travel.calif.aaa.com Open in urlscan Pro
54.221.200.83 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_e...
Submission: On May 05 via api (May 5th 2023, 6:55:15 pm UTC) from US — Scanned from DE

Summary HTTP 84 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 84 HTTP transactions. The main IP is 54.221.200.83, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is travel.calif.aaa.com. The Cisco Umbrella rank of the primary domain is 565385.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 14th 2023. Valid for: a year.

This is the only time travel.calif.aaa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 13	54.221.200.83 54.221.200.83	14618 (AMAZON-AES) (AMAZON-AES)
6	18.66.97.58 18.66.97.58	16509 (AMAZON-02) (AMAZON-02)
2	3.5.28.171 3.5.28.171	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
6	54.231.201.128 54.231.201.128	16509 (AMAZON-02) (AMAZON-02)
4	45.60.124.133 45.60.124.133	19551 (INCAPSULA) (INCAPSULA)
6	65.9.66.124 65.9.66.124	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3768	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a05:d014:275... 2a05:d014:275:cb00:ea62:f40:f6f6:3c4f	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:2200:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 4	34.251.115.24 34.251.115.24	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	75.2.125.34 75.2.125.34	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	108.128.224.183 108.128.224.183	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	63.140.62.160 63.140.62.160	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.3.83 34.248.3.83	16509 (AMAZON-02) (AMAZON-02)
1	52.72.50.97 52.72.50.97	14618 (AMAZON-AES) (AMAZON-AES)
3	18.215.49.40 18.215.49.40	14618 (AMAZON-AES) (AMAZON-AES)
10	151.101.2.38 151.101.2.38	54113 (FASTLY) (FASTLY)
84	28

13 54.221.200.83 (Ashburn, United States) 8 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-200-83.compute-1.amazonaws.com

travel.calif.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.97.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-58.fra56.r.cloudfront.net

artifacts.tstllc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.28.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

tstllc-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.231.201.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.124.133 (United States)

ASN19551 (INCAPSULA, US)

www.ace.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.66.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-124.fra56.r.cloudfront.net

tms.ace.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3768 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d014:275:cb00:ea62:f40:f6f6:3c4f (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

www.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:2200:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.251.115.24 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-115-24.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
automobileclubofsoutherncalifornia.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.125.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3792b07a22951ff1.awsglobalaccelerator.com

tmsc.ace.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.224.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-224-183.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net

acemetrics.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.3.83 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-3-83.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.50.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-50-97.compute-1.amazonaws.com

visitor-service-us-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.215.49.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-49-40.compute-1.amazonaws.com

assets.green.kube.tstllc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.2.38 (United States)

ASN54113 (FASTLY, US)

media.tacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	aaa.com 8 redirects travel.calif.aaa.com — Cisco Umbrella Rank: 565385 www.ace.aaa.com — Cisco Umbrella Rank: 158032 tms.ace.aaa.com — Cisco Umbrella Rank: 338954 tmsc.ace.aaa.com — Cisco Umbrella Rank: 183382 acemetrics.aaa.com — Cisco Umbrella Rank: 165177	153 KB
10	tacdn.com media.tacdn.com — Cisco Umbrella Rank: 40345	823 KB
9	tstllc.net artifacts.tstllc.net — Cisco Umbrella Rank: 260385 assets.green.kube.tstllc.net — Cisco Umbrella Rank: 281424	2 MB
8	amazonaws.com tstllc-assets.s3.amazonaws.com — Cisco Umbrella Rank: 356447 s3.amazonaws.com	596 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	431 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 198 automobileclubofsoutherncalifornia.demdex.net — Cisco Umbrella Rank: 193254	6 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6386	669 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	669 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 74 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	157 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	239 B
2	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 22515	19 KB
2	fullstory.com 1 redirects www.fullstory.com — Cisco Umbrella Rank: 26596	120 B
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 4945 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 4677	3 KB
1	tealiumiq.com visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 6228	2 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1068	517 B
1	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1064	434 B
84	19

	Domain	Requested by
13	travel.calif.aaa.com	8 redirects travel.calif.aaa.com
10	media.tacdn.com
6	tms.ace.aaa.com	travel.calif.aaa.com tms.ace.aaa.com
6	s3.amazonaws.com	travel.calif.aaa.com s3.amazonaws.com
6	artifacts.tstllc.net	travel.calif.aaa.com artifacts.tstllc.net
5	www.googletagmanager.com	travel.calif.aaa.com www.googletagmanager.com tms.ace.aaa.com
4	www.ace.aaa.com	travel.calif.aaa.com
4	fonts.googleapis.com	travel.calif.aaa.com artifacts.tstllc.net
3	assets.green.kube.tstllc.net
3	www.google.de
3	www.google.com
3	connect.facebook.net	tms.ace.aaa.com connect.facebook.net
3	dpm.demdex.net	1 redirects
3	region1.google-analytics.com	www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	acemetrics.aaa.com	tms.ace.aaa.com
2	www.facebook.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	web-sdk.smartlook.com	travel.calif.aaa.com web-sdk.smartlook.com
2	www.fullstory.com	1 redirects travel.calif.aaa.com
2	tstllc-assets.s3.amazonaws.com	travel.calif.aaa.com tstllc-assets.s3.amazonaws.com
1	visitor-service-us-east-1.tealiumiq.com	tms.ace.aaa.com
1	cm.everesttech.net	1 redirects
1	automobileclubofsoutherncalifornia.demdex.net	tms.ace.aaa.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	tmsc.ace.aaa.com	tms.ace.aaa.com
1	tags.tiqcdn.com	tms.ace.aaa.com
1	rum-static.pingdom.net	travel.calif.aaa.com
84	29

This site contains links to these domains. Also see Links.

Domain
www.ace.aaa.com
www.aaa.com
apps2.calif.aaa.com

Subject Issuer	Validity	Valid
travel.calif.aaa.com Sectigo RSA Organization Validation Secure Server CA	`2023-02-14` - `2024-03-16`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-20`	8 months	crt.sh
www.ace.aaa.com Sectigo RSA Organization Validation Secure Server CA	`2023-02-02` - `2024-03-04`	a year	crt.sh
tms.ace.aaa.com Sectigo RSA Organization Validation Secure Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2022-11-13` - `2023-11-13`	a year	crt.sh
1688964705.rsc.cdn77.org R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-12` - `2023-05-13`	3 months	crt.sh
tmsc.ace.aaa.com Sectigo RSA Organization Validation Secure Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M01	`2023-02-10` - `2023-12-20`	10 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
acemetrics.aaa.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-07` - `2023-08-07`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M01	`2023-03-01` - `2023-09-23`	7 months	crt.sh
*.tstllc.net Go Daddy Secure Certificate Authority - G2	`2022-06-29` - `2023-07-31`	a year	crt.sh
media.tacdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-06` - `2024-04-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Frame ID: F15956B2E730F690C3EDB9DDA1EA2B37
Requests: 87 HTTP requests in this frame

Frame: https://automobileclubofsoutherncalifornia.demdex.net/dest5.html?d_nsid=0
Frame ID: 8A2B2EBE217149E75BF3323ABCCAC7AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Activity Search Results

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

84
Requests

87 %
HTTPS

50 %
IPv6

19
Domains

29
Subdomains

28
IPs

4
Countries

4620 kB
Transfer

12861 kB
Size

28
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ace.aaa.com/

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/automotive/roadside-assistance.html

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/self-serve.html

Search URL Search Domain Scan URL

URL: https://www.aaa.com/office/
Title: Find a branch

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/information/contact-us.html
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/membership.html
Title: Membership

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/insurance.html
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/travel.html
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/discounts.html
Title: Discounts & Rewards

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/automotive.html
Title: Automotive

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/financial.html
Title: Financial

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/travel/travel-insurance.html
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/legal/privacy.html
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://apps2.calif.aaa.com/cpa/request
Title: Do not sell my personal information

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/digital-accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/legal/terms-of-use.html
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.ace.aaa.com/sitemap.html
Title: Site map

Search URL Search Domain Scan URL

URL: https://www.aaa.com/stop/
Title: Find a different AAA club

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://travel.calif.aaa.com/activity/common/assets/stylesheets/activity-styles.css HTTP 302
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css

Request Chain 8

https://travel.calif.aaa.com/web-services/assets/resource/js/gtm-helper-script-bundle.js HTTP 302
https://artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/gtm-helper-script-bundle.js

Request Chain 13

https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js HTTP 302
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/results-bundle.js

Request Chain 17

https://www.fullstory.com/s/fs.js HTTP 301
https://www.fullstory.com/

Request Chain 32

https://travel.calif.aaa.com/activity/assets/resource/stylesheets/0.css HTTP 302
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/0.css

Request Chain 33

https://travel.calif.aaa.com/activity/assets/resource/js/chunk/0-chunk.js HTTP 302
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/0-chunk.js

Request Chain 42

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312910191 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312910191

Request Chain 64

https://cm.everesttech.net/cm/dd?d_uuid=91754836593252946611882610254628462827 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFVRDgAAAGl2zQMx

Request Chain 71

https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_5_0.gif HTTP 302
https://assets.green.kube.tstllc.net/images/common/rating/orange_5_0.gif?url=null%3FcacheBuster%3D0.3193005705475218

Request Chain 79

https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_3_5.gif HTTP 302
https://assets.green.kube.tstllc.net/images/common/rating/orange_3_5.gif?url=null%3FcacheBuster%3D0.8147430014444743

Request Chain 82

https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_3_0.gif HTTP 302
https://assets.green.kube.tstllc.net/images/common/rating/orange_3_0.gif?url=null%3FcacheBuster%3D0.8012711060797937

84 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4373 Show response
travel.calif.aaa.com/activity/search/ 500 KB
50 KB 647ms
281ms Document
text/html 54.221.200.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-200-83.compute-1.amazonaws.com

Software

Resource Hash

54a3ac3a88096f4595c1c293186dca4845dcafe9965edfe16856cb242e322df8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca .caascotravel.com .caasco.ca *.caasco.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: gzip
content-length: 50996
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
content-type: text/html; charset=UTF-8
date: Fri, 05 May 2023 18:55:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2

200

activity-styles.css
artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/
Redirect Chain

https://travel.calif.aaa.com/activity/common/assets/stylesheets/activity-styles.css
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css

713 KB
337 KB

32ms
11ms

Stylesheet
text/css

18.66.97.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: H2
Server: 18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3a4a3e017fbc5e4fd11b40a52e0eb68df0de6c88a8f046246b6052fca510a58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:27:50 GMT
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id: ciVnpkNElgYbAQPOJxb5dy_IYtsKW2Ci
last-modified: Wed, 26 Apr 2023 19:32:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 772039
etag: "350e0e41e43ba23b336154a749fc94da"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
content-length: 343859
x-amz-cf-id: OVhjVHXTjEBMfo364h9aqFenC-Ouic1qd5Dk3mB_kYdZX8kjv7CaKw==

Redirect headers

date: Fri, 05 May 2023 18:55:08 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
content-length: 121

GET
H/1.1 200
OK font-awesome.min.css
tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/ 22 KB
22 KB 345ms
124ms Stylesheet
text/css 3.5.28.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/font-awesome.min.css
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.28.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 18:55:09 GMT
x-amz-version-id: 1eEAnwgEpRCOBvJFmSwtTcMvIcH8vfJF
Last-Modified: Sat, 20 Jul 2019 11:48:39 GMT
Server: AmazonS3
x-amz-request-id: SD58M0JJ914JX8HB
ETag: "7fbe76cdac6093784895bb4989203e5a"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 22084
x-amz-id-2: 2MSOgLfes5ff9q4PtN9ww4+bBDuXnXt0FtZrZ9Nxh0C7MkVTbg+9nl/k4Nq5EHkwwLvaa86SVoQepOzy99im5qfU7mIBIOizSf/y+S0w8dM=

GET
H2 200 icon
fonts.googleapis.com/ 569 B
416 B 127ms
46ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 18:55:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 18:55:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 125ms
44ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&lang=en

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 18:45:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 18:55:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
786 B 126ms
46ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:italic,400,500,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adfe88b1f5a8cf6a9ddd389f4e567a634663121d94a18c687eca6e6bb489c15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 18:55:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 18:55:08 GMT

GET
H/1.1 200
OK antd.min.css
s3.amazonaws.com/tstllc-assets/css/antd/dist/ 451 KB
451 KB 349ms
124ms Stylesheet
text/css 54.231.201.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/tstllc-assets/css/antd/dist/antd.min.css
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 897600b074c2a2e02b176f2d3e5caf964883dc5ea1c340c7576723e3932b9128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 18:55:09 GMT
x-amz-version-id: null
Last-Modified: Mon, 07 Jan 2019 18:42:01 GMT
Server: AmazonS3
x-amz-request-id: SD55E2YQW0J9GGVJ
ETag: "5178b4827ce4ac2d7f96ed9861b4cd6d"
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 461624
x-amz-id-2: 40IdTYID+OO/PSG398lZACRgXr9DBElbbf2pJBr3Y9O42H2fxFrFBa1FO2twQ6Z8YFUfxLs7QBE=

GET
H/1.1 200
OK proxima-nova.min.css
s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ 4 KB
4 KB 344ms
118ms Stylesheet
text/css 54.231.201.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d7de9b79990bb103408b06aacc98307309774f564e70ba905949e80b5ba47f14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 18:55:09 GMT
x-amz-version-id: null
Last-Modified: Tue, 18 Sep 2018 14:07:09 GMT
Server: AmazonS3
x-amz-request-id: SD5FCG05P7DB8E2F
ETag: "371ff5a9f43f342812125d9e1497f068"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4191
x-amz-id-2: RMu3/TKaxKgdvmc5DLe/JDQpDDg79FVFFEcnHhjTMr9J90HzfgnNNZa7KP/GXYH4nRqcO729KhA=

GET
H/1.1 200
OK black-tie.min.css
s3.amazonaws.com/tstllc-assets/fonts/black-tie/css/ 22 KB
22 KB 356ms
123ms Stylesheet
text/css 54.231.201.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/tstllc-assets/fonts/black-tie/css/black-tie.min.css
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3ff7b0b317b417d887b4d1b311ac5a390b85345337838d182296dad380682a87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 18:55:09 GMT
x-amz-version-id: null
Last-Modified: Fri, 12 Oct 2018 23:42:34 GMT
Server: AmazonS3
x-amz-request-id: SD59KDQVV6VXJ96H
ETag: "c9a2ca04d6ec76b7da644506f215fc4b"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 22456
x-amz-id-2: nEcjtChVQjMz5jVS/gNYI1JSpGu4r8G/zabANcbISUj8Jhgk09rDlTHHeDWHyhH6pk+mZesfTQM=

GET
H2

200

gtm-helper-script-bundle.js Show response
artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/
Redirect Chain

https://travel.calif.aaa.com/web-services/assets/resource/js/gtm-helper-script-bundle.js
https://artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/gtm-helper-script-bundle.js

31 KB
10 KB

28ms
8ms

Script
application/javascript

18.66.97.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/gtm-helper-script-bundle.js
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: H2
Server: 18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b2292da763893e6d2726bc4becdeb451da650ce6848e476c3cb95e0cd91a115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 19:41:59 GMT
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id: .9C2jDYPdB9eCm8c2HcxwBXKo3IAMng5
last-modified: Wed, 03 May 2023 14:39:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 169990
etag: "81af31c6a096270684d46959c5e19cc2"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
content-length: 9495
x-amz-cf-id: uvmkHorWMZn1zJpu9vihJkD7j6QnN7g2eKVRQsoEFOrcld3PXzk3nw==

Redirect headers

date: Fri, 05 May 2023 18:55:08 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/gtm-helper-script-bundle.js
content-length: 123

GET
H2 200 aaa-white-logo-xs.png
www.ace.aaa.com/content/dam/ace/logos/ace/ 8 KB
9 KB 27ms
11ms Image
image/png 45.60.124.133
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ace.aaa.com/content/dam/ace/logos/ace/aaa-white-logo-xs.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.124.133 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fc30bb03875c191dc3bb7afdd267596c26f92d4145eaa0408f652f64ade82597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:08 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
x-cdn: Imperva
age: 37825
x-vhost: ace-publish
x-cache: HIT
x-iinfo: 7-11656739-11656741 NNNY CT(0 4 0) RT(1683312908397 9) q(0 0 0 0) r(0 0) U24
content-disposition: attachment
content-length: 8304
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Mon, 20 Feb 2023 01:46:18 GMT
x-timer: S1683312909.893149,VS0,VS0,VE1
etag: "2070-5f517d4468e80"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges: bytes

GET
H2 200 truck.svg
www.ace.aaa.com/content/dam/ace/header/ 4 KB
2 KB 10ms
10ms Image
image/svg+xml 45.60.124.133
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ace.aaa.com/content/dam/ace/header/truck.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.124.133 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c8c0591f4efc0420cd8411e0afe8f56539f64d4231c0c940eae2dde51f1f70ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cdn: Imperva
age: 24772
x-vhost: ace-publish
x-cache: HIT
x-iinfo: 7-11656739-11656741 PNNy RT(1683312908397 22) q(0 0 0 -1) r(0 0) U24
content-disposition: attachment; filename="truck.svg"
content-length: 2065
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Mon, 20 Feb 2023 01:50:21 GMT
x-timer: S1683312909.905286,VS0,VS0,VE0
etag: "1182-5f517e2c27140-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges: bytes

GET
H2 200 user-icon.svg
www.ace.aaa.com/content/dam/ace/header/ 1 KB
654 B 11ms
11ms Image
image/svg+xml 45.60.124.133
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ace.aaa.com/content/dam/ace/header/user-icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.124.133 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7a4245d31b727e4c0541bac7bb623205e3c2b6dbc81f0096c732fffabbef936f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cdn: Imperva
age: 33690
x-vhost: ace-publish
x-cache: HIT
x-iinfo: 7-11656739-11656741 PNNy RT(1683312908397 33) q(0 0 0 -1) r(0 0) U24
content-disposition: attachment; filename="user-icon.svg"
content-length: 451
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Mon, 20 Feb 2023 01:50:20 GMT
x-timer: S1683312909.916754,VS0,VS0,VE1
etag: "44d-5f517e2b32f00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges: bytes

GET
H2 200 burger.svg
www.ace.aaa.com/content/dam/ace/header/ 2 KB
618 B 10ms
10ms Image
image/svg+xml 45.60.124.133
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ace.aaa.com/content/dam/ace/header/burger.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.124.133 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

47633cdd2e93000441f470347bd92e0a2819f23e7b8dc13d9a2a452c338d590c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cdn: Imperva
age: 15548
x-vhost: ace-publish
x-cache: HIT
x-iinfo: 7-11656739-11656741 PNNy RT(1683312908397 45) q(0 0 0 -1) r(0 0) U24
content-disposition: attachment; filename="burger.svg"
content-length: 441
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Mon, 20 Feb 2023 01:50:21 GMT
x-timer: S1683312909.928046,VS0,VS0,VE1
etag: "6f9-5f517e2c27140-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges: bytes

GET
H2

200

results-bundle.js Show response
artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/
Redirect Chain

https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/results-bundle.js

6 MB
2 MB

9ms
8ms

Script
application/javascript

18.66.97.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/results-bundle.js
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: H2
Server: 18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23e2545694e0a6b0d2a686990a6766fee5509b5c7beab0e6d4ba0839d0ddfd37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 06:04:53 GMT
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id: eUMEljvTkgyYM4FnVd3XmSVa.byB_ild
last-modified: Wed, 26 Apr 2023 19:32:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 737417
etag: "e29718372e8fcdc05f82d7c923c8fe17"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
content-length: 1698695
x-amz-cf-id: UIbveS71u9VNq77JbT_GWHSl_g_InN3NWTsM2J_N_3PKCxWZj70C6g==

Redirect headers

date: Fri, 05 May 2023 18:55:08 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/results-bundle.js
content-length: 110

GET
H2 200 utag.sync.js Show response
tms.ace.aaa.com/tst/prod/ 109 B
616 B 61ms
19ms Script
application/javascript 65.9.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.ace.aaa.com/tst/prod/utag.sync.js
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20c8cb47379b4887256321b509e6280385ebee03a4b50b84f912709a8a449d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: rTlkIZ2wEEA8HSe45Q2DpmWRpbxK.7Bm
date: Fri, 05 May 2023 18:52:59 GMT
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4, FRA56-C1
age: 130
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 109
last-modified: Mon, 17 Apr 2023 19:04:01 GMT
server: AmazonS3
etag: "d908428b6d1c92060802103376197070"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: gDO8Yxpmade5noXJh8TGeTLpboCobULy86F-GeRi4sSFNsuQxaiLSw==

GET
H2 200 pa-5f5fcac48e83fa0015000b12.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 38ms
19ms Script
application/javascript 2606:4700:10::6816:3768
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5f5fcac48e83fa0015000b12.js
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3768 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d495d80150a450036620c07b921f67af2001aecb36b37eabc4e2d5771d2073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
age: 7
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7c2b32320f359110-FRA
expires: Fri, 05 May 2023 19:00:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
960 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,300,600,700&subset=latin,latin-ext

Requested by

Host: artifacts.tstllc.net
URL: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bdbc7aa942ed3cc380c72be1c45147f4d7ec5e6b5b084f6527a46022314958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://artifacts.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 May 2023 18:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 May 2023 18:55:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 May 2023 18:55:08 GMT

GET
H2

200

/ Show response
www.fullstory.com/
Redirect Chain

https://www.fullstory.com/s/fs.js
https://www.fullstory.com/

0
0

10ms
8ms

Script
text/html

2a05:d014:275:cb00:ea62:f40:f6f6:3c4f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fullstory.com/
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: H2
Server: 2a05:d014:275:cb00:ea62:f40:f6f6:3c4f Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

x-nf-request-id: 01GZPM96TYB1PY0TZX1CC0B5Q8
date: Fri, 05 May 2023 13:34:40 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 19229
content-type: text/plain
location: /
content-length: 17

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 4 KB
2 KB 29ms
7ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

f4dc9ef64489ab1b2b404e69f1f5d09be8b96ea457a6b65dcacd22c61c59c8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 05 May 2023 18:55:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 524
x-accel-date: 1683312385
x-77-nzt: AZySIYs8Blv/DAIAAA
x-accel-expires: @1683312985
last-modified: Thu, 04 May 2023 10:52:52 GMT
server: CDN77-Turbo
etag: W/"64538e84-e8b"
x-77-nzt-ray: cf87872734b9365f0d515564b00f3209
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H/1.1 200
OK ProximaNovaSemibold.woff2
s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Semibold/ 17 KB
18 KB 327ms
123ms Font
binary/octet-stream 54.231.201.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Semibold/ProximaNovaSemibold.woff2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f529cf4430e32ae0b07d7d606ca1043e8cd9ebb9476456589578a299bad459bd

Request headers

Referer: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Origin: https://travel.calif.aaa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 18:55:10 GMT
x-amz-version-id: null
Last-Modified: Tue, 18 Sep 2018 14:07:12 GMT
Server: AmazonS3
x-amz-request-id: T22CYA26WPNT814R
ETag: "e0642ce0df568ffbe72cafaf526fea41"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 17512
x-amz-id-2: b8IvqyCWGnhkFa/kXSQ6aUC1GLuhtqj8XTRzN2M89WbSwG/1L/7pEd2vsFj/zL2RV5GGrsurzG4=

GET
H/1.1 200
OK ProximaNovaBold.woff2
s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Bold/ 17 KB
18 KB 347ms
134ms Font
binary/octet-stream 54.231.201.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Bold/ProximaNovaBold.woff2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e40b1bcc46b4ca351f0cd7f314eeaed43ae65f5c51af3e1e9e20b7a008b8aa0

Request headers

Referer: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Origin: https://travel.calif.aaa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 18:55:10 GMT
x-amz-version-id: null
Last-Modified: Tue, 18 Sep 2018 14:07:09 GMT
Server: AmazonS3
x-amz-request-id: T22619XZTTDCQJZ4
ETag: "5ce6a871d6c91993a96eca92e55f9f00"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 17700
x-amz-id-2: TjGzdg3WzY2k8JuHF7tIOCkvIh+l2bDWbVJgk8NfQKFNOjeASLF/ccVfTIseAXKsT7A0JAi7k6c=

GET
H/1.1 200
OK ProximaNovaRegular.woff2
s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Regular/ 17 KB
18 KB 344ms
131ms Font
binary/octet-stream 54.231.201.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Regular/ProximaNovaRegular.woff2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd9044a309ef7d51ad98d6a471d5ba00af04478843631e0cf5e2bfc36b509c2c

Request headers

Referer: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Origin: https://travel.calif.aaa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 18:55:10 GMT
x-amz-version-id: null
Last-Modified: Tue, 18 Sep 2018 14:07:11 GMT
Server: AmazonS3
x-amz-request-id: T22BFHE7RA7JESDR
ETag: "1c43f9c5378fbcf84333719c88c6b0e0"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 17728
x-amz-id-2: RNm9hm3TCt5o39UYUpzXwQR1bZwaWh/oOa2a4M3jJ5Xc/2gIBe+GBOTBK4Xs7CWY9DmARqYSP40=

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b3e8e10db2f90bdb8710b478c200588b2396146e4b07b22a795ad79e062360f

Request headers

Referer
Origin: https://travel.calif.aaa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb2e1a97e3bc84334fa38904266d7ef01dc9407e17b3fcf54ea4a8ecbf494abf

Request headers

Referer
Origin: https://travel.calif.aaa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 utag.js Show response
tms.ace.aaa.com/tst/prod/ 151 KB
43 KB 11ms
10ms Script
application/javascript 65.9.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.ace.aaa.com/tst/prod/utag.js
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6436a5ce3afd80874afefd56bd64d1a1859fa6ede64d87b9b682bd714f1efd56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: b_ejouBF9RFWxPQkIwtgrb_fACkcA3x3
content-encoding: br
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date: Fri, 05 May 2023 18:53:00 GMT
last-modified: Mon, 17 Apr 2023 19:04:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, FRA56-C1
age: 130
x-amz-server-side-encryption: AES256
etag: W/"2bc1f953cd73fd90abe30b9f9884d370"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: tWGQaBSl6LuyT9Jvlu0apdOwLdjU4urbimVNBXPa3QjzH6KZYVo-4g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 468 KB
104 KB 162ms
81ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W79ZLQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afe2f3c4229d822d17aea5cfe40cc50a313f9d5c0720948a0e09972d563d33a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105629
x-xss-protection: 0
last-modified: Fri, 05 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 May 2023 18:55:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 518 KB
113 KB 245ms
164ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6BPC96

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f628fb1592d5633bc55ee28e867717edd671eda7c0c00dec8081ecbb62deff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 115594
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 18:55:09 GMT

GET
H2 200 init.b058789217516e0f23d3.js Show response
web-sdk.smartlook.com/es6/ 57 KB
17 KB 27ms
12ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/es6/init.b058789217516e0f23d3.js

Requested by

Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

de04dff43538fef3cc0ab104c9393138b007d11704169160c52a57bbd1220d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://travel.calif.aaa.com/
Origin: https://travel.calif.aaa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 05 May 2023 18:55:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 109311
x-accel-date: 1683203598
x-77-nzt: AZySIYvbtV7//6oBAA
x-accel-expires: @1714739598
last-modified: Thu, 04 May 2023 10:52:52 GMT
server: CDN77-Turbo
etag: W/"64538e84-e345"
x-77-nzt-ray: cf87872714b9c6610d5155643a61540e
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

GET
H2 200 utag.1.js Show response
tms.ace.aaa.com/tst/prod/ 60 KB
20 KB 10ms
9ms Script
application/javascript 65.9.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.ace.aaa.com/tst/prod/utag.1.js?utv=ut4.49.202304171903
Requested by: Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 394c6e5ee58215cf849d8cf6ae2c045dc72a14ac62628fdb6793ccb62c59ee85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: CrHdcXOD2ZVwG60f03_tQwttSoLRDYXc
content-encoding: gzip
via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date: Fri, 05 May 2023 18:53:00 GMT
last-modified: Mon, 17 Apr 2023 19:03:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, FRA56-C1
age: 130
x-amz-server-side-encryption: AES256
etag: W/"8daf8f73cb8f498f3dd5ede264d26446"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: kmY0NMZ9BeJLtK6ZaOkEPbQMqA8SvNgLw8vIsJyuK870tw6c3NZl9w==

GET
H2 200 utag.45.js Show response
tms.ace.aaa.com/tst/prod/ 12 KB
4 KB 11ms
10ms Script
application/javascript 65.9.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.ace.aaa.com/tst/prod/utag.45.js?utv=ut4.49.202211021837
Requested by: Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43429107c9e1939286f126c4ab374e9b8909cbca3a7d6ad4effa88d0312c6aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: _iOGb_mCaEIv1Nc9YHqUF3V8lByq7KCq
content-encoding: br
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date: Fri, 05 May 2023 18:54:57 GMT
last-modified: Mon, 17 Apr 2023 19:03:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, FRA56-C1
age: 13
x-amz-server-side-encryption: AES256
etag: W/"d501cf138262928ffa98add6c1ca5f68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: Spffi5LgaM2tf69PZxuhYhx0iyZ8dWn0tIUcuC14mKzgi_bkY6BUkA==

GET
H2 200 utag.38.js Show response
tms.ace.aaa.com/tst/prod/ 21 KB
7 KB 10ms
10ms Script
application/javascript 65.9.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.ace.aaa.com/tst/prod/utag.38.js?utv=ut4.49.202204070052
Requested by: Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3d92cefd95aa6a3adaae54544f56d0e4ff558c827191f767b29c3429e24ad71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: lNeO3MvmXnebIBlDlTm3ly_JL1z_wsp4
content-encoding: br
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date: Fri, 05 May 2023 18:53:01 GMT
last-modified: Mon, 17 Apr 2023 19:04:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, FRA56-C1
age: 129
x-amz-server-side-encryption: AES256
etag: W/"e1a9f2c59e7f379e53d3f7b6c506a4e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: vdpQtqnk-7JpsxpLjGGY0cT-PjJnD_1wX2GPQV1cF08nWNL0_ZT72Q==

GET
H2 200 utag.47.js Show response
tms.ace.aaa.com/tst/prod/ 20 KB
6 KB 11ms
11ms Script
application/javascript 65.9.66.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tms.ace.aaa.com/tst/prod/utag.47.js?utv=ut4.49.202211230009
Requested by: Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eaf247fb17f36b2db0be030424062cd17894d33c90d136043b623694bd410281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: Lb2ZC49.tL6Xj3Sb7Y1253Uvbe3wAxEp
content-encoding: br
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
date: Fri, 05 May 2023 18:53:01 GMT
last-modified: Mon, 17 Apr 2023 19:03:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, FRA56-C1
age: 129
x-amz-server-side-encryption: AES256
etag: W/"83fe6c1930d64218c9942b672373cf78"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: trwZ9R36Rb0RZknwZALFjUIVgvRMAbDuUczXCXEutYhU_LXBQxaKxg==

GET
H2

200

0.css
artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/
Redirect Chain

https://travel.calif.aaa.com/activity/assets/resource/stylesheets/0.css
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/0.css

90 KB
43 KB

9ms
8ms

Stylesheet
text/css

18.66.97.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/0.css
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: H2
Server: 18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dee1f8e318497e9bcc7766c2d08c4c7b6067522bb947a5627b4c470454202d99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 20:27:50 GMT
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id: fnaYq_J1u5Gw0TwErA78DzyDUMH8DjD9
last-modified: Wed, 26 Apr 2023 19:32:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 772040
etag: "45d0ff3ef9500ff9af097c02f5a7764e"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
content-length: 43960
x-amz-cf-id: cyFc9aBfGwz6L-6lyvb6Hprpcp_l-vPTOxiOHzEaCuGWzFDV9zuhrA==

Redirect headers

date: Fri, 05 May 2023 18:55:09 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/0.css
content-length: 107

GET
H2

200

0-chunk.js Show response
artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/
Redirect Chain

https://travel.calif.aaa.com/activity/assets/resource/js/chunk/0-chunk.js
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/0-chunk.js

1 MB
281 KB

9ms
9ms

Script
application/javascript

18.66.97.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/0-chunk.js
Requested by: Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
Protocol: H2
Server: 18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69582a95395c6e221d7319f3dab4f6712d20d1ed29bfe0f2b056c88e685aa917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 23:30:19 GMT
content-encoding: gzip
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id: ne1jDaoP_7WmnECi0_3WOut6cIWMKFPy
last-modified: Wed, 26 Apr 2023 19:32:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 761091
etag: "9e05f803df3c9013b15113764c17836b"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
content-length: 286602
x-amz-cf-id: pis_JXxt5EDCbKTaK2s7ACkmDBMmoFOS6T__yjMIGTZQW3Qiz3v9lg==

Redirect headers

date: Fri, 05 May 2023 18:55:09 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/0-chunk.js
content-length: 109

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
434 B 33ms
8ms Script
application/javascript 2600:9000:223e:2200:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=aaa/tst/202304171903&cb=1683312909887
Requested by: Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:2200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Fri, 05 May 2023 18:45:32 GMT
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: dYp_F6KwU-PwyLjfN0Y4V2LHJWQS3WljUx-PyZx_4YNylq0ba0b4mw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 117ms
35ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6BPC96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 18:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1166
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 05 May 2023 20:35:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
81 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-65YG7JM4M0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6BPC96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5344294b0560c626fe4c22a54abfbbe75cb3a0d25eb5429e94467ad084313599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 18:55:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 51ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-65YG7JM4M0&gtm=45je3530&_p=253217873&cid=1470148851.1683312910&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683312910&sct=1&seg=0&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&dt=Activity%20Search%20Results&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65YG7JM4M0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.calif.aaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 43ms
42ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=253217873&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&ul=en-us&de=UTF-8&dt=Activity%20Search%20Results&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=142340768&gjid=160925613&cid=1470148851.1683312910&tid=UA-96133587-4&_gid=1529960624.1683312910&_r=1&_slc=1&gtm=45He3530n81T6BPC96&cd1=000&cd2=Travel&cd3=TST&cd108=travel.calif.aaa.com%2Factivity%2Fsearch%2F4373&cd109=&cd111=&cd118=TST%20Activity%20Results%20Page&cd156=126927878.1683312909127&cd161=Not%20Collected&z=789072125

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://travel.calif.aaa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.calif.aaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 43ms
43ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=253217873&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&dp=%2Factivity%2Fsearch%2F4373&ul=en-us&de=UTF-8&dt=Activity%20Search%20Results&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=2134980103&gjid=162840593&cid=1470148851.1683312910&tid=UA-55392727-1&_gid=1529960624.1683312910&_r=1&_slc=1&gtm=45He3530n71W79ZLQ&cd1=customer&cd11=2023-05-05T18%3A55%3A09%2B00%3A00&cd13=126927878.1683312909127&cd9=1470148851.1683312910&z=180668241

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://travel.calif.aaa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.calif.aaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-65YG7JM4M0&gtm=45je3530&_p=253217873&cid=1470148851.1683312910&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1683312910&sct=1&seg=0&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&dt=Activity%20Search%20Results&en=scroll&epn.percent_scrolled=90&_et=11
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65YG7JM4M0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.calif.aaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312910191
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312910191

393 B
1 KB

32ms
31ms

XHR
application/json

34.251.115.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312910191

Protocol

HTTP/1.1

Server

34.251.115.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-115-24.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e7ee8c87dd640e17952b8c68bdcae9a1d796eaf832b9f6002c9f0aaf3693e798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-032e056ca.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: bFzA9bEqRN8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://travel.calif.aaa.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 331
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v048-075b8a8c4.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: SLJRzR3rTrE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://travel.calif.aaa.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312910191
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1039166654&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T6BPC96

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cdfc57357dcb497b0da08b9a087624590ad5c51b800038c4bb519754d1f3f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68330
x-xss-protection: 0
last-modified: Fri, 05 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 May 2023 18:55:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1039166654

Requested by

Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adc246a0d7794a6f4669a5749ef9e8d3431b042f9eac8d94732fbf461956eca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68265
x-xss-protection: 0
last-modified: Fri, 05 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 May 2023 18:55:10 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
28 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 May 2023 18:55:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27428
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cPVX4uFgs00NHGwTTOOcwecq858pE9gH6TaVIgX2WKN7Ezgwcm4c10gzoOPuDNbuExMThx3Juh3ja5KTz2vosg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 i.gif Show response
tmsc.ace.aaa.com/aaa/main/2/ 43 B
748 B 292ms
99ms XHR
image/gif 75.2.125.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tmsc.ace.aaa.com/aaa/main/2/i.gif
Requested by: Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.47.js?utv=ut4.49.202211230009
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.125.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3792b07a22951ff1.awsglobalaccelerator.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://travel.calif.aaa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHoiXUAO80Sw6dMRd

Response headers

date: Fri, 05 May 2023 18:55:10 GMT
x-serverid: uconnect_i-0267105231c6d5d82
x-tid: 0187ed449bb9006062b35d11ef900307300c606b00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: aaa:main:2:datacloud
x-region: us-east-1
content-length: 43
pragma: no-cache
x-did: 0187ed449bb9006062b35d11ef900307300c606b00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://travel.calif.aaa.com
x-ulver: 9b1ec25f618f2852a333507ed7107ea8f8f4099c-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 1518a03a-8333-411c-9e92-168b5110f4cd
expires: Fri, 05 May 2023 18:55:10 GMT

GET
H2 200 productChannelMiniCartPackaging Show response
travel.calif.aaa.com/admin/rest/parameters/ 95 B
577 B 112ms
112ms Fetch
application/json 54.221.200.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.calif.aaa.com/admin/rest/parameters/productChannelMiniCartPackaging

Requested by

Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-200-83.compute-1.amazonaws.com

Software

Resource Hash

3ed1cbd3430507ea5ee48aecf25a070b467b7bb210c6124b0a1ced12d164beba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca .caascotravel.com .caasco.ca *.caasco.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:10 GMT
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 95
content-type: application/json

POST
H2 200 ld Show response
travel.calif.aaa.com/web-services/assets/featureToggles/ 4 B
353 B 102ms
101ms XHR
application/json 54.221.200.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.calif.aaa.com/web-services/assets/featureToggles/ld

Requested by

Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-200-83.compute-1.amazonaws.com

Software

/ Express

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca .caascotravel.com .caasco.ca *.caasco.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Referer: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 05 May 2023 18:55:10 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-length: 4

GET
H2 200 data Show response
travel.calif.aaa.com/activity/search/4373/ 32 KB
4 KB 550ms
549ms XHR
text/html 54.221.200.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.calif.aaa.com/activity/search/4373/data?sortOrder=TOP_SELLERS&categories=&offset=0&maxResults=10&tripId=&tripItemId=

Requested by

Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-200-83.compute-1.amazonaws.com

Software

Resource Hash

67cd306b6d519612d4f96b72404db3001c0591ccc6f947bfd0588dc50ea2d6e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca .caascotravel.com .caasco.ca *.caasco.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Referer: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:10 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 3692

GET
H2 200 ld Show response
travel.calif.aaa.com/web-services/assets/featureToggles/ 5 B
354 B 102ms
101ms XHR
application/json 54.221.200.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://travel.calif.aaa.com/web-services/assets/featureToggles/ld?key=MiniCart&anonymous=true

Requested by

Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-200-83.compute-1.amazonaws.com

Software

/ Express

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca .caascotravel.com .caasco.ca *.caasco.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:10 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express
etag: W/"5-fLbvuYullyqbUJDcLlF/4U0SywQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-length: 5

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-96133587-4&cid=1470148851.1683312910&jid=142340768&gjid=160925613&_gid=1529960624.1683312910&_u=YADAAEAAAAAAACAAI~&z=49230598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://travel.calif.aaa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 May 2023 18:55:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.calif.aaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-55392727-1&cid=1470148851.1683312910&jid=2134980103&gjid=162840593&_gid=1529960624.1683312910&_u=YADAAEABAAAAACAEK~&z=1735172898

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://travel.calif.aaa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 May 2023 18:55:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.calif.aaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 115ms
28ms XHR
text/plain 108.128.224.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5f5fcac48e83fa0015000b12&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=2&cE=367&dLE=2&dLS=2&fS=0&hS=99&rE=-1&rS=-1&reS=367&resS=648&resE=746&uEE=-1&uES=-1&dL=714&dI=1591&dCLES=1591&dCLEE=1591&dC=2536&lES=2536&lEE=2602&s=nt&title=Activity%20Search%20Results&path=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373&ref=&sId=73fs4lcr&sST=1683312910&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5f5fcac48e83fa0015000b12.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.224.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-224-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 05 May 2023 18:55:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.103

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 May 2023 18:55:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: W1MZwW0NsOqrSJ2DkXasgifbBfpeH7DSXs6iLd9g2lLgIPfiRV2IBCBscAuvDd0Siq70TycqDqQrUKPzWccb2Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 136696297006053 Show response
connect.facebook.net/signals/config/ 390 KB
109 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/136696297006053?v=2.9.103&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d55b788cd748fb0fb927ad66148f3aa642387f56887561d3f3bdf0839da369cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 18:55:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111593
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: c5FapRTXhnh/P9ahWYa2hi68BHHo1u0xaMwjTnPE5JNrGdks5Y4oM1czszU0UWJv1++Nw0Su+jps1n0k2i0IzA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 156ms
75ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-55392727-1&cid=1470148851.1683312910&jid=2134980103&_u=YADAAEABAAAAACAEK~&z=494513895

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 161ms
75ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-55392727-1&cid=1470148851.1683312910&jid=2134980103&_u=YADAAEABAAAAACAEK~&z=494513895

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 155ms
75ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-96133587-4&cid=1470148851.1683312910&jid=142340768&_u=YADAAEAAAAAAACAAI~&z=2118789097

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 159ms
75ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-96133587-4&cid=1470148851.1683312910&jid=142340768&_u=YADAAEAAAAAAACAAI~&z=2118789097

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=136696297006053&ev=PageView&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&rl=&if=false&ts=1683312910327&sw=1600&sh=1200&v=2.9.103&r=stable&a=tmtealium&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22212826774798750%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22184158674528562%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221905618656470362%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%224373%22%7D%7D&par[3]=%7B%22extractorID%22%3A%22772387024407499%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%224373%22%7D%7D&fbp=fb.1.1683312910325.722968570&cs_est=true&it=1683312910280&coo=false&eid=482d41bcf3bb36098673ebc5e6a95a2c&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 May 2023 18:55:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1039166654/ 3 KB
2 KB 134ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1039166654/?random=1683312910346&cv=11&fst=1683312910346&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&hn=www.googleadservices.com&frm=0&tiba=Activity%20Search%20Results&did=dYmQxMT&gdid=dYmQxMT&auid=410576230.1683312910&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1039166654&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5819de038d8a5a3df172d8de6775240c30ab047b1d78bfc0a4c975bed8607cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
automobileclubofsoutherncalifornia.demdex.net/ Frame 8A2B 7 KB
3 KB 122ms
30ms Document
text/html 34.251.115.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://automobileclubofsoutherncalifornia.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.115.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-115-24.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://travel.calif.aaa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v048-0545fe400.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: p2RGrgaVSvI=
content-encoding: gzip
date: Fri, 5 May 2023 18:55:10 GMT
last-modified: Thu, 27 Apr 2023 14:05:12 GMT
vary: accept-encoding

GET
H2 200 id Show response
acemetrics.aaa.com/ 48 B
459 B 54ms
19ms XHR
application/x-javascript 63.140.62.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://acemetrics.aaa.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=97311CFE53295FB20A490D45%40AdobeOrg&mid=81498893903006735461472541782826278564&ts=1683312910371

Requested by

Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

0a482741558fc43f0003d113e687010eb03173561976334c9f790e893131cc31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travel.calif.aaa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 May 2023 18:55:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://travel.calif.aaa.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZFVRDgAAAGl2zQMx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=91754836593252946611882610254628462827
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFVRDgAAAGl2zQMx

42 B
942 B

33ms
33ms

Image
image/gif

34.251.115.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFVRDgAAAGl2zQMx

Protocol

HTTP/1.1

Server

34.251.115.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-115-24.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0509829c5.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bjD4FXVkRvk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFVRDgAAAGl2zQMx
Date: Fri, 05 May 2023 18:55:10 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s22746154130698
acemetrics.aaa.com/b/ss/aaascace/1/JS-2.23.0/ 43 B
306 B 19ms
19ms Image
image/gif 63.140.62.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://acemetrics.aaa.com/b/ss/aaascace/1/JS-2.23.0/s22746154130698?AQB=1&ndh=1&pf=1&t=5%2F4%2F2023%2018%3A55%3A10%205%200&sdid=3840601FFBF22436-1293615C73A65AEB&mid=81498893903006735461472541782826278564&aamlh=6&ce=UTF-8&cdp=2&pageName=travel%3Atst%3Aactivity%3Asearch%20results&g=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&cc=USD&ch=travel&v0=email_tst_confirmation_conf_email_car&events=event79&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=tst&v1=tst&c2=activity&v2=activity&c3=startdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&v3=startdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&c7=ca&v7=ca&c10=0187ed449bb9006062b35d11ef900307300c606b00b08&v10=0187ed449bb9006062b35d11ef900307300c606b00b08&c14=customer&v14=customer&v16=email_tst_confirmation_conf_email_car&c43=1683312909243&v43=1683312909243&c70=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373&v70=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373&c72=travel%3Atst%3Aactivity%3Asearch%20results&v72=travel%3Atst%3Aactivity%3Asearch%20results&v125=Desktop&v126=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F113.0.5672.63%20Safari%2F537.36&v192=aaa%24tst%24prod%24false%244.49%24202304171903%24fpd%7C5.4.0%24%242.23.0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=97311CFE53295FB20A490D45%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 06 May 2023 18:55:10 GMT
server: jag
etag: 3614886948931502080-4619865217784698854
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 04 May 2023 18:55:10 GMT

GET
H2 200 0187ed449bb9006062b35d11ef900307300c606b00b08 Show response
visitor-service-us-east-1.tealiumiq.com/aaa/main/ 2 KB
2 KB 319ms
106ms Script
application/javascript 52.72.50.97
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/aaa/main/0187ed449bb9006062b35d11ef900307300c606b00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1683312910512

Requested by

Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.50.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-50-97.compute-1.amazonaws.com

Software

Resource Hash

46bef191582328f9ab402e738e0cd0924f9b846bca2500c7bcdbe18732749ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-version: 9b1ec25f618f2852a333507ed7107ea8f8f4099c-SNAPSHOT
date: Fri, 05 May 2023 18:55:10 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: us-east-1
content-length: 1697
x-nodeid: i-0bdc88ccb2eb1e68f
content-type: application/javascript; charset=utf-8

GET
H2 200 /
www.google.com/pagead/1p-user-list/1039166654/ 42 B
154 B 51ms
50ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1039166654/?random=1683312910346&cv=11&fst=1683309600000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&frm=0&tiba=Activity%20Search%20Results&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1519666971&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1039166654/ 42 B
154 B 53ms
52ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1039166654/?random=1683312910346&cv=11&fst=1683309600000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&frm=0&tiba=Activity%20Search%20Results&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1519666971&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 hot_deal.png
artifacts.tstllc.net/ui/src/client/activity/app/images/ 0
262 B 747ms
746ms Image
text/plain 18.66.97.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://artifacts.tstllc.net/ui/src/client/activity/app/images/hot_deal.png
Requested by: Host: artifacts.tstllc.net
URL: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-58.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P2
vary: Origin
x-cache: LambdaGeneratedResponse from cloudfront
cache-control: no-cache, cf-no-cache
content-length: 0
x-amz-cf-id: 2_ynyFaBa7RvXlASeJ2WfLjzHZrCOnDU-cT1E0L3GpU8LRQASVqSug==

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aa5efde86c226b1c6daaa9e29be64ba62beb170ec6329bde6927f77c9292b02

Request headers

Referer
Origin: https://travel.calif.aaa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2

200

orange_5_0.gif
assets.green.kube.tstllc.net/images/common/rating/
Redirect Chain

https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_5_0.gif
https://assets.green.kube.tstllc.net/images/common/rating/orange_5_0.gif?url=null%3FcacheBuster%3D0.3193005705475218

825 B
1 KB

372ms
102ms

Image
image/gif

18.215.49.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.green.kube.tstllc.net/images/common/rating/orange_5_0.gif?url=null%3FcacheBuster%3D0.3193005705475218

Protocol

Server

18.215.49.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-49-40.compute-1.amazonaws.com

Software

Resource Hash

97530daa9d81c72ca83065697e54863ca71d14e3e8a9e527f51b64f98a4b2aad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca .caascotravel.com .caasco.ca *.caasco.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 May 2020 19:06:48 GMT
etag: "5ebaf3c8-339"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 825

Redirect headers

location: https://assets.green.kube.tstllc.net/images/common/rating/orange_5_0.gif?url=null%3FcacheBuster%3D0.3193005705475218
date: Fri, 05 May 2023 18:55:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express

GET
H2 200 d5.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/07/a7/a0/ 90 KB
90 KB 429ms
34ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/07/a7/a0/d5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 752c913ab2e090abe4f7de944317ca098130113d6f29fe27e9d3cf3cdd8b0118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 935129323
age: 2107445
x-cache: HIT, HIT
content-length: 92087
x-served-by: cache-iad-kjyo7100021-IAD, cache-fra-eddf8230084-FRA
last-modified: Wed, 19 Jun 2019 19:09:26 GMT
x-timer: S1683312911.229484,VS0,VE2
etag: "17c154c8eba3583581523847a28b035c"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 1112, 1

GET
H2 200 ec.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/07/1c/f1/ 77 KB
77 KB 448ms
54ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/07/1c/f1/ec.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c8ce36ce434f9ab9c07026d7b918958faf3f84c59afb9c903805343909ccc048

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 449922997
age: 2527425
x-cache: HIT, HIT
content-length: 78483
x-served-by: cache-iad-kjyo7100057-IAD, cache-fra-eddf8230084-FRA
last-modified: Tue, 26 Feb 2019 11:58:27 GMT
x-timer: S1683312911.229960,VS0,VE3
etag: "1bd2516e34a8ae799fc0267eaea8c390"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 1472, 1

GET
H2 200 5e.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/f4/93/ 95 KB
95 KB 448ms
54ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/f4/93/5e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dc159c2e39820488d3bbf2bd562eb2f2e027e489c0a0c3bf305482aa4606a659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 953877248
age: 358524
x-cache: HIT, HIT
content-length: 97273
x-served-by: cache-iad-kiad7000092-IAD, cache-fra-eddf8230084-FRA
last-modified: Mon, 02 Aug 2021 16:13:19 GMT
x-timer: S1683312911.230044,VS0,VE2
etag: "8366f72ed4555aa3d68494102af9bd87"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 365, 1

GET
H2 200 53.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/87/bd/ 40 KB
40 KB 448ms
54ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/87/bd/53.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eb632ff7549a05432753984dd3dbbbf9b51c473a8a0e0d0789c77287056f3a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 1024268881
age: 280227
x-cache: HIT, HIT
content-length: 40695
x-served-by: cache-iad-kjyo7100032-IAD, cache-fra-eddf8230084-FRA
last-modified: Mon, 21 Dec 2020 16:33:00 GMT
x-timer: S1683312911.230687,VS0,VE4
etag: "9a3cbf1df61f5f420becad0f32567e42"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 328, 1

GET
H2 200 72.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/09/4e/e0/ 123 KB
123 KB 447ms
53ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/09/4e/e0/72.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a1a721da8f35b2099bf2415ec821961e664f9d7d1f1e2ea72d04e8c273d3c659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 1034560429
age: 2009803
x-cache: HIT, HIT
content-length: 125700
x-served-by: cache-iad-kcgs7200045-IAD, cache-fra-eddf8230084-FRA
last-modified: Sat, 28 Sep 2019 00:30:14 GMT
x-timer: S1683312911.230430,VS0,VE1
etag: "7529b037fe086793d809b9e9490a1bf4"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 692, 1

GET
H2 200 b7.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/27/51/ 67 KB
68 KB 447ms
54ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/27/51/b7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b43633a95de2ab3d10f6b09ddbb9d4b36c5c5087531dfa68ea45ba11083a66b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 627482824
age: 891865
x-cache: HIT, HIT
content-length: 69038
x-served-by: cache-iad-kiad7000022-IAD, cache-fra-eddf8230084-FRA
last-modified: Wed, 19 Aug 2020 12:26:25 GMT
x-timer: S1683312911.230448,VS0,VE2
etag: "16dce171be49e8356d225c9b6524802e"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 1705, 1

GET
H2 200 7e.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/22/42/ 93 KB
93 KB 18ms
17ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/22/42/7e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 917f43467b708388b53d93f58872c35988dd8ca38778b913059f93321e3563c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 469227544
age: 907476
x-cache: HIT, HIT
content-length: 94997
x-served-by: cache-iad-kcgs7200046-IAD, cache-fra-eddf8230084-FRA
last-modified: Thu, 30 Jul 2020 19:55:46 GMT
x-timer: S1683312911.247401,VS0,VE1
etag: "8391f40b102345706f997f26eea809b4"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 1430, 1

GET
H2

200

orange_3_5.gif
assets.green.kube.tstllc.net/images/common/rating/
Redirect Chain

https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_3_5.gif
https://assets.green.kube.tstllc.net/images/common/rating/orange_3_5.gif?url=null%3FcacheBuster%3D0.8147430014444743

873 B
1 KB

373ms
103ms

Image
image/gif

18.215.49.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.green.kube.tstllc.net/images/common/rating/orange_3_5.gif?url=null%3FcacheBuster%3D0.8147430014444743

Protocol

Server

18.215.49.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-49-40.compute-1.amazonaws.com

Software

Resource Hash

f68b041f043e568c123ce58b391ed8f2d1ffee5e26464260c7edaeab8cce7245

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca .caascotravel.com .caasco.ca *.caasco.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 May 2020 19:06:48 GMT
etag: "5ebaf3c8-369"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 873

Redirect headers

location: https://assets.green.kube.tstllc.net/images/common/rating/orange_3_5.gif?url=null%3FcacheBuster%3D0.8147430014444743
date: Fri, 05 May 2023 18:55:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express

GET
H2 200 25.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/f1/b1/ 57 KB
57 KB 32ms
32ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/f1/b1/25.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bb4212e16db3f864e09732cb46ea21321d892fb1b00c14f64a640cf1c6d77da2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 253403512
age: 1487806
x-cache: HIT, HIT
content-length: 58119
x-served-by: cache-iad-kcgs7200167-IAD, cache-fra-eddf8230084-FRA
last-modified: Wed, 21 Jul 2021 13:47:33 GMT
x-timer: S1683312911.248013,VS0,VE24
etag: "df14d97a19e6bf6223344c92180f308a"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 814, 1

GET
H2 200 6b.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/09/4e/e0/ 95 KB
96 KB 18ms
18ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/09/4e/e0/6b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0dcdf98b193a07240e5831a91fe13f8dbf43caa81d3bc6c4aa314ace7726327d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 139626018
age: 994820
x-cache: HIT, HIT
content-length: 97572
x-served-by: cache-iad-kjyo7100103-IAD, cache-fra-eddf8230084-FRA
last-modified: Sat, 28 Sep 2019 00:26:58 GMT
x-timer: S1683312911.247674,VS0,VE2
etag: "c154f56d8ab91f8f08d9f1fbfc8d37a0"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 590, 1

GET
H2

200

orange_3_0.gif
assets.green.kube.tstllc.net/images/common/rating/
Redirect Chain

https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_3_0.gif
https://assets.green.kube.tstllc.net/images/common/rating/orange_3_0.gif?url=null%3FcacheBuster%3D0.8012711060797937

874 B
1 KB

371ms
101ms

Image
image/gif

18.215.49.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.green.kube.tstllc.net/images/common/rating/orange_3_0.gif?url=null%3FcacheBuster%3D0.8012711060797937

Protocol

Server

18.215.49.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-49-40.compute-1.amazonaws.com

Software

Resource Hash

0e0e72b51dc6a723b98024013376b6114940f68b3f61a6b7fba8b671bcbd3187

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca .caascotravel.com .caasco.ca *.caasco.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 May 2020 19:06:48 GMT
etag: "5ebaf3c8-36a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 874

Redirect headers

location: https://assets.green.kube.tstllc.net/images/common/rating/orange_3_0.gif?url=null%3FcacheBuster%3D0.8012711060797937
date: Fri, 05 May 2023 18:55:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Express

GET
H2 200 eb.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0c/01/2e/ 84 KB
85 KB 18ms
17ms Image
image/jpeg 151.101.2.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.tacdn.com/media/attractions-splice-spp-674x446/0c/01/2e/eb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9eccdb7e8980366dc6de40367208e5f257936e4d2bdaa4e632686b94998583e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 18:55:11 GMT
via: 1.1 varnish, 1.1 varnish
x-media-cdn: 158272411
age: 1895018
x-cache: HIT, HIT
content-length: 86455
x-served-by: cache-iad-kiad7000115-IAD, cache-fra-eddf8230084-FRA
last-modified: Tue, 21 Sep 2021 03:38:46 GMT
x-timer: S1683312911.247607,VS0,VE3
etag: "3074c4fc1148dde2fccdd519da1cc6b2"
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
timing-allow-origin: https://www.tripadvisor.com
x-cache-hits: 922, 1

GET
H/1.1 200
OK fontawesome-webfont.woff
tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/font/ 43 KB
43 KB 335ms
128ms Font
font/woff 3.5.28.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/font/fontawesome-webfont.woff?v=3.2.1
Requested by: Host: tstllc-assets.s3.amazonaws.com
URL: https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.28.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Referer: https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/font-awesome.min.css
Origin: https://travel.calif.aaa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Fri, 05 May 2023 18:55:12 GMT
x-amz-version-id: MqdXJ_mx95.S1gS4I03gmhEEXrcJj9Ce
Last-Modified: Sat, 20 Jul 2019 11:48:39 GMT
Server: AmazonS3
x-amz-request-id: 98A667KBHY7AK3SB
ETag: "b683029bafe0305ac2234038a03e1541"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: font/woff
Accept-Ranges: bytes
Content-Length: 43572
x-amz-id-2: OzyvgVm3gjsAfF1jZFHR8wOAFeow5WGH/ny0Uqu95n21QZ81zFezXU4Avg+Li0d2VuScXzgKMk8ywN23tCRPRASncr6b6T5Yh74MIXkMsDM=

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=136696297006053&ev=Microdata&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&rl=&if=false&ts=1683312911852&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Activity%20Search%20Results%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.103&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1683312910325.722968570&it=1683312910280&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 May 2023 18:55:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-65YG7JM4M0&gtm=45je3530&_p=253217873&cid=1470148851.1683312910&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1683312910&sct=1&seg=0&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12%26tripid%3Dpdj9icxjtdmtkmiwuk4jhq%26enddate%3D2023-05-14%26tst_email%3Dconfirmation%26utm_source%3Dconf_email%26utm_medium%3Demail%26utm_campaign%3Dcar&dt=Activity%20Search%20Results&en=fetch_user_data&_et=44&up.ga4_client_id=1470148851.1683312910.&up.ga4_session_id=1683312910&up.analytics_id=126927878.1683312909127.&up.user_type=customer
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65YG7JM4M0&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://travel.calif.aaa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 18:55:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travel.calif.aaa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
travel.calif.aaa.com/	1969-12-31 23:59:59	Name: rememberMe Value: true
.ace.aaa.com/	1970-01-20 20:19:37	Name: visid_incap_2444368 Value: FGRGRdGfTSuzQLMNkRjc0AxRVWQAAAAAQUIPAAAAAABU6PcRSjqvXlPsbVxF23KG
.ace.aaa.com/	1969-12-31 23:59:59	Name: nlbi_2444368 Value: tikAeNiAuiNetyJ5YXljLAAAAAArM76J4FUb+U686FVxgZEI
.ace.aaa.com/	1969-12-31 23:59:59	Name: incap_ses_878_2444368 Value: TZdrYHnloFz+ar9+6UgvDAxRVWQAAAAALZnyysfZN1bs/GWXzoanuA==
travel.calif.aaa.com/	1970-01-20 21:11:12	Name: tst_user_session_id Value: cb1a86f4-28bf-48db-8132-858f19354501
travel.calif.aaa.com/	1969-12-31 23:59:59	Name: tst_analytics_session_id Value: 126927878.1683312909127
.aaa.com/	1970-01-20 13:44:48	Name: _gcl_au Value: 1.1.410576230.1683312910
.aaa.com/	1970-01-20 21:11:12	Name: _ga Value: GA1.2.1470148851.1683312910
.aaa.com/	1970-01-20 11:36:39	Name: _gid Value: GA1.2.1529960624.1683312910
.aaa.com/	1970-01-20 11:35:12	Name: _gat_UA-96133587-4 Value: 1
.travel.calif.aaa.com/	1970-01-20 21:11:12	Name: _ga Value: GA1.4.1470148851.1683312910
.travel.calif.aaa.com/	1970-01-20 11:36:39	Name: _gid Value: GA1.4.1529960624.1683312910
.travel.calif.aaa.com/	1970-01-20 11:35:12	Name: _gat_UA-55392727-1 Value: 1
.aaa.com/	1970-01-20 21:11:12	Name: _ga_65YG7JM4M0 Value: GS1.1.1683312910.1.0.1683312910.0.0.0
.aaa.com/	1970-01-20 12:18:24	Name: campaignpersist Value: email_tst_confirmation_conf_email_car
.demdex.net/	1970-01-20 15:54:24	Name: demdex Value: 91754836593252946611882610254628462827
.aaa.com/	1970-01-20 13:44:48	Name: _fbp Value: fb.1.1683312910325.722968570
travel.calif.aaa.com/	1969-12-31 23:59:59	Name: TripCartItemCount Value: 0
.aaa.com/	1969-12-31 23:59:59	Name: AMCVS_97311CFE53295FB20A490D45%40AdobeOrg Value: 1
.aaa.com/	1970-01-20 21:11:12	Name: s_ecid Value: MCMID%7C81498893903006735461472541782826278564
.aaa.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 20:20:48	Name: everest_g_v2 Value: g_surferid~ZFVRDgAAAGl2zQMx
.doubleclick.net/	1970-01-20 11:35:13	Name: test_cookie Value: CheckForPermission
.ace.aaa.com/	1970-01-20 20:20:48	Name: TAPID Value: aaa/main>0187ed449bb9006062b35d11ef900307300c606b00b08\|
.aaa.com/	1970-01-20 20:20:48	Name: utag_main Value: v_id:0187ed449bb9006062b35d11ef900307300c606b00b08$_sn:1$_se:1$_ss:1$_st:1683314709243$ses_id:1683312909243%3Bexp-session$_pn:1%3Bexp-session$_prevpage:travel%3Atst%3Aactivity%3Asearch%20results%3Bexp-1683316510181$vapi_domain:aaa.com$dc_visit:1$dc_event:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
.dpm.demdex.net/	1970-01-20 15:54:24	Name: dpm Value: 91754836593252946611882610254628462827
.aaa.com/	1970-01-20 21:11:12	Name: AMCV_97311CFE53295FB20A490D45%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19483%7CMCMID%7C81498893903006735461472541782826278564%7CMCAAMLH-1683917710%7C6%7CMCAAMB-1683917710%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1683320110s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19490%7CvVersion%7C5.4.0
travel.calif.aaa.com/	1969-12-31 23:59:59	Name: PLAY_SESSION Value: fac8012a17a9d44d724796198993ce9a78a898a1-mdc-id=%5Bbb44430f-e7c0-41c1-8b3f-035d8a5ccd9b%5D&session_expires=1683341710724

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car Message: Failed to decode downloaded font: data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAIZ0AA4AAAAA/cAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABRAAAABwAAAAcZUS2EEdERUYAAAFgAAAAHwAAACABeAAET1MvMgAAAYAAAAA+AAAAYIsCehJjbWFwAAABwAAAAQ0AAAJKA53KoGdhc3AAAALQAAAACAAAAAgAAAAQZ2x5ZgAAAtgAAHVEAADgpFx6RtBoZWFkAAB4HAAAAC8AAAA2AgZrX2hoZWEAAHhMAAAAHwAAACQNgwenaG10eAAAeGwAAAF6AAAFKofmCy5sb2NhAAB56AAAAnsAAAKY8IYntG1heHAAAHxkAAAAHwAAACABoQKZbmFtZQAAfIQAAAFlAAACuDwOZY5wb3N0AAB97AAACH0AAA4/HuhBCXdlYmYAAIZsAAAABgAAAAbgklGMAAAAAQAAAADMPaLPAAAAAMtUgjAAA...1yHWwDvU0jFnqbhgh6m2x9pd6h9f0NC73Jit6hqZ1QVGPqFG7KCy0MRtQgk0N9JVOIgwbaBmq9g7VUzdZWtSmm2+Y5XcbObVPDT1d7DQtQYLZsZD09MLuB+bTdEyuFLkCbWMpdYee1q4wcaUdUVflUJuLOiOit4KFHzGYg4enPBz1zxiiGVQjIoUcxpobFU0d/JHSNQzQtnV2nuoZ7iEdsfzCl6wREYF29RHfIseYZAqTjL+zZ19/QTPpVTcVIlZsUhOh6aDWatndxUNRrazp2iQgE9Uy9oQ7jzCHVN99ZcSLScGbSW6w3c7or+cSshKE6qWKKaEk8J3SvWQlC4qamwVST75Stm0Yabto4pLlpo224KVZZussJqmrRJWwSW/YsoTYgJlKihriNoJ4UVVJt6EFz62OTPuX4i/OLXfO1p/d3aZD8nTn0sWA6tGV7M+ilgupdw9AqBrH2vflyMIxuSsJf3LHQs11+Yu/8H/BE1cYAAAAAAVGM4JEAAA==
other	warning	URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12&tripid=pdj9icxjtdmtkmiwuk4jhq&enddate=2023-05-14&tst_email=confirmation&utm_source=conf_email&utm_medium=email&utm_campaign=car Message: OTS parsing error: hmtx: Failed to parse table
network	error	URL: https://artifacts.tstllc.net/ui/src/client/activity/app/images/hot_deal.png Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca .caascotravel.com .caasco.ca *.caasco.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acemetrics.aaa.com
artifacts.tstllc.net
assets.green.kube.tstllc.net
automobileclubofsoutherncalifornia.demdex.net
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
media.tacdn.com
region1.google-analytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s3.amazonaws.com
stats.g.doubleclick.net
tags.tiqcdn.com
tms.ace.aaa.com
tmsc.ace.aaa.com
travel.calif.aaa.com
tstllc-assets.s3.amazonaws.com
visitor-service-us-east-1.tealiumiq.com
web-sdk.smartlook.com
www.ace.aaa.com
www.facebook.com
www.fullstory.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.128.224.183
151.101.2.38
18.215.49.40
18.66.97.58
2001:4860:4802:34::36
2600:9000:223e:2200:7:2bfb:7c00:93a1
2606:4700:10::6816:3768
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:400c:c00::9d
2a02:6ea0:c700::18
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d014:275:cb00:ea62:f40:f6f6:3c4f
3.5.28.171
34.248.3.83
34.251.115.24
45.60.124.133
52.72.50.97
54.221.200.83
54.231.201.128
63.140.62.160
65.9.66.124
75.2.125.34
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0a482741558fc43f0003d113e687010eb03173561976334c9f790e893131cc31
0dcdf98b193a07240e5831a91fe13f8dbf43caa81d3bc6c4aa314ace7726327d
0e0e72b51dc6a723b98024013376b6114940f68b3f61a6b7fba8b671bcbd3187
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8
1f628fb1592d5633bc55ee28e867717edd671eda7c0c00dec8081ecbb62deff3
20c8cb47379b4887256321b509e6280385ebee03a4b50b84f912709a8a449d77
23e2545694e0a6b0d2a686990a6766fee5509b5c7beab0e6d4ba0839d0ddfd37
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
32bdbc7aa942ed3cc380c72be1c45147f4d7ec5e6b5b084f6527a46022314958
394c6e5ee58215cf849d8cf6ae2c045dc72a14ac62628fdb6793ccb62c59ee85
3ed1cbd3430507ea5ee48aecf25a070b467b7bb210c6124b0a1ced12d164beba
3ff7b0b317b417d887b4d1b311ac5a390b85345337838d182296dad380682a87
43429107c9e1939286f126c4ab374e9b8909cbca3a7d6ad4effa88d0312c6aa9
46bef191582328f9ab402e738e0cd0924f9b846bca2500c7bcdbe18732749ad5
47633cdd2e93000441f470347bd92e0a2819f23e7b8dc13d9a2a452c338d590c
5344294b0560c626fe4c22a54abfbbe75cb3a0d25eb5429e94467ad084313599
54a3ac3a88096f4595c1c293186dca4845dcafe9965edfe16856cb242e322df8
5819de038d8a5a3df172d8de6775240c30ab047b1d78bfc0a4c975bed8607cbd
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
6436a5ce3afd80874afefd56bd64d1a1859fa6ede64d87b9b682bd714f1efd56
67cd306b6d519612d4f96b72404db3001c0591ccc6f947bfd0588dc50ea2d6e3
69582a95395c6e221d7319f3dab4f6712d20d1ed29bfe0f2b056c88e685aa917
6b2292da763893e6d2726bc4becdeb451da650ce6848e476c3cb95e0cd91a115
752c913ab2e090abe4f7de944317ca098130113d6f29fe27e9d3cf3cdd8b0118
7a4245d31b727e4c0541bac7bb623205e3c2b6dbc81f0096c732fffabbef936f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
897600b074c2a2e02b176f2d3e5caf964883dc5ea1c340c7576723e3932b9128
8aa5efde86c226b1c6daaa9e29be64ba62beb170ec6329bde6927f77c9292b02
8b3e8e10db2f90bdb8710b478c200588b2396146e4b07b22a795ad79e062360f
8cdfc57357dcb497b0da08b9a087624590ad5c51b800038c4bb519754d1f3f1d
917f43467b708388b53d93f58872c35988dd8ca38778b913059f93321e3563c0
97530daa9d81c72ca83065697e54863ca71d14e3e8a9e527f51b64f98a4b2aad
9e40b1bcc46b4ca351f0cd7f314eeaed43ae65f5c51af3e1e9e20b7a008b8aa0
9eccdb7e8980366dc6de40367208e5f257936e4d2bdaa4e632686b94998583e0
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a721da8f35b2099bf2415ec821961e664f9d7d1f1e2ea72d04e8c273d3c659
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3d92cefd95aa6a3adaae54544f56d0e4ff558c827191f767b29c3429e24ad71
adc246a0d7794a6f4669a5749ef9e8d3431b042f9eac8d94732fbf461956eca5
adfe88b1f5a8cf6a9ddd389f4e567a634663121d94a18c687eca6e6bb489c15b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe2f3c4229d822d17aea5cfe40cc50a313f9d5c0720948a0e09972d563d33a7
b3a4a3e017fbc5e4fd11b40a52e0eb68df0de6c88a8f046246b6052fca510a58
b43633a95de2ab3d10f6b09ddbb9d4b36c5c5087531dfa68ea45ba11083a66b8
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bb2e1a97e3bc84334fa38904266d7ef01dc9407e17b3fcf54ea4a8ecbf494abf
bb4212e16db3f864e09732cb46ea21321d892fb1b00c14f64a640cf1c6d77da2
c8c0591f4efc0420cd8411e0afe8f56539f64d4231c0c940eae2dde51f1f70ac
c8ce36ce434f9ab9c07026d7b918958faf3f84c59afb9c903805343909ccc048
d55b788cd748fb0fb927ad66148f3aa642387f56887561d3f3bdf0839da369cc
d7de9b79990bb103408b06aacc98307309774f564e70ba905949e80b5ba47f14
dc159c2e39820488d3bbf2bd562eb2f2e027e489c0a0c3bf305482aa4606a659
de04dff43538fef3cc0ab104c9393138b007d11704169160c52a57bbd1220d39
dee1f8e318497e9bcc7766c2d08c4c7b6067522bb947a5627b4c470454202d99
e2d495d80150a450036620c07b921f67af2001aecb36b37eabc4e2d5771d2073
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7ee8c87dd640e17952b8c68bdcae9a1d796eaf832b9f6002c9f0aaf3693e798
eaf247fb17f36b2db0be030424062cd17894d33c90d136043b623694bd410281
eb632ff7549a05432753984dd3dbbbf9b51c473a8a0e0d0789c77287056f3a94
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4dc9ef64489ab1b2b404e69f1f5d09be8b96ea457a6b65dcacd22c61c59c8ae
f529cf4430e32ae0b07d7d606ca1043e8cd9ebb9476456589578a299bad459bd
f68b041f043e568c123ce58b391ed8f2d1ffee5e26464260c7edaeab8cce7245
fc30bb03875c191dc3bb7afdd267596c26f92d4145eaa0408f652f64ade82597
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd9044a309ef7d51ad98d6a471d5ba00af04478843631e0cf5e2bfc36b509c2c

travel.calif.aaa.com Open in urlscan Pro 54.221.200.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

87 %HTTPS

50 %IPv6

19 Domains

29 Subdomains

28 IPs

4 Countries

4620 kBTransfer

12861 kBSize

28 Cookies

18 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

travel.calif.aaa.com Open in urlscan Pro
54.221.200.83 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

87 %
HTTPS

50 %
IPv6

19
Domains

29
Subdomains

28
IPs

4
Countries

4620 kB
Transfer

12861 kB
Size

28
Cookies

84 HTTP transactions
4 data transactions