| HM_PG_ChildOffset object| HM_PG_ChildPerCentOver number| HM_PG_TopSecondsVisible number| HM_PG_StatusDisplayBuild number| HM_PG_StatusDisplayLink object| HM_PG_UponDisplay object| HM_PG_UponHide boolean| HM_PG_RightToLeft number| HM_PG_CreateTopOnly number| HM_PG_ShowLinkCursor boolean| HM_PG_NSFontOver object| CountryLanguageSelectAjaxUtils object| $pillboxes object| $prettyControls function| aaTabs function| submitSearchForm function| getInternetExplorerVersion function| checkVersion function| DP_jQuery_1697465830337 object| modal function| closeModal string| activeDialog object| dialogArray function| aa_Utilities function| aa_Utilities_Dialog function| aa_Utilities_Format function| DP_jQuery_1697465830634 string| utagcond_temp object| sucesscheckDev function| tcf object| chdgobj object| aaUtil string| ptnrid number| t string| iniid function| consoleError string| qmErrString function| QuantumMetricInstrumentationStart object| QuantumMetricAPI object| evnttrackobj undefined| evnt_param number| spaobjcount object| clbtn function| qmflate function| _QuantumMetricSymbol43 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| prefunds.aa.com/refunds/static/content/images/chrome/rebrand | Name: srv_id Value: server6 |
|
| prefunds.aa.com/refunds/static/content/fonts/american | Name: srv_id Value: server6 |
|
| prefunds.aa.com/refunds/static/styles | Name: srv_id Value: server6 |
|
| prefunds.aa.com/refunds/js | Name: srv_id Value: server6 |
|
| prefunds.aa.com/refunds | Name: srv_id Value: server6 |
|
| prefunds.aa.com/ | Name: JSESSIONID Value: 0000WjNZfIEdWw_Ts8WYbS1siLv:1garflm8o |
|
| .aa.com/ | Name: dtCookie Value: v_4_srv_40_sn_A48AF6807B95C26F27F379CFA8A8A13A_perc_100000_ol_0_mul_1_app-3A9edc2b91a4ffd453_1_rcs-3Acss_0 |
|
| .aa.com/ | Name: rxVisitor Value: 1697465829063E3GSKOTAV1HN7GO0V780J5K2OHS0N96P |
|
| .aa.com/ | Name: dtLatC Value: 455 |
|
| .aa.com/ | Name: dtSa Value: - |
|
| aa.com/ | Name: aka_state_code Value: HE |
|
| aa.com/ | Name: aka_cr_code Value: DE-HE |
|
| aa.com/ | Name: akavpau_www_aafullsite Value: 1697466129~id=d2fd58db094b4f524033bfe0bf9007b1 |
|
| aa.com/ | Name: aka_lc_code Value: ML |
|
| .aa.com/ | Name: OPTOUTMULTI Value: 0:0%7Cc1:0%7Cc3:0 |
|
| .aa.com/ | Name: OPTOUTMULTI_EXP Value: Sun, 14 Jan 2024 15:17:09 GMT |
|
| .aa.com/ | Name: OPTCKMS Value: n |
|
| www.aa.com/ | Name: aka_state_code Value: HE |
|
| www.aa.com/ | Name: aka_cr_code Value: DE-HE |
|
| www.aa.com/ | Name: akavpau_www_aafullsite Value: 1697466129~id=d2fd58db094b4f524033bfe0bf9007b1 |
|
| www.aa.com/ | Name: aka_lc_code Value: ML |
|
| .aa.com/ | Name: _abck Value: A8AF9B91EF6CCBE5EE796AF4174A4E36~-1~YAAQEqAkF3wntTeLAQAAvwfZOAqd5BA1pw/vigc1/QBjhtT7mjJp8zkI0Ky8Epiry+EkZJ14EWNXdtDnHS8wDA6qvDZryNaDb4g/l+uSC4eNo0KnLsq/yIo2eAVBxwyKvNiZqm2eQNoxFk03ltgc8TrlN7HbNL0117bsjEaC2OfNcDGD93eQ//GDD5tO5ScHj3i/20PrePB/DFhCfL/ShflkU/ANSk9QYVeDsVYhsUEEdFSXDxUnHBzQBOdJluRIe5jkcJiE79cMaHjve2jrLQaOWKx/WYrGEW0quI737AAB9BsKNvVZ47Ujffad0cNzhS1gxji9n8OQG9VEGIXt/TS4aO+iR4HL7fBWPR+iHk5vcW2si77RdQ==~-1~-1~1697469333 |
|
| .aa.com/ | Name: bm_sz Value: E39AC0CF003E263F7433FE1F80A7890D~YAAQEqAkF38ntTeLAQAAvwfZOBVdU3MCnMEYmmw/FWqPDny/tAzEnVjVbqmHPhhLNpdg56SSvZtkMi+AllUzUVDDfjXCBE/2GTlxwxdl2iqmO5rLH2x0825RC7SMMHVAIWZH2w45yd+GDCrl4lifgMfeRRim5A9WznJWt2KGbHoEr+yR4L9a29+okjakQLChwM1ZqnKh5VKP+pi7/EaDbtS8Bg+7u3ScysCUwNLA6F1sKlsY0m97JAfCC9LP5sFxGRN08brr8k90pRTk02Kby52x6Tn45vSf3oe3ZcFs1A==~3490114~3748405 |
|
| .demdex.net/ | Name: demdex Value: 38302569958820613701150268338649406213 |
|
| .aa.com/ | Name: AMCVS_025C69945392449B0A490D4C%40AdobeOrg Value: 1 |
|
| .aa.com/ | Name: s_ecid Value: MCMID%7C38397625846426749111123875972507284960 |
|
| .aa.com/ | Name: s_cc Value: true |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZS1F5QAAAFXd9AN- |
|
| .dpm.demdex.net/ | Name: dpm Value: 38302569958820613701150268338649406213 |
|
| .aa.com/ | Name: AMCV_025C69945392449B0A490D4C%40AdobeOrg Value: 1585540135%7CMCMID%7C38397625846426749111123875972507284960%7CMCAAMLH-1698070629%7C6%7CMCAAMB-1698070629%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1697473029s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19654%7CvVersion%7C4.4.0 |
|
| .aa.com/ | Name: ak_bmsc Value: 22964F2BA9ECE7BE0517D85023C69E35~000000000000000000000000000000~YAAQEqAkF8IntTeLAQAAOwrZOBVIqCpKhHfeslh0WlyH1AMyvtCO50v/Hmnp3oYIp817c6zcH8KXXRrA09r8VfQygR3riuFccMpYcKuYNXOhI8AxALVRgALaY1kMYuuFnh8tRSbYWp9UYZImitnYQxy3GN/c0/+oBz6WDxvbaZZDSY0Nw5CreEfoaHZrUO7ENmDuIcr4JfJ9ZsGP+xz2fxiOjdFPgDknwZRLHmFebyQJoQmBQni9Ha8nLuloK3drzZuvwKuc0/Rf/H/gjnLxvvYOjKrGP8mRcCTfEbn0Q3B3L8XBKLbKG2R8FVLG6T3stefbGcka2TsuECnIAVRyvA4lSWB47oG+nw9f+YQyPGIfSwcuIaWc+5pX2DBiBwtFyGUEykTQAhIxkRG2VyCpeEGaZtsTEIBK+Aype3CLAfUyKkOjLDLf5aftA/usOMcArTb9qaHqaj1NTRYJ1K7+C82EJj3IPsau+PPzWpUh3Zhn7GPYZfnZJkUfyAq16w== |
|
| .sojern.com/ | Name: adh Value: 1 |
|
| .adnxs.com/ | Name: uuid2 Value: 7443043472498905979 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUmV7f03yjrreIxhpeIr5DirpLmeeWF9BqsGUmE28gqBv7pxi-lxx8SM2_907uM |
|
| .sojern.com/ | Name: cid Value: 2eff4445-f9c9-550e-67e5-1f1d2b4b20d1#1697414400000 |
|
| .sojern.com/ | Name: apnid Value: 7443043472498905979 |
|
| .sojern.com/ | Name: gid Value: CAESEK0UlVopbjULIwlWqCmWJNI |
|
| .aa.com/ | Name: rxvt Value: 1697467631135|1697465829064 |
|
| .aa.com/ | Name: s_tp Value: 1633 |
|
| .aa.com/ | Name: s_ppv Value: Home%2C73%2C73%2C1200 |
|
| .aa.com/ | Name: dtPC Value: 40$65829061_285h-vCDAMLMKDKSPKTDRPBBPAPINCBPPOHPFR-0e0 |
|
| .aa.com/ | Name: QuantumMetricSessionID Value: 25dcdda0238382c63ae67fec8048ed91 |
|
| .aa.com/ | Name: QuantumMetricUserID Value: 055622d7b6635ef9705785e801ab16b9 |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aa-app.quantummetric.com
aa-sync.quantummetric.com
aa.com
americanairlines.demdex.net
c.go-mpulse.net
cdn.quantummetric.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
fcmatch.google.com
fcmatch.youtube.com
ib.adnxs.com
link.info.email.aa.com
metrics.aa.com
pixel.sojern.com
prefunds.aa.com
rl.quantummetric.com
s.go-mpulse.net
smetrics.aa.com
tags.tiqcdn.com
uconnect.tealiumiq.com
www.aa.com
www.everestjs.net
104.197.213.79
107.178.244.119
144.9.35.37
167.89.115.150
172.217.16.194
185.89.210.141
2.19.70.207
2.23.198.17
2600:9000:2251:8000:7:2bfb:7c00:93a1
2606:4700:10::ac43:149e
2a00:1450:4001:80b::200e
2a00:1450:4001:830::200e
2a02:26f0:480:18d::11a6
2a02:26f0:480:980::11a6
3.127.56.68
3.248.147.241
34.133.249.191
34.247.108.36
34.66.3.160
52.210.141.111
63.140.62.22
69.192.162.114
0437b50eb4764bf52a441ab494e12f0fa493c630e156d79234b6c752055cb000
0527271c146e6ad82828d1c63401e1c1ee1b347bd40b62d3456ed86babb6e392
07e2a6fb0d22cdbde787ec2941eb285c222861ddc3cbc8903315b6e5942be8cb
0b4a8bfcf31ac01feb795c8c176907dacfcecdc3648128b50c773ae5b33e3a44
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f06c3ba5e69d7ebd16cf11a046272ea3fdf9fcaa667215c6e9ffb3896d442d8
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
18f5183b88dc9a30d65bc0a5cf6f0bff6268559acf12994dd8adbd979032d2b7
1f971060c9bee15331552b3122b04a14adde67a0c61e4f17c4ba519f6f41f173
208e95d3b3eb050ca070af8d98bdd94ffd8db118a1454438c08d3c6062450121
22daabce46f52cc6069e25420862fbf0c54f55d6e7d80f03844bbc40fb029f29
231f69ea1a336f95f0d6f15953f6e8fa983472272ea9e17f8a4f5889667ec311
2f242acd320d82cddd3195fd2d3b671ecdbbb4f853967db382763cebcccf3e11
2f6eaba60b44b7f4f0942a4b9279332823d9712b317ae8ab69ecf17d18389975
2f7811c69cc24aceb0ec5b8a38e7817ae54bdc160e2223b620462619d3389359
306eadca476067703eb9ae58e5f26192a27e02ebf550565a6b6565e61b3c3e73
3213c13f49e0511baefa391fee1320a0fe8568207dc88d65016996751e3c3265
34a74f3e6622f7a4c509dd1d679b21d459dd943ee1c4f2afe95ac4549b148b51
4169873057bfbc848c11331c4dc5854f22a7688801856d13a9851506a93312ff
431b8ec1d1900f971506695607c71185badb43d238ef633f1584d720d6afeb33
4350b683377e236eb6b2689540b79d110411dba7811583ff89677cff350a06e7
460abcbdd3495df47ce970803dfa01a46b5bbb12d24a80a623e723f4a2421e56
47b2e896eed9776bde33c48955e8451173b88e34ae9c1d6d53db528c4b62a0a4
4bc6f0b2ef71cdf0b6f8d24122b3de02c977a87ac70174ff9fe6724fb65ca42a
4c788c428c2e656477335172571f8b36c6a0c80044b31af2b7c8056a7f1e13d5
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
547cc732dd84b836f30b435d7bff96c4a803bb12205b2543448b264c891748e6
590eb7cecda5e5108e23d38d1899b77b656af4eabac6777568724400bcd6415b
5a742b5fb2fff27c5d4b12cdfc8fb1cc0dbaac25c9d6d4049ab3e7483ebaf8c7
5e3dc5878de4a6dd3bb5aa7b06663a7fabda1a5b2d3f060f78d6df10793e9ac1
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
648fa034f13474d9fa07757e34e853afd3382168f2b42b1521448fa16711b067
68de6ea6084d613881a300a1cb59c3588c48259c9dbb42257d81bf2945a681df
6ac75cfc3babd6da30b470d56f02431f6176aba878895469ea90d34105d11b2a
726decca86fd71a74333387322697089ba67dca5c51413f0aa129e1b84c9e1e5
732f8929524690865265b366d7080d7f50ffdc84e7c64d59df0bce85ce43d170
746e2d22d8bed9aaa2e69d6dc6fb04c0b154d63d5ddefd53082d825464a809fa
77ae5666d674ea342eb03e4507c318136350b60ba81047576411725cf27c3cb6
7936df7f9638e63f83342d1731372c461e81d3c0d81c370d2b563c8af29ef405
79a1b226c3695f4e685a1bb911c73dddc3f1a7dbb6fd877674524e729f3491d8
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
840e6eb51d3ef3111ca5a02bb1a8b73236965122b8c42042a009ae5e4892602b
84e7f8bc66f0dfb52aa47d9e60ec6c75d16738d89f9f30465bc1266e4f8fca1c
85c0cbf79dd9952ce29b71b78e232fa839865691cf3ea6e46dcef1b0eb107f78
88c7418103c145b46e3c1a831e3b0c489a0809024d26881193808ef8344c31e0
8cb1472570e02f99a613ae33bc2a3ee794406bc4f1abdb722a2f76e90de8fa67
949ceab3a2bd00b8b2fcdccb5e46784f7908abc0f2b9ea07042dd98c5eb6d913
95bc2cc66ab2c382b96c002cb134cb927c8457a648afc8fd228298e39ce27e87
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
afbf8ee584ea7a45a95f709c8d03572067796ed177d119a3ea245c93a5f3d1c7
b68f0e4be8fae81c9aa4ce04d974253baacf39673615ea6f30d85f980f9a42ea
b6c2502da1a8be74bf817a4f149344370974a41ec4f8234f51ddbe12203db314
bf1a2cc416ffebc396b14ded20a05dc9132fc595247db6ddc2522e3b285f808a
c59764f1e16596d80eeffbf6b9ed1eab3b9da45dc85444f594f5fa2f594fcc83
c6cbfc3fab1d241bbe2c0055ea5254d83288b37853b522f346ef6f63becd598f
d3811d25f08e3b3c060e92485a714f08c414e5ef708f28e4da2cb892ce24c88d
d612504359ac5ef9aa8deab4f6cdf2b2becb8f0ee675a7cae26827d864676565
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e391b73aa0d7b1cc17dc290d7b51f78c23ed5b7f8a3f333eff10c0f373b07301
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5004849f15be8fb18babd239ae4090822de40ab2f810330fadb16bfa793927f
e54daa8cdd0acbf4e9e2a3466466db19816fd1ca56b86ed40b301f9f176573d3
eb4852221ecac3940f73f459264dcde4a024695ef1de49b6ddb26dc01a49f2c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbe2c5ecbd148ca06ea9be0260f8d2028d7b6fdb7b98cf57ca5eb551e49ee333
fc552e48f967634c04475baaa29f6fe10025c2aca7443907033fa46bec450aba