www2.sunwing.ca Open in urlscan Pro
45.60.198.195  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Login Show response www2.sunwing.ca/mybooking/Login/	69 KB 12 KB	421ms 200ms	Document text/html	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash fb1df371ee45ca920c260293bfe26f4b20d0e5b72d297fa4637aed45349ba94a Request headers :method GET :authority www2.sunwing.ca :scheme https :path /mybooking/Login/Login?lang=en pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cache-control no-cache, no-store pragma no-cache content-type text/html; charset=utf-8 expires -1 server Big5 set-cookie ASP.NET_SessionId=5hdpzkiymsrrk0row2kdinvq; path=/; HttpOnly; SameSite=Lax www2.sunwinggroup.ca_sess_cookie=294388746.20480.0000; path=/ nlbi_2205655=5EDZLnRNfn/M4IzjXmSREQAAAACEUBpd47JEO2SWJ++gJ1p6; path=/; Domain=.sunwing.ca visid_incap_2205655=Pj3f/cKgT2KvOoYAVAuUYIT+1F8AAAAAQUIPAAAAAAB6bCM7X0LDCcRupBTNSME1; expires=Sat, 11 Dec 2021 18:38:35 GMT; HttpOnly; path=/; Domain=.sunwing.ca incap_ses_247_2205655=lqqvdjr3xxDwEoGSX4VtA4T+1F8AAAAA+KoQF3DpecBMCe2TOQ+tuQ==; path=/; Domain=.sunwing.ca x-aspnetmvc-version 5.2 x-aspnet-version 4.0.30319 x-powered-by date Sat, 12 Dec 2020 17:31:49 GMT x-cnection close vary Accept-Encoding content-encoding gzip x-cdn Incapsula x-iinfo 12-62800174-62709430 pNNN RT(1607794308767 0) q(0 0 0 0) r(2 2) U12
GET H2	200	css fonts.googleapis.com/	6 KB 812 B	16ms 14ms	Stylesheet text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=PT+Sans:400,700|Montserrat:400,700 Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash eca91136790b78d3790e9ea453a12976fa08923bca5522c63d992e0b88480287 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 12 Dec 2020 17:31:49 GMT server ESF date Sat, 12 Dec 2020 17:31:49 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 12 Dec 2020 17:31:49 GMT
GET H2	200	files www2.sunwing.ca/mybooking/Content/css/	197 KB 44 KB	161ms 159ms	Stylesheet text/css	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www2.sunwing.ca/mybooking/Content/css/files?v=pgI__cSbXc4qQID97gfKk3sLFhTXeTr4TLcU5fuMCfM1 Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash 998e3ec710ff93bc6d0323dadbb181067b3d82ee95f32be3f982d478db7e4481 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:49 GMT content-encoding gzip server Big5 x-aspnet-version 4.0.30319 x-powered-by vary Accept-Encoding content-type text/css; charset=utf-8 x-iinfo 12-62800196-62709430 pNNN RT(1607794308974 0) q(0 0 0 -1) r(1 1) U2 x-cnection close x-cdn Incapsula content-length 44258 cache-control no-cache, no-store expires -1
GET H2	200	bootstrap-datetimepicker.css www2.sunwing.ca/mybooking/Content/css/	12 KB 2 KB	597ms 595ms	Stylesheet text/css	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www2.sunwing.ca/mybooking/Content/css/bootstrap-datetimepicker.css Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash 9cf70b65763c8edd37ee6cccc06d649cd551613896753586a0d0fb83dd667fe6 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 17:31:49 GMT content-encoding gzip x-cdn Incapsula x-powered-by x-iinfo 12-62800197-62775664 2NNN RT(1607794308975 0) q(0 0 0 -1) r(6 6) U2 x-cnection close content-length 2168 pragma no-cache last-modified Tue, 01 Dec 2020 15:51:50 GMT server Big5 etag "0af9de1f9c7d61:0" vary Accept-Encoding content-type text/css cache-control no-cache, no-store accept-ranges bytes expires -1
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.0/	94 KB 33 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:818::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 14:55:24 GMT content-encoding gzip x-content-type-options nosniff age 9385 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33576 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 12 Dec 2021 14:55:24 GMT
GET H2	200	jquery.easing.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/	5 KB 2 KB	13ms 12ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 17:31:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 223709 cross-origin-resource-policy cross-origin vary Accept-Encoding content-length 1507 cf-request-id 06f99b519a0000176af0109000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:45 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec1-15b3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=myZ9ES85rTwaZp27wpgn10%2BG5xA94VjQorONmTp9LHzLq9%2BW3NJHTlwwiy64fMsiR6VwB0Y2yD0yg8lyQbSj%2FYFLkrreXOv5FJ6j3fhd19zcjCYVmbPGPh%2FGXhSramOfxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 60092e628bf2176a-FRA expires Thu, 02 Dec 2021 17:31:49 GMT
GET H/1.1	200 OK	sunwing-withTag-white.png www.sunwing.ca/images/logos/	5 KB 5 KB	859ms 143ms	Image image/png	206.47.106.126 BACOM
General Check archive.org Show headers Download Go to Show image Full URL https://www.sunwing.ca/images/logos/sunwing-withTag-white.png Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 206.47.106.126 Newmarket, Canada, ASN577 (BACOM, CA), Reverse DNS Software Big5 / Resource Hash 74d6ea72c59705b3e85c21c08cd675193dff4da5ae81e4593afc4adff6616f54 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 12 Dec 2020 17:31:50 GMT Last-Modified Thu, 10 Mar 2016 19:04:19 GMT Server Big5 ETag "80fbf4a5ff7ad11:0" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 5048
GET H2	200	loader-orange.gif www2.sunwing.ca/mybooking/Content/images/icons/	9 KB 9 KB	590ms 587ms	Image image/gif	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www2.sunwing.ca/mybooking/Content/images/icons/loader-orange.gif Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash 502f4e34847459508cb38aa0591a852411201f0a88658c70a5e78c5b2d468c99 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:50 GMT etag "0dccee2f9c7d61:0" last-modified Tue, 01 Dec 2020 15:51:52 GMT server Big5 cache-control no-cache, no-store x-powered-by content-type image/gif x-iinfo 12-62800268-62792181 2NNN RT(1607794309577 0) q(0 0 0 -1) r(6 6) U2 x-cnection close accept-ranges bytes content-length 8891 x-cdn Incapsula expires -1
GET H2	200	EliteServicesEN.jpg www2.sunwing.ca/mybooking/Content/images/	137 KB 138 KB	585ms 582ms	Image image/jpeg	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www2.sunwing.ca/mybooking/Content/images/EliteServicesEN.jpg Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash 343311560dd649fcf0f14eb1982999c40306664c27fda924313bee876ea58d89 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:50 GMT etag "0af9de1f9c7d61:0" last-modified Tue, 01 Dec 2020 15:51:50 GMT server Big5 cache-control no-cache, no-store x-powered-by content-type image/jpeg x-iinfo 12-62800269-62800270 2NNN RT(1607794309578 0) q(0 0 0 -1) r(0 6) U2 x-cnection close accept-ranges bytes content-length 139969 x-cdn Incapsula expires -1
GET H2	200	api.js Show response www.google.com/recaptcha/	909 B 671 B	18ms 16ms	Script text/javascript	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=en Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c595347e6ad6804ea685df8bbc64c92093a9b726af94725ddfd04e8c85cca853 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 17:31:50 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 579 x-xss-protection 1; mode=block expires Sat, 12 Dec 2020 17:31:50 GMT
GET H2	200	jquery-ui.js Show response code.jquery.com/ui/1.10.4/	426 KB 105 KB	28ms 12ms	Script application/javascript	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.10.4/jquery-ui.js Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash b69f1567863d760ef4dabec3eb29f349abca4b007dce36ab8926784a7babbe6c Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 17:31:49 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:08 GMT server nginx etag W/"54499a48-6a9eb" vary Accept-Encoding x-hw 1607794309.dop236.fr8.t,1607794309.cds232.fr8.hn,1607794309.cds237.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 107515
GET H2	200	jquery-ui.css code.jquery.com/ui/1.10.4/themes/ui-lightness/	31 KB 6 KB	8ms 8ms	Stylesheet text/css	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.10.4/themes/ui-lightness/jquery-ui.css Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash cd2dd2e2125455fab82c84c144e9791f7f5b5c2d44ca88bf6f1a669b2ecb226f Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 17:31:49 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:08 GMT server nginx etag W/"54499a48-7d9d" vary Accept-Encoding x-hw 1607794309.dop236.fr8.t,1607794309.cds232.fr8.hn,1607794309.cds240.fr8.c content-type text/css access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 6174
GET H2	200	site Show response www2.sunwing.ca/mybooking/bundles/	26 KB 7 KB	150ms 150ms	Script text/javascript	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www2.sunwing.ca/mybooking/bundles/site?v=xTzAgfff0k1XnfLmAYXQPzoGcfXDU1li1VlU1S_sfxI1 Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash 0e76a414279a267e5c42dfa3d42af8335b47e05c74ce1639e5a66b9c04075dc5 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:49 GMT content-encoding gzip server Big5 x-aspnet-version 4.0.30319 x-powered-by vary Accept-Encoding content-type text/javascript; charset=utf-8 x-iinfo 12-62800213-62709430 pNNN RT(1607794309209 0) q(0 0 0 -1) r(1 1) U2 x-cnection close x-cdn Incapsula content-length 7322 cache-control no-cache, no-store expires -1
GET H2	200	moment.js Show response www2.sunwing.ca/mybooking/Scripts/	41 KB 14 KB	740ms 740ms	Script application/javascript	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www2.sunwing.ca/mybooking/Scripts/moment.js Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash 87eee54ac7ead5df5114f214250d0208f0d0561284562dd4b0e575b18bbaaa60 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:50 GMT content-encoding gzip etag "090e4f9c7d61:0" last-modified Tue, 01 Dec 2020 15:51:54 GMT server Big5 cache-control no-cache, no-store x-powered-by content-type application/javascript x-iinfo 12-62800231-62796094 2NYN RT(1607794309370 0) q(0 0 0 -1) r(7 7) U2 x-cnection close accept-ranges bytes x-cdn Incapsula expires -1
GET H2	200	bootstrap-datetimepicker.min.js Show response www2.sunwing.ca/mybooking/Scripts/	40 KB 9 KB	590ms 590ms	Script application/javascript	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www2.sunwing.ca/mybooking/Scripts/bootstrap-datetimepicker.min.js Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash 56a50def72949d90b93e84d5823ebae0e74b1d907b0e9e8b4e2e6fe754054c17 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:50 GMT content-encoding gzip etag "090e4f9c7d61:0" last-modified Tue, 01 Dec 2020 15:51:54 GMT server Big5 cache-control no-cache, no-store x-powered-by content-type application/javascript x-iinfo 12-62800262-62791181 2NYN RT(1607794309565 0) q(0 0 0 -1) r(6 6) U2 x-cnection close accept-ranges bytes x-cdn Incapsula expires -1
GET H2	200	_Incapsula_Resource Show response www2.sunwing.ca/	130 KB 19 KB	61ms 60ms	Script application/javascript	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www2.sunwing.ca/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=655922706 Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 87f180668edf2231314882567636ae1bc3081303006c44001a8c8ba6a5513fc5 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-encoding gzip cache-control no-cache, no-store x-robots-tag noindex content-length 19104 content-type application/javascript
GET H2	200	gtm.js Show response www.googletagmanager.com/	103 KB 37 KB	35ms 34ms	Script application/javascript	2a00:1450:4001:820::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NMNWP9 Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 102fb8bf9a3410b9cd7dd1ecdd17d95511acadf70fbdc9ad71a688b8b4eb3a72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 17:31:50 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37708 x-xss-protection 0 last-modified Sat, 12 Dec 2020 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 12 Dec 2020 17:31:50 GMT
GET H3-Q050	200	jizaRExUiTo99u79D0KExcOPIDU.woff2 fonts.gstatic.com/s/ptsans/v12/	11 KB 11 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExcOPIDU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Montserrat:400,700 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www2.sunwing.ca Referer https://fonts.googleapis.com/css?family=PT+Sans:400,700|Montserrat:400,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 18:07:06 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:11 GMT server sffe age 84284 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11380 x-xss-protection 0 expires Sat, 11 Dec 2021 18:07:06 GMT
GET H3-Q050	200	jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2 fonts.gstatic.com/s/ptsans/v12/	11 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Montserrat:400,700 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www2.sunwing.ca Referer https://fonts.googleapis.com/css?family=PT+Sans:400,700|Montserrat:400,700 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 15:32:51 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:37 GMT server sffe age 179939 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11504 x-xss-protection 0 expires Fri, 10 Dec 2021 15:32:51 GMT
GET H2	200	tico.png www2.sunwing.ca/mybooking/Content/images/logos/	4 KB 4 KB	166ms 163ms	Image image/png	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www2.sunwing.ca/mybooking/Content/images/logos/tico.png Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Content/css/files?v=pgI__cSbXc4qQID97gfKk3sLFhTXeTr4TLcU5fuMCfM1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash b14f1c4a8f95577695438354d2fc507aab6b889f83d898047ea4306f4baa3483 Request headers Referer https://www2.sunwing.ca/mybooking/Content/css/files?v=pgI__cSbXc4qQID97gfKk3sLFhTXeTr4TLcU5fuMCfM1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:49 GMT etag "0dccee2f9c7d61:0" last-modified Tue, 01 Dec 2020 15:51:52 GMT server Big5 cache-control no-cache, no-store x-powered-by content-type image/png x-iinfo 12-62800273-62775664 2NNN RT(1607794309610 0) q(0 0 0 -1) r(1 1) U2 x-cnection close accept-ranges bytes content-length 3952 x-cdn Incapsula expires -1
GET H/1.1	200 OK	bbb.png www.sunwing.ca/images/logos/footer/	3 KB 3 KB	914ms 153ms	Image image/png	206.47.106.126 BACOM
General Check archive.org Show headers Download Go to Show image Full URL https://www.sunwing.ca/images/logos/footer/bbb.png Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Content/css/files?v=pgI__cSbXc4qQID97gfKk3sLFhTXeTr4TLcU5fuMCfM1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 206.47.106.126 Newmarket, Canada, ASN577 (BACOM, CA), Reverse DNS Software Big5 / Resource Hash 2699ed1702b0f56e4afc22602418cda6cf48acae98b27cf3d510a06a94df4a2c Request headers Referer https://www2.sunwing.ca/mybooking/Content/css/files?v=pgI__cSbXc4qQID97gfKk3sLFhTXeTr4TLcU5fuMCfM1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 12 Dec 2020 17:31:50 GMT Last-Modified Mon, 25 Jan 2016 18:46:18 GMT Server Big5 ETag "123795ada057d11:0" Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 2951
GET H2	200	checkbox.png www2.sunwing.ca/mybooking/Content/images/icons/	171 B 301 B	354ms 353ms	Image image/png	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www2.sunwing.ca/mybooking/Content/images/icons/checkbox.png Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Content/css/files?v=pgI__cSbXc4qQID97gfKk3sLFhTXeTr4TLcU5fuMCfM1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Big5 / Resource Hash 0f4d8619d041e4c44b801f07d7c0d7539c5f2b81652e8c238586a526cf9a8c18 Request headers Referer https://www2.sunwing.ca/mybooking/Content/css/files?v=pgI__cSbXc4qQID97gfKk3sLFhTXeTr4TLcU5fuMCfM1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:50 GMT etag "0af9de1f9c7d61:0" last-modified Tue, 01 Dec 2020 15:51:50 GMT server Big5 cache-control no-cache, no-store x-powered-by content-type image/png x-iinfo 12-62800274-62799064 2NNN RT(1607794309615 0) q(0 0 0 -1) r(3 3) U2 x-cnection close accept-ranges bytes content-length 171 x-cdn Incapsula expires -1
GET H2	200	ui-bg_highlight-soft_100_eeeeee_1x100.png code.jquery.com/ui/1.10.4/themes/ui-lightness/images/	332 B 498 B	65ms 65ms	Image image/png	2001:4de0:ac19::1:b:2a HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://code.jquery.com/ui/1.10.4/themes/ui-lightness/images/ui-bg_highlight-soft_100_eeeeee_1x100.png Requested by Host: code.jquery.com URL: https://code.jquery.com/ui/1.10.4/themes/ui-lightness/jquery-ui.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 0844365dd9e0030e6f77ed54df6e706e31075962bdc08eae57a04bcdeba6966e Request headers Referer https://code.jquery.com/ui/1.10.4/themes/ui-lightness/jquery-ui.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 17:31:50 GMT last-modified Fri, 24 Oct 2014 00:16:08 GMT server nginx etag "54499a48-14c" x-hw 1607794310.dop236.fr8.t,1607794310.cds232.fr8.hn,1607794310.cds010.fr8.c content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 332
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/	334 KB 131 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www2.sunwing.ca Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 12 Dec 2020 16:55:06 GMT content-encoding gzip x-content-type-options nosniff age 2204 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133916 x-xss-protection 0 last-modified Sun, 06 Dec 2020 23:05:51 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 12 Dec 2021 16:55:06 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NMNWP9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 6074 date Sat, 12 Dec 2020 15:50:36 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Sat, 12 Dec 2020 17:50:36 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 66 B	13ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1446542632&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.sunwing.ca%2Fmybooking%2FLogin%2FLogin%3Flang%3Den&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=271224636&gjid=2086884468&cid=339682141.1607794310&tid=UA-8632542-53&_gid=1451920684.1607794310&_r=1&gtm=2wgbu0NMNWP9&z=1131429191 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www2.sunwing.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 88 B	16ms 15ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-8632542-53&cid=339682141.1607794310&jid=271224636&gjid=2086884468&_gid=1451920684.1607794310&_u=YEBAAEAAAAAAAC~&z=96763603 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 12 Dec 2020 17:31:50 GMT content-type text/plain access-control-allow-origin https://www2.sunwing.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.com/ads/	42 B 483 B	53ms 37ms	Image image/gif	2a00:1450:4001:818::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8632542-53&cid=339682141.1607794310&jid=271224636&_u=YEBAAEAAAAAAAC~&z=1745941027 Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	30ms 30ms	Image image/gif	2a00:1450:4001:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8632542-53&cid=339682141.1607794310&jid=271224636&_u=YEBAAEAAAAAAAC~&z=1745941027 Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sat, 12 Dec 2020 17:31:50 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	_Incapsula_Resource www2.sunwing.ca/	1 B 35 B	52ms 51ms	Image text/plain	45.60.198.195 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www2.sunwing.ca/_Incapsula_Resource?SWKMTFSR=1&e=0.3852448133804063 Requested by Host: www2.sunwing.ca URL: https://www2.sunwing.ca/mybooking/Login/Login?lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.198.195 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www2.sunwing.ca/mybooking/Login/Login?lang=en User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cache-control no-cache, no-store x-robots-tag noindex content-length 1 content-type text/plain

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| dataLayer undefined| loginreCAPTCHA undefined| loginGroupreCAPTCHA undefined| forgotBookingreCAPTCHA function| postSubscription object| jQuery1110027252829364931874 function| popWin function| debouncer function| isValidEmailAddress function| isValidPhoneNumber function| isValidGeneralText function| isValidGeneralTextWithSpaces function| redirectIfJson401 function| updateSeatNumber function| GetCardType undefined| tempPosition boolean| disableScrollSticky function| mobileCartClickEvent function| mobileCartCloseEvent function| mobileCartResizeEvent object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| gaplugins object| gaGlobal object| gaData function| moment

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sunwing.ca/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_1_sn_B91AE7925194CA0F41C8D0394E7E4875_perc_100000_ol_0_mul_1
			www2.sunwing.ca/	1970-01-19 14:36:34	Name: ___utmvc Value: mWo7bKXHHTGlpPmoo/TgY7zELqMDNTH+YGY+Ktok78Hd0v0HvX405NKRu9lFtKRG+dTLIrYENUagO9mInDg3zh34vG2sRii4+SQu2mha5OrnAKrujVjfoJ0VF2HR6OHKGMoN4EEhzUeIXns9bRQw8uzTGeQAKN4mjcVr2jhzRKzC2q76gC3SaVQddDmqyRZxRTyRTk2YgV2mdRrvu6XLHyiER/lHF29bRsLBi8HBdKLyrnXCV1B2TPplWTVWh8hhjIqCsufA3SHBr8IOuulL8adeTy/axVmM5irWHolXEYD3Bxkx4bd/kgn9dU/sI/Xi29+rmbjaiMcJkojYQx/wj0OYJ9RGYbI0LxctX7cW1gMFJLcrM3N80iGnwUKqXO42YU+3WQNUaKJ84R7hHgzqLoHFJhzJ7RxYp3WXZ2ZO97L8CHeOhtSt8iq2d0A+v5mn0Pg8nEZg9mdMHREpQGB3VxlniCXyVb4OX8ubSEy47KdRevsTkNou00wJlTzyUGTpUHspbt9DAmCoDIylnMO9yp6QiGCfyRKT5jBPqd9A92mPPtwyaHghVyM/HiPg6lpAVClChD5hnut3SNOSy6vjduoZaZ81WGnHMDyMkfD5dppn0K0dsU00BqCOzd5StzGCOBuPqStoqnIPOfLqPZqGEMFKPiXM+unA++meFnFoLbQCtvu+xngvttR00bbC/Bqs8kysstfS5aP+0t2fNu+CINBGBnHkkA8meVHfhJjXlJhY3C1YjznnY07/TAYOzFnR9D3wdr6ykAJsRoMQWJnYdwIpqYviW8SQ9mqCC/ADyg9xU6ltJVwiEJvWMmoNNH+GyeYGMOcKhFtKT0Jt6tHgtjlMO3q3Z7sr8j9DmWlfeH1ahLQCijRvdhUDYENUWTAJ4YCVT0CW21swdME7IivB4CQDMXVPLB6V5d/D9sbgrwKti4D/ijfoatEBJSJ40z1sbXP3lXzyHJh7JMV6YMcqXPBiejgwPZnxFutp5+ntKuGuKNJ3xWc1j0IRwj0PPBXA/Z7FZQYGURSouNFZINc4t+EcY/ksiJ+uBoAZ0r0aHu2S3Cqzx6WmQWNzPhTH6pQxEkOwWsntkuRwTsd2qKBX9c/5yRTCNRZQBvBfmg8Q29QrUjfsFfinAXz5Mpu3xPReYTUe5G49AV0L9CiCvnbhm/nvSyEEuWw2w15/nmaW8uIkBcIn9N2b/cnwCDakpWlebUy63Gj8ZEWRqIw4YD42oSMqo3pgm16VJ/uUFNsqOfl2Sy2ZMXGo4/NfQPtJjWtWyns0Y5GgljCL/qAcv5c7lHAQI/NugZt0budfQa8rcQ6/flJFQsphHwyzGQxfv70aJW+AFBc7lZdtuqGQItvDhsu7n+8pMZxL2HW9TJTkn/17mcTjlGAtYWcin/6bn2NWwpphWnlJuW5TzeiMV/acIRLJS7GkJAGJhMlKeVDDPaeZnwS+ESyXCMdsvnB3eAvrFMM8bTtBeCHo4LJOtIbRleJu9GmyjT0xWPFmRnnEKXthTgTjHYkt1Q/+hlQLT85XWOsvKrV+9fq5krR9ycJ6WJog3OBilgYvf2QVzvYS+ZUfRPv11nInHQvlwsPIgS1oXtxhTn93z6lhmEEPY01zpcBbmeCL9Bevbq4FU1q4XmSPXgXkuuCxou5KSBk5VC+7RUe3Q6eALWa/EV5n5/ALT1ddIbTJfPQTYw3zO99D5N7uvJP67jRRGVLx5yoNtCG7HUbZCKQfo7MOSqWk6aK/yyfIq7tiqwPyGmrHiMjtawXeYhGlpqFFL74n8ocFORuf20dfP7pO+pZhP25ZYJdsLc1QSr3sMTRjvrysJqRg/H45xeIvz8YiDPufGlcIP7QHcIfTIq5C4CVzcS36qZrvo6o0GNd4kCn0KZnfCPY8M21OTXK4sFugeHvdUWbFcdqs82rJ4Hf+2h8y5+uPtuA52iUEwCEFWut3Fnqs1Rtl5Bzrhf4yNHLpnCv+GlI/FRv1xMgCifI8jB0NceC5zF0i3S9PEYU6zJgxsBgmki+xN3RVbYGNTgJVsP+npuHmToGELGRpZ2VzdD0xNDA0OTIscz03Nzg1ODI3YzdiNjY4NjY0N2Y5ZDhjOTlhYjhiNjI2YmIxNzk2NDZjNjdhNGEyYThhNTc3OTM2YTkwYTVhMDk3OWU2ZGIxODQ4Mzg1NmQ3MQ==
			.sunwing.ca/	1970-01-20 08:07:46	Name: _ga Value: GA1.2.339682141.1607794310
			.sunwing.ca/	1970-01-19 14:38:00	Name: _gid Value: GA1.2.1451920684.1607794310
			.sunwing.ca/	1969-12-31 23:59:59	Name: incap_ses_247_2205655 Value: lqqvdjr3xxDwEoGSX4VtA4T+1F8AAAAA+KoQF3DpecBMCe2TOQ+tuQ==
			.sunwing.ca/	1970-01-19 23:20:47	Name: visid_incap_2205655 Value: Pj3f/cKgT2KvOoYAVAuUYIT+1F8AAAAAQUIPAAAAAAB6bCM7X0LDCcRupBTNSME1
			.sunwing.ca/	1969-12-31 23:59:59	Name: nlbi_2205655 Value: 5EDZLnRNfn/M4IzjXmSREQAAAACEUBpd47JEO2SWJ++gJ1p6
			www2.sunwing.ca/	1969-12-31 23:59:59	Name: www2.sunwinggroup.ca_sess_cookie Value: 294388746.20480.0000
			.sunwing.ca/	1970-01-19 14:36:34	Name: _gat_UA-8632542-53 Value: 1
			www2.sunwing.ca/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 5hdpzkiymsrrk0row2kdinvq

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js(Line 374) Message: reCAPTCHA couldn't find user-provided function: onloadCallback

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.sunwing.ca
www2.sunwing.ca
2001:4de0:ac19::1:b:2a
206.47.106.126
2606:4700::6810:125e
2a00:1450:4001:800::2003
2a00:1450:4001:817::2003
2a00:1450:4001:818::2004
2a00:1450:4001:818::200a
2a00:1450:4001:81d::200a
2a00:1450:4001:820::2008
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9c
45.60.198.195
0844365dd9e0030e6f77ed54df6e706e31075962bdc08eae57a04bcdeba6966e
0e76a414279a267e5c42dfa3d42af8335b47e05c74ce1639e5a66b9c04075dc5
0f4d8619d041e4c44b801f07d7c0d7539c5f2b81652e8c238586a526cf9a8c18
102fb8bf9a3410b9cd7dd1ecdd17d95511acadf70fbdc9ad71a688b8b4eb3a72
2699ed1702b0f56e4afc22602418cda6cf48acae98b27cf3d510a06a94df4a2c
343311560dd649fcf0f14eb1982999c40306664c27fda924313bee876ea58d89
502f4e34847459508cb38aa0591a852411201f0a88658c70a5e78c5b2d468c99
56a50def72949d90b93e84d5823ebae0e74b1d907b0e9e8b4e2e6fe754054c17
74d6ea72c59705b3e85c21c08cd675193dff4da5ae81e4593afc4adff6616f54
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87eee54ac7ead5df5114f214250d0208f0d0561284562dd4b0e575b18bbaaa60
87f180668edf2231314882567636ae1bc3081303006c44001a8c8ba6a5513fc5
998e3ec710ff93bc6d0323dadbb181067b3d82ee95f32be3f982d478db7e4481
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9cf70b65763c8edd37ee6cccc06d649cd551613896753586a0d0fb83dd667fe6
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
b14f1c4a8f95577695438354d2fc507aab6b889f83d898047ea4306f4baa3483
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b69f1567863d760ef4dabec3eb29f349abca4b007dce36ab8926784a7babbe6c
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
c595347e6ad6804ea685df8bbc64c92093a9b726af94725ddfd04e8c85cca853
cd2dd2e2125455fab82c84c144e9791f7f5b5c2d44ca88bf6f1a669b2ecb226f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eca91136790b78d3790e9ea453a12976fa08923bca5522c63d992e0b88480287
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb1df371ee45ca920c260293bfe26f4b20d0e5b72d297fa4637aed45349ba94a
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb