aaatravelsupport.tstllc.net Open in urlscan Pro
54.236.250.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aaatravelsupport.com/
Effective URL:
https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm
Submission: On February 25 via automatic, source certstream-suspicious (February 25th 2022, 7:20:13 am UTC) — Scanned from DE

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 17 HTTP transactions. The main IP is 54.236.250.123, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is aaatravelsupport.tstllc.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 27th 2020. Valid for: 2 years.

This is the only time aaatravelsupport.tstllc.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.32.121.65 13.32.121.65	16509 (AMAZON-02) (AMAZON-02)
5	54.236.250.123 54.236.250.123	14618 (AMAZON-AES) (AMAZON-AES)
2	52.217.204.121 52.217.204.121	16509 (AMAZON-02) (AMAZON-02)
1	45.60.64.121 45.60.64.121	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
17	10

1 13.32.121.65 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-65.fra60.r.cloudfront.net

aaatravelsupport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.236.250.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-250-123.compute-1.amazonaws.com

aaatravelsupport.tstllc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.204.121 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

tstllc-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.64.121 (United States)

ASN19551 (INCAPSULA, US)

www.aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	tstllc.net aaatravelsupport.tstllc.net	2 MB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	223 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	amazonaws.com tstllc-assets.s3.amazonaws.com — Cisco Umbrella Rank: 397146	65 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6342	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67	450 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	aaa.com www.aaa.com — Cisco Umbrella Rank: 67093	3 KB
1	aaatravelsupport.com 1 redirects aaatravelsupport.com	264 B
17	10

	Domain	Requested by
5	aaatravelsupport.tstllc.net	aaatravelsupport.tstllc.net
3	www.googletagmanager.com	aaatravelsupport.tstllc.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tstllc-assets.s3.amazonaws.com	aaatravelsupport.tstllc.net tstllc-assets.s3.amazonaws.com
1	www.google.de	aaatravelsupport.tstllc.net
1	www.google.com	aaatravelsupport.tstllc.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	aaatravelsupport.tstllc.net
1	www.aaa.com	aaatravelsupport.tstllc.net
1	aaatravelsupport.com	1 redirects
17	10

This site contains links to these domains. Also see Links.

Domain
southjersey.aaa.com

Subject Issuer	Validity	Valid
*.tstllc.net Go Daddy Secure Certificate Authority - G2	`2020-08-27` - `2022-08-27`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-08` - `2022-06-09`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm
Frame ID: F91910710D880A156911030319EA1026
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Reservation

Page URL History Show full URLs

https://aaatravelsupport.com/ HTTP 301
https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

17
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

2755 kB
Transfer

8698 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://southjersey.aaa.com/Travel/Insurance/
Title: Insurance

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aaatravelsupport.com/ HTTP 301
https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request itineraryForm Show response
aaatravelsupport.tstllc.net/admin/users/consumers/
Redirect Chain

https://aaatravelsupport.com/
https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm

10 KB
11 KB

411ms
172ms

Document
text/html

54.236.250.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.236.250.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-250-123.compute-1.amazonaws.com

Software

Resource Hash

3d7d174111d15ebfd6b309108f8d2d7e5559070be82bd212caa7964ddd0da3da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net wta-travel.com http://wta-travel.com .wta-travel.com tpi.ca http://tpi.ca .tpi.ca .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca *.thoragentconnection.com caascotravel.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 25 Feb 2022 07:20:07 GMT
content-type: text/html; charset=UTF-8
content-length: 10648
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-security-policy: frame-ancestors 'self' *.tstllc.net wta-travel.com http://wta-travel.com *.wta-travel.com tpi.ca http://tpi.ca *.tpi.ca *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.thoragentconnection.com caascotravel.com
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

content-length: 0
location: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm
date: Fri, 25 Feb 2022 07:20:08 GMT
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ursfXBIWC-vAKOlq8_UAAiMPZhY2SkiOEmq9zGQPpbGMZBFALMSKzA==

GET
H2 200 admin-consumer.css
aaatravelsupport.tstllc.net/admin/assets/stylesheets/ 591 KB
317 KB 104ms
103ms Stylesheet
text/css 54.236.250.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://aaatravelsupport.tstllc.net/admin/assets/stylesheets/admin-consumer.css

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.236.250.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-250-123.compute-1.amazonaws.com

Software

/ Express

Resource Hash

a2dede4b36ff6a152e0fc23d9203d08bbdf739861985344d1846fc827b4fabba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net wta-travel.com http://wta-travel.com .wta-travel.com tpi.ca http://tpi.ca .tpi.ca .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca *.thoragentconnection.com caascotravel.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 07:20:07 GMT
content-encoding: gzip
etag: W/"93cd4-17eda5a92e0"
last-modified: Tue, 08 Feb 2022 17:21:16 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
content-security-policy: frame-ancestors 'self' *.tstllc.net wta-travel.com http://wta-travel.com *.wta-travel.com tpi.ca http://tpi.ca *.tpi.ca *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.thoragentconnection.com caascotravel.com
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes

GET
H/1.1 200
OK font-awesome.min.css
tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/ 22 KB
22 KB 441ms
116ms Stylesheet
text/css 52.217.204.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/font-awesome.min.css
Requested by: Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.204.121 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 07:20:08 GMT
Last-Modified: Sat, 20 Jul 2019 11:48:39 GMT
Server: AmazonS3
x-amz-request-id: 4NBC27B2960RHQ11
ETag: "7fbe76cdac6093784895bb4989203e5a"
Content-Type: text/css
x-amz-version-id: 1eEAnwgEpRCOBvJFmSwtTcMvIcH8vfJF
Accept-Ranges: bytes
Content-Length: 22084
x-amz-id-2: Bd/Q1y2+rdHItO43qrmERHqkL90i09L2S/S15fWiR+KA2hyEPHuNDqpc1fr3tGoqvwpGSZErhGU=

GET
H2 200 aaa_logo_lg.gif
www.aaa.com/AAA/SubDomains/images/ 2 KB
3 KB 55ms
11ms Image
image/gif 45.60.64.121
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaa.com/AAA/SubDomains/images/aaa_logo_lg.gif
Requested by: Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.64.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1a9c57949fbd0957cafaec4849672c46ecbda25216f1e326602b55627b86c2b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 07:20:07 GMT
last-modified: Fri, 07 Nov 2008 19:52:22 GMT
x-cdn: Imperva
etag: "a6f163591241c91:0"
content-type: image/gif
x-iinfo: 5-29909142-29904103 2cNN RT(1645773607073 0) q(0 0 0 0) r(0 0) U18
cache-control: max-age=1, public
content-length: 2132
expires: Fri, 25 Feb 2022 07:20:08 GMT

GET
H2 200 guest-itinerary-form-bundle.js Show response
aaatravelsupport.tstllc.net/admin/assets/resource/js/ 549 KB
164 KB 102ms
102ms Script
application/javascript 54.236.250.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://aaatravelsupport.tstllc.net/admin/assets/resource/js/guest-itinerary-form-bundle.js

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.236.250.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-250-123.compute-1.amazonaws.com

Software

/ Express

Resource Hash

9975ccb7f81beca05f6cd31c718b32f50d44171b988b04d8050a977b457dfe5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net wta-travel.com http://wta-travel.com .wta-travel.com tpi.ca http://tpi.ca .tpi.ca .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca *.thoragentconnection.com caascotravel.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 07:20:07 GMT
content-encoding: gzip
etag: W/"8949b-17eda5a92e0"
last-modified: Tue, 08 Feb 2022 17:21:16 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
content-security-policy: frame-ancestors 'self' *.tstllc.net wta-travel.com http://wta-travel.com *.wta-travel.com tpi.ca http://tpi.ca *.tpi.ca *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.thoragentconnection.com caascotravel.com
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,300,600,700&subset=latin,latin-ext

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/assets/stylesheets/admin-consumer.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d2dc5fe0eed163c094f8966fd2a863fd0f52eb3e151ef134d8226992979be4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 06:06:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Feb 2022 07:20:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Feb 2022 07:20:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 56ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KM2SDB&l=tstDataLayer

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a578afe09d8535e370efc32d12025c33ba8691443b3fe862286787725d79e931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 07:20:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40255
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Feb 2022 07:20:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 389 KB
95 KB 71ms
49ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6BPC96

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f640f160dd356b76131ab57d85cf539c4c28c8c507b7b145a9ffec6747da2a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 07:20:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97150
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Feb 2022 07:20:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 417 KB
88 KB 77ms
56ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W79ZLQ

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69706ef93f8bf826b80a29814c0d9004f9acfce0b51695cd8a2e704f31f636e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 07:20:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89995
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Feb 2022 07:20:08 GMT

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb2e1a97e3bc84334fa38904266d7ef01dc9407e17b3fcf54ea4a8ecbf494abf

Request headers

Referer
Origin: https://aaatravelsupport.tstllc.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H/1.1 200
OK fontawesome-webfont.woff
tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/font/ 43 KB
43 KB 442ms
147ms Font
font/woff 52.217.204.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/font/fontawesome-webfont.woff?v=3.2.1
Requested by: Host: tstllc-assets.s3.amazonaws.com
URL: https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.204.121 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Referer: https://tstllc-assets.s3.amazonaws.com/static-content/fonts/font-awesome-3.2.1/css/font-awesome.min.css
Origin: https://aaatravelsupport.tstllc.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 07:20:09 GMT
Last-Modified: Sat, 20 Jul 2019 11:48:39 GMT
Server: AmazonS3
x-amz-request-id: 2KY1D2PM9HY1H9SJ
ETag: "b683029bafe0305ac2234038a03e1541"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
x-amz-version-id: MqdXJ_mx95.S1gS4I03gmhEEXrcJj9Ce
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Type: font/woff
Content-Length: 43572
x-amz-id-2: xM1bVTX7OwrrlWns5gKnmOC6bdRkI+JOj/yWwL1su9xQzK623tbCyP69QLnDpG5xe60KH6CC5sg=

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2f965626d99effacab4a09cb8f96e0b4a00065365fa3bd63d9f5944030a5882

Request headers

Referer
Origin: https://aaatravelsupport.tstllc.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 0.css
aaatravelsupport.tstllc.net/admin/assets/resource/stylesheets/ 544 KB
340 KB 105ms
104ms Stylesheet
text/css 54.236.250.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://aaatravelsupport.tstllc.net/admin/assets/resource/stylesheets/0.css

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/assets/resource/js/guest-itinerary-form-bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.236.250.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-250-123.compute-1.amazonaws.com

Software

/ Express

Resource Hash

3079ee1fddd93dc874814a8ae9f82b44e34533c01f1df51f94dc0eec4c3d9577

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net wta-travel.com http://wta-travel.com .wta-travel.com tpi.ca http://tpi.ca .tpi.ca .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca *.thoragentconnection.com caascotravel.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 07:20:08 GMT
content-encoding: gzip
etag: W/"881e6-17eda5a92e0"
last-modified: Tue, 08 Feb 2022 17:21:16 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
content-security-policy: frame-ancestors 'self' *.tstllc.net wta-travel.com http://wta-travel.com *.wta-travel.com tpi.ca http://tpi.ca *.tpi.ca *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.thoragentconnection.com caascotravel.com
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes

GET
H2 200 0-chunk.js Show response
aaatravelsupport.tstllc.net/admin/assets/resource/js/chunk/ 6 MB
2 MB 106ms
105ms Script
application/javascript 54.236.250.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://aaatravelsupport.tstllc.net/admin/assets/resource/js/chunk/0-chunk.js

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/assets/resource/js/guest-itinerary-form-bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.236.250.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-236-250-123.compute-1.amazonaws.com

Software

/ Express

Resource Hash

37594eedc8c1dba949e266d04a94cc1592e6fc80392618a6dd600ab0ad18711c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net wta-travel.com http://wta-travel.com .wta-travel.com tpi.ca http://tpi.ca .tpi.ca .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca *.thoragentconnection.com caascotravel.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 07:20:08 GMT
content-encoding: gzip
etag: W/"5c248b-17eda5a92e0"
last-modified: Tue, 08 Feb 2022 17:21:16 GMT
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
content-security-policy: frame-ancestors 'self' *.tstllc.net wta-travel.com http://wta-travel.com *.wta-travel.com tpi.ca http://tpi.ca *.tpi.ca *.aaa.com ama.ab.ca *.amatravel.ca *.atlantic.caa.ca *.caamanitoba.com *.caaneo.ca *.caask.ca *.caaniagara.ca *.thoragentconnection.com caascotravel.com
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W79ZLQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4516
date: Fri, 25 Feb 2022 06:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 25 Feb 2022 08:04:52 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
215 B 21ms
20ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1647366930&t=pageview&_s=1&dl=https%3A%2F%2Faaatravelsupport.tstllc.net%2Fadmin%2Fusers%2Fconsumers%2FitineraryForm&dp=%2Fadmin%2Fusers%2Fconsumers%2FitineraryForm&ul=en-us&de=UTF-8&dt=My%20Reservation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=597488248&gjid=1927621478&cid=296805511.1645773608&tid=UA-55392727-1&_gid=2060546481.1645773608&_r=1&gtm=2wg2n0W79ZLQ&cd11=2022-02-25T07%3A20%3A08%2B00%3A00&cd9=296805511.1645773608&z=1439682066

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaatravelsupport.tstllc.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 07:20:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aaatravelsupport.tstllc.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-55392727-1&cid=296805511.1645773608&jid=597488248&gjid=1927621478&_gid=2060546481.1645773608&_u=YEBAAAAACAAAAC~&z=251116479

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://aaatravelsupport.tstllc.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Feb 2022 07:20:08 GMT
content-type: text/plain
access-control-allow-origin: https://aaatravelsupport.tstllc.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 54ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55392727-1&cid=296805511.1645773608&jid=597488248&_u=YEBAAAAACAAAAC~&z=727027118

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 07:20:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 57ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-55392727-1&cid=296805511.1645773608&jid=597488248&_u=YEBAAAAACAAAAC~&z=727027118

Requested by

Host: aaatravelsupport.tstllc.net
URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://aaatravelsupport.tstllc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 07:20:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aa5efde86c226b1c6daaa9e29be64ba62beb170ec6329bde6927f77c9292b02

Request headers

Referer
Origin: https://aaatravelsupport.tstllc.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aaatravelsupport.tstllc.net/	1969-12-31 23:59:59	Name: PLAY_SESSION Value: dccfe12467379650c93c2d486f816ce386e2d90e-mdc-id=%5B02916582-eaf0-4f7e-889f-a69a48efe466%5D
.tstllc.net/	1970-01-20 03:19:09	Name: _gcl_au Value: 1.1.925361947.1645773608
.aaatravelsupport.tstllc.net/	1970-01-20 18:40:45	Name: _ga Value: GA1.3.296805511.1645773608
.aaatravelsupport.tstllc.net/	1970-01-20 01:11:00	Name: _gid Value: GA1.3.2060546481.1645773608
.aaatravelsupport.tstllc.net/	1970-01-20 01:09:33	Name: _gat_UA-55392727-1 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm Message: Failed to decode downloaded font: data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAIZ0AA4AAAAA/cAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABRAAAABwAAAAcZUS2EEdERUYAAAFgAAAAHwAAACABeAAET1MvMgAAAYAAAAA+AAAAYIsCehJjbWFwAAABwAAAAQ0AAAJKA53KoGdhc3AAAALQAAAACAAAAAgAAAAQZ2x5ZgAAAtgAAHVEAADgpFx6RtBoZWFkAAB4HAAAAC8AAAA2AgZrX2hoZWEAAHhMAAAAHwAAACQNgwenaG10eAAAeGwAAAF6AAAFKofmCy5sb2NhAAB56AAAAnsAAAKY8IYntG1heHAAAHxkAAAAHwAAACABoQKZbmFtZQAAfIQAAAFlAAACuDwOZY5wb3N0AAB97AAACH0AAA4/HuhBCXdlYmYAAIZsAAAABgAAAAbgklGMAAAAAQAAAADMPaLPAAAAAMtUgjAAA...1yHWwDvU0jFnqbhgh6m2x9pd6h9f0NC73Jit6hqZ1QVGPqFG7KCy0MRtQgk0N9JVOIgwbaBmq9g7VUzdZWtSmm2+Y5XcbObVPDT1d7DQtQYLZsZD09MLuB+bTdEyuFLkCbWMpdYee1q4wcaUdUVflUJuLOiOit4KFHzGYg4enPBz1zxiiGVQjIoUcxpobFU0d/JHSNQzQtnV2nuoZ7iEdsfzCl6wREYF29RHfIseYZAqTjL+zZ19/QTPpVTcVIlZsUhOh6aDWatndxUNRrazp2iQgE9Uy9oQ7jzCHVN99ZcSLScGbSW6w3c7or+cSshKE6qWKKaEk8J3SvWQlC4qamwVST75Stm0Yabto4pLlpo224KVZZussJqmrRJWwSW/YsoTYgJlKihriNoJ4UVVJt6EFz62OTPuX4i/OLXfO1p/d3aZD8nTn0sWA6tGV7M+ilgupdw9AqBrH2vflyMIxuSsJf3LHQs11+Yu/8H/BE1cYAAAAAAVGM4JEAAA==
other	warning	URL: https://aaatravelsupport.tstllc.net/admin/users/consumers/itineraryForm Message: OTS parsing error: hmtx: Failed to parse table

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .tstllc.net wta-travel.com http://wta-travel.com .wta-travel.com tpi.ca http://tpi.ca .tpi.ca .aaa.com ama.ab.ca .amatravel.ca .atlantic.caa.ca .caamanitoba.com .caaneo.ca .caask.ca .caaniagara.ca *.thoragentconnection.com caascotravel.com
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aaatravelsupport.com
aaatravelsupport.tstllc.net
fonts.googleapis.com
stats.g.doubleclick.net
tstllc-assets.s3.amazonaws.com
www.aaa.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.121.65
2a00:1450:4001:808::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2004
2a00:1450:400c:c0b::9d
45.60.64.121
52.217.204.121
54.236.250.123
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1a9c57949fbd0957cafaec4849672c46ecbda25216f1e326602b55627b86c2b3
2d2dc5fe0eed163c094f8966fd2a863fd0f52eb3e151ef134d8226992979be4c
3079ee1fddd93dc874814a8ae9f82b44e34533c01f1df51f94dc0eec4c3d9577
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
37594eedc8c1dba949e266d04a94cc1592e6fc80392618a6dd600ab0ad18711c
3d7d174111d15ebfd6b309108f8d2d7e5559070be82bd212caa7964ddd0da3da
69706ef93f8bf826b80a29814c0d9004f9acfce0b51695cd8a2e704f31f636e6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa5efde86c226b1c6daaa9e29be64ba62beb170ec6329bde6927f77c9292b02
9975ccb7f81beca05f6cd31c718b32f50d44171b988b04d8050a977b457dfe5a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2dede4b36ff6a152e0fc23d9203d08bbdf739861985344d1846fc827b4fabba
a578afe09d8535e370efc32d12025c33ba8691443b3fe862286787725d79e931
bb2e1a97e3bc84334fa38904266d7ef01dc9407e17b3fcf54ea4a8ecbf494abf
c2f965626d99effacab4a09cb8f96e0b4a00065365fa3bd63d9f5944030a5882
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f640f160dd356b76131ab57d85cf539c4c28c8c507b7b145a9ffec6747da2a50

aaatravelsupport.tstllc.net Open in urlscan Pro 54.236.250.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

60 %IPv6

10 Domains

10 Subdomains

10 IPs

3 Countries

2755 kBTransfer

8698 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

5 Cookies

2 Console Messages

Security Headers

Indicators

aaatravelsupport.tstllc.net Open in urlscan Pro
54.236.250.123 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

2755 kB
Transfer

8698 kB
Size

5
Cookies

17 HTTP transactions
3 data transactions