urlscan.io logo urlscan.io
SecurityTrails logo

travel.calif.aaa.com Open in urlscan Pro
54.221.200.83  Public Scan

Go To Rescan Add Verdict Report
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Submission: On May 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 19 domains to perform 86 HTTP transactions. The main IP is 54.221.200.83, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is travel.calif.aaa.com. The Cisco Umbrella rank of the primary domain is 565385.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 14th 2023. Valid for: a year.
This is the only time travel.calif.aaa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 13 54.221.200.83 14618 (AMAZON-AES)
6 18.66.97.30 16509 (AMAZON-02)
2 52.217.32.252 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 52.217.77.22 16509 (AMAZON-02)
4 45.60.124.133 19551 (INCAPSULA)
6 65.9.95.89 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2a05:d014:275... 16509 (AMAZON-02)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 52.31.11.204 16509 (AMAZON-02)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 99.83.217.243 16509 (AMAZON-02)
1 108.128.224.183 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 52.214.86.97 16509 (AMAZON-02)
2 63.140.62.164 15224 (OMNITURE)
1 1 34.255.84.252 16509 (AMAZON-02)
3 44.196.103.217 14618 (AMAZON-AES)
10 151.101.2.38 54113 (FASTLY)
1 54.160.201.168 14618 (AMAZON-AES)
86 29
13    54.221.200.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-200-83.compute-1.amazonaws.com
travel.calif.aaa.com
6    18.66.97.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-30.fra56.r.cloudfront.net
artifacts.tstllc.net
2    52.217.32.252 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
tstllc-assets.s3.amazonaws.com
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    52.217.77.22 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    45.60.124.133 (United States)

ASN19551 (INCAPSULA, US)
www.ace.aaa.com
6    65.9.95.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-89.prg50.r.cloudfront.net
tms.ace.aaa.com
1    2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
2    2a05:d014:275:cb01:2c5:838c:1ab7:a223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
www.fullstory.com
2    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
5    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:223e:ea00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
2    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    52.31.11.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    99.83.217.243 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3792b07a22951ff1.awsglobalaccelerator.com
tmsc.ace.aaa.com
1    108.128.224.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-224-183.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.214.86.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-86-97.eu-west-1.compute.amazonaws.com
automobileclubofsoutherncalifornia.demdex.net
2    63.140.62.164 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-164.data.adobedc.net
acemetrics.aaa.com
1    34.255.84.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-84-252.eu-west-1.compute.amazonaws.com
cm.everesttech.net
3    44.196.103.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-103-217.compute-1.amazonaws.com
assets.green.kube.tstllc.net
10    151.101.2.38 (United States)

ASN54113 (FASTLY, US)
media.tacdn.com
1    54.160.201.168 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-201-168.compute-1.amazonaws.com
visitor-service-us-east-1.tealiumiq.com
Apex Domain
Subdomains		 Transfer
26 aaa.com
travel.calif.aaa.com — Cisco Umbrella Rank: 565385
www.ace.aaa.com — Cisco Umbrella Rank: 158032
tms.ace.aaa.com — Cisco Umbrella Rank: 338954
tmsc.ace.aaa.com — Cisco Umbrella Rank: 183382
acemetrics.aaa.com — Cisco Umbrella Rank: 165177
154 KB
10 tacdn.com
media.tacdn.com — Cisco Umbrella Rank: 40345
823 KB
9 tstllc.net
artifacts.tstllc.net — Cisco Umbrella Rank: 260385
assets.green.kube.tstllc.net — Cisco Umbrella Rank: 281424
2 MB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2587
21 KB
8 amazonaws.com
tstllc-assets.s3.amazonaws.com — Cisco Umbrella Rank: 356447
s3.amazonaws.com
596 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
431 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 198
automobileclubofsoutherncalifornia.demdex.net — Cisco Umbrella Rank: 193254
6 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
3 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 150
157 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6386
672 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
672 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 74
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
241 B
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 22515
19 KB
2 fullstory.com
www.fullstory.com — Cisco Umbrella Rank: 26596
120 B
2 pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 4945
rum-collector-2.pingdom.net — Cisco Umbrella Rank: 4677
3 KB
1 tealiumiq.com
visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 6228
2 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1068
517 B
1 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1064
432 B
86 19
Domain Requested by
13 travel.calif.aaa.com 8 redirects travel.calif.aaa.com
10 media.tacdn.com
6 tms.ace.aaa.com travel.calif.aaa.com
tms.ace.aaa.com
6 s3.amazonaws.com travel.calif.aaa.com
s3.amazonaws.com
6 artifacts.tstllc.net travel.calif.aaa.com
artifacts.tstllc.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 www.googletagmanager.com travel.calif.aaa.com
www.googletagmanager.com
tms.ace.aaa.com
4 www.ace.aaa.com travel.calif.aaa.com
4 fonts.googleapis.com travel.calif.aaa.com
artifacts.tstllc.net
3 assets.green.kube.tstllc.net
3 connect.facebook.net tms.ace.aaa.com
connect.facebook.net
3 dpm.demdex.net 1 redirects
3 www.google.de travel.calif.aaa.com
3 www.google.com travel.calif.aaa.com
3 region1.google-analytics.com www.googletagmanager.com
2 acemetrics.aaa.com tms.ace.aaa.com
2 www.facebook.com
2 stats.g.doubleclick.net www.google-analytics.com
2 web-sdk.smartlook.com travel.calif.aaa.com
web-sdk.smartlook.com
2 www.fullstory.com 1 redirects travel.calif.aaa.com
2 tstllc-assets.s3.amazonaws.com travel.calif.aaa.com
tstllc-assets.s3.amazonaws.com
1 visitor-service-us-east-1.tealiumiq.com tms.ace.aaa.com
1 cm.everesttech.net 1 redirects
1 automobileclubofsoutherncalifornia.demdex.net tms.ace.aaa.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 rum-collector-2.pingdom.net rum-static.pingdom.net
1 tmsc.ace.aaa.com tms.ace.aaa.com
1 tags.tiqcdn.com tms.ace.aaa.com
1 rum-static.pingdom.net travel.calif.aaa.com
86 29

This site contains links to these domains. Also see Links.

Domain
www.ace.aaa.com
www.aaa.com
apps2.calif.aaa.com
Subject Issuer Validity Valid
travel.calif.aaa.com
Sectigo RSA Organization Validation Secure Server CA		 2023-02-14 -
2024-03-16		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-20		 8 months crt.sh
www.ace.aaa.com
Sectigo RSA Organization Validation Secure Server CA		 2023-02-02 -
2024-03-04		 a year crt.sh
tms.ace.aaa.com
Sectigo RSA Organization Validation Secure Server CA		 2022-10-13 -
2023-11-13		 a year crt.sh
pingdom.net
Cloudflare Inc ECC CA-3		 2022-11-13 -
2023-11-13		 a year crt.sh
1688964705.rsc.cdn77.org
R3		 2023-03-09 -
2023-06-07		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-12 -
2023-05-13		 3 months crt.sh
tmsc.ace.aaa.com
Sectigo RSA Organization Validation Secure Server CA		 2022-10-13 -
2023-11-13		 a year crt.sh
*.pingdom.net
Amazon RSA 2048 M01		 2023-02-10 -
2023-12-20		 10 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
acemetrics.aaa.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-07 -
2023-08-07		 a year crt.sh
*.tstllc.net
Go Daddy Secure Certificate Authority - G2		 2022-06-29 -
2023-07-31		 a year crt.sh
media.tacdn.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-06 -
2024-04-22		 a year crt.sh
*.tealiumiq.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-09-23		 7 months crt.sh

This page contains 2 frames:

Primary Page: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Frame ID: 4C9B4FB6F8881DC83FAFCF44F42D5CEC
Requests: 89 HTTP requests in this frame

Frame: https://automobileclubofsoutherncalifornia.demdex.net/dest5.html?d_nsid=0
Frame ID: 71D1F83FCEDB98CE988CE84CFB5EF9C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Activity Search Results

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

86
Requests

87 %
HTTPS

48 %
IPv6

19
Domains

29
Subdomains

29
IPs

4
Countries

4621 kB
Transfer

12861 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://travel.calif.aaa.com/activity/common/assets/stylesheets/activity-styles.css HTTP 302
  • https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
Request Chain 8
  • https://travel.calif.aaa.com/web-services/assets/resource/js/gtm-helper-script-bundle.js HTTP 302
  • https://artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/gtm-helper-script-bundle.js
Request Chain 13
  • https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js HTTP 302
  • https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/results-bundle.js
Request Chain 17
  • https://www.fullstory.com/s/fs.js HTTP 301
  • https://www.fullstory.com/
Request Chain 34
  • https://travel.calif.aaa.com/activity/assets/resource/stylesheets/0.css HTTP 302
  • https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/0.css
Request Chain 35
  • https://travel.calif.aaa.com/activity/assets/resource/js/chunk/0-chunk.js HTTP 302
  • https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/0-chunk.js
Request Chain 48
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312897191 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312897191
Request Chain 68
  • https://cm.everesttech.net/cm/dd?d_uuid=00561411612651213613342441894979256614 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFVRAQAAALkGnwN-
Request Chain 71
  • https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_5_0.gif HTTP 302
  • https://assets.green.kube.tstllc.net/images/common/rating/orange_5_0.gif?url=null%3FcacheBuster%3D0.1300489558303486
Request Chain 79
  • https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_3_5.gif HTTP 302
  • https://assets.green.kube.tstllc.net/images/common/rating/orange_3_5.gif?url=null%3FcacheBuster%3D0.375078300414043
Request Chain 82
  • https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_3_0.gif HTTP 302
  • https://assets.green.kube.tstllc.net/images/common/rating/orange_3_0.gif?url=null%3FcacheBuster%3D0.5857622911539195

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 4373
travel.calif.aaa.com/activity/search/ 		499 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-200-83.compute-1.amazonaws.com
Software
/
Resource Hash
d6874aede06949b0abdb13052a9cb020b46917731bc9d542c876fc84aa85420f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, max-age=0, must-revalidate, no-store
content-encoding
gzip
content-length
50974
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
content-type
text/html; charset=UTF-8
date
Fri, 05 May 2023 18:54:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
activity-styles.css
artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/
Redirect Chain
  • https://travel.calif.aaa.com/activity/common/assets/stylesheets/activity-styles.css
  • https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
713 KB
337 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Server
18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3a4a3e017fbc5e4fd11b40a52e0eb68df0de6c88a8f046246b6052fca510a58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:50 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id
ciVnpkNElgYbAQPOJxb5dy_IYtsKW2Ci
last-modified
Wed, 26 Apr 2023 19:32:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
772026
etag
"350e0e41e43ba23b336154a749fc94da"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
content-length
343859
x-amz-cf-id
hTK89YKgx8SzKcTb6w4Hwt5Bk5VkKCgio03ir7oMyYiBqMQKcjh0xw==

Redirect headers

date
Fri, 05 May 2023 18:54:55 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
content-length
121
font-awesome.min.css
tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/font-awesome.min.css
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.32.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 18:54:56 GMT
x-amz-version-id
1eEAnwgEpRCOBvJFmSwtTcMvIcH8vfJF
Last-Modified
Sat, 20 Jul 2019 11:48:39 GMT
Server
AmazonS3
x-amz-request-id
HVCEWGGK0GMCVW45
ETag
"7fbe76cdac6093784895bb4989203e5a"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
22084
x-amz-id-2
1QxaUx8aph9RqO/IrkBKPEGSFF+OUPoO/VypwFXUQ8DGqJa55lQr9SVOq2Y2AXkkd2FbmrLac7E=
icon
fonts.googleapis.com/ 		569 B
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 May 2023 18:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 May 2023 18:54:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 May 2023 18:54:55 GMT
css
fonts.googleapis.com/ 		11 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&lang=en
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 May 2023 18:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 May 2023 18:30:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 May 2023 18:54:55 GMT
css
fonts.googleapis.com/ 		9 KB
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:italic,400,500,600,700
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
adfe88b1f5a8cf6a9ddd389f4e567a634663121d94a18c687eca6e6bb489c15b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 May 2023 18:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 May 2023 18:54:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 May 2023 18:54:55 GMT
antd.min.css
s3.amazonaws.com/tstllc-assets/css/antd/dist/ 		451 KB
451 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/tstllc-assets/css/antd/dist/antd.min.css
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.77.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
897600b074c2a2e02b176f2d3e5caf964883dc5ea1c340c7576723e3932b9128

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 18:54:56 GMT
x-amz-version-id
null
Last-Modified
Mon, 07 Jan 2019 18:42:01 GMT
Server
AmazonS3
x-amz-request-id
HVC58CK820THSGWQ
ETag
"5178b4827ce4ac2d7f96ed9861b4cd6d"
Content-Type
text/css
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
461624
x-amz-id-2
w5V71aMam0nJ8d7Tn7XwsARr9xgui41p7lwuvwYe/Yzw5KwG92VXrnHbI75v38bgCgzNxcBi3P4=
proxima-nova.min.css
s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.77.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d7de9b79990bb103408b06aacc98307309774f564e70ba905949e80b5ba47f14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 18:54:56 GMT
x-amz-version-id
null
Last-Modified
Tue, 18 Sep 2018 14:07:09 GMT
Server
AmazonS3
x-amz-request-id
HVC4CVHMYPMP9X7F
ETag
"371ff5a9f43f342812125d9e1497f068"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4191
x-amz-id-2
CnLHSJf40UeOlctZSHtExRApMphYkJIlZULtxOjxXNOWIO/GnPDEh0bkZMurvMjqBZ70EP/1J+w=
black-tie.min.css
s3.amazonaws.com/tstllc-assets/fonts/black-tie/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/tstllc-assets/fonts/black-tie/css/black-tie.min.css
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.77.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3ff7b0b317b417d887b4d1b311ac5a390b85345337838d182296dad380682a87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 18:54:56 GMT
x-amz-version-id
null
Last-Modified
Fri, 12 Oct 2018 23:42:34 GMT
Server
AmazonS3
x-amz-request-id
HVCFZW528SS2CGZM
ETag
"c9a2ca04d6ec76b7da644506f215fc4b"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
22456
x-amz-id-2
Esq6NNoo2BX3j+XWfxw0cl2/WvkUGfMRFb9r3Shp3cJ5YYinQepmutvU1PKVLATz9HWCNEJ0hcQ=
gtm-helper-script-bundle.js
artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/
Redirect Chain
  • https://travel.calif.aaa.com/web-services/assets/resource/js/gtm-helper-script-bundle.js
  • https://artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/gtm-helper-script-bundle.js
31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/gtm-helper-script-bundle.js
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Server
18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b2292da763893e6d2726bc4becdeb451da650ce6848e476c3cb95e0cd91a115

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:41:59 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id
.9C2jDYPdB9eCm8c2HcxwBXKo3IAMng5
last-modified
Wed, 03 May 2023 14:39:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
169977
etag
"81af31c6a096270684d46959c5e19cc2"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
content-length
9495
x-amz-cf-id
bhX9nBxz-KxNxl8TY41RNyXPPN4k_wi2_lsrRn5JwcVECCE3Nrq4iA==

Redirect headers

date
Fri, 05 May 2023 18:54:55 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://artifacts.tstllc.net/f14d4193b7a4b41adeef/webservices/resource/js/gtm-helper-script-bundle.js
content-length
123
aaa-white-logo-xs.png
www.ace.aaa.com/content/dam/ace/logos/ace/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ace.aaa.com/content/dam/ace/logos/ace/aaa-white-logo-xs.png
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.133 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fc30bb03875c191dc3bb7afdd267596c26f92d4145eaa0408f652f64ade82597
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:56 GMT
strict-transport-security
max-age=31557600
x-content-type-options
nosniff
x-cdn
Imperva
age
37813
x-vhost
ace-publish
x-cache
HIT
x-iinfo
10-28013205-28013210 NNNN CT(3 7 0) RT(1683312895958 26) q(0 0 0 1) r(1 1) U24
content-disposition
attachment
content-length
8304
x-served-by
cache-fra-eddf8230098-FRA
last-modified
Mon, 20 Feb 2023 01:46:18 GMT
x-timer
S1683312896.094149,VS0,VS0,VE2
etag
"2070-5f517d4468e80"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges
bytes
truck.svg
www.ace.aaa.com/content/dam/ace/header/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ace.aaa.com/content/dam/ace/header/truck.svg
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.133 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c8c0591f4efc0420cd8411e0afe8f56539f64d4231c0c940eae2dde51f1f70ac
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cdn
Imperva
age
24758
x-vhost
ace-publish
x-cache
HIT
x-iinfo
10-28013205-28013212 NNNN CT(5 5 0) RT(1683312895958 27) q(0 0 1 4) r(1 1) U24
content-disposition
attachment; filename="truck.svg"
content-length
2065
x-served-by
cache-fra-eddf8230088-FRA
last-modified
Mon, 20 Feb 2023 01:50:21 GMT
x-timer
S1683312896.095705,VS0,VS0,VE3
etag
"1182-5f517e2c27140-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges
bytes
user-icon.svg
www.ace.aaa.com/content/dam/ace/header/ 		1 KB
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ace.aaa.com/content/dam/ace/header/user-icon.svg
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.133 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7a4245d31b727e4c0541bac7bb623205e3c2b6dbc81f0096c732fffabbef936f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cdn
Imperva
age
33677
x-vhost
ace-publish
x-cache
HIT
x-iinfo
10-28013205-28013215 NNNN CT(2 7 0) RT(1683312895958 34) q(0 0 1 3) r(1 1) U24
content-disposition
attachment; filename="user-icon.svg"
content-length
451
x-served-by
cache-fra-eddf8230038-FRA
last-modified
Mon, 20 Feb 2023 01:50:20 GMT
x-timer
S1683312896.100347,VS0,VS0,VE2
etag
"44d-5f517e2b32f00-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges
bytes
burger.svg
www.ace.aaa.com/content/dam/ace/header/ 		2 KB
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ace.aaa.com/content/dam/ace/header/burger.svg
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.124.133 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
47633cdd2e93000441f470347bd92e0a2819f23e7b8dc13d9a2a452c338d590c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cdn
Imperva
age
15535
x-vhost
ace-publish
x-cache
HIT
x-iinfo
10-28013205-28013214 NNNN CT(4 6 0) RT(1683312895958 31) q(0 0 1 3) r(1 1) U24
content-disposition
attachment; filename="burger.svg"
content-length
441
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Mon, 20 Feb 2023 01:50:21 GMT
x-timer
S1683312896.099260,VS0,VS0,VE1
etag
"6f9-5f517e2c27140-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=43200,stale-while-revalidate=43200,stale-if-error=43200
accept-ranges
bytes
results-bundle.js
artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/
Redirect Chain
  • https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js
  • https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/results-bundle.js
6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/results-bundle.js
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Server
18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23e2545694e0a6b0d2a686990a6766fee5509b5c7beab0e6d4ba0839d0ddfd37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 06:04:53 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id
eUMEljvTkgyYM4FnVd3XmSVa.byB_ild
last-modified
Wed, 26 Apr 2023 19:32:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
737404
etag
"e29718372e8fcdc05f82d7c923c8fe17"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
content-length
1698695
x-amz-cf-id
xO0C5fBUCvnml9yzMVRmBo26Yi-a99AKAXi80QLsgJ4NspabiUj-xg==

Redirect headers

date
Fri, 05 May 2023 18:54:55 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/results-bundle.js
content-length
110
utag.sync.js
tms.ace.aaa.com/tst/prod/ 		109 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.ace.aaa.com/tst/prod/utag.sync.js
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20c8cb47379b4887256321b509e6280385ebee03a4b50b84f912709a8a449d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
rTlkIZ2wEEA8HSe45Q2DpmWRpbxK.7Bm
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront), 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
date
Fri, 05 May 2023 18:54:55 GMT
last-modified
Mon, 17 Apr 2023 19:04:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4, PRG50-C1
x-amz-server-side-encryption
AES256
etag
"d908428b6d1c92060802103376197070"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
109
x-amz-cf-id
Lc6CA57XIWhGdDS0XXc7g8hbCk_Meo4vGVM-sKEs3wxE-vZTgXhQzQ==
pa-5f5fcac48e83fa0015000b12.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5f5fcac48e83fa0015000b12.js
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d495d80150a450036620c07b921f67af2001aecb36b37eabc4e2d5771d2073

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:55 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 14 Oct 2022 06:22:28 GMT
server
cloudflare
etag
W/"63490024-1852"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7c2b31dfc9463a96-FRA
expires
Fri, 05 May 2023 18:59:55 GMT
css
fonts.googleapis.com/ 		14 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,300,600,700&subset=latin,latin-ext
Requested by
Host: artifacts.tstllc.net
URL: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bdbc7aa942ed3cc380c72be1c45147f4d7ec5e6b5b084f6527a46022314958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://artifacts.tstllc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 May 2023 18:54:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 May 2023 18:44:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 May 2023 18:54:55 GMT
/
www.fullstory.com/
Redirect Chain
  • https://www.fullstory.com/s/fs.js
  • https://www.fullstory.com/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fullstory.com/
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Server
2a05:d014:275:cb01:2c5:838c:1ab7:a223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

x-nf-request-id
01GZPM8T7T6DWKS8MS34CPJG7C
date
Fri, 05 May 2023 13:01:54 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
21182
content-type
text/plain
location
/
content-length
17
recorder.js
web-sdk.smartlook.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f4dc9ef64489ab1b2b404e69f1f5d09be8b96ea457a6b65dcacd22c61c59c8ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 May 2023 18:54:55 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
510
x-accel-date
1683312385
x-77-nzt
AZySIYukH9///gEAAA
x-accel-expires
@1683312985
last-modified
Thu, 04 May 2023 10:52:52 GMT
server
CDN77-Turbo
etag
W/"64538e84-e8b"
x-77-nzt-ray
cf87872739b9dbffff505564570f9c39
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
ProximaNovaSemibold.woff2
s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Semibold/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Semibold/ProximaNovaSemibold.woff2
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.77.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f529cf4430e32ae0b07d7d606ca1043e8cd9ebb9476456589578a299bad459bd

Request headers

Referer
https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Origin
https://travel.calif.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 18:54:57 GMT
x-amz-version-id
null
Last-Modified
Tue, 18 Sep 2018 14:07:12 GMT
Server
AmazonS3
x-amz-request-id
X80QXB0E5RGR5MJN
ETag
"e0642ce0df568ffbe72cafaf526fea41"
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
17512
x-amz-id-2
CIU7NYP4HrfLQ70o1A/iTaIc1XoJmzBnVlaVzVKMwrqwPjEBfJXw2LLty4yWNxN/FXX3PF1cuvc=
ProximaNovaBold.woff2
s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Bold/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Bold/ProximaNovaBold.woff2
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.77.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9e40b1bcc46b4ca351f0cd7f314eeaed43ae65f5c51af3e1e9e20b7a008b8aa0

Request headers

Referer
https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Origin
https://travel.calif.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 18:54:57 GMT
x-amz-version-id
null
Last-Modified
Tue, 18 Sep 2018 14:07:09 GMT
Server
AmazonS3
x-amz-request-id
X80QF9N67SWNB5NW
ETag
"5ce6a871d6c91993a96eca92e55f9f00"
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
17700
x-amz-id-2
l/6dg6o9/jIhEWM+Ceb5/KuADBdncvKOMBley0xHOKWEy7hZsvNctXj/2M7U4C9vJCxkSpYrskI=
ProximaNovaRegular.woff2
s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Regular/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/ProximaNova-Regular/ProximaNovaRegular.woff2
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.77.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fd9044a309ef7d51ad98d6a471d5ba00af04478843631e0cf5e2bfc36b509c2c

Request headers

Referer
https://s3.amazonaws.com/tstllc-assets/fonts/proxima-nova/proxima-nova.min.css
Origin
https://travel.calif.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 18:54:57 GMT
x-amz-version-id
null
Last-Modified
Tue, 18 Sep 2018 14:07:11 GMT
Server
AmazonS3
x-amz-request-id
X80T44DCS4KRNXH4
ETag
"1c43f9c5378fbcf84333719c88c6b0e0"
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
17728
x-amz-id-2
i/I3l+AfylJcOyxKlmqpljDv+F+1OejOkNQbI3Ck69MpkMQcgcVSliUsoUsyZ9dQqEBBFpe/JX8=
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b3e8e10db2f90bdb8710b478c200588b2396146e4b07b22a795ad79e062360f

Request headers

Referer
Origin
https://travel.calif.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
font/opentype
truncated
/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb2e1a97e3bc84334fa38904266d7ef01dc9407e17b3fcf54ea4a8ecbf494abf

Request headers

Referer
Origin
https://travel.calif.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
font/opentype
utag.js
tms.ace.aaa.com/tst/prod/ 		151 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.ace.aaa.com/tst/prod/utag.js
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6436a5ce3afd80874afefd56bd64d1a1859fa6ede64d87b9b682bd714f1efd56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
b_ejouBF9RFWxPQkIwtgrb_fACkcA3x3
content-encoding
br
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront), 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
date
Fri, 05 May 2023 18:53:00 GMT
last-modified
Mon, 17 Apr 2023 19:04:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4, PRG50-C1
age
116
x-amz-server-side-encryption
AES256
etag
W/"2bc1f953cd73fd90abe30b9f9884d370"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
ev3etRN5lEFUcPLqrTNjyxDIkIqFKBQFZoNJrl0O-MBQ4dxGwWQctA==
gtm.js
www.googletagmanager.com/ 		468 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W79ZLQ
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d66260f0c714f345918cd23e9ca3e39ca15fea760a8c40d02e7f133ecdd531b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105614
x-xss-protection
0
last-modified
Fri, 05 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 May 2023 18:54:56 GMT
gtm.js
www.googletagmanager.com/ 		518 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T6BPC96
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ddb2fde958fbd2af2b7cc69b8b210b0778608e4c0d4eeafd0301a11cb9f8fb83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
115588
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 May 2023 18:54:56 GMT
init.b058789217516e0f23d3.js
web-sdk.smartlook.com/es6/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.b058789217516e0f23d3.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
de04dff43538fef3cc0ab104c9393138b007d11704169160c52a57bbd1220d39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.calif.aaa.com/
Origin
https://travel.calif.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 05 May 2023 18:54:56 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
109298
x-accel-date
1683203598
x-77-nzt
AZySIYuZIzr/8qoBAA
x-accel-expires
@1714739598
last-modified
Thu, 04 May 2023 10:52:52 GMT
server
CDN77-Turbo
etag
W/"64538e84-e345"
x-77-nzt-ray
cf87872737b9340100515564155fd200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
utag.1.js
tms.ace.aaa.com/tst/prod/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.ace.aaa.com/tst/prod/utag.1.js?utv=ut4.49.202304171903
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
394c6e5ee58215cf849d8cf6ae2c045dc72a14ac62628fdb6793ccb62c59ee85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
CrHdcXOD2ZVwG60f03_tQwttSoLRDYXc
content-encoding
gzip
via
1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront), 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
date
Fri, 05 May 2023 18:53:00 GMT
last-modified
Mon, 17 Apr 2023 19:03:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4, PRG50-C1
age
117
x-amz-server-side-encryption
AES256
etag
W/"8daf8f73cb8f498f3dd5ede264d26446"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
Sq7IirD-FFR9dhqaQb2a8jVGi2JfMObnYM98GymDmV4k8JlfsFOMVA==
utag.45.js
tms.ace.aaa.com/tst/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.ace.aaa.com/tst/prod/utag.45.js?utv=ut4.49.202211021837
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43429107c9e1939286f126c4ab374e9b8909cbca3a7d6ad4effa88d0312c6aa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
_iOGb_mCaEIv1Nc9YHqUF3V8lByq7KCq
content-encoding
br
via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront), 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
date
Fri, 05 May 2023 18:54:57 GMT
last-modified
Mon, 17 Apr 2023 19:03:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4, PRG50-C1
x-amz-server-side-encryption
AES256
etag
W/"d501cf138262928ffa98add6c1ca5f68"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
AcAdgQ_JKwQGOfn3LEEygZ527n2u4cbq-khlvbxTptZ9ILb9Hwwy6g==
utag.38.js
tms.ace.aaa.com/tst/prod/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.ace.aaa.com/tst/prod/utag.38.js?utv=ut4.49.202204070052
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3d92cefd95aa6a3adaae54544f56d0e4ff558c827191f767b29c3429e24ad71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
lNeO3MvmXnebIBlDlTm3ly_JL1z_wsp4
content-encoding
br
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront), 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
date
Fri, 05 May 2023 18:53:01 GMT
last-modified
Mon, 17 Apr 2023 19:04:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4, PRG50-C1
age
116
x-amz-server-side-encryption
AES256
etag
W/"e1a9f2c59e7f379e53d3f7b6c506a4e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
yHEGf39MITCOpG3E3TLDHZJLKjltQUpkTLY3nbHvmRb5pzjynL4S8Q==
utag.47.js
tms.ace.aaa.com/tst/prod/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tms.ace.aaa.com/tst/prod/utag.47.js?utv=ut4.49.202211230009
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eaf247fb17f36b2db0be030424062cd17894d33c90d136043b623694bd410281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
Lb2ZC49.tL6Xj3Sb7Y1253Uvbe3wAxEp
content-encoding
br
via
1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront), 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
date
Fri, 05 May 2023 18:53:01 GMT
last-modified
Mon, 17 Apr 2023 19:03:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4, PRG50-C1
age
116
x-amz-server-side-encryption
AES256
etag
W/"83fe6c1930d64218c9942b672373cf78"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
NrL-3lSd9EIQK2DfZyIdKOvQWePRHG3JMHQJO454M5erOReUaKgbxw==
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W79ZLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 May 2023 17:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6592
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 05 May 2023 19:05:04 GMT
js
www.googletagmanager.com/gtag/ 		235 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-65YG7JM4M0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W79ZLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49ebf324e6184589317ba28d3a95b2d7fa1c34cb7ec3fce99e252957c7d0b385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82668
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 May 2023 18:54:56 GMT
0.css
artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/
Redirect Chain
  • https://travel.calif.aaa.com/activity/assets/resource/stylesheets/0.css
  • https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/0.css
90 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/0.css
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Server
18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dee1f8e318497e9bcc7766c2d08c4c7b6067522bb947a5627b4c470454202d99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:27:50 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id
fnaYq_J1u5Gw0TwErA78DzyDUMH8DjD9
last-modified
Wed, 26 Apr 2023 19:32:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
772027
etag
"45d0ff3ef9500ff9af097c02f5a7764e"
vary
Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
content-length
43960
x-amz-cf-id
Dr6_oVpElR5bVR4TS_rMIFzO71I5rXk3h1Ws6BQ0rTPAqAXGlSE9MQ==

Redirect headers

date
Fri, 05 May 2023 18:54:56 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/0.css
content-length
107
0-chunk.js
artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/
Redirect Chain
  • https://travel.calif.aaa.com/activity/assets/resource/js/chunk/0-chunk.js
  • https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/0-chunk.js
1 MB
281 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/0-chunk.js
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Server
18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69582a95395c6e221d7319f3dab4f6712d20d1ed29bfe0f2b056c88e685aa917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 23:30:19 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-version-id
ne1jDaoP_7WmnECi0_3WOut6cIWMKFPy
last-modified
Wed, 26 Apr 2023 19:32:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
761078
etag
"9e05f803df3c9013b15113764c17836b"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
content-length
286602
x-amz-cf-id
4f-pfcVcqrHtghW6W76MVTWGs_c5Lk1Q5ELXlh_GwmKVOCGUCxCvUg==

Redirect headers

date
Fri, 05 May 2023 18:54:56 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/js/chunk/0-chunk.js
content-length
109
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/webp
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-65YG7JM4M0&gtm=45je3530&_p=1052707223&cid=1741057856.1683312897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683312896&sct=1&seg=0&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&dt=Activity%20Search%20Results&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65YG7JM4M0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.calif.aaa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=aaa/tst/202304171903&cb=1683312896757
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Fri, 05 May 2023 18:45:32 GMT
via
1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
566
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
NtsXwiJdfEtSdljfn1XinQeGIY-FIq1fJIs0RJNp8-wYNOa5qocXLQ==
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1052707223&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&dp=%2Factivity%2Fsearch%2F4373&ul=en-us&de=UTF-8&dt=Activity%20Search%20Results&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABCAAAACAEC~&jid=868429829&gjid=1945819038&cid=1741057856.1683312897&tid=UA-55392727-1&_gid=25150102.1683312897&_r=1&_slc=1&gtm=45He3530n71W79ZLQ&cd1=customer&cd11=2023-05-05T18%3A54%3A56%2B00%3A00&cd13=296426642.1683312895878&cd9=1741057856.1683312897&z=1914292951
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.calif.aaa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.calif.aaa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1052707223&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&ul=en-us&de=UTF-8&dt=Activity%20Search%20Results&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAHAAEABCAAAACAEK~&jid=1999075436&gjid=2108664418&cid=1741057856.1683312897&tid=UA-96133587-4&_gid=25150102.1683312897&_r=1&_slc=1&gtm=45He3530n81T6BPC96&cd1=000&cd2=Travel&cd3=TST&cd108=travel.calif.aaa.com%2Factivity%2Fsearch%2F4373&cd109=&cd111=&cd118=TST%20Activity%20Results%20Page&cd156=296426642.1683312895878&cd161=Not%20Collected&z=753145905
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.calif.aaa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.calif.aaa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-55392727-1&cid=1741057856.1683312897&jid=868429829&gjid=1945819038&_gid=25150102.1683312897&_u=YADAAAAACAAAACAEC~&z=2057184116
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.calif.aaa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 05 May 2023 18:54:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.calif.aaa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-96133587-4&cid=1741057856.1683312897&jid=1999075436&gjid=2108664418&_gid=25150102.1683312897&_u=YAHAAEABCAAAACAEK~&z=1179588761
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.calif.aaa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 05 May 2023 18:54:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.calif.aaa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-65YG7JM4M0&gtm=45je3530&_p=1052707223&cid=1741057856.1683312897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1683312896&sct=1&seg=0&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&dt=Activity%20Search%20Results&en=scroll&epn.percent_scrolled=90&_et=23
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65YG7JM4M0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.calif.aaa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-55392727-1&cid=1741057856.1683312897&jid=868429829&_u=YADAAAAACAAAACAEC~&z=1003490149
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-55392727-1&cid=1741057856.1683312897&jid=868429829&_u=YADAAAAACAAAACAEC~&z=1003490149
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-96133587-4&cid=1741057856.1683312897&jid=1999075436&_u=YAHAAEABCAAAACAEK~&z=8567415
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-96133587-4&cid=1741057856.1683312897&jid=1999075436&_u=YAHAAEABCAAAACAEK~&z=8567415
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312897191
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312897191
393 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312897191
Protocol
HTTP/1.1
Server
52.31.11.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9d1954529cf8ed240deafe431375e7ed9ff25da6051ccbe551831a2642be5059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0d8a0b8fe.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
AuuuWDsLTzQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://travel.calif.aaa.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
329
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v048-0cef9a9b4.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8MrEpR7FTco=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://travel.calif.aaa.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97311CFE53295FB20A490D45%40AdobeOrg&d_nsid=0&ts=1683312897191
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1039166654&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W79ZLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c723feec72e433d3b6c8c85ef23344ebf5cd9490b08f6223d721500329e142bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68322
x-xss-protection
0
last-modified
Fri, 05 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 May 2023 18:54:57 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1039166654
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8415520bc84f9234b0954d1712aa4e104ebba22bd339f788da35685ce6845db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68269
x-xss-protection
0
last-modified
Fri, 05 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 May 2023 18:54:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 05 May 2023 18:54:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27428
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
+bp4RC7EKGXbdzc1Lm1zE1oUev7/DVEcJZJhDeWpMaVseRYvVtGbkmz5jSgNliNrhUJB9Ap/AoBubbPAbB/y7A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
i.gif
tmsc.ace.aaa.com/aaa/main/2/ 		43 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tmsc.ace.aaa.com/aaa/main/2/i.gif
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.47.js?utv=ut4.49.202211230009
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.217.243 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a3792b07a22951ff1.awsglobalaccelerator.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://travel.calif.aaa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryCxQHBbCy9uouNDTq

Response headers

date
Fri, 05 May 2023 18:54:58 GMT
x-serverid
uconnect_i-0cf053a2b23ead53c
x-tid
0187ed446812000b04c54623273f03073004606b00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
aaa:main:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
0187ed446812000b04c54623273f03073004606b00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://travel.calif.aaa.com
x-ulver
9b1ec25f618f2852a333507ed7107ea8f8f4099c-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
6afba747-d3bd-42d8-951e-dbe3c1337ea3
expires
Fri, 05 May 2023 18:54:58 GMT
productChannelMiniCartPackaging
travel.calif.aaa.com/admin/rest/parameters/ 		95 B
578 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel.calif.aaa.com/admin/rest/parameters/productChannelMiniCartPackaging
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-200-83.compute-1.amazonaws.com
Software
/
Resource Hash
3ed1cbd3430507ea5ee48aecf25a070b467b7bb210c6124b0a1ced12d164beba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
content-length
95
content-type
application/json
ld
travel.calif.aaa.com/web-services/assets/featureToggles/ 		4 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://travel.calif.aaa.com/web-services/assets/featureToggles/ld
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-200-83.compute-1.amazonaws.com
Software
/ Express
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
content-length
4
data
travel.calif.aaa.com/activity/search/4373/ 		32 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://travel.calif.aaa.com/activity/search/4373/data?sortOrder=TOP_SELLERS&categories=&offset=0&maxResults=10&tripId=&tripItemId=
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-200-83.compute-1.amazonaws.com
Software
/
Resource Hash
67cd306b6d519612d4f96b72404db3001c0591ccc6f947bfd0588dc50ea2d6e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-length
3692
ld
travel.calif.aaa.com/web-services/assets/featureToggles/ 		5 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://travel.calif.aaa.com/web-services/assets/featureToggles/ld?key=MiniCart&anonymous=true
Requested by
Host: travel.calif.aaa.com
URL: https://travel.calif.aaa.com/activity/assets/resource/js/results-bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-200-83.compute-1.amazonaws.com
Software
/ Express
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"5-fLbvuYullyqbUJDcLlF/4U0SywQ"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
content-length
5
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5f5fcac48e83fa0015000b12&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=678&cE=864&dLE=678&dLS=1&fS=0&hS=770&rE=-1&rS=-1&reS=864&resS=1315&resE=1497&uEE=-1&uES=-1&dL=1318&dI=2148&dCLES=2149&dCLEE=2149&dC=3345&lES=3345&lEE=3403&s=nt&title=Activity%20Search%20Results&path=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373&ref=&sId=u5oc1ld4&sST=1683312897&sIS=1&rV=0&v=1.4.1
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5f5fcac48e83fa0015000b12.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.224.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-224-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 05 May 2023 18:54:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1052707223&t=timing&_s=2&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&dp=%2Factivity%2Fsearch%2F4373&ul=en-us&de=UTF-8&dt=Activity%20Search%20Results&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3345&pdt=182&dns=677&rrt=0&srt=451&tcp=186&dit=2148&clt=2149&_gst=2329&_gbt=2929&_u=YAHAAEABCAAAACAEK~&jid=&gjid=&cid=1741057856.1683312897&tid=UA-55392727-1&_gid=25150102.1683312897&gtm=45He3530n71W79ZLQ&cd1=customer&cd11=2023-05-05T18%3A54%3A56%2B00%3A00&cd13=296426642.1683312895878&cd9=1741057856.1683312897&z=715531316
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 06:19:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45319
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1052707223&t=timing&_s=2&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&ul=en-us&de=UTF-8&dt=Activity%20Search%20Results&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3345&pdt=182&dns=677&rrt=0&srt=451&tcp=186&dit=2148&clt=2149&_gst=2329&_gbt=2929&_u=YAHAAEABCAAAACAEK~&jid=&gjid=&cid=1741057856.1683312897&tid=UA-96133587-4&_gid=25150102.1683312897&gtm=45He3530n81T6BPC96&cd1=000&cd2=Travel&cd3=TST&cd108=travel.calif.aaa.com%2Factivity%2Fsearch%2F4373&cd109=&cd111=&cd118=TST%20Activity%20Results%20Page&cd156=296426642.1683312895878&cd161=Not%20Collected&z=1935750045
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 06:19:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
45319
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1039166654/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1039166654/?random=1683312897306&cv=11&fst=1683312897306&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&hn=www.googleadservices.com&frm=0&tiba=Activity%20Search%20Results&did=dYmQxMT&gdid=dYmQxMT&auid=466015603.1683312896&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1039166654&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af97bfd50a0d3e3ed636e65d2477424bd2f6e0529a1cb64b92b84a55ce266d63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1231
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.103
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 05 May 2023 18:54:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
W1MZwW0NsOqrSJ2DkXasgifbBfpeH7DSXs6iLd9g2lLgIPfiRV2IBCBscAuvDd0Siq70TycqDqQrUKPzWccb2Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
136696297006053
connect.facebook.net/signals/config/ 		390 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/136696297006053?v=2.9.103&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d55b788cd748fb0fb927ad66148f3aa642387f56887561d3f3bdf0839da369cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 May 2023 18:54:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
111593
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
c5FapRTXhnh/P9ahWYa2hi68BHHo1u0xaMwjTnPE5JNrGdks5Y4oM1czszU0UWJv1++Nw0Su+jps1n0k2i0IzA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=136696297006053&ev=PageView&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&rl=&if=false&ts=1683312897379&sw=1600&sh=1200&v=2.9.103&r=stable&a=tmtealium&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22212826774798750%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22184158674528562%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%221905618656470362%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%224373%22%7D%7D&par[3]=%7B%22extractorID%22%3A%22772387024407499%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%2C%22productID%22%3A%224373%22%7D%7D&fbp=fb.1.1683312897377.1953845421&cs_est=true&it=1683312897335&coo=false&eid=e63f0f9aa5f0293022ec0c8deb65e1b0&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 05 May 2023 18:54:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/1039166654/ 		42 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1039166654/?random=1683312897306&cv=11&fst=1683309600000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&frm=0&tiba=Activity%20Search%20Results&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2904382207&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1039166654/ 		42 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1039166654/?random=1683312897306&cv=11&fst=1683309600000&bg=ffffff&guid=ON&async=1&gtm=45be3530&u_w=1600&u_h=1200&url=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&frm=0&tiba=Activity%20Search%20Results&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2904382207&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dest5.html
automobileclubofsoutherncalifornia.demdex.net/ Frame 71D1 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://automobileclubofsoutherncalifornia.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.86.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-86-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://travel.calif.aaa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v048-04f30eb4e.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
mBA3x72VTsU=
content-encoding
gzip
date
Fri, 5 May 2023 18:54:57 GMT
last-modified
Thu, 27 Apr 2023 14:39:21 GMT
vary
accept-encoding
id
acemetrics.aaa.com/ 		48 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://acemetrics.aaa.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=97311CFE53295FB20A490D45%40AdobeOrg&mid=10472462436579876142318608131031809897&ts=1683312897434
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.164 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-164.data.adobedc.net
Software
jag /
Resource Hash
fd7f0a254ebc8c11139925cd2ffed74b8bb01397c20b8f70e4200930b9ad35e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.calif.aaa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://travel.calif.aaa.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZFVRAQAAALkGnwN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=00561411612651213613342441894979256614
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFVRAQAAALkGnwN-
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFVRAQAAALkGnwN-
Protocol
HTTP/1.1
Server
52.31.11.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-076c78125.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BimElcHiQjc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZFVRAQAAALkGnwN-
Date
Fri, 05 May 2023 18:54:57 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
hot_deal.png
artifacts.tstllc.net/ui/src/client/activity/app/images/ 		0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://artifacts.tstllc.net/ui/src/client/activity/app/images/hot_deal.png
Requested by
Host: artifacts.tstllc.net
URL: https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-30.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://artifacts.tstllc.net/227ea2a82ba312aaf44e/activity/resource/stylesheets/activity-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:58 GMT
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P2
vary
Origin
x-cache
LambdaGeneratedResponse from cloudfront
cache-control
no-cache, cf-no-cache
content-length
0
x-amz-cf-id
erUyksGWpnbvLTuzFa7Y0Wcqe-4pdNBOvba7-BaDT8NRZ1qLkMqH1w==
truncated
/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8aa5efde86c226b1c6daaa9e29be64ba62beb170ec6329bde6927f77c9292b02

Request headers

Referer
Origin
https://travel.calif.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
orange_5_0.gif
assets.green.kube.tstllc.net/images/common/rating/
Redirect Chain
  • https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_5_0.gif
  • https://assets.green.kube.tstllc.net/images/common/rating/orange_5_0.gif?url=null%3FcacheBuster%3D0.1300489558303486
825 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.green.kube.tstllc.net/images/common/rating/orange_5_0.gif?url=null%3FcacheBuster%3D0.1300489558303486
Protocol
H2
Server
44.196.103.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-103-217.compute-1.amazonaws.com
Software
/
Resource Hash
97530daa9d81c72ca83065697e54863ca71d14e3e8a9e527f51b64f98a4b2aad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:58 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 May 2020 19:06:48 GMT
etag
"5ebaf3c8-339"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
825

Redirect headers

location
https://assets.green.kube.tstllc.net/images/common/rating/orange_5_0.gif?url=null%3FcacheBuster%3D0.1300489558303486
date
Fri, 05 May 2023 18:54:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
d5.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/07/a7/a0/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/07/a7/a0/d5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
752c913ab2e090abe4f7de944317ca098130113d6f29fe27e9d3cf3cdd8b0118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
935129323
age
2107432
x-cache
HIT, HIT
content-length
92087
x-served-by
cache-iad-kjyo7100021-IAD, cache-fra-etou8220022-FRA
last-modified
Wed, 19 Jun 2019 19:09:26 GMT
x-timer
S1683312898.546871,VS0,VE2
etag
"17c154c8eba3583581523847a28b035c"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
1112, 1
ec.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/07/1c/f1/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/07/1c/f1/ec.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8ce36ce434f9ab9c07026d7b918958faf3f84c59afb9c903805343909ccc048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
449922997
age
2527411
x-cache
HIT, MISS
content-length
78483
x-served-by
cache-iad-kjyo7100057-IAD, cache-fra-etou8220022-FRA
last-modified
Tue, 26 Feb 2019 11:58:27 GMT
x-timer
S1683312898.546635,VS0,VE99
etag
"1bd2516e34a8ae799fc0267eaea8c390"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
1472, 0
5e.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/f4/93/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/f4/93/5e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc159c2e39820488d3bbf2bd562eb2f2e027e489c0a0c3bf305482aa4606a659

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
953877248
age
358510
x-cache
HIT, MISS
content-length
97273
x-served-by
cache-iad-kiad7000092-IAD, cache-fra-etou8220022-FRA
last-modified
Mon, 02 Aug 2021 16:13:19 GMT
x-timer
S1683312898.546301,VS0,VE90
etag
"8366f72ed4555aa3d68494102af9bd87"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
365, 0
53.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/87/bd/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/87/bd/53.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb632ff7549a05432753984dd3dbbbf9b51c473a8a0e0d0789c77287056f3a94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
1024268881
age
280213
x-cache
HIT, MISS
content-length
40695
x-served-by
cache-iad-kjyo7100032-IAD, cache-fra-etou8220022-FRA
last-modified
Mon, 21 Dec 2020 16:33:00 GMT
x-timer
S1683312898.547114,VS0,VE127
etag
"9a3cbf1df61f5f420becad0f32567e42"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
328, 0
72.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/09/4e/e0/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/09/4e/e0/72.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1a721da8f35b2099bf2415ec821961e664f9d7d1f1e2ea72d04e8c273d3c659

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
1034560429
age
2009789
x-cache
HIT, HIT
content-length
125700
x-served-by
cache-iad-kcgs7200045-IAD, cache-fra-etou8220022-FRA
last-modified
Sat, 28 Sep 2019 00:30:14 GMT
x-timer
S1683312898.546065,VS0,VE3
etag
"7529b037fe086793d809b9e9490a1bf4"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
692, 1
b7.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/27/51/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/27/51/b7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b43633a95de2ab3d10f6b09ddbb9d4b36c5c5087531dfa68ea45ba11083a66b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
627482824
age
891851
x-cache
HIT, HIT
content-length
69038
x-served-by
cache-iad-kiad7000022-IAD, cache-fra-etou8220022-FRA
last-modified
Wed, 19 Aug 2020 12:26:25 GMT
x-timer
S1683312898.546073,VS0,VE2
etag
"16dce171be49e8356d225c9b6524802e"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
1705, 1
7e.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/22/42/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/22/42/7e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
917f43467b708388b53d93f58872c35988dd8ca38778b913059f93321e3563c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
469227544
age
907463
x-cache
HIT, HIT
content-length
94997
x-served-by
cache-iad-kcgs7200046-IAD, cache-fra-etou8220022-FRA
last-modified
Thu, 30 Jul 2020 19:55:46 GMT
x-timer
S1683312898.548937,VS0,VE6
etag
"8391f40b102345706f997f26eea809b4"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
1430, 1
orange_3_5.gif
assets.green.kube.tstllc.net/images/common/rating/
Redirect Chain
  • https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_3_5.gif
  • https://assets.green.kube.tstllc.net/images/common/rating/orange_3_5.gif?url=null%3FcacheBuster%3D0.375078300414043
873 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.green.kube.tstllc.net/images/common/rating/orange_3_5.gif?url=null%3FcacheBuster%3D0.375078300414043
Protocol
H2
Server
44.196.103.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-103-217.compute-1.amazonaws.com
Software
/
Resource Hash
f68b041f043e568c123ce58b391ed8f2d1ffee5e26464260c7edaeab8cce7245
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:58 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 May 2020 19:06:48 GMT
etag
"5ebaf3c8-369"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
873

Redirect headers

location
https://assets.green.kube.tstllc.net/images/common/rating/orange_3_5.gif?url=null%3FcacheBuster%3D0.375078300414043
date
Fri, 05 May 2023 18:54:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
25.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0b/f1/b1/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/0b/f1/b1/25.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb4212e16db3f864e09732cb46ea21321d892fb1b00c14f64a640cf1c6d77da2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
253403512
age
1487793
x-cache
HIT, HIT
content-length
58119
x-served-by
cache-iad-kcgs7200167-IAD, cache-fra-etou8220022-FRA
last-modified
Wed, 21 Jul 2021 13:47:33 GMT
x-timer
S1683312898.548782,VS0,VE2
etag
"df14d97a19e6bf6223344c92180f308a"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
814, 1
6b.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/09/4e/e0/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/09/4e/e0/6b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0dcdf98b193a07240e5831a91fe13f8dbf43caa81d3bc6c4aa314ace7726327d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
139626018
age
994806
x-cache
HIT, HIT
content-length
97572
x-served-by
cache-iad-kjyo7100103-IAD, cache-fra-etou8220022-FRA
last-modified
Sat, 28 Sep 2019 00:26:58 GMT
x-timer
S1683312898.549490,VS0,VE2
etag
"c154f56d8ab91f8f08d9f1fbfc8d37a0"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
590, 1
orange_3_0.gif
assets.green.kube.tstllc.net/images/common/rating/
Redirect Chain
  • https://travel.calif.aaa.com/activity/common/assets/images/rating/orange_3_0.gif
  • https://assets.green.kube.tstllc.net/images/common/rating/orange_3_0.gif?url=null%3FcacheBuster%3D0.5857622911539195
874 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.green.kube.tstllc.net/images/common/rating/orange_3_0.gif?url=null%3FcacheBuster%3D0.5857622911539195
Protocol
H2
Server
44.196.103.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-103-217.compute-1.amazonaws.com
Software
/
Resource Hash
0e0e72b51dc6a723b98024013376b6114940f68b3f61a6b7fba8b671bcbd3187
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:58 GMT
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 12 May 2020 19:06:48 GMT
etag
"5ebaf3c8-36a"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
874

Redirect headers

location
https://assets.green.kube.tstllc.net/images/common/rating/orange_3_0.gif?url=null%3FcacheBuster%3D0.5857622911539195
date
Fri, 05 May 2023 18:54:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
eb.jpg
media.tacdn.com/media/attractions-splice-spp-674x446/0c/01/2e/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tacdn.com/media/attractions-splice-spp-674x446/0c/01/2e/eb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9eccdb7e8980366dc6de40367208e5f257936e4d2bdaa4e632686b94998583e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 18:54:57 GMT
via
1.1 varnish, 1.1 varnish
x-media-cdn
158272411
age
1895004
x-cache
HIT, MISS
content-length
86455
x-served-by
cache-iad-kiad7000115-IAD, cache-fra-etou8220022-FRA
last-modified
Tue, 21 Sep 2021 03:38:46 GMT
x-timer
S1683312898.549489,VS0,VE108
etag
"3074c4fc1148dde2fccdd519da1cc6b2"
x-media-cdn-cache-hits
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-media-cdn-cache
PASS
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
922, 0
fontawesome-webfont.woff
tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/font/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/font/fontawesome-webfont.woff?v=3.2.1
Requested by
Host: tstllc-assets.s3.amazonaws.com
URL: https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.32.252 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Referer
https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/font-awesome.min.css
Origin
https://travel.calif.aaa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 18:54:58 GMT
x-amz-version-id
MqdXJ_mx95.S1gS4I03gmhEEXrcJj9Ce
Last-Modified
Sat, 20 Jul 2019 11:48:39 GMT
Server
AmazonS3
x-amz-request-id
RRJV2KP5CYVMMV8Z
ETag
"b683029bafe0305ac2234038a03e1541"
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
font/woff
Accept-Ranges
bytes
Content-Length
43572
x-amz-id-2
hgm/3edIUgQesPLHJKcpi8OltXLY2VF4rpIeWUVXLP/mNthivFUEnCZxTQ5wZu3XfzZi/PniOd8=
s25084743548636
acemetrics.aaa.com/b/ss/aaascace/1/JS-2.23.0/ 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acemetrics.aaa.com/b/ss/aaascace/1/JS-2.23.0/s25084743548636?AQB=1&ndh=1&pf=1&t=5%2F4%2F2023%2018%3A54%3A57%205%200&sdid=31675BCBBD0615BD-6CED30899C38E011&mid=10472462436579876142318608131031809897&aamlh=6&ce=UTF-8&cdp=2&pageName=travel%3Atst%3Aactivity%3Asearch%20results&g=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&cc=USD&ch=travel&events=event79&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=tst&v1=tst&c2=activity&v2=activity&c3=startdate%3D2023-05-12&v3=startdate%3D2023-05-12&c7=ca&v7=ca&c10=0187ed446812000b04c54623273f03073004606b00b08&v10=0187ed446812000b04c54623273f03073004606b00b08&c14=customer&v14=customer&c43=1683312896019&v43=1683312896019&c70=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373&v70=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373&c72=travel%3Atst%3Aactivity%3Asearch%20results&v72=travel%3Atst%3Aactivity%3Asearch%20results&v125=Desktop&v126=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F113.0.5672.63%20Safari%2F537.36&v192=aaa%24tst%24prod%24false%244.49%24202304171903%24fpd%7C5.4.0%24%242.23.0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=97311CFE53295FB20A490D45%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.164 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-164.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:54:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 06 May 2023 18:54:57 GMT
server
jag
etag
3614886921897279488-4619721100693932426
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 04 May 2023 18:54:57 GMT
0187ed446812000b04c54623273f03073004606b00b08
visitor-service-us-east-1.tealiumiq.com/aaa/main/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-us-east-1.tealiumiq.com/aaa/main/0187ed446812000b04c54623273f03073004606b00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1683312898212
Requested by
Host: tms.ace.aaa.com
URL: https://tms.ace.aaa.com/tst/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.201.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-201-168.compute-1.amazonaws.com
Software
/
Resource Hash
598745a9015650e5044d5c9140ca1a093f72a7416ade2a09f8bba0cdec54abd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-version
9b1ec25f618f2852a333507ed7107ea8f8f4099c-SNAPSHOT
date
Fri, 05 May 2023 18:54:58 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-region
us-east-1
content-length
1697
x-nodeid
i-0a5fced43074f552f
content-type
application/javascript; charset=utf-8
/
www.facebook.com/tr/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=136696297006053&ev=Microdata&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&rl=&if=false&ts=1683312898885&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Activity%20Search%20Results%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.103&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1683312897377.1953845421&it=1683312897335&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 05 May 2023 18:54:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-65YG7JM4M0&gtm=45je3530&_p=1052707223&cid=1741057856.1683312897&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1683312896&sct=1&seg=0&dl=https%3A%2F%2Ftravel.calif.aaa.com%2Factivity%2Fsearch%2F4373%3Fstartdate%3D2023-05-12&dt=Activity%20Search%20Results&en=fetch_user_data&_et=52&up.ga4_client_id=1741057856.1683312897.&up.ga4_session_id=1683312896&up.analytics_id=296426642.1683312895878.&up.user_type=customer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65YG7JM4M0&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.calif.aaa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 18:55:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://travel.calif.aaa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless undefined| dummyStorage function| _ undefined| __ function| setLinkTargets boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS function| _fs_ready function| smartlook object| dataLayer object| tstAnalytics object| aceMediaTagValues function| clickSelf function| skipToMain object| evt object| tstDataLayer number| destId string| tripId string| tripItemId string| monthYear boolean| utag_condload string| C_path object| utag function| loadLibrary boolean| __tealium_twc_switch object| utag_cfg_ovrd object| utag_ace object| s function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_objectID number| s_giq function| fbq function| _fbq object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| _tstGaTracker function| gtag function| onYouTubeIframeAPIReady object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SECRET_EMOTION__ function| Hammer object| jQuery183035579170273884597 boolean| usingLegacyContext object| gaGlobal object| gaplugins object| gaData object| webpackChunk_smartlook_recorder object| adobe function| Visitor string| gtagRename object| GooglebQhCsO object| sc_events object| s_i_aaascace

27 Cookies

Domain/Path Name / Value
travel.calif.aaa.com/ Name: rememberMe
Value: true
travel.calif.aaa.com/ Name: tst_user_session_id
Value: a33ca597-df75-4ef8-95b9-c0f7e1ce790a
travel.calif.aaa.com/ Name: tst_analytics_session_id
Value: 296426642.1683312895878
.ace.aaa.com/ Name: visid_incap_2444368
Value: /oubk67lRDe0rXhmDgNG1/9QVWQAAAAAQUIPAAAAAACsQZsyoDS5CquMra7iJ+z9
.ace.aaa.com/ Name: nlbi_2444368
Value: HpPIWWnJXxWWu4MQYXljLAAAAACf75gof0mE4Snam5aeGjLL
.ace.aaa.com/ Name: incap_ses_536_2444368
Value: AWgcJBEUciHLZPYzBkJwB/9QVWQAAAAAK9zqJfqApjreHLLiIVsGSQ==
.aaa.com/ Name: _gcl_au
Value: 1.1.466015603.1683312896
.travel.calif.aaa.com/ Name: _ga
Value: GA1.4.1741057856.1683312897
.travel.calif.aaa.com/ Name: _gid
Value: GA1.4.25150102.1683312897
.travel.calif.aaa.com/ Name: _gat_UA-55392727-1
Value: 1
.aaa.com/ Name: _ga
Value: GA1.2.1741057856.1683312897
.aaa.com/ Name: _gid
Value: GA1.2.25150102.1683312897
.aaa.com/ Name: _gat_UA-96133587-4
Value: 1
.aaa.com/ Name: _ga_65YG7JM4M0
Value: GS1.1.1683312896.1.0.1683312896.0.0.0
travel.calif.aaa.com/ Name: TripCartItemCount
Value: 0
.demdex.net/ Name: demdex
Value: 00561411612651213613342441894979256614
.aaa.com/ Name: _fbp
Value: fb.1.1683312897377.1953845421
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
travel.calif.aaa.com/ Name: PLAY_SESSION
Value: c0370e48bee778c1f4b36ec03df2be1b7a28d3ea-mdc-id=%5Bc9fabdda-fdb9-456a-a51d-d39cae60c200%5D&session_expires=1683341697372
.aaa.com/ Name: AMCVS_97311CFE53295FB20A490D45%40AdobeOrg
Value: 1
.aaa.com/ Name: s_ecid
Value: MCMID%7C10472462436579876142318608131031809897
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZFVRAQAAALkGnwN-
.aaa.com/ Name: s_cc
Value: true
.dpm.demdex.net/ Name: dpm
Value: 00561411612651213613342441894979256614
.aaa.com/ Name: AMCV_97311CFE53295FB20A490D45%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19483%7CMCMID%7C10472462436579876142318608131031809897%7CMCAAMLH-1683917697%7C6%7CMCAAMB-1683917697%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1683320097s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19490%7CvVersion%7C5.4.0
.ace.aaa.com/ Name: TAPID
Value: aaa/main>0187ed446812000b04c54623273f03073004606b00b08|
.aaa.com/ Name: utag_main
Value: v_id:0187ed446812000b04c54623273f03073004606b00b08$_sn:1$_se:1$_ss:1$_st:1683314696019$ses_id:1683312896019%3Bexp-session$_pn:1%3Bexp-session$_prevpage:travel%3Atst%3Aactivity%3Asearch%20results%3Bexp-1683316497184$vapi_domain:aaa.com$dc_visit:1$dc_event:1%3Bexp-session$dc_region:us-east-1%3Bexp-session

3 Console Messages

Source Level URL
Text
other warning URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Message:
Failed to decode downloaded font: data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAIZ0AA4AAAAA/cAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABRAAAABwAAAAcZUS2EEdERUYAAAFgAAAAHwAAACABeAAET1MvMgAAAYAAAAA+AAAAYIsCehJjbWFwAAABwAAAAQ0AAAJKA53KoGdhc3AAAALQAAAACAAAAAgAAAAQZ2x5ZgAAAtgAAHVEAADgpFx6RtBoZWFkAAB4HAAAAC8AAAA2AgZrX2hoZWEAAHhMAAAAHwAAACQNgwenaG10eAAAeGwAAAF6AAAFKofmCy5sb2NhAAB56AAAAnsAAAKY8IYntG1heHAAAHxkAAAAHwAAACABoQKZbmFtZQAAfIQAAAFlAAACuDwOZY5wb3N0AAB97AAACH0AAA4/HuhBCXdlYmYAAIZsAAAABgAAAAbgklGMAAAAAQAAAADMPaLPAAAAAMtUgjAAA...1yHWwDvU0jFnqbhgh6m2x9pd6h9f0NC73Jit6hqZ1QVGPqFG7KCy0MRtQgk0N9JVOIgwbaBmq9g7VUzdZWtSmm2+Y5XcbObVPDT1d7DQtQYLZsZD09MLuB+bTdEyuFLkCbWMpdYee1q4wcaUdUVflUJuLOiOit4KFHzGYg4enPBz1zxiiGVQjIoUcxpobFU0d/JHSNQzQtnV2nuoZ7iEdsfzCl6wREYF29RHfIseYZAqTjL+zZ19/QTPpVTcVIlZsUhOh6aDWatndxUNRrazp2iQgE9Uy9oQ7jzCHVN99ZcSLScGbSW6w3c7or+cSshKE6qWKKaEk8J3SvWQlC4qamwVST75Stm0Yabto4pLlpo224KVZZussJqmrRJWwSW/YsoTYgJlKihriNoJ4UVVJt6EFz62OTPuX4i/OLXfO1p/d3aZD8nTn0sWA6tGV7M+ilgupdw9AqBrH2vflyMIxuSsJf3LHQs11+Yu/8H/BE1cYAAAAAAVGM4JEAAA==
other warning URL: https://travel.calif.aaa.com/activity/search/4373?startdate=2023-05-12
Message:
OTS parsing error: hmtx: Failed to parse table
network error URL: https://artifacts.tstllc.net/ui/src/client/activity/app/images/hot_deal.png
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.tstllc.net *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.caascotravel.com *.caasco.ca *.caasco.com
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acemetrics.aaa.com
artifacts.tstllc.net
assets.green.kube.tstllc.net
automobileclubofsoutherncalifornia.demdex.net
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
fonts.googleapis.com
googleads.g.doubleclick.net
media.tacdn.com
region1.google-analytics.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s3.amazonaws.com
stats.g.doubleclick.net
tags.tiqcdn.com
tms.ace.aaa.com
tmsc.ace.aaa.com
travel.calif.aaa.com
tstllc-assets.s3.amazonaws.com
visitor-service-us-east-1.tealiumiq.com
web-sdk.smartlook.com
www.ace.aaa.com
www.facebook.com
www.fullstory.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.128.224.183
151.101.2.38
18.66.97.30
2001:4860:4802:34::36
2600:9000:223e:ea00:7:2bfb:7c00:93a1
2606:4700:10::6816:3668
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:400c:c09::9b
2a02:6ea0:c700::18
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d014:275:cb01:2c5:838c:1ab7:a223
34.255.84.252
44.196.103.217
45.60.124.133
52.214.86.97
52.217.32.252
52.217.77.22
52.31.11.204
54.160.201.168
54.221.200.83
63.140.62.164
65.9.95.89
99.83.217.243
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0dcdf98b193a07240e5831a91fe13f8dbf43caa81d3bc6c4aa314ace7726327d
0e0e72b51dc6a723b98024013376b6114940f68b3f61a6b7fba8b671bcbd3187
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8
20c8cb47379b4887256321b509e6280385ebee03a4b50b84f912709a8a449d77
23e2545694e0a6b0d2a686990a6766fee5509b5c7beab0e6d4ba0839d0ddfd37
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
32bdbc7aa942ed3cc380c72be1c45147f4d7ec5e6b5b084f6527a46022314958
394c6e5ee58215cf849d8cf6ae2c045dc72a14ac62628fdb6793ccb62c59ee85
3ed1cbd3430507ea5ee48aecf25a070b467b7bb210c6124b0a1ced12d164beba
3ff7b0b317b417d887b4d1b311ac5a390b85345337838d182296dad380682a87
43429107c9e1939286f126c4ab374e9b8909cbca3a7d6ad4effa88d0312c6aa9
47633cdd2e93000441f470347bd92e0a2819f23e7b8dc13d9a2a452c338d590c
49ebf324e6184589317ba28d3a95b2d7fa1c34cb7ec3fce99e252957c7d0b385
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
598745a9015650e5044d5c9140ca1a093f72a7416ade2a09f8bba0cdec54abd0
6436a5ce3afd80874afefd56bd64d1a1859fa6ede64d87b9b682bd714f1efd56
67cd306b6d519612d4f96b72404db3001c0591ccc6f947bfd0588dc50ea2d6e3
69582a95395c6e221d7319f3dab4f6712d20d1ed29bfe0f2b056c88e685aa917
6b2292da763893e6d2726bc4becdeb451da650ce6848e476c3cb95e0cd91a115
752c913ab2e090abe4f7de944317ca098130113d6f29fe27e9d3cf3cdd8b0118
7a4245d31b727e4c0541bac7bb623205e3c2b6dbc81f0096c732fffabbef936f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8415520bc84f9234b0954d1712aa4e104ebba22bd339f788da35685ce6845db5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
897600b074c2a2e02b176f2d3e5caf964883dc5ea1c340c7576723e3932b9128
8aa5efde86c226b1c6daaa9e29be64ba62beb170ec6329bde6927f77c9292b02
8b3e8e10db2f90bdb8710b478c200588b2396146e4b07b22a795ad79e062360f
917f43467b708388b53d93f58872c35988dd8ca38778b913059f93321e3563c0
97530daa9d81c72ca83065697e54863ca71d14e3e8a9e527f51b64f98a4b2aad
9d1954529cf8ed240deafe431375e7ed9ff25da6051ccbe551831a2642be5059
9e40b1bcc46b4ca351f0cd7f314eeaed43ae65f5c51af3e1e9e20b7a008b8aa0
9eccdb7e8980366dc6de40367208e5f257936e4d2bdaa4e632686b94998583e0
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1a721da8f35b2099bf2415ec821961e664f9d7d1f1e2ea72d04e8c273d3c659
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3d92cefd95aa6a3adaae54544f56d0e4ff558c827191f767b29c3429e24ad71
adfe88b1f5a8cf6a9ddd389f4e567a634663121d94a18c687eca6e6bb489c15b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af97bfd50a0d3e3ed636e65d2477424bd2f6e0529a1cb64b92b84a55ce266d63
b3a4a3e017fbc5e4fd11b40a52e0eb68df0de6c88a8f046246b6052fca510a58
b43633a95de2ab3d10f6b09ddbb9d4b36c5c5087531dfa68ea45ba11083a66b8
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bb2e1a97e3bc84334fa38904266d7ef01dc9407e17b3fcf54ea4a8ecbf494abf
bb4212e16db3f864e09732cb46ea21321d892fb1b00c14f64a640cf1c6d77da2
c723feec72e433d3b6c8c85ef23344ebf5cd9490b08f6223d721500329e142bc
c8c0591f4efc0420cd8411e0afe8f56539f64d4231c0c940eae2dde51f1f70ac
c8ce36ce434f9ab9c07026d7b918958faf3f84c59afb9c903805343909ccc048
d55b788cd748fb0fb927ad66148f3aa642387f56887561d3f3bdf0839da369cc
d66260f0c714f345918cd23e9ca3e39ca15fea760a8c40d02e7f133ecdd531b2
d6874aede06949b0abdb13052a9cb020b46917731bc9d542c876fc84aa85420f
d7de9b79990bb103408b06aacc98307309774f564e70ba905949e80b5ba47f14
dc159c2e39820488d3bbf2bd562eb2f2e027e489c0a0c3bf305482aa4606a659
ddb2fde958fbd2af2b7cc69b8b210b0778608e4c0d4eeafd0301a11cb9f8fb83
de04dff43538fef3cc0ab104c9393138b007d11704169160c52a57bbd1220d39
dee1f8e318497e9bcc7766c2d08c4c7b6067522bb947a5627b4c470454202d99
e2d495d80150a450036620c07b921f67af2001aecb36b37eabc4e2d5771d2073
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eaf247fb17f36b2db0be030424062cd17894d33c90d136043b623694bd410281
eb632ff7549a05432753984dd3dbbbf9b51c473a8a0e0d0789c77287056f3a94
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4dc9ef64489ab1b2b404e69f1f5d09be8b96ea457a6b65dcacd22c61c59c8ae
f529cf4430e32ae0b07d7d606ca1043e8cd9ebb9476456589578a299bad459bd
f68b041f043e568c123ce58b391ed8f2d1ffee5e26464260c7edaeab8cce7245
fc30bb03875c191dc3bb7afdd267596c26f92d4145eaa0408f652f64ade82597
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd7f0a254ebc8c11139925cd2ffed74b8bb01397c20b8f70e4200930b9ad35e9
fd9044a309ef7d51ad98d6a471d5ba00af04478843631e0cf5e2bfc36b509c2c