pay.carolinas.aaa.com Open in urlscan Pro
40.76.47.151  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set SubmitPayment Show response pay.carolinas.aaa.com/Default.aspx/	14 KB 4 KB	456ms 129ms	Document text/html	40.76.47.151 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.76.47.151 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3df7d6c32b027f685ae960daa361b40a3228817edb61320c79326ee718bfc1cd Security Headers Name Value X-Frame-Options __xFrameOptions__ Request headers Host pay.carolinas.aaa.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Cache-Control private Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/10.0 Set-Cookie ARRAffinity=b2d7ed0c7eff392688ef9a186a6fd5d808d069ecdab78447e4d6cd17ffc32e03;Path=/;HttpOnly;Domain=AAACarolinas-Web-CCPaymentPage02.azurewebsites.net ApplicationGatewayAffinity=163eea52e7619c13e56585619097875da7ae5151f24df6515e3f44c5fa952f3b;Path=/;Domain=pay.carolinas.aaa.com X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET X-Frame-Options __xFrameOptions__ Date Fri, 11 Jan 2019 22:03:13 GMT Content-Length 3691
GET H2	200	patterns.css patternsprod.azureedge.net/assets/css/	338 KB 70 KB	277ms 186ms	Stylesheet text/css	2a02:26f0:6c00:191::2ed9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://patternsprod.azureedge.net/assets/css/patterns.css Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:191::2ed9 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e1c6961f54deaaebc8e8390fabed20598ed42bd130d7f3ba1ff1a91e9857d770 Request headers Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 11 Jan 2019 22:03:13 GMT content-encoding gzip content-md5 MvD7oO9v5Y4S0e0aNaSNVA== x-ms-copy-progress 345629/345629 status 200 x-ms-copy-status success content-length 70489 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 15 Jan 2018 16:14:55 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8D55C331DCBECDE" x-ms-copy-completion-time Mon, 15 Jan 2018 16:14:55 GMT vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 95d39ac1-501e-0153-597e-a8bce9000000 access-control-expose-headers ALL x-ms-version 2014-02-14 x-ms-copy-id fcc9f5d3-f95a-4444-8baf-95f33efe8ddf x-ms-copy-source https://aaacdntest.blob.core.windows.net/test/assets%2Fcss%2Fpatterns.css?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-01-15T15%3A59%3A49Z&se=2018-01-16T16%3A14%3A49Z&sig=bPywQPj3Y22F278OYxZzJIVLGlNR2aqD844WS4dttLw%3D accept-ranges bytes
GET H/1.1	200 OK	Cookie set payment-page.css pay.carolinas.aaa.com/Default.aspx/assets/css/	14 KB 4 KB	132ms 131ms	Stylesheet text/html	40.76.47.151 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://pay.carolinas.aaa.com/Default.aspx/assets/css/payment-page.css Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.76.47.151 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3df7d6c32b027f685ae960daa361b40a3228817edb61320c79326ee718bfc1cd Security Headers Name Value X-Frame-Options __xFrameOptions__ Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host pay.carolinas.aaa.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Cookie ApplicationGatewayAffinity=163eea52e7619c13e56585619097875da7ae5151f24df6515e3f44c5fa952f3b Connection keep-alive Cache-Control no-cache Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 11 Jan 2019 22:03:13 GMT Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET X-Frame-Options __xFrameOptions__ Content-Type text/html; charset=utf-8 Cache-Control private Set-Cookie ARRAffinity=b2d7ed0c7eff392688ef9a186a6fd5d808d069ecdab78447e4d6cd17ffc32e03;Path=/;HttpOnly;Domain=AAACarolinas-Web-CCPaymentPage02.azurewebsites.net Content-Length 3691
GET H/1.1	200 OK	Cookie set jquery-3.3.1.min.js Show response pay.carolinas.aaa.com/Default.aspx/scripts/	14 KB 4 KB	277ms 145ms	Script text/html	40.76.47.151 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://pay.carolinas.aaa.com/Default.aspx/scripts/jquery-3.3.1.min.js Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.76.47.151 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3df7d6c32b027f685ae960daa361b40a3228817edb61320c79326ee718bfc1cd Security Headers Name Value X-Frame-Options __xFrameOptions__ Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host pay.carolinas.aaa.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Cookie ApplicationGatewayAffinity=163eea52e7619c13e56585619097875da7ae5151f24df6515e3f44c5fa952f3b Connection keep-alive Cache-Control no-cache Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 11 Jan 2019 22:03:13 GMT Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET X-Frame-Options __xFrameOptions__ Content-Type text/html; charset=utf-8 Cache-Control private Set-Cookie ARRAffinity=951a5340ffc109a5c08e933fa60083440d81f13428b488c8cdf894774ab8c9c3;Path=/;HttpOnly;Domain=AAACarolinas-Web-CCPaymentPage02.azurewebsites.net Content-Length 3691
GET H2	200	logo_AAA.png patternsprod.azureedge.net/assets/img/	3 KB 3 KB	270ms 180ms	Image image/png	2a02:26f0:6c00:191::2ed9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://patternsprod.azureedge.net/assets/img/logo_AAA.png Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:191::2ed9 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 04539b3f234d49a6171ec74e80354d13b92a04865e2508f558b9410979afa27f Request headers Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 11 Jan 2019 22:03:13 GMT content-md5 HcyS6WU3kDu2MVIYG6y0GQ== x-ms-copy-progress 2633/2633 status 200 x-ms-copy-status success content-length 2633 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 15 Jan 2018 16:54:11 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8D55C3899F4CDF8" x-ms-copy-completion-time Mon, 15 Jan 2018 16:54:11 GMT content-type image/png access-control-allow-origin * x-ms-request-id 03c8cdbc-001e-014b-57e2-a8917c000000 access-control-expose-headers ALL x-ms-version 2014-02-14 x-ms-copy-id d704d384-f9cc-4a80-bc28-97d888798c0c x-ms-copy-source https://aaacdntest.blob.core.windows.net/test/assets%2Fimg%2Flogo_AAA.png?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-01-15T16%3A39%3A05Z&se=2018-01-16T16%3A54%3A05Z&sig=A1lkhjJ95B0R5nuuZtyyNspIzKsoAkRoUiJzbqO1OSU%3D accept-ranges bytes
GET H2	200	jquery.inputmask.bundle.min.js Show response patternsprod.azureedge.net/vendor_assets/js/	69 KB 21 KB	334ms 244ms	Script application/javascript	2a02:26f0:6c00:191::2ed9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://patternsprod.azureedge.net/vendor_assets/js/jquery.inputmask.bundle.min.js Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:191::2ed9 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 230c4f7a15d06c06dce46f6a8f43d12f6a929b80356d2c3c5b35d08d8956cc44 Request headers Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 11 Jan 2019 22:03:13 GMT content-encoding gzip content-md5 OPZYjNOF27sJ8ti0hbObiQ== x-ms-copy-progress 70489/70489 status 200 x-ms-copy-status success content-length 20930 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 15 Jan 2018 16:55:35 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8D55C38CBDC2094" x-ms-copy-completion-time Mon, 15 Jan 2018 16:55:35 GMT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 68b36e4d-301e-0143-0f7e-a88a0f000000 access-control-expose-headers ALL x-ms-version 2014-02-14 x-ms-copy-id 9829bbe8-bab9-4530-ab1a-4d6b29b81974 x-ms-copy-source https://aaacdntest.blob.core.windows.net/test/vendor_assets%2Fjs%2Fjquery.inputmask.bundle.min.js?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-01-15T16%3A40%3A27Z&se=2018-01-16T16%3A55%3A27Z&sig=osSbSsghp0uCIfx9C%2F2aC5LDGLJxN7OMGdJ43kBzpGE%3D accept-ranges bytes
GET H2	200	jquery.validate.min.js Show response patternsprod.azureedge.net/vendor_assets/js/	22 KB 8 KB	231ms 231ms	Script application/javascript	2a02:26f0:6c00:191::2ed9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://patternsprod.azureedge.net/vendor_assets/js/jquery.validate.min.js Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:191::2ed9 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860 Request headers Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 11 Jan 2019 22:03:13 GMT content-encoding gzip content-md5 xEmRhIeNF9ivb0GBwNAxAg== x-ms-copy-progress 22688/22688 status 200 x-ms-copy-status success content-length 7320 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 15 Jan 2018 16:55:36 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8D55C38CCA475BA" x-ms-copy-completion-time Mon, 15 Jan 2018 16:55:36 GMT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id fc4ffedb-c01e-015d-25ec-a950e2000000 access-control-expose-headers ALL x-ms-version 2014-02-14 x-ms-copy-id 3ff3c27b-d6ad-4a81-a150-b1449d1bfa77 x-ms-copy-source https://aaacdntest.blob.core.windows.net/test/vendor_assets%2Fjs%2Fjquery.validate.min.js?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-01-15T16%3A40%3A27Z&se=2018-01-16T16%3A55%3A27Z&sig=osSbSsghp0uCIfx9C%2F2aC5LDGLJxN7OMGdJ43kBzpGE%3D accept-ranges bytes
GET H2	200	jquery.payment.min.js Show response patternsprod.azureedge.net/vendor_assets/js/	9 KB 3 KB	148ms 148ms	Script application/javascript	2a02:26f0:6c00:191::2ed9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://patternsprod.azureedge.net/vendor_assets/js/jquery.payment.min.js Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:191::2ed9 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash c7bc31308fdca1c9228b1353f28a05a487d4ea1960ed5c2afb2bdf0cd7135b62 Request headers Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 11 Jan 2019 22:03:13 GMT content-encoding gzip content-md5 2eD37ZNOv8X86UXYYBg+lg== x-ms-copy-progress 8725/8725 status 200 x-ms-copy-status success content-length 2827 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 15 Jan 2018 16:55:36 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8D55C38CC92BF5B" x-ms-copy-completion-time Mon, 15 Jan 2018 16:55:36 GMT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 5a6661b7-301e-00cf-6aec-a98101000000 access-control-expose-headers ALL x-ms-version 2014-02-14 x-ms-copy-id 13d36402-71c9-4e66-82ff-bf4128cf7c9c x-ms-copy-source https://aaacdntest.blob.core.windows.net/test/vendor_assets%2Fjs%2Fjquery.payment.min.js?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-01-15T16%3A40%3A27Z&se=2018-01-16T16%3A55%3A27Z&sig=osSbSsghp0uCIfx9C%2F2aC5LDGLJxN7OMGdJ43kBzpGE%3D accept-ranges bytes
GET H2	200	components.min.js Show response patternsprod.azureedge.net/assets/js/	46 KB 13 KB	103ms 102ms	Script application/javascript	2a02:26f0:6c00:191::2ed9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://patternsprod.azureedge.net/assets/js/components.min.js Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:191::2ed9 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 84cd34342300c70d6fa9e2d20086ba5adbc57802b07f93145aa2eb66a7d23c60 Request headers Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 11 Jan 2019 22:03:13 GMT content-encoding gzip content-md5 cntOFmlZoeBYS/BbcWtSHA== x-ms-copy-progress 47103/47103 status 200 x-ms-copy-status success content-length 12092 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 15 Jan 2018 16:54:39 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8D55C38AA8A4440" x-ms-copy-completion-time Mon, 15 Jan 2018 16:54:39 GMT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 2d1b093f-501e-0171-67f3-a9d2df000000 access-control-expose-headers ALL x-ms-version 2014-02-14 x-ms-copy-id 5ff5af5c-f645-4f0b-b770-cdb3f05fc160 x-ms-copy-source https://aaacdntest.blob.core.windows.net/test/assets%2Fjs%2Fcomponents.min.js?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-01-15T16%3A39%3A35Z&se=2018-01-16T16%3A54%3A35Z&sig=owTnKyboko%2B%2FJQ45Hdfmoay8WQftw8owzFLYSXCab0s%3D accept-ranges bytes
GET H/1.1	200 OK	Cookie set payment-module.js Show response pay.carolinas.aaa.com/Default.aspx/scripts/	14 KB 4 KB	106ms 105ms	Script text/html	40.76.47.151 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://pay.carolinas.aaa.com/Default.aspx/scripts/payment-module.js Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.76.47.151 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3df7d6c32b027f685ae960daa361b40a3228817edb61320c79326ee718bfc1cd Security Headers Name Value X-Frame-Options __xFrameOptions__ Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host pay.carolinas.aaa.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Cookie ApplicationGatewayAffinity=163eea52e7619c13e56585619097875da7ae5151f24df6515e3f44c5fa952f3b Connection keep-alive Cache-Control no-cache Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 11 Jan 2019 22:03:13 GMT Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET X-Frame-Options __xFrameOptions__ Content-Type text/html; charset=utf-8 Cache-Control private Set-Cookie ARRAffinity=b2d7ed0c7eff392688ef9a186a6fd5d808d069ecdab78447e4d6cd17ffc32e03;Path=/;HttpOnly;Domain=AAACarolinas-Web-CCPaymentPage02.azurewebsites.net Content-Length 3691
GET H2	200	css fonts.googleapis.com/	2 KB 564 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:81b::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 13d08adbe165c59b33970e536408ec83abbb90125b359931a1ef2215a0a505d7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Fri, 11 Jan 2019 22:03:13 GMT server ESF access-control-allow-origin * date Fri, 11 Jan 2019 22:03:13 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin x-xss-protection 1; mode=block expires Fri, 11 Jan 2019 22:03:13 GMT
GET H2	200	ai.0.js Show response az416426.vo.msecnd.net/scripts/a/	95 KB 22 KB	72ms 7ms	Script application/x-javascript	152.199.19.160 MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://az416426.vo.msecnd.net/scripts/a/ai.0.js Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECAcc (frc/8FA5) / Resource Hash 013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e Request headers Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 11 Jan 2019 22:03:13 GMT content-encoding gzip content-md5 7JhCKwvLjoUoS5N/nN9LRA== x-cache HIT status 200 content-length 21636 x-ms-lease-status unlocked last-modified Mon, 27 Aug 2018 19:51:06 GMT server ECAcc (frc/8FA5) etag 0x8D60C566D4F1460 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id a8eb8b6a-901e-003a-1bf8-a9a747000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=600 x-ms-version 2009-09-19
GET DATA	200 OK	truncated /	91 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d0a2366fc5f76d48e133f0d6043efb8d9e02f813a0339e2c211e92a932cc1e7e Request headers Response headers Content-Type image/png
GET H2	200	4iCs6KVjbNBYlgoKfw72nU6AFw.woff2 fonts.gstatic.com/s/ubuntu/v12/	13 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:819::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v12/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2 Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Ubuntu Origin https://pay.carolinas.aaa.com Response headers date Thu, 20 Dec 2018 21:43:32 GMT x-content-type-options nosniff last-modified Wed, 01 Aug 2018 17:29:07 GMT server sffe age 1901981 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13720 x-xss-protection 1; mode=block expires Fri, 20 Dec 2019 21:43:32 GMT
GET H2	200	icomoon.ttf patternsprod.azureedge.net/assets/fonts/icons/	69 KB 70 KB	66ms 45ms	Font application/octet-stream	2a02:26f0:6c00:187::2ed9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://patternsprod.azureedge.net/assets/fonts/icons/icomoon.ttf?fkep4t Requested by Host: pay.carolinas.aaa.com URL: https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:187::2ed9 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash f099236ebe81890ae47f5648984dd18aa6817dee0420df354b0ef44814663e9e Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://patternsprod.azureedge.net/assets/css/patterns.css Origin https://pay.carolinas.aaa.com Response headers x-ms-blob-type BlockBlob date Fri, 11 Jan 2019 22:03:13 GMT content-md5 ZNuP1HqpVxFrmD6EDeDe7g== x-ms-copy-progress 70596/70596 status 200 x-ms-copy-status success content-length 70596 x-ms-lease-state available x-ms-lease-status unlocked last-modified Mon, 15 Jan 2018 16:53:26 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag "0x8D55C387F3ACE89" x-ms-copy-completion-time Mon, 15 Jan 2018 16:53:26 GMT content-type application/octet-stream access-control-allow-origin * x-ms-request-id b00effbe-701e-00c3-5e97-a86ff0000000 access-control-expose-headers ALL x-ms-version 2014-02-14 x-ms-copy-id 998a4da2-0a22-4ce4-ab32-f4fb43d4774d x-ms-copy-source https://aaacdntest.blob.core.windows.net/test/assets%2Ffonts%2Ficons%2Ficomoon.ttf?sv=2017-04-17&ss=b&srt=co&sp=rl&st=2018-01-15T16%3A38%3A21Z&se=2018-01-16T16%3A53%3A21Z&sig=OZK%2FbDpPGLP%2BfVVJtA3e6GCVfSIlBQEPrCHMmnYmmo0%3D accept-ranges bytes
OPTIONS H/1.1	200 OK	track Show response dc.services.visualstudio.com/v2/	0 362 B	106ms 17ms	XHR text/plain	40.114.241.141 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Access-Control-Request-Method POST Origin https://pay.carolinas.aaa.com Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Access-Control-Request-Headers content-type,sdk-context Response headers Date Fri, 11 Jan 2019 22:03:13 GMT X-Content-Type-Options nosniff Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Access-Control-Max-Age 3600 Access-Control-Allow-Methods POST Access-Control-Allow-Origin * Access-Control-Allow-Headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context Content-Length 0
POST H/1.1	200 OK	track Show response dc.services.visualstudio.com/v2/	96 B 570 B	857ms 857ms	XHR application/json	40.114.241.141 Microsoft Corpora...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 7cfcbe95128fa45b1980efa217265e3ff582691adfc45eb572aca9bea695012b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://pay.carolinas.aaa.com/Default.aspx/SubmitPayment Origin https://pay.carolinas.aaa.com Sdk-Context appId User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-type application/json Response headers x-ms-session-id 8E11F78F-372A-4919-A7DE-E980FC4CFCE8 Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Access-Control-Max-Age 3600 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Date Fri, 11 Jan 2019 22:03:14 GMT Access-Control-Allow-Headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context Content-Length 96

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| appInsights function| __extends object| Microsoft object| AI function| aaaJoinConversion function| aaaJoinStartCheckout function| aaaRenewConversion function| aaaGiftCheckoutA function| aaaGiftCheckoutB function| aaaGiftConversion function| addDays object| AAA undefined| EQCSS_throttle_available undefined| EQCSS_throttle_queued undefined| EQCSS_mouse_down undefined| EQCSS_timeout undefined| today undefined| endDate

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pay.carolinas.aaa.com/	1970-01-19 06:33:00	Name: ai_user Value: WdwY2|2019-01-11T22:03:13.906Z
			pay.carolinas.aaa.com/	1970-01-18 21:47:25	Name: ai_session Value: TCniB|1547244193908.7|1547244193908.7
			.pay.carolinas.aaa.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 163eea52e7619c13e56585619097875da7ae5151f24df6515e3f44c5fa952f3b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js(Line 1) Message: AI: CannotSerializeObjectNonSerializable message:"Attempting to serialize an object which does not implement ISerializable" props:"{name:baseData}"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	__xFrameOptions__

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
patternsprod.azureedge.net
pay.carolinas.aaa.com
152.199.19.160
2a00:1450:4001:819::2003
2a00:1450:4001:81b::200a
2a02:26f0:6c00:187::2ed9
2a02:26f0:6c00:191::2ed9
40.114.241.141
40.76.47.151
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
04539b3f234d49a6171ec74e80354d13b92a04865e2508f558b9410979afa27f
13d08adbe165c59b33970e536408ec83abbb90125b359931a1ef2215a0a505d7
230c4f7a15d06c06dce46f6a8f43d12f6a929b80356d2c3c5b35d08d8956cc44
3df7d6c32b027f685ae960daa361b40a3228817edb61320c79326ee718bfc1cd
7cfcbe95128fa45b1980efa217265e3ff582691adfc45eb572aca9bea695012b
84cd34342300c70d6fa9e2d20086ba5adbc57802b07f93145aa2eb66a7d23c60
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
c7bc31308fdca1c9228b1353f28a05a487d4ea1960ed5c2afb2bdf0cd7135b62
d0a2366fc5f76d48e133f0d6043efb8d9e02f813a0339e2c211e92a932cc1e7e
e1c6961f54deaaebc8e8390fabed20598ed42bd130d7f3ba1ff1a91e9857d770
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f099236ebe81890ae47f5648984dd18aa6817dee0420df354b0ef44814663e9e