urlscan.io logo urlscan.io
SecurityTrails logo

accounts.britishairways.com Open in urlscan Pro
13.224.189.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ba-dap.identity.iagl.digital/
Effective URL: https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE...
Submission: On October 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 13.224.189.77, located in United States and belongs to AMAZON-02, US. The main domain is accounts.britishairways.com. The Cisco Umbrella rank of the primary domain is 840336.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 21st 2023. Valid for: a year.
This is the only time accounts.britishairways.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 13.32.121.72 16509 (AMAZON-02)
3 2600:9000:224... 16509 (AMAZON-02)
1 2 13.224.189.77 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.29.175 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
16 7
8    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
ba-dap.identity.iagl.digital
3    2600:9000:2240:6c00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
2    13.224.189.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-77.fra2.r.cloudfront.net
accounts.britishairways.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.32.29.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-175.fra56.r.cloudfront.net
www.datadoghq-browser-agent.com
2    2600:9000:223c:6a00:0:50b:7ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
ba-prod-ui-elements.identity.iagl.digital
Apex Domain
Subdomains		 Transfer
10 iagl.digital
ba-dap.identity.iagl.digital
ba-prod-ui-elements.identity.iagl.digital
2 MB
3 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7991
1 MB
2 britishairways.com
accounts.britishairways.com — Cisco Umbrella Rank: 840336
24 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1781
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
996 B
16 5
Domain Requested by
8 ba-dap.identity.iagl.digital ba-dap.identity.iagl.digital
3 cdn.auth0.com ba-dap.identity.iagl.digital
accounts.britishairways.com
2 ba-prod-ui-elements.identity.iagl.digital accounts.britishairways.com
2 accounts.britishairways.com 1 redirects ba-dap.identity.iagl.digital
1 www.datadoghq-browser-agent.com accounts.britishairways.com
1 fonts.googleapis.com accounts.britishairways.com
16 6

This site contains no links.

Subject Issuer Validity Valid
ba-dap.identity.iagl.digital
Amazon RSA 2048 M01		 2022-11-15 -
2023-12-14		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
accounts.britishairways.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
ba-prod-ui-elements.identity.iagl.digital
Amazon RSA 2048 M01		 2023-06-11 -
2024-07-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en
Frame ID: 53651E0604C53F72F7BBC66B0E4D2820
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

British Airways log in

Page URL History Show full URLs

  1. https://ba-dap.identity.iagl.digital/ Page URL
  2. https://accounts.britishairways.com/authorize?client_id=yHmdDYr1FZczkyne8GXUqCownW3tXpQY&response_type=token%20i... HTTP 302
    https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcn... Page URL

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

3492 kB
Transfer

7720 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ba-dap.identity.iagl.digital/ Page URL
  2. https://accounts.britishairways.com/authorize?client_id=yHmdDYr1FZczkyne8GXUqCownW3tXpQY&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fba-dap.identity.iagl.digital&scope=openid%20roles&audience=https%3A%2F%2Fapi.dap.identity.iagl.digital&ui_locales=en&state=ufVmMhXQgSd2cyjqkMSfHQsc1j6nE63Z&nonce=xD6MGkyDxxGlE3UUPh6e4HqLKO-kRCYk&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D HTTP 302
    https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ba-dap.identity.iagl.digital/ 		1 KB
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
693661d5ccf874d82d4846e047b132c583cb077919b7f210ca9821656f68d5a6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 16 Oct 2023 00:33:01 GMT
etag
W/"651b6055-5b6"
last-modified
Tue, 03 Oct 2023 00:29:09 GMT
server
envoy
vary
Accept-Encoding
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-id
RBx6LNKmQKklhzl_h6Ay4aPZZncMppI4iJ1sOana9BAH-nJv4cGLgQ==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
zocial.min.css
ba-dap.identity.iagl.digital/static/styles/ 		30 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba-dap.identity.iagl.digital/static/styles/zocial.min.css
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
c08bb5ef3f05b483e54af2af13948738d152ab5eba3a44ea9cf99805113697b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba-dap.identity.iagl.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:01 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 11:01:47 GMT
server
envoy
x-amz-cf-pop
FRA60-P1
etag
W/"636e2b9b-789b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-envoy-upstream-service-time
0
x-amz-cf-id
c7CTmxFUfDbqs4kZPaPLekrVgJYZ1epLDUKCITKIQW-hUIQIL7NQfA==
index.min.css
ba-dap.identity.iagl.digital/static/styles/ 		668 KB
177 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba-dap.identity.iagl.digital/static/styles/index.min.css
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
d183dd1f3c9e2b47839946cc0f3d2cac437c93216eb2625e8e45bf11a2993020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba-dap.identity.iagl.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:01 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 11:01:47 GMT
server
envoy
x-amz-cf-pop
FRA60-P1
etag
W/"636e2b9b-a6f60"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-envoy-upstream-service-time
0
x-amz-cf-id
2sBPXp_eKOXfijjfA0_U19c56kx6nhYDk8OKsJeomHQXzpygB6e3JA==
index-styleguide.min.css
ba-dap.identity.iagl.digital/static/styles/ 		242 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba-dap.identity.iagl.digital/static/styles/index-styleguide.min.css
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
39947fe58e991b3ee3ecf632c3b65830d1bf789796eb0309ca00fd57cb5fb62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba-dap.identity.iagl.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:01 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 11:01:47 GMT
server
envoy
x-amz-cf-pop
FRA60-P1
etag
W/"636e2b9b-3c656"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-envoy-upstream-service-time
0
x-amz-cf-id
YC-qbQOZVv4SRQbjA_jGkM0lp2EcVGTicuhXM27mZ-6YuclPmU1REw==
delegated-admin-ui.css
ba-dap.identity.iagl.digital/static/styles/ 		24 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba-dap.identity.iagl.digital/static/styles/delegated-admin-ui.css
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
cd943541d53811d29b099a9774752d62665573ce1477d844ea7e8b31f5f335d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba-dap.identity.iagl.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:01 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 11:01:47 GMT
server
envoy
x-amz-cf-pop
FRA60-P1
etag
W/"636e2b9b-61be"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-envoy-upstream-service-time
0
x-amz-cf-id
iWYzmxsS0OOdvna5LP23ciaZig7XByrwNrCP82zJFTYlnLHfPm5ChQ==
env-config.js
ba-dap.identity.iagl.digital/ 		371 B
707 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ba-dap.identity.iagl.digital/env-config.js
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
8184b602db65fdc460b9867fe6d734c1bef1b49bb8db1566230a15aa2e0ecbad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba-dap.identity.iagl.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:01 GMT
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 00:29:09 GMT
server
envoy
x-amz-cf-pop
FRA60-P1
etag
"651b6055-173"
x-cache
Miss from cloudfront
content-type
application/javascript
x-envoy-upstream-service-time
0
accept-ranges
bytes
content-length
371
x-amz-cf-id
gNRcq_PwLPk1jjgonz5cAUywUSSequddyppyxBeoLKgMQ6hwkrm10g==
main.ee678209.js
ba-dap.identity.iagl.digital/static/js/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba-dap.identity.iagl.digital/static/js/main.ee678209.js
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
b687cebdc53985fcdc867a6a89d8c2dd0f3c76fb4dc720cca3e3b587c8d0496d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba-dap.identity.iagl.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:01 GMT
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 11:02:44 GMT
server
envoy
x-amz-cf-pop
FRA60-P1
etag
"636e2bd4-1ea2a2"
x-cache
Miss from cloudfront
content-type
application/javascript
x-envoy-upstream-service-time
0
accept-ranges
bytes
content-length
2007714
x-amz-cf-id
wkzpAjhERzsbppTP9-PXGJFFbmXnySNLTXMBAqxOJLbxrorp6_yABg==
main.434f99a0.css
ba-dap.identity.iagl.digital/static/css/ 		15 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba-dap.identity.iagl.digital/static/css/main.434f99a0.css
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
1eaeeeb6889e10ebc11528ec366326c929eab3f44e1a96359a55c0ffb755c7f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba-dap.identity.iagl.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:01 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 11:02:44 GMT
server
envoy
x-amz-cf-pop
FRA60-P1
etag
W/"636e2bd4-3dc8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-envoy-upstream-service-time
0
x-amz-cf-id
Hl-Sky9KASPE9TbNWB3oOH7TWeHKq1YqW9Ap5VFoIhSuNIdn82Vhog==
bundle.js
cdn.auth0.com/manage/v0.3.1672/js/ 		2 MB
598 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/manage/v0.3.1672/js/bundle.js
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6c00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b11f744fe8b32de2d83bf3dc1e79a7c55fd2e40d6fcea81b192a2978aa24950
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba-dap.identity.iagl.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
5Pf_T4apo_2d0p7vG9On471rAPMba7Id
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
date
Mon, 16 Oct 2023 00:33:03 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 08 Jun 2016 00:53:50 GMT
server
AmazonS3
etag
W/"bcbb51adcf9d82b9e345a584ac5cae48"
vary
Accept-Encoding
content-type
application/javascript
x-robots-tag
noindex
x-amz-cf-id
E0Pv0bXUh_2N3V_1W_o2rEVPp3gM7BTGTXeWMm8B2l8I4KSdblVmww==
auth0-delegated-admin.ui.vendors.4.3.0.js
cdn.auth0.com/extensions/auth0-delegated-admin/assets/ 		2 MB
511 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/extensions/auth0-delegated-admin/assets/auth0-delegated-admin.ui.vendors.4.3.0.js
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6c00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60cd42ce89a76c24a1ff1b5ccbc822c2c6f1607f51e0deb226f3823df725a1c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ba-dap.identity.iagl.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
cU7vN.NreIMDo.vkKwbGdm7u2UYx.BPW
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
date
Mon, 16 Oct 2023 00:33:03 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 06 Apr 2020 18:18:19 GMT
server
AmazonS3
etag
W/"29e6c1135008465f6194ab695bca7fa0"
vary
Accept-Encoding
content-type
application/javascript
x-robots-tag
noindex
x-amz-cf-id
ZEKKrYCjvWNAYYScjVOvQo7RB9Dq0szaOaH4DgOKcBMNVCWwLgVPig==
Primary Request login
accounts.britishairways.com/u/
Redirect Chain
  • https://accounts.britishairways.com/authorize?client_id=yHmdDYr1FZczkyne8GXUqCownW3tXpQY&response_type=token%20id_token&redirect_uri=https%3A%2F%2Fba-dap.identity.iagl.digital&scope=openid%20roles&...
  • https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN...
21 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en
Requested by
Host: ba-dap.identity.iagl.digital
URL: https://ba-dap.identity.iagl.digital/static/js/main.ee678209.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-77.fra2.r.cloudfront.net
Software
cloudflare /
Resource Hash
b4f70f9a23963412f30e0be5a8a002a6e2d43585f5a7196f04b0cfec13416f1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ba-dap.identity.iagl.digital/login?returnUrl=/users
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
816c3548afb703ec-FRA
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:33:02 GMT
etag
W/"55aa-2L2kBu7gTqPc6IIwn0EhSDRfnI8"
expires
Mon, 16 Oct 2023 00:33:02 GMT
ot-baggage-auth0-request-id
816c3548afb703ec
ot-tracer-sampled
true
ot-tracer-spanid
265ae8012e67d92a
ot-tracer-traceid
453bcc1863feead7
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-0000000000000000453bcc1863feead7-265ae8012e67d92a-01
tracestate
auth0-request-id=816c3548afb703ec,auth0=true
vary
Accept-Encoding
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-id
x4QODI4x_ymzm8pybTyHl5Wpy80VlmQ3tW-y-TRAd1J08gbQk9Nb6g==
x-amz-cf-pop
FRA2-C1
x-auth0-requestid
39d889d5a477d1bdec70
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1697416389
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
816c35477f432c41-FRA
content-length
460
content-type
text/html; charset=utf-8
date
Mon, 16 Oct 2023 00:33:02 GMT
location
/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en
ot-baggage-auth0-request-id
816c35477f432c41
ot-tracer-sampled
true
ot-tracer-spanid
0239c4f55d8d0835
ot-tracer-traceid
3ebefeed4641c149
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000003ebefeed4641c149-0239c4f55d8d0835-01
tracestate
auth0-request-id=816c35477f432c41,auth0=true
vary
Accept,Accept-Encoding
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-id
3frD0zmxZMLmmq4I9ad-to5yMN-cp-7p8lMyb5lxiqwl36G7mLWl3g==
x-amz-cf-pop
FRA2-C1
x-auth0-requestid
fcaf5a4f087266eb1dc6
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1697416383
css2
fonts.googleapis.com/ 		2 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
Requested by
Host: accounts.britishairways.com
URL: https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Oct 2023 00:33:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 15 Oct 2023 23:55:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Oct 2023 00:33:03 GMT
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.80.12/css/ 		253 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.80.12/css/main.cdn.min.css
Requested by
Host: accounts.britishairways.com
URL: https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6c00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de08641258e97a3e431e2af92f16aee1a56c44c7c8dcd8d193215d34c282cce6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
4_aBijlKpOlS6naiQLUjVxGC8SXs.12x
content-encoding
gzip
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
date
Sun, 15 Oct 2023 20:07:47 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
15915
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Mon, 25 Sep 2023 12:25:37 GMT
server
AmazonS3
etag
W/"304cf6b9fd46066efd61cab874e4609d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
D5sSZG9W6znnj7xatNOgpfsaPTxdkBwrfs2oWOrWkiyRyPsAvEFsdw==
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: accounts.britishairways.com
URL: https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-29-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

Referer
Origin
https://accounts.britishairways.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:04 GMT
content-encoding
br
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Mon, 09 Oct 2023 11:26:13 GMT
server
AmazonS3
etag
W/"2630b3d7ad4a41fac67742216e506d83"
access-control-max-age
30000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, s-maxage=60
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
timing-allow-origin
*
x-amz-cf-id
FiiyItJczQ5gqH52RoWG_H7w8ESDpBv9O4ddM7x9rss8GrLIIOoPUg==
logo-ba-no-text.svg
ba-prod-ui-elements.identity.iagl.digital/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba-prod-ui-elements.identity.iagl.digital/assets/logo-ba-no-text.svg
Requested by
Host: accounts.britishairways.com
URL: https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6a00:0:50b:7ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138e7d82d16bede4b4a2d793146f45df064536c4a003c35fbb5df1486f534f36

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:04 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
last-modified
Wed, 11 Oct 2023 09:35:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"95919de936cde8536bfa15089e21aab4"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
2448
x-amz-cf-id
mvtYt-sdECO_FszMyzBge5l2XfA6I0DL962Jz85qghHijXpcEzv4vw==
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://accounts.britishairways.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
mylius-Modern-reg.woff
ba-prod-ui-elements.identity.iagl.digital/assets/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba-prod-ui-elements.identity.iagl.digital/assets/mylius-Modern-reg.woff
Requested by
Host: accounts.britishairways.com
URL: https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6a00:0:50b:7ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7399eb1b2094d27e1c3fb5e2d8800ced21ab240336625f4cffb6191b6a146e43

Request headers

Referer
https://accounts.britishairways.com/
Origin
https://accounts.britishairways.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 00:33:04 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
22156
last-modified
Wed, 11 Oct 2023 09:35:14 GMT
server
AmazonS3
etag
"110cb847f7e8641bf70cff5a4d4d24a2"
access-control-max-age
0
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
https://accounts.britishairways.com
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary
Origin
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
xbc6Z_-AS-xlYudpeshxY7OBaEvnXi0uNu1Ng9hRYpddHrAnri5cGA==

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| createLink

6 Cookies

Domain/Path Name / Value
ba-dap.identity.iagl.digital/ Name: _com.auth0.auth.ufVmMhXQgSd2cyjqkMSfHQsc1j6nE63Z_compat
Value: {%22nonce%22:%22xD6MGkyDxxGlE3UUPh6e4HqLKO-kRCYk%22%2C%22state%22:%22ufVmMhXQgSd2cyjqkMSfHQsc1j6nE63Z%22}
ba-dap.identity.iagl.digital/ Name: com.auth0.auth.ufVmMhXQgSd2cyjqkMSfHQsc1j6nE63Z
Value: {%22nonce%22:%22xD6MGkyDxxGlE3UUPh6e4HqLKO-kRCYk%22%2C%22state%22:%22ufVmMhXQgSd2cyjqkMSfHQsc1j6nE63Z%22}
accounts.britishairways.com/ Name: did
Value: s%3Av0%3A90c6fb40-6bbb-11ee-8f3d-c1a4c0adc078.RAXUF26uPQi6g4KusGfr7iNjHSE9CkepfOr3cgzwqZ4
accounts.britishairways.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLFCQfDVLzwJQUnLIbtwMZHjgOk6suZXRuRtifGmUhPaId6CSc3crdV_jyBF-BpjzYE1Qb595yqFiEq2uw4onz-mY29va2llg6dleHBpcmVz1_-8WcYAZTB5Pq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ntNoEeKl7H6%2Fq6aPvbLlYMfqEenKikwuy0OiozBE7fE
accounts.britishairways.com/ Name: did_compat
Value: s%3Av0%3A90c6fb40-6bbb-11ee-8f3d-c1a4c0adc078.RAXUF26uPQi6g4KusGfr7iNjHSE9CkepfOr3cgzwqZ4
accounts.britishairways.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLFCQfDVLzwJQUnLIbtwMZHjgOk6suZXRuRtifGmUhPaId6CSc3crdV_jyBF-BpjzYE1Qb595yqFiEq2uw4onz-mY29va2llg6dleHBpcmVz1_-8WcYAZTB5Pq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.ntNoEeKl7H6%2Fq6aPvbLlYMfqEenKikwuy0OiozBE7fE

1 Console Messages

Source Level URL
Text
security error URL: https://accounts.britishairways.com/u/login?state=hKFo2SBRVXpNbDcyNE02YmhWb0k4ODl2emMwekpsVXhhYjFfLaFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIEFRbjFlVFVkSmU2UHRSa3VyUGpnajg0SXA2MkdiaGNFo2NpZNkgeUhtZERZcjFGWmN6a3luZThHWFVxQ293blczdFhwUVk&ui_locales=en
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://www.datadoghq-browser-agent.com/datadog-rum-v4.js' with computed SHA-384 integrity 'AN44pzJdfg/R/WQY2lwZ9Mzzu/brAJeuUsvxtjESP07/Gxht6HRx03ODQXfWRi+o'. The resource has been blocked.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.britishairways.com
ba-dap.identity.iagl.digital
ba-prod-ui-elements.identity.iagl.digital
cdn.auth0.com
fonts.googleapis.com
www.datadoghq-browser-agent.com
13.224.189.77
13.32.121.72
13.32.29.175
2600:9000:223c:6a00:0:50b:7ec0:93a1
2600:9000:2240:6c00:10:474e:104a:2961
2a00:1450:4001:812::200a
138e7d82d16bede4b4a2d793146f45df064536c4a003c35fbb5df1486f534f36
1eaeeeb6889e10ebc11528ec366326c929eab3f44e1a96359a55c0ffb755c7f6
39947fe58e991b3ee3ecf632c3b65830d1bf789796eb0309ca00fd57cb5fb62f
60cd42ce89a76c24a1ff1b5ccbc822c2c6f1607f51e0deb226f3823df725a1c0
693661d5ccf874d82d4846e047b132c583cb077919b7f210ca9821656f68d5a6
7399eb1b2094d27e1c3fb5e2d8800ced21ab240336625f4cffb6191b6a146e43
8184b602db65fdc460b9867fe6d734c1bef1b49bb8db1566230a15aa2e0ecbad
9b11f744fe8b32de2d83bf3dc1e79a7c55fd2e40d6fcea81b192a2978aa24950
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce
b4f70f9a23963412f30e0be5a8a002a6e2d43585f5a7196f04b0cfec13416f1c
b687cebdc53985fcdc867a6a89d8c2dd0f3c76fb4dc720cca3e3b587c8d0496d
c08bb5ef3f05b483e54af2af13948738d152ab5eba3a44ea9cf99805113697b5
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cd943541d53811d29b099a9774752d62665573ce1477d844ea7e8b31f5f335d5
d183dd1f3c9e2b47839946cc0f3d2cac437c93216eb2625e8e45bf11a2993020
de08641258e97a3e431e2af92f16aee1a56c44c7c8dcd8d193215d34c282cce6