ssofed.aa.com
Open in
urlscan Pro
2a02:26f0:480:9b6::c52
Public Scan
Effective URL: https://ssofed.aa.com/idp/SSO.saml2?SAMLRequest=jVNdj9owEPwrkd%2Fz4ZAQsEJOFFQV6dpDQO%2FhXirH2dxZSuzU63D039cJoOPhivpkaT...
Submission: On August 07 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on November 21st 2022. Valid for: a year.
This is the only time ssofed.aa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 23.197.130.183 23.197.130.183 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 1 | 2606:4700::68... 2606:4700::6813:9256 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 2a02:26f0:480... 2a02:26f0:480:9b6::c52 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
14 | 2 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-197-130-183.deploy.static.akamaitechnologies.com
charters.aa.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
aa.com
2 redirects
charters.aa.com ssofed.aa.com |
138 KB |
1 |
ibm.com
1 redirects
us-south.appid.cloud.ibm.com — Cisco Umbrella Rank: 369088 |
1 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
13 | ssofed.aa.com |
ssofed.aa.com
|
2 | charters.aa.com | 2 redirects |
1 | us-south.appid.cloud.ibm.com | 1 redirects |
14 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
charters.aa.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
smlogin.aa.com Entrust Certification Authority - L1M |
2022-11-21 - 2023-11-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ssofed.aa.com/idp/SSO.saml2?SAMLRequest=jVNdj9owEPwrkd%2Fz4ZAQsEJOFFQV6dpDQO%2FhXirH2dxZSuzU63D039cJoOPhivpkaTU7OzO7zh9ObeMdwaDUakFoEJGHIl%2F29k3t4HcPaD0HULggvVFMc5TIFG8BmRVsv%2Fz%2ByOIgYp3RVgvdkDOYIW%2Bb%2Bx0cEYx1M4n3fB3u6sTbrBfkVxyV5SyDOEvnccSzpEpTUWZZQuN0Mh3eqEzpnE5nM9eA2MNGoeXKOo4onvjRzI%2ByA01YnLFoHtBp%2BkK8tfMiFbfjqDdrO2RhiKhrqALOA6HbUFZduN8%2FBYP8mHjLq8aVVti3YPZgjlLAz93jB0OPPmoXV8C7TlaBaHRfBbJsR8KRKDzSkM5EFk1j6k8gpX4yB%2B7zeZ35UNdlIsDZSuqw0a9S%2BVwg8baXQL9IVUn1ej%2FL8gxC9u1w2Prbp%2F2BeF%2B1ETCucUFq3iCQIh%2FUsDEuUwx8TiUb9TI8G0M2mmD%2FozYPb%2BnyH07VZr3VjRR%2FhuEtt%2F8WTQM6VmTl1yOUQctls6wqA%2BjcL5tGv68McAsLYk0PJCzyyzlCNbpyK7Fwst5Ktx03EoelwokLe%2FV5i1o17tx2UBd3L1K4MIazRLZ1z7s21bAFEG7kwXCFnTb24vpT8jz8VKKr336n4i8%3D&RelayState=wpDCqhNaF8OeX8O9V2wcw7k8w6Z7fsK0w5nDlVzDnMKnw5nClsKWUBpQQnIebQ
Frame ID: 614ABB1C9C9EA2EACF5879935869D7E9
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
-
https://charters.aa.com/charters
HTTP 302
https://charters.aa.com/oauth2-aa-charter-appid-customer-prod/start?rd=%2Fcharters HTTP 302
https://us-south.appid.cloud.ibm.com/oauth/v4/18c70621-3e51-49ea-a9f7-effb4ce2534f/authorization?approval_prompt=... HTTP 302
https://ssofed.aa.com/idp/SSO.saml2?SAMLRequest=jVNdj9owEPwrkd%2Fz4ZAQsEJOFFQV6dpDQO%2FhXirH2dxZSu... Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Request a charter
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://charters.aa.com/charters
HTTP 302
https://charters.aa.com/oauth2-aa-charter-appid-customer-prod/start?rd=%2Fcharters HTTP 302
https://us-south.appid.cloud.ibm.com/oauth/v4/18c70621-3e51-49ea-a9f7-effb4ce2534f/authorization?approval_prompt=force&client_id=4af93812-ed42-41db-bb9e-f7920edc8988&redirect_uri=https%3A%2F%2Fcharters.aa.com%2Foauth2-aa-charter-appid-customer-prod%2Fcallback&response_type=code&scope=openid+email+profile&state=tQDC0KLHFh2QQUhlbiJhNRQcj3kOxzSwmdU1rnaBt-Q%3A%2Fcharters HTTP 302
https://ssofed.aa.com/idp/SSO.saml2?SAMLRequest=jVNdj9owEPwrkd%2Fz4ZAQsEJOFFQV6dpDQO%2FhXirH2dxZSuzU63D039cJoOPhivpkaTU7OzO7zh9ObeMdwaDUakFoEJGHIl%2F29k3t4HcPaD0HULggvVFMc5TIFG8BmRVsv%2Fz%2ByOIgYp3RVgvdkDOYIW%2Bb%2Bx0cEYx1M4n3fB3u6sTbrBfkVxyV5SyDOEvnccSzpEpTUWZZQuN0Mh3eqEzpnE5nM9eA2MNGoeXKOo4onvjRzI%2ByA01YnLFoHtBp%2BkK8tfMiFbfjqDdrO2RhiKhrqALOA6HbUFZduN8%2FBYP8mHjLq8aVVti3YPZgjlLAz93jB0OPPmoXV8C7TlaBaHRfBbJsR8KRKDzSkM5EFk1j6k8gpX4yB%2B7zeZ35UNdlIsDZSuqw0a9S%2BVwg8baXQL9IVUn1ej%2FL8gxC9u1w2Prbp%2F2BeF%2B1ETCucUFq3iCQIh%2FUsDEuUwx8TiUb9TI8G0M2mmD%2FozYPb%2BnyH07VZr3VjRR%2FhuEtt%2F8WTQM6VmTl1yOUQctls6wqA%2BjcL5tGv68McAsLYk0PJCzyyzlCNbpyK7Fwst5Ktx03EoelwokLe%2FV5i1o17tx2UBd3L1K4MIazRLZ1z7s21bAFEG7kwXCFnTb24vpT8jz8VKKr336n4i8%3D&RelayState=wpDCqhNaF8OeX8O9V2wcw7k8w6Z7fsK0w5nDlVzDnMKnw5nClsKWUBpQQnIebQ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
SSO.saml2
ssofed.aa.com/idp/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
ssofed.aa.com/assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6d5e0dd5
ssofed.aa.com/akam/13/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
charter-logo.png
ssofed.aa.com/assets/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-user.gif
ssofed.aa.com/assets/images/ |
355 B 552 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-lock.gif
ssofed.aa.com/assets/images/ |
572 B 769 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XkohDRQ
ssofed.aa.com/Q64bh/IX/6/B/Laf4Ptogo9a/EV1mkSr3ub/UWM9Uw/Bjo4/ |
192 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
americansans-light-webfont.woff
ssofed.aa.com/assets/fonts/ |
30 KB 30 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
XkohDRQ
ssofed.aa.com/Q64bh/IX/6/B/Laf4Ptogo9a/EV1mkSr3ub/UWM9Uw/Bjo4/ |
18 B 713 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
XkohDRQ
ssofed.aa.com/Q64bh/IX/6/B/Laf4Ptogo9a/EV1mkSr3ub/UWM9Uw/Bjo4/ |
18 B 715 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pixel_6d5e0dd5
ssofed.aa.com/akam/13/ |
0 644 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
XkohDRQ
ssofed.aa.com/Q64bh/IX/6/B/Laf4Ptogo9a/EV1mkSr3ub/UWM9Uw/Bjo4/ |
18 B 694 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
XkohDRQ
ssofed.aa.com/Q64bh/IX/6/B/Laf4Ptogo9a/EV1mkSr3ub/UWM9Uw/Bjo4/ |
18 B 692 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| bazadebezolkohpepadr function| postForgotPassword function| postRegistration object| _cf object| bmak string| _sdTrace string| urhehlevkedkilrobacf7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.aa.com/ | Name: bm_sz Value: 3260E9ED4ED8970898B42D4E73675B5F~YAAQIChDFzSIDIuJAQAA8AJl0BRTd0QqKSPDX7ndSWMoIagYTkPMtG6biAkh4TW/wgKcjuiT9vLKPan4XiwYLrU9hJlLyX42xk7DPG4vrIodWvJlA2bZ1uCza7x+iE4huKLsKkI/HWPmUSPhtPYygyMRH4fxPct6ptfw/lMxi4mMsjf3Tr3JvF9cekNIlVatNOv60j9zU6oJzfoSPp9oKiRtLxU9BbR0dL+DjEa6jX98DzVs3m/Xb0zZ3ghFX7Ws7c2CxwlrZ2bAZgY7ZMx7X//3QeY2+ixEXk6I4bt2Gg==~3687481~3290692 |
|
charters.aa.com/ | Name: _oauth2_aa_charter_appid_customer_prod_csrf Value: Oh01DTaPJy7jVXk_AZfabUUnYWdaPel5hLkqabSGtUu9KUCmC8B1FpO0p8vs0uK5XhIctJS0WhrEVydPJOfGBj2sPXBl0iprXSF0RwIwjadtI1rmku0gYjM=|1691418428|E8box87yShCRlG1BohCyQek9yUntUCPPeN3Nom6jydg= |
|
ssofed.aa.com/ | Name: PF2 Value: BMo8NbeKqY3Rs6PybX1IXa |
|
.aa.com/ | Name: bm_mi Value: DFB40623D0E0738435E770F9DE740465~YAAQ+WMmF77p+7SJAQAA9gpl0BRDRVhxTsYdfHh53lKI1s+GcO8w3VMo0iSUxkoocXQmBrlYNp5xepj7kV7gZsDRRVTmoWJUhWX09BzXBVEcO6Sw6kaOIsVAfkBetF4wOS2AM2d2t0u+FE/iEt0dte0jHKvEVUaxw4FBeHRzxo9weIrCY3cPEskL5wGJPIP15cV4IqItDTIRkyTXSOD08s5zxO0q6QqmNaLUupWVG2etcIgzNOgqvjZqsquialNlQL62o4a/onumqwsl1u7NMs8fRF7HUIC0lOcS7UYPnSqN2ohSxNOPcBgv4NTS86bklk0tsJc5aA==~1 |
|
.aa.com/ | Name: bm_sv Value: E844982ACC6A8454EA5CE70A30AB0EF8~YAAQ+WMmF7/p+7SJAQAA9gpl0BTJpeHznr79CNk6bKJmZvNzahDOp+V8OFG0S7Q+oQ5AuyyCfdAJWT0tZLn0qh3DIASqwEHDGXeRyCMO0ur8rknxKf5kie+C1nM7zwICW+PcyBs6Q+AcnZU7Rmbk/2qWT8ksjEDDbwhhRDuaFP7kJm6Gjh+CM6Yxyt2GLkPR4pdGWBTR2NQoqIIaTJ344NeXtRpf0j3ETMcKMxHX8srU1C8lEoMW6ZSD9pk=~1 |
|
.aa.com/ | Name: ak_bmsc Value: 215500334CD9AD052C90D809D9DAC85C~000000000000000000000000000000~YAAQ+WMmF9jp+7SJAQAACQ5l0BQTmhFOM9wNOIGVFSBTj3z93yxqIe/aFh1lX+GtUteyHD9tq68pFxmW4h2NSU3ShNY2q7warqJTVdztI98d0KO2iC49vqNpLSgON0IHxegeUPAbqrx1FpGBWpQ1lbksiY6r1aisO2jfstVDt1YqSmj4TKhjL7n8Xm+LWjF4U1L0AACmicmhUu+vSny5+ffCyANInZB+4Xrb3tY+8818K4L8H+3ePvED+RvN1dHMuGR11hrS6sDm9NDrFS5QJhsfh/a/wPC/igTqL0diW//nB3SG35SoJWMFRNLexaG4bA4AjnJd3iV1Zc8qMhEuxlVGj6XFfXZIZGrYqtPBoIw04dM4l6YD3TTKuwN/cmirpLHWUp5sCR0C32F8kaDMlBxHO54GPhLcZil9WQ02K+H4g+LOpZ1T7ypr7RPqlO3pnaEhcxRziQIwhOtzJsNexoLzzWg9cC/czr2QJcfZXk0sky3D4duuuH+1xYY7d8zJDCaxaV9s3FdtTdAzq5AZYPGCm+Bdau48F8s5Zig= |
|
.aa.com/ | Name: _abck Value: B6AE2929D81452663EF2B93E78CA0006~-1~YAAQ+WMmF/Xp+7SJAQAAdBBl0ApYaYXNYYbJkquTf4XwN1EjoGt3Zpx6IM+C5Fq+0pkW4mJS3MerOPp/7ccFobeoqGI1JHDavbUUu0HWyfsZo+y5Cfr1EFD7/xfv3iV0fH3t3EteVq6yuf1nCPNWeardJbX4hvdJUkJpXaWog1uotoryLzEHBLiwfGJK5hIVZ/X0YKe4EVE24o2/tLXEvkszuof7Q4JGoGmWLR6atPHu90jBq62H7Y+9lXJmJlBNugKCslw5Brp8JS05NE8ZUUQlY7dDdAVwyssfqCtTP3G/MpD6Zo5h3Ipplpt0ieC+COYxmEtnUZ4ZjCQj9/b4fvn1pXHp7skbJuhP9CvTHTdFZXYiSYas3vh2Oy9GI2we/VP5wg9JuBN1/Wcebcf6u6ELiRd0YEDe+9mDN918Crcxt0dYsRLK~-1~-1~1691421981 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=86400 |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
charters.aa.com
ssofed.aa.com
us-south.appid.cloud.ibm.com
23.197.130.183
2606:4700::6813:9256
2a02:26f0:480:9b6::c52
0e9a1f5a30a453b35eca463d9730351b04027558018ea8052ddc50dbbca9ec21
118869af9630c43483325de7a30e7878bbd4412ac6686ebbfa44a1edde6e1a67
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
814d02d8c99bd2f6fa5aa759a9e367b12c50e4201d1c5a8dbb793da6f30c3ac5
b8e0228ef3b094006795bfd598422d93b9942c88ed2ad6651935896ff7a83d72
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
cf972df981004cc02222202cb0cbfe87b0a4f03ccaf3453d74b68ec83ccc3e88
d612504359ac5ef9aa8deab4f6cdf2b2becb8f0ee675a7cae26827d864676565
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb46d2fc74f8a5994c4c7d47a91606e762f7574d45791abe3f58cdfce16aafb7
fec2493f637a0d81325db855d529880ebb936b75ae5d5992428cae32c716b5a2