urlscan.io logo urlscan.io
SecurityTrails logo

www.flyingblue.us Open in urlscan Pro
193.57.244.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.flyingblue.us/
Effective URL: https://www.flyingblue.us/
Submission: On April 18 via manual from KY — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 61 HTTP transactions. The main IP is 193.57.244.97, located in France and belongs to AIRFRANCE-AS, FR. The main domain is www.flyingblue.us.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 3rd 2023. Valid for: a year.
This is the only time www.flyingblue.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 193.57.244.97 198340 (AIRFRANCE-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.124.15 16509 (AMAZON-02)
24 2600:141b:13:... 20940 (AKAMAI-ASN1)
5 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 72.44.50.157 14618 (AMAZON-AES)
3 104.17.209.240 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.131.49 16509 (AMAZON-02)
61 11
20    193.57.244.97 (France)

ASN198340 (AIRFRANCE-AS, FR)
www.flyingblue.us
2    2607:f8b0:4006:80d::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2607:f8b0:4006:820::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.164.124.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-15.jfk50.r.cloudfront.net
tdn.r42tag.com
24    2600:141b:13::17d7:824b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
img.static-fb.com
5    2600:141b:13::17d7:825b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
img.static-kl.com
1    72.44.50.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-50-157.compute-1.amazonaws.com
w.usabilla.com
3    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
znevcrkpzely9tahj-afklm.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    2607:f8b0:4006:80f::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.164.131.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-131-49.jfk50.r.cloudfront.net
d6tizftlrpuof.cloudfront.net
Apex Domain
Subdomains		 Transfer
24 static-fb.com
img.static-fb.com — Cisco Umbrella Rank: 463329
5 MB
20 flyingblue.us
www.flyingblue.us
945 KB
5 static-kl.com
img.static-kl.com — Cisco Umbrella Rank: 133934
1 MB
4 gstatic.com
fonts.gstatic.com
230 KB
3 qualtrics.com
znevcrkpzely9tahj-afklm.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1350
24 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
137 KB
1 cloudfront.net
d6tizftlrpuof.cloudfront.net
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
256 B
1 usabilla.com
w.usabilla.com — Cisco Umbrella Rank: 4112
11 KB
1 r42tag.com
tdn.r42tag.com — Cisco Umbrella Rank: 33089
13 KB
61 10
Domain Requested by
24 img.static-fb.com
20 www.flyingblue.us 1 redirects www.flyingblue.us
5 img.static-kl.com
4 fonts.gstatic.com www.flyingblue.us
2 siteintercept.qualtrics.com znevcrkpzely9tahj-afklm.siteintercept.qualtrics.com
www.flyingblue.us
2 www.googletagmanager.com www.flyingblue.us
www.googletagmanager.com
1 d6tizftlrpuof.cloudfront.net www.flyingblue.us
1 www.google-analytics.com www.googletagmanager.com
1 znevcrkpzely9tahj-afklm.siteintercept.qualtrics.com www.flyingblue.us
1 w.usabilla.com www.flyingblue.us
1 tdn.r42tag.com www.flyingblue.us
61 11
Subject Issuer Validity Valid
www.flyingblue.us
Sectigo RSA Organization Validation Secure Server CA		 2023-01-03 -
2024-01-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
tdn.r42tag.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-11-22		 9 months crt.sh
img.static-afkl.com
Sectigo RSA Organization Validation Secure Server CA		 2023-02-28 -
2024-02-28		 a year crt.sh
w.usabilla.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-09		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.flyingblue.us/
Frame ID: A68D3290E8AA9603757E118199DC67C4
Requests: 60 HTTP requests in this frame

Frame: https://w.usabilla.com/0bf83e457e01.js?lv=1
Frame ID: 182621414188659FA321EFBB7E4F9722
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/flyingblue-button-5bf1b62e20f1816963418d6bd9614f13.png
Frame ID: 0AD7B93D97A9A3FF591772DFD0DFE834
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flying Blue

Page URL History Show full URLs

  1. http://www.flyingblue.us/ HTTP 302
    https://www.flyingblue.us/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

61
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

7257 kB
Transfer

9046 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.flyingblue.us/ HTTP 302
    https://www.flyingblue.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.flyingblue.us/
Redirect Chain
  • http://www.flyingblue.us/
  • https://www.flyingblue.us/
80 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
0040ed32f4db7e2eb23a2137e5047946a207ae732f316727e9dcc955805a5ae8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://csp-report.airfrance.fr/; script-src 'self' https://*.airfranceklm.com https://*.accorhotels.com https://*.accor.com https://*.decibelinsight.net https://*.flyingblue.com https://gateway.zscalertwo.net https://gateway.zscloud.net https://*.google.com https://*.google-analytics.com https://*.hotjar.com https://*.klm.com https://*.optimizely.com https://*.qualtrics.com https://*.r42tag.com https://*.relay42.com https://*.force.com https://*.salesforce.com https://*.salesforce-sites.com https://*.salesforceliveagent.com/ https://*.usabilla.com 'unsafe-eval' 'unsafe-inline' https://*.googletagmanager.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
15600
Content-Security-Policy
frame-ancestors 'none'; report-uri https://csp-report.airfrance.fr/; script-src 'self' https://*.airfranceklm.com https://*.accorhotels.com https://*.accor.com https://*.decibelinsight.net https://*.flyingblue.com https://gateway.zscalertwo.net https://gateway.zscloud.net https://*.google.com https://*.google-analytics.com https://*.hotjar.com https://*.klm.com https://*.optimizely.com https://*.qualtrics.com https://*.r42tag.com https://*.relay42.com https://*.force.com https://*.salesforce.com https://*.salesforce-sites.com https://*.salesforceliveagent.com/ https://*.usabilla.com 'unsafe-eval' 'unsafe-inline' https://*.googletagmanager.com
Content-Type
text/html; charset=UTF-8
Date
Tue, 18 Apr 2023 14:48:44 GMT
Etag
W/"141b0-18774954b90"
Last-Modified
Wed, 12 Apr 2023 08:29:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
Via
1.1 RT_PU, 1.1 RT_PU
X-AFKL-Origin
back
X-AFKL-Site
tls
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Vcap-Request-Id
d3410eae-0ccb-4ae3-674a-7c010f3321c2

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://www.flyingblue.us/
gtm.js
www.googletagmanager.com/ 		203 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5C73CR6
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c40c178faf496ea06a6e8403a999862b7b6b099a19fd8881e9883f8f6f988c74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 14:48:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70106
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 14:08:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Apr 2023 14:48:45 GMT
styles.1f0abb771109365f.css
www.flyingblue.us/ 		195 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/styles.1f0abb771109365f.css
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
98a73e5b4f0b8972edf8d4cecd0d58fef030e5a209ef1131b07db8f71d87a2ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:45 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Content-Encoding
gzip
Last-Modified
Wed, 12 Apr 2023 08:29:14 GMT
Etag
W/"30d7a-18774954b90"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
X-Vcap-Request-Id
3328851c-ecdd-4238-4769-25464b71ff8b
Cache-Control
public, max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
53400
X-AFKL-Origin
back
runtime.f1417ea23f54469e.js
www.flyingblue.us/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/runtime.f1417ea23f54469e.js
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
6d2178ca0a2e4e77c3b51d5b1cc5107a2f558a7e38fb530d785a16e36ec99968

Request headers

Referer
https://www.flyingblue.us/
Origin
https://www.flyingblue.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:45 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Content-Encoding
gzip
Last-Modified
Tue, 11 Apr 2023 15:50:35 GMT
Etag
W/"d46-187710300f8"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Vcap-Request-Id
ff306e0f-2786-4751-5bad-edb0bcc804f8
Cache-Control
public, max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2424
X-AFKL-Origin
back
polyfills.cb49f405b077202c.js
www.flyingblue.us/ 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
78a3709ccccc9b83182af23fb4a2e6a3af641ff444bb7b22ee425f90b194f9ba

Request headers

Referer
https://www.flyingblue.us/
Origin
https://www.flyingblue.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:45 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Content-Encoding
gzip
Last-Modified
Tue, 11 Apr 2023 15:50:35 GMT
Etag
W/"86b8-187710300f8"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Vcap-Request-Id
eb0286e2-6e78-4fdd-4013-cade950f0eb0
Cache-Control
public, max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16079
X-AFKL-Origin
back
main.62c9de6b35ca820c.js
www.flyingblue.us/ 		2 MB
741 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/main.62c9de6b35ca820c.js
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
9b0faeafdb8990eb3bb2802254f22c6422c42f812e0df02ce1aa3377be56922d

Request headers

Referer
https://www.flyingblue.us/
Origin
https://www.flyingblue.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:45 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Content-Encoding
gzip
Last-Modified
Wed, 12 Apr 2023 08:29:15 GMT
Etag
W/"1d01d2-18774954f78"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
X-Vcap-Request-Id
a952f054-4740-48e4-56e8-f77d81191a2e
Cache-Control
public, max-age=0
Accept-Ranges
bytes
X-AFKL-Origin
back
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v34/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flyingblue.us/
Origin
https://www.flyingblue.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 14:06:43 GMT
x-content-type-options
nosniff
age
88922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39372
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Apr 2024 14:06:43 GMT
labels
www.flyingblue.us/kamino/i18n/ 		184 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/kamino/i18n/labels?market=US&lang=en
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
f354d190c2925b2a62503fa49808ce0f5809f1481c0306c37a066698816bcdc3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Content-Encoding
gzip
Etag
W/"2e080-Int6UHcsY0PMXVY2b4CYdd5lTWw"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
X-Vcap-Request-Id
6611efa1-2cea-4398-7dea-6708a71b0a73
Cache-Control
max-age=1769
Connection
Keep-Alive
Content-Length
61608
X-AFKL-Origin
back
Expires
-1
config
www.flyingblue.us/kamino/ 		691 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/kamino/config
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
800e86c2151da66610c53b720f0a8cd42fbe68a8d694b080bd2b12f8412d92ca

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Etag
W/"2b3-+h9iUj59pb6MNA6hlRuICAwvUQI"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
X-Vcap-Request-Id
83fe171a-ab7d-4d00-7212-5902ffb86b08
Cache-Control
max-age=945
Content-Length
691
X-AFKL-Origin
back
Expires
-1
1287-v1.js
tdn.r42tag.com/lib/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tdn.r42tag.com/lib/1287-v1.js
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/main.62c9de6b35ca820c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-15.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca17fd90d7194a335a98cfa704c25eb1b71c732bcd36f52ee2efbe94e62bfd4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
VvBQ.FyBqdX8ASHUP_ebISlS0YRc_8E_
content-encoding
gzip
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
date
Tue, 18 Apr 2023 14:40:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
JFK50-P7
age
536
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 12 Dec 2019 10:52:04 GMT
server
AmazonS3
etag
W/"8a28d38a73c866bb931ec7cf073f019d"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400, public
x-amz-cf-id
f72qdXnETYJzRzCdsHiRu_g-0y0gnKCYfEI62kC6sE5ssegwZ-GjCA==
is-logged
www.flyingblue.us/kamino/me/ 		5 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/kamino/me/is-logged?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Etag
W/"5-fLbvuYullyqbUJDcLlF/4U0SywQ"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
X-Vcap-Request-Id
eb4f8de1-0ad3-400f-56f3-378aa68ace38
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Content-Length
5
X-AFKL-Origin
back
Expires
-1
homepage
www.flyingblue.us/kamino/promoRewards/ 		1 KB
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/kamino/promoRewards/homepage?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
f1012dea86f666304cf3c5dea0d6cdcf387574f6d49052a7f6b53055805fffd5

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Content-Encoding
gzip
Etag
W/"434-Nvnand8TUB+q6VAAlqLdNcqdiBg"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
X-Vcap-Request-Id
634cbdcb-0f8d-423c-47ed-fb24999930aa
Cache-Control
max-age=1111
Connection
Keep-Alive
Content-Length
566
X-AFKL-Origin
back
Expires
-1
homepage
www.flyingblue.us/kamino/partners/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/kamino/partners/homepage?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
21d9434371e8e184e3b0a4af64764bf7a458342fd94983fdea9ffcb2f28d5139

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Content-Encoding
gzip
Etag
W/"9ef-TAayIcGmJefaDgIVDTYwGnMNqjE"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
X-Vcap-Request-Id
7806ea6a-5e65-4cfe-5008-9da4a92ce8fa
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
Keep-Alive
Content-Length
1269
X-AFKL-Origin
back
Expires
-1
earn
www.flyingblue.us/kamino/offers/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/kamino/offers/earn?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
26dac09f046606da762e168673a3be93a5786c1465a46d7894a0548058e113bd

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Content-Encoding
gzip
Etag
W/"b8b-vjJrYK3Sv3Ma+rzYQvpSUcI36h0"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
X-Vcap-Request-Id
52071008-228c-4303-71f8-81925cef3681
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
Keep-Alive
Content-Length
1292
X-AFKL-Origin
back
Expires
-1
spend
www.flyingblue.us/kamino/offers/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/kamino/offers/spend?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
347df51083827193abcf4fa49ac60e3baaa9323c36cbee8df750c8b54f2bbfd7

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Content-Encoding
gzip
Etag
W/"970-YrAi577sU34QPTyh89jc338UXXw"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
X-Vcap-Request-Id
d640b4bd-70d9-45d9-715a-a830465652c5
Cache-Control
max-age=66817
Connection
Keep-Alive
Content-Length
1097
X-AFKL-Origin
back
Expires
-1
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flyingblue.us/
Origin
https://www.flyingblue.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 10:31:03 GMT
x-content-type-options
nosniff
age
15464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30856
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 10:31:03 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v140/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flyingblue.us/
Origin
https://www.flyingblue.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 12:37:00 GMT
x-content-type-options
nosniff
age
94307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128616
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:52:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Apr 2024 12:37:00 GMT
XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v25/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaBTMnFcQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7da5e32922590d2ca6057bd7f2882269bdbcce1f53d3b622cfa1b7fcb95cca5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flyingblue.us/
Origin
https://www.flyingblue.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 10:33:07 GMT
x-content-type-options
nosniff
age
15340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35848
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 10:33:07 GMT
news
www.flyingblue.us/kamino/ 		841 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/kamino/news?page=0&length=2&lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
c4f55a145ad25d831233ac9c2aa82f6718c055e750965b09604522f2556ece8a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Etag
W/"349-YPJOzNFEXO6NUX/I1EkGiDvkpyU"
X-AFKL-Site
tls
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
X-Vcap-Request-Id
55018079-3ad9-40f4-4fca-12abd4381233
Cache-Control
max-age=454
Content-Length
841
X-AFKL-Origin
back
Expires
-1
airfrance.svg
www.flyingblue.us/assets/svgs/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/assets/svgs/airfrance.svg?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
5ae3936370175988dc4118c592de7499e1fd8e6a3734f46dadc8caa76585a672

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 11 Apr 2023 15:50:35 GMT
Etag
W/"1152-187710300f8"
X-AFKL-Site
tls
Content-Type
image/svg+xml
X-Vcap-Request-Id
b7ae6464-3b6f-4bba-6896-30e3e0246924
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
4434
X-AFKL-Origin
back
klm.svg
www.flyingblue.us/assets/svgs/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/assets/svgs/klm.svg?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
e4605db75030f3b2f788ebf41ad512428a9dc016d69af8dbe8c72db9ad735689

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 11 Apr 2023 15:50:35 GMT
Etag
W/"e60-187710300f8"
X-AFKL-Site
tls
Content-Type
image/svg+xml
X-Vcap-Request-Id
29b68747-1f1b-47ab-6376-6cffaca94bbb
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
3680
X-AFKL-Origin
back
transavia.svg
www.flyingblue.us/assets/svgs/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/assets/svgs/transavia.svg?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
e5fa088be9f48c60893e202608c3bce940187a203c2a3752dc218a32c71eb0e6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 11 Apr 2023 15:50:35 GMT
Etag
W/"9f2-187710300f8"
X-AFKL-Site
tls
Content-Type
image/svg+xml
X-Vcap-Request-Id
ae3b67f3-b98b-4d43-4ae0-d8d94caa399f
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
2546
X-AFKL-Origin
back
aircalin.svg
www.flyingblue.us/assets/svgs/ 		9 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/assets/svgs/aircalin.svg?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
be84d5c3cb599e71534d18372d199cfe8b843643fe2199f81b4b3496b7f79545

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:47 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 11 Apr 2023 15:50:35 GMT
Etag
W/"253d-187710300f8"
X-AFKL-Site
tls
Content-Type
image/svg+xml
X-Vcap-Request-Id
e1b4a4a6-435d-4822-50fc-9c276d67462d
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
9533
X-AFKL-Origin
back
kenya-airways.svg
www.flyingblue.us/assets/svgs/ 		15 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/assets/svgs/kenya-airways.svg?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
2d2b9679bc4f487689fc41cb09d8fc5822dff2b14d932456b5015823f7f4ea3a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:48 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 11 Apr 2023 15:50:35 GMT
Etag
W/"3b9d-187710300f8"
X-AFKL-Site
tls
Content-Type
image/svg+xml
X-Vcap-Request-Id
ee755eaf-7e1f-4b5d-78bb-642d8bbfe4b1
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
15261
X-AFKL-Origin
back
tarom.svg
www.flyingblue.us/assets/svgs/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flyingblue.us/assets/svgs/tarom.svg?lang=en&market=US
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.57.244.97 , France, ASN198340 (AIRFRANCE-AS, FR),
Reverse DNS
Software
/
Resource Hash
ebda43d797141e976b5217d7614b75520b2e0a0f55d8529e8344a9c64effff59

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.flyingblue.us/en/home
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 14:48:48 GMT
Via
1.1 RT_PU, 1.1 RT_PU
Last-Modified
Tue, 11 Apr 2023 15:50:35 GMT
Etag
W/"22be-187710300f8"
X-AFKL-Site
tls
Content-Type
image/svg+xml
X-Vcap-Request-Id
35d873b9-c4b9-4bdd-71e7-b52616a17ef9
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
8894
X-AFKL-Origin
back
/
img.static-fb.com/images/media/95501DCC-B197-4672-95B8CEE9BC66FB48/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/95501DCC-B197-4672-95B8CEE9BC66FB48/?min_width=980
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
043149387dbccfccccc7b7ea8e9105c39e2c40e8775145dff9510628b4be55a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-331c02b52ab6bb6aaa7f6b6772c8d9ae' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
65620
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
5a7836e7-79a8-be37-4f2b-0b1fd01ad2ac
cache-control
public, max-age=78449
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
XdLp-9uV4b1ZSqjrvVTWGfQ9AbRYgHbUiaRdnF6GDYUe_vWcXrIUCw==
expires
Wed, 19 Apr 2023 12:36:17 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://www.flyingblue.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
23AB45DB-65D7-4446-87F6A84ABC945C1F
img.static-kl.com/images/media/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-kl.com/images/media/23AB45DB-65D7-4446-87F6A84ABC945C1F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:825b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
aca94f01dc279070391d72a55f384eb77b80b3f316fc8219d551877184c90e1c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-a0bb4f8f137aadfaeafccd690a5c9a62' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.klm-digital.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
content-disposition
inline
content-length
129552
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
f84e41f1-203c-5620-70f1-8a92c9406067
cache-control
public, max-age=5176611
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
-ggawYBOjgLcnlaUoe1NCPE70F_1CBiEhByNj83EqF5pNL2Ngd-7yg==
expires
Sat, 17 Jun 2023 12:45:39 GMT
56664F9E-FD5D-4CAA-BBD9214FDB39B065
img.static-kl.com/images/media/ 		205 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-kl.com/images/media/56664F9E-FD5D-4CAA-BBD9214FDB39B065
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:825b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f3fdf065a5cf43c98acc9786ab90264003d81877357021313ec55e1f8dab928a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-cf07df7b918acb3fabc2d2b177fe26ee' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.klm-digital.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
content-disposition
inline
content-length
209916
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
ab50e778-d544-d7c6-7929-32bcd7bc6d16
cache-control
public, max-age=5176611
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
OsmwTtt9it_do86126z4YkJoNVfJxtKVL7XN-_PR0b5zh8uMP0m4eg==
expires
Sat, 17 Jun 2023 12:45:39 GMT
B11045AD-4EEB-4358-AF778A7E07F287BA
img.static-kl.com/images/media/ 		296 KB
298 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-kl.com/images/media/B11045AD-4EEB-4358-AF778A7E07F287BA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:825b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
06d951c37cc6c5cdab1a5d98c6d1fa2b10b82e1ed42cbd248f1bafe30cee4071
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-664b96e25ca40748c0809176cb6d6c04' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.klm-digital.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
content-disposition
inline
content-length
302825
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
2861f21c-a230-e473-4e21-1fcc83eeed33
cache-control
public, max-age=5176611
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
U_r4vYQFrBKNzlUOwIasplVDyIds24BJR4XcKrNfWhg5ILEIzI3How==
expires
Sat, 17 Jun 2023 12:45:39 GMT
6D7E4A22-D8E1-434A-A15262F9981D8660
img.static-kl.com/images/media/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-kl.com/images/media/6D7E4A22-D8E1-434A-A15262F9981D8660
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:825b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3c9c6df0c52aa766bad4ef33db0e10f96a0af1ba7d67cec6fdabf59447b091a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-4d2dd3f8e2d2fe07691f201ac9a38b3e' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.klm-digital.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
content-disposition
inline
content-length
196308
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
d6bb41ed-7d80-7b07-7168-f3ce21c080f3
cache-control
public, max-age=5176592
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
c_KZsc8U7gOb70qKMYhMc8vS8JUyUIEvZ1T7wntYPZzEBsF7Z3D1hw==
expires
Sat, 17 Jun 2023 12:45:20 GMT
84608262-2B6D-44BF-A00E4AD31EE36FE6
img.static-kl.com/images/media/ 		221 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-kl.com/images/media/84608262-2B6D-44BF-A00E4AD31EE36FE6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:825b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
df1045a1e51c79eee46b99298da4c5f31dc61dd37639bf9ef2437cecfc3566e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-amz-cf-id
qF3Y4Z8cLAWQOjjF9tg7qq3QtdWVt80VMySh-6Q5jq9p6zh9g7xeCw==
server
nginx
x-amz-cf-pop
LHR50-P4
content-type
image/jpeg
x-api-correlation-id
292dfd60-c9f0-6b8d-0263-b182e881d248
cache-control
public, max-age=4828567
permissions-policy
camera=(), geolocation=(), microphone=()
content-disposition
inline
content-length
226468
x-xss-protection
1; mode=block
expires
Tue, 13 Jun 2023 12:04:55 GMT
/
img.static-fb.com/images/media/7697A3AD-7087-4F36-8D2CF4D03323EC88/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/7697A3AD-7087-4F36-8D2CF4D03323EC88/?extent=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d6c804605c7b592e0d795c411730f42fbb79443c19c43ce5f4d66e41b687dd43
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-9ffb9a810ff251b873f4818d05b54988' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
1996386
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
91469876-59e9-359f-a0b3-c1721bf768a7
cache-control
public, max-age=223673
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
pqVTtDQ5cFBP5HxGSIG29i9ccBtcZwQSx3yWvRSHd827KHQ3W2aMqg==
expires
Fri, 21 Apr 2023 04:56:41 GMT
/
img.static-fb.com/images/media/D192A3A9-35D9-48BC-8FA54CC6B5205441/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/D192A3A9-35D9-48BC-8FA54CC6B5205441/?extent=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
253df3bee42dbf21dca3bfa58bc92c3a234bb8ff93cf3274f0066c75127e3212
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-bf57182a82cc57fb21716a8640013767' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
1795707
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
c1289c2f-615c-ce7a-9f1b-7a1a2146841a
cache-control
public, max-age=171820
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
_H3wI2j8wb4I_8AiIwPRqCAYLnpkPQdDjALTZOyAYSAhaKpUkNzj7A==
expires
Thu, 20 Apr 2023 14:32:28 GMT
/
img.static-fb.com/images/media/F565E8D2-2878-4840-847943BDB3A1CB3C/ 		20 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/F565E8D2-2878-4840-847943BDB3A1CB3C/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5f92fbfd0bb232a9d8f663db90cd8be28de2f161ffd6b6c84bcfe2145a947fdb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-4104b188e71f11ecc91da39445a34651' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
20726
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/png
x-api-correlation-id
b208b68f-c2fa-510e-10fc-b82dfd9afcea
cache-control
public, max-age=280662
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
nOzjlw54RcTgUHRx57f1auT1-dKCUhU_4NUDLUpBB8qWqMSuFQbhOw==
expires
Fri, 21 Apr 2023 20:46:30 GMT
/
img.static-fb.com/images/media/F059A3E4-FB99-401B-A45CA2AC63AC25EE/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/F059A3E4-FB99-401B-A45CA2AC63AC25EE/?extent=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2ad3416d8378bea545a5d293b599d3fd928ad8ed0e064265ed8d60a86099ead8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-0ca13747338cf31a19cc1a59c24aa85d' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
17249
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
1b779cf7-bbf3-1dd0-372f-33becf248d30
cache-control
public, max-age=248692
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
gwB_yxh9Tz5Xh2EDdrdqHk96oIZTNJvEbAVDMXHHrke7rj1RxofcaQ==
expires
Fri, 21 Apr 2023 11:53:40 GMT
/
img.static-fb.com/images/media/0372F148-0BFC-4062-8DD56DD8FB5BC36F/ 		4 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/0372F148-0BFC-4062-8DD56DD8FB5BC36F/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ec9c6af005e8bcb2b4bf400acc0c5840d7409fc2893b763173c47eec8b7b4d90
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-f5abd6ac98d87c9531d0280fe012723e' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
4412
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/png
x-api-correlation-id
c463e454-79e4-cd3f-447e-698ce070bcf8
cache-control
public, max-age=223626
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
gaXsKLNwzfprJiDJwbEhfErm7tyztDaI4CTBEwt0qQlIp3BR0E4JAQ==
expires
Fri, 21 Apr 2023 04:55:54 GMT
/
img.static-fb.com/images/media/36FB0F70-AD2D-447A-ADEE5068EC2A5C7E/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/36FB0F70-AD2D-447A-ADEE5068EC2A5C7E/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
944375dbcd1c45039320c72eef1ba527efa1f1cfa4f91786dbc74739eecccfce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-e8ecbe350179a10d24aeb8d26b8afefd' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
36692
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/png
x-api-correlation-id
c2fd32b1-d81c-d069-6f18-bd8e4463a3a7
cache-control
public, max-age=334838
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
RO1ySia29EUUtwTWP_tt1SLTaw_dfwOHN33rFAm7gny2fC5siIDC1w==
expires
Sat, 22 Apr 2023 11:49:26 GMT
/
img.static-fb.com/transform/b0dc3af0-cbf2-49c9-83b5-9b842408b90d/GetYourGuide-GYG-Logo/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/transform/b0dc3af0-cbf2-49c9-83b5-9b842408b90d/GetYourGuide-GYG-Logo/?extent=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d71820abbccb95fe13f75b8d0462d438122efb617ad67257c28e6b372a8ac032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 14:48:48 GMT
server
nginx
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-31afb9e4b230632e2f52a7a7b76ca8fc' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
content-type
image/webp
access-control-allow-origin
*
x-api-correlation-id
5f460dae-9040-a551-0a90-5bc623504f5c
cache-control
public, max-age=656, s-maxage=15552000
content-disposition
inline; filename=".webp"; filename*=UTF-8''.webp
content-length
56178
x-amz-cf-id
GBdxK7HduUkjapGRxsgxBmV995g6XglybQXj5cFzg8g6VX2b5Sb6ZQ==
expires
Tue, 18 Apr 2023 14:59:44 GMT
/
img.static-fb.com/images/media/18AA630D-A706-4FEE-A080053522A87DA0/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/18AA630D-A706-4FEE-A080053522A87DA0/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b1506c751220df86ba25ad2e41a8328d2ab08b9fa0bddb32716b6590c067b433
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-cebd81caba1bac596dbe4ee493ae416f' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
32773
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
4eccc07c-e0b5-c155-92db-d99502981977
cache-control
public, max-age=518256
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
uwflHWCBlssiUUZVmzA3VrtozCnoB9Jgs9OKLQ5L55ESiNNysh1M3A==
expires
Mon, 24 Apr 2023 14:46:24 GMT
2392E851-AEE3-4419-A68017B6C93197D9
img.static-fb.com/images/media/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/2392E851-AEE3-4419-A68017B6C93197D9?extent=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
212f87fe72a83df93ebade65ee3768a6905745d9bb21883c479580855c593cda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-3cc22d5fddf5c8fa3449b36b6faccfb2' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
81963
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
cebbe458-1b2b-32ad-b61c-29ebd0d520b1
cache-control
public, max-age=528360
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
E1HcULj5rjjlNBzkqBYk06w5ytbYoA_cWE_DeKrUQf3iBZMiPoYWPg==
expires
Mon, 24 Apr 2023 17:34:48 GMT
/
img.static-fb.com/images/media/BC690945-C2A5-41A5-8BD7F77DFA6BF117/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/BC690945-C2A5-41A5-8BD7F77DFA6BF117/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c57c081c192abf3263a6e338a192b99976a1fbfd8b158cb069d4082573f957a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-bd5b44a6e4ff8d2000a537cd112613f9' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
87899
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
f1ba57df-0144-610f-43b2-9e4162829ca7
cache-control
public, max-age=110336
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
LUMU2JE3UefaFFIzDKQiE4zja2yHDJcB2nV0DRMk-8ZeP31ST98oLg==
expires
Wed, 19 Apr 2023 21:27:44 GMT
/
img.static-fb.com/images/media/6ACC53DC-0E22-49FB-AF94D9E5C6AC3FB7/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/6ACC53DC-0E22-49FB-AF94D9E5C6AC3FB7/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
14530be9186d185c23697f846916e2e51ede6308e7f3526f0e3121304357db5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-ab8b1f57180df85643b512230845cc4d' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
9032
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
76058308-e0ac-321c-55ce-6d207fa5e60a
cache-control
public, max-age=278598
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
Pgk0IMIDtA_cKsrIeNRX_74-Sd7_5Kc-8wWZQbC9nwJIJ7jjv1aKog==
expires
Fri, 21 Apr 2023 20:12:06 GMT
/
img.static-fb.com/images/media/882D1C01-C9F3-409E-9579C96A24F0B6D9/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/882D1C01-C9F3-409E-9579C96A24F0B6D9/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8ba36135d54266a8d57f09fa42d07395dbbb82743782358e030ad00c715d791b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-6a8f522d5a6e7f1808a6d96fb47bfecc' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
41864
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
5751eebb-7d00-6464-0ec1-589923e14071
cache-control
public, max-age=280906
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
r2I2v7BYcHgex08hrIecG6vBBxJ6EWdSNRs2msMLiihLOf0RHWSm_A==
expires
Fri, 21 Apr 2023 20:50:34 GMT
/
img.static-fb.com/images/media/162961B2-91DE-4ABF-88900A2EEAD61B39/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/162961B2-91DE-4ABF-88900A2EEAD61B39/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
31d47efd87f662d0cd720c34aa53e16840ca6521ddad471d3597286da35271cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-6541b8ab6034825f9e568ac1158c1b60' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
6374
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
2edc1144-a9fd-784b-02c0-07c904efe6e5
cache-control
public, max-age=110224
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
HQzxFh3ib4kfh7-B1utzJMFeGsj2b_xoVSI8qtn8WgAHb9DYlhQ2Ag==
expires
Wed, 19 Apr 2023 21:25:52 GMT
/
img.static-fb.com/images/media/3ACC557A-9D1B-4287-A91A8A9F03A650A2/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/3ACC557A-9D1B-4287-A91A8A9F03A650A2/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2063ad39646d9232d86941fb9cbeabc6732520786aab9be078387181981325c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-6bd3cfac6ba05045e9a0d10155815533' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
54892
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
2ab69d5e-02c3-de58-ed4d-7e9fdb38f71e
cache-control
public, max-age=110417
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
FtSFPCVa3oq6hsPSTKN70MAa1woAWeLLhs38T-JxETgbMx7A5e1vMw==
expires
Wed, 19 Apr 2023 21:29:05 GMT
/
img.static-fb.com/images/media/309648B1-0383-4AE4-965918D4AA290EDB/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/309648B1-0383-4AE4-965918D4AA290EDB/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
df38680d083cb2bfec49a78672d0439335c09e35734affe68648c366a4f9f112
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-9f50e820f431c72f14e40309a1bca7d8' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
67234
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/png
x-api-correlation-id
f3c76b80-6df2-bec1-c689-3300dd83efaf
cache-control
public, max-age=306001
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
JHYh1q8Z64v83iVGHyRRtgAM751ff3CRmNFtpDmesHN23c5nzRdJGg==
expires
Sat, 22 Apr 2023 03:48:49 GMT
/
img.static-fb.com/images/media/06AC184D-98D5-4A1A-ABF501528D7D84B1/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/06AC184D-98D5-4A1A-ABF501528D7D84B1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e0f9a1651f4a8b499f38e767003defdd47a2b64c174250bc8261e7dc4ed74a19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-fb26bd6c1f0067ab38459f7d567b59b5' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
111164
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
078b2595-3356-b8ab-1c70-547af35cd5f5
cache-control
public, max-age=75048
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
_TrKc_5-a7jdbHSSVIa4fRDtvaWkihaQjJicjtN7Qu0YtTUm0lC86g==
expires
Wed, 19 Apr 2023 11:39:36 GMT
DC4A2CAF-E544-44DD-AE9323DF294DDB45
img.static-fb.com/images/media/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/DC4A2CAF-E544-44DD-AE9323DF294DDB45?extent=true&crop=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4c1fb2db0218371903143736b7e2738730c5085acb30fc29f6c5ebf143034cae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-d0f6a7704f1e04f970095dd5cac553f1' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
154492
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
f12fcc13-fcca-27b5-0f2c-9922253b4905
cache-control
public, max-age=388826
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
kcVxj-WtBEpDWVefjGlvsi2S33Oun64aEsCL9UKd0uRBRg6eOfMe6w==
expires
Sun, 23 Apr 2023 02:49:14 GMT
AirBaltic_Logo
img.static-fb.com/transform/010d4b46-0363-41b9-a0b4-5e322463b123/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/transform/010d4b46-0363-41b9-a0b4-5e322463b123/AirBaltic_Logo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7ee58b665f31f9ad5c6ac56a5f5b3c968cb87bd444ec1fadb6c9743dd1b12670

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 14:48:48 GMT
server
nginx
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-06e5129321bd9650178c6be1328ac95b' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
content-type
image/webp
access-control-allow-origin
*
x-api-correlation-id
11892375-19d2-95c9-4608-b24385c2bf88
cache-control
public, max-age=365, s-maxage=15552000
content-disposition
inline; filename="AirBaltic_Logo.webp"; filename*=UTF-8''AirBaltic_Logo.webp
content-length
9302
x-amz-cf-id
mc7XkwWKqBwqOH098wBbTHfwgfM0SVleDd1DtiFl3i--z-_5mTH0gQ==
expires
Tue, 18 Apr 2023 14:54:53 GMT
/
img.static-fb.com/images/media/60C40BC3-9EE2-482B-B95F35F75696DECC/ 		72 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/60C40BC3-9EE2-482B-B95F35F75696DECC/?aspect_ratio=1:1&min_width=700
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0caf79cbd950ea3a2a25a26c52bb1254cfe674cb123e3eab5cb2d449032c928b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-2a0b2aceca9e09b55fef136c4849d3da' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
73923
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
ea964ff1-d957-9511-7754-22e58a8eba53
cache-control
public, max-age=602921
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
Vls4mKdmgAwM6IUVP6QMcCRau0Y6qdsYziYUqNJjjYk0W98B52WdPQ==
expires
Tue, 25 Apr 2023 14:17:29 GMT
F05FF800-5512-48FB-923BAEFAF66551B8
img.static-fb.com/images/media/ 		4 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/F05FF800-5512-48FB-923BAEFAF66551B8?extent=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4db0e8247f5572dafd5bd24db2def8849bd76cc416bed1403bc03693553df663
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-3a636a7a9fe1e64097816837bd7aea5b' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
4393
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/png
x-api-correlation-id
6d0c01a4-9233-f769-2409-499b0cd89e9c
cache-control
public, max-age=68235
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
_w62VbisDz2AHiV36SjVsQK0UazN7PYvabJurDFMjK9CDrCtY3iUNg==
expires
Wed, 19 Apr 2023 09:46:03 GMT
/
img.static-fb.com/images/media/F89648E9-03B6-4DA6-897726072FB0D3D5/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/F89648E9-03B6-4DA6-897726072FB0D3D5/?extent=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
71f1f8ed73ecbad2a25917a2e0694eb4d7ba62784e3cee8ae00ede5f8ee703c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-2bb52f23cbbe43565f2b90341fd05614' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
144273
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/jpeg
x-api-correlation-id
e30f290c-f6b9-9e90-7a94-45ca71dff45d
cache-control
public, max-age=280772
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
etmdNHsGvRj_BPo1RNoXL7Rgpb_p6vvGpElPfQo8vW079eumDrMtvQ==
expires
Fri, 21 Apr 2023 20:48:20 GMT
69669898-C378-40EC-BF8083B4AF91CFE8
img.static-fb.com/images/media/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/images/media/69669898-C378-40EC-BF8083B4AF91CFE8?extent=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
96a79becfcffe8619eaf1131a3ce970bc641a3f126f928caae199af3c1634e6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains
date
Tue, 18 Apr 2023 14:48:48 GMT
x-content-type-options
nosniff
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-d91b6fd19358b96c566138d62fb2783f' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
cross-origin-resource-policy
cross-origin
content-disposition
inline
content-length
33311
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
nginx
content-type
image/png
x-api-correlation-id
e14ef4f8-59ee-2113-e0e0-82f024a54c40
cache-control
public, max-age=151959
permissions-policy
camera=(), geolocation=(), microphone=()
x-amz-cf-id
105VxRSI1-DDZQuAszhz6uk5aCrs4ayzcGOsPPIftIkSjNg8u4HR1A==
expires
Thu, 20 Apr 2023 09:01:27 GMT
Event-Concert-Ticket-English-version-2
img.static-fb.com/transform/ad315e7f-8712-430c-a077-bf18e4edea93/ 		41 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.static-fb.com/transform/ad315e7f-8712-430c-a077-bf18e4edea93/Event-Concert-Ticket-English-version-2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:824b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
09d7e2e60364d9a022adf54a7d2717f5e360a2b83bb71be1c066cd397c28b900

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 14:48:48 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
LHR50-P4
content-security-policy-report-only
default-src 'nonce-e447d6c4d5921417fdd954d26816a4b9' 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://brix.flyingblue.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-api-correlation-id
9370773a-dd49-56a7-794c-e0b45adbe417
cache-control
public, max-age=629, s-maxage=15552000
content-disposition
inline; filename="Event-Concert-Ticket-English-version-2.svg"; filename*=UTF-8''Event-Concert-Ticket-English-version-2.svg
x-amz-cf-id
c0u34DHgC5o8JKaEpDcab6pamAPUKAgh7AY3im7Nr-sO3lQ4wMk7-g==
content-length
15245
expires
Tue, 18 Apr 2023 14:59:17 GMT
0bf83e457e01.js
w.usabilla.com/ Frame 1826 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.usabilla.com/0bf83e457e01.js?lv=1
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.44.50.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-50-157.compute-1.amazonaws.com
Software
/
Resource Hash
fcb6fa21aed07596df33fa04b7397f1c4482fd288e0bd3760b8b88da7d084c69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 14:48:48 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"781f74634fd40e7cd21c11724a3bc3ee"
content-type
text/javascript
cache-control
public,max-age=0
content-length
10940
/
znevcrkpzely9tahj-afklm.siteintercept.qualtrics.com/SIE/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://znevcrkpzely9tahj-afklm.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_eVCrKPzely9tAHj&Q_LOC=https%3A%2F%2Fwww.flyingblue.us%2Fen%2Fhome&t=1681829328333
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38bad1b097b1f6b610e65b753ce617ca8162fd40054e37d84a6eb2e2f643aaa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 14:48:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
398243
cf-polished
origSize=9051
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"235b-TOD/lqBFXut7wzP5T8aoHdl3kjo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7b9db5f6b90e02b6-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		184 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MBT2ZGRQS8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C73CR6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b544e41d6828bc283111a265864389e931d5aceee7c6f9b832edeb95bc54e3a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 14:48:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69126
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Apr 2023 14:48:48 GMT
collect
www.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MBT2ZGRQS8&gtm=45je34c0&_p=1943311142&cid=708523078.1681829329&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fhome&sid=1681829328&sct=1&seg=0&dl=https%3A%2F%2Fwww.flyingblue.us%2Fen%2Fhome&dt=Flying%20Blue&en=page_view&_fv=1&_nsi=1&_ss=1&ep.business_section=&ep.logged_in=false&ep.country_ep=US&ep.language_ep=EN&up.country=US&up.language=EN&up._npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MBT2ZGRQS8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 14:48:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flyingblue.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10.13da654ebc4ff074d07c.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/10.13da654ebc4ff074d07c.chunk.js?Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web&Q_BRANDID=www.flyingblue.us
Requested by
Host: znevcrkpzely9tahj-afklm.siteintercept.qualtrics.com
URL: https://znevcrkpzely9tahj-afklm.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_eVCrKPzely9tAHj&Q_LOC=https%3A%2F%2Fwww.flyingblue.us%2Fen%2Fhome&t=1681829328333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f1c140ebf7e31e6a8015d357d53b986280a1f847cff8b69e42220c01eb52cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 14:48:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
595624
cf-polished
origSize=66409
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 10 Apr 2023 18:07:31 GMT
cf-bgj
minify
server
cloudflare
etag
W/"10369-1876c5a02b8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7b9db5f799ec02b6-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
flyingblue-button-5bf1b62e20f1816963418d6bd9614f13.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 0AD7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6tizftlrpuof.cloudfront.net/themes/production/flyingblue-button-5bf1b62e20f1816963418d6bd9614f13.png
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/en/home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.131.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-131-49.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8141d66ed17da9d40923e0d9db354fd28908616ca53520bc9899edacd9c97738

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.flyingblue.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 08:39:44 GMT
x-amz-version-id
vbkwaP6We8UDl5QCwPftPZ6S7QmcHieP
Via
1.1 16af463a01c5a83f3019835cbbb82152.cloudfront.net (CloudFront)
Last-Modified
Thu, 05 Apr 2018 07:13:52 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P7
Age
20066945
ETag
"5bf1b62e20f1816963418d6bd9614f13"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=315360000, no-transform, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1896
X-Amz-Cf-Id
u8PdRV5ZAmok9wiIbdhGdK7rU8wKbBCsQNMWs6roiKLzHqwOBp8yrA==
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		57 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_eVCrKPzely9tAHj&Q_CLIENTVERSION=1.89.0&Q_CLIENTTYPE=web
Requested by
Host: www.flyingblue.us
URL: https://www.flyingblue.us/polyfills.cb49f405b077202c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
191c90e801eda262d5d782185a06b18569d22fa74974b8e907900f3a32543ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.flyingblue.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Apr 2023 14:48:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flyingblue.us
cache-control
must-revalidate, max-age=300
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
83cde90aa1b9f6b2
cf-ray
7b9db5f80a4c02b6-MIA
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| dataLayer boolean| iOS object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| webpackChunkwww function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched object| __zone_symbol__loadfalse function| Dropzone object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse object| __zone_symbol__ON_PROPERTYload function| _st function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| login function| logout function| enroll object| __zone_symbol__focusfalse object| _stq object| _stTracker object| __zone_symbol__messagefalse object| viewedComponents function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse function| lightningjs function| usabilla_live string| tc_cid object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse object| __zone_symbol__pagehidefalse object| gaGlobal object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.89.0 function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

9 Cookies

Domain/Path Name / Value
www.flyingblue.us/ Name: ASID_pcf-tls_public_cf
Value: !7p9SwfB71LOX2XprQdK/fTrtttB/11erUycRr9p29ALmTjdlmNVgyTBDnLWQnDzFTcPKWP2KkCLwUb6bMXx1T5BxwnorUC8Q4ebyRvY=
www.flyingblue.us/ Name: CLID_kamino_
Value: a1AhTEVf75nL+iN+8yqiJbiJHapjVnk2xJ4ncX3hburESaciFjObUgSmUz05xvVqtB3dlYiJ4gAAAAE=
.flyingblue.us/ Name: AFKL_VISITOR_ID
Value: 8255167840167492
www.flyingblue.us/ Name: TS01602da3
Value: 01025698dd13dab8569eb2e8568b9dec185c29bb4f1afd0622a8b6270d2fe04a4ab18965596b04be85dffb5cd732d0088ead13bb9a16182888f2db1e77b4af266411823215d5c9f1cd8e02977cfe68173d6bdd8687
.flyingblue.us/ Name: TS01d71221
Value: 01025698dd45ba4a2ea67a630fb4e84befa5ede9b21afd0622a8b6270d2fe04a4ab1896559b435b445c29c871bd8c0857a3977a94ee8f992a75074995c0e96228f63b58951
.flyingblue.us/ Name: fba_previous_page
Value: %2Fhome
.flyingblue.us/ Name: fba_previous_interaction
Value: none
.flyingblue.us/ Name: _ga_MBT2ZGRQS8
Value: GS1.1.1681829328.1.0.1681829328.0.0.0
.flyingblue.us/ Name: _ga
Value: GA1.1.708523078.1681829329

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://csp-report.airfrance.fr/; script-src 'self' https://*.airfranceklm.com https://*.accorhotels.com https://*.accor.com https://*.decibelinsight.net https://*.flyingblue.com https://gateway.zscalertwo.net https://gateway.zscloud.net https://*.google.com https://*.google-analytics.com https://*.hotjar.com https://*.klm.com https://*.optimizely.com https://*.qualtrics.com https://*.r42tag.com https://*.relay42.com https://*.force.com https://*.salesforce.com https://*.salesforce-sites.com https://*.salesforceliveagent.com/ https://*.usabilla.com 'unsafe-eval' 'unsafe-inline' https://*.googletagmanager.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d6tizftlrpuof.cloudfront.net
fonts.gstatic.com
img.static-fb.com
img.static-kl.com
siteintercept.qualtrics.com
tdn.r42tag.com
w.usabilla.com
www.flyingblue.us
www.google-analytics.com
www.googletagmanager.com
znevcrkpzely9tahj-afklm.siteintercept.qualtrics.com
104.17.209.240
18.164.124.15
18.164.131.49
193.57.244.97
2600:141b:13::17d7:824b
2600:141b:13::17d7:825b
2607:f8b0:4006:80d::2008
2607:f8b0:4006:80f::200e
2607:f8b0:4006:820::2003
72.44.50.157
0040ed32f4db7e2eb23a2137e5047946a207ae732f316727e9dcc955805a5ae8
043149387dbccfccccc7b7ea8e9105c39e2c40e8775145dff9510628b4be55a6
06d951c37cc6c5cdab1a5d98c6d1fa2b10b82e1ed42cbd248f1bafe30cee4071
09d7e2e60364d9a022adf54a7d2717f5e360a2b83bb71be1c066cd397c28b900
0caf79cbd950ea3a2a25a26c52bb1254cfe674cb123e3eab5cb2d449032c928b
14530be9186d185c23697f846916e2e51ede6308e7f3526f0e3121304357db5b
191c90e801eda262d5d782185a06b18569d22fa74974b8e907900f3a32543ff9
212f87fe72a83df93ebade65ee3768a6905745d9bb21883c479580855c593cda
21d9434371e8e184e3b0a4af64764bf7a458342fd94983fdea9ffcb2f28d5139
253df3bee42dbf21dca3bfa58bc92c3a234bb8ff93cf3274f0066c75127e3212
26dac09f046606da762e168673a3be93a5786c1465a46d7894a0548058e113bd
2ad3416d8378bea545a5d293b599d3fd928ad8ed0e064265ed8d60a86099ead8
2d2b9679bc4f487689fc41cb09d8fc5822dff2b14d932456b5015823f7f4ea3a
31d47efd87f662d0cd720c34aa53e16840ca6521ddad471d3597286da35271cb
347df51083827193abcf4fa49ac60e3baaa9323c36cbee8df750c8b54f2bbfd7
38bad1b097b1f6b610e65b753ce617ca8162fd40054e37d84a6eb2e2f643aaa1
3c9c6df0c52aa766bad4ef33db0e10f96a0af1ba7d67cec6fdabf59447b091a5
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
4c1fb2db0218371903143736b7e2738730c5085acb30fc29f6c5ebf143034cae
4db0e8247f5572dafd5bd24db2def8849bd76cc416bed1403bc03693553df663
53f1c140ebf7e31e6a8015d357d53b986280a1f847cff8b69e42220c01eb52cf
5ae3936370175988dc4118c592de7499e1fd8e6a3734f46dadc8caa76585a672
5f92fbfd0bb232a9d8f663db90cd8be28de2f161ffd6b6c84bcfe2145a947fdb
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
6d2178ca0a2e4e77c3b51d5b1cc5107a2f558a7e38fb530d785a16e36ec99968
71f1f8ed73ecbad2a25917a2e0694eb4d7ba62784e3cee8ae00ede5f8ee703c9
78a3709ccccc9b83182af23fb4a2e6a3af641ff444bb7b22ee425f90b194f9ba
7da5e32922590d2ca6057bd7f2882269bdbcce1f53d3b622cfa1b7fcb95cca5b
7ee58b665f31f9ad5c6ac56a5f5b3c968cb87bd444ec1fadb6c9743dd1b12670
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
800e86c2151da66610c53b720f0a8cd42fbe68a8d694b080bd2b12f8412d92ca
8141d66ed17da9d40923e0d9db354fd28908616ca53520bc9899edacd9c97738
8ba36135d54266a8d57f09fa42d07395dbbb82743782358e030ad00c715d791b
944375dbcd1c45039320c72eef1ba527efa1f1cfa4f91786dbc74739eecccfce
96a79becfcffe8619eaf1131a3ce970bc641a3f126f928caae199af3c1634e6e
98a73e5b4f0b8972edf8d4cecd0d58fef030e5a209ef1131b07db8f71d87a2ca
9b0faeafdb8990eb3bb2802254f22c6422c42f812e0df02ce1aa3377be56922d
a2063ad39646d9232d86941fb9cbeabc6732520786aab9be078387181981325c
aca94f01dc279070391d72a55f384eb77b80b3f316fc8219d551877184c90e1c
b1506c751220df86ba25ad2e41a8328d2ab08b9fa0bddb32716b6590c067b433
b544e41d6828bc283111a265864389e931d5aceee7c6f9b832edeb95bc54e3a8
be84d5c3cb599e71534d18372d199cfe8b843643fe2199f81b4b3496b7f79545
c40c178faf496ea06a6e8403a999862b7b6b099a19fd8881e9883f8f6f988c74
c4f55a145ad25d831233ac9c2aa82f6718c055e750965b09604522f2556ece8a
c57c081c192abf3263a6e338a192b99976a1fbfd8b158cb069d4082573f957a0
ca17fd90d7194a335a98cfa704c25eb1b71c732bcd36f52ee2efbe94e62bfd4e
d6c804605c7b592e0d795c411730f42fbb79443c19c43ce5f4d66e41b687dd43
d71820abbccb95fe13f75b8d0462d438122efb617ad67257c28e6b372a8ac032
df1045a1e51c79eee46b99298da4c5f31dc61dd37639bf9ef2437cecfc3566e5
df38680d083cb2bfec49a78672d0439335c09e35734affe68648c366a4f9f112
e0f9a1651f4a8b499f38e767003defdd47a2b64c174250bc8261e7dc4ed74a19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4605db75030f3b2f788ebf41ad512428a9dc016d69af8dbe8c72db9ad735689
e5fa088be9f48c60893e202608c3bce940187a203c2a3752dc218a32c71eb0e6
ebda43d797141e976b5217d7614b75520b2e0a0f55d8529e8344a9c64effff59
ec9c6af005e8bcb2b4bf400acc0c5840d7409fc2893b763173c47eec8b7b4d90
f1012dea86f666304cf3c5dea0d6cdcf387574f6d49052a7f6b53055805fffd5
f354d190c2925b2a62503fa49808ce0f5809f1481c0306c37a066698816bcdc3
f3fdf065a5cf43c98acc9786ab90264003d81877357021313ec55e1f8dab928a
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
fcb6fa21aed07596df33fa04b7397f1c4482fd288e0bd3760b8b88da7d084c69
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa