urlscan.io logo urlscan.io
SecurityTrails logo

accounts.mycwt.com Open in urlscan Pro
198.177.7.134  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://na.eventscloud.com/emarketing/go.php?id=DJjuwO0mR87XqfQUoxtsiRmHTSxdD2xTLBy2x4l4s2Uwc2nylcNrZDwFSZbVX%2BEgv39EvEePE...
Effective URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid...
Submission: On August 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 52 HTTP transactions. The main IP is 198.177.7.134, located in United States and belongs to CARLSONWAGONLITTRAVEL, US. The main domain is accounts.mycwt.com. The Cisco Umbrella rank of the primary domain is 361191.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on May 13th 2024. Valid for: a year.
This is the only time accounts.mycwt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.4.179.1 14618 (AMAZON-AES)
2 198.177.7.131 63061 (CARLSONWA...)
14 2600:9000:223... 16509 (AMAZON-02)
13 2600:9000:249... 16509 (AMAZON-02)
2 35.186.241.51 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 198.177.7.134 63061 (CARLSONWA...)
1 2600:1901:0:4... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2602:816:5001... 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
52 10
1    52.4.179.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-179-1.compute-1.amazonaws.com
na.eventscloud.com
2    198.177.7.131 (United States)

ASN63061 (CARLSONWAGONLITTRAVEL, US)
travel.mycwt.com
14    2600:9000:223c:b800:11:b83:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
travel-cdn.mycwt.com
13    2600:9000:2491:4000:5:9883:5700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.worldmate.com
2    35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    198.177.7.134 (United States)

ASN63061 (CARLSONWAGONLITTRAVEL, US)
accounts.mycwt.com
1    2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
28 mycwt.com
travel.mycwt.com — Cisco Umbrella Rank: 416800
travel-cdn.mycwt.com — Cisco Umbrella Rank: 597426
accounts.mycwt.com — Cisco Umbrella Rank: 361191
11 MB
13 worldmate.com
cdn.worldmate.com — Cisco Umbrella Rank: 560525
113 KB
4 gstatic.com
fonts.gstatic.com
59 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
2 mixpanel.com
api-js.mixpanel.com — Cisco Umbrella Rank: 4399
489 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 441
579 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1453
13 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 8721
19 KB
1 eventscloud.com
na.eventscloud.com — Cisco Umbrella Rank: 282401
527 B
52 9
Domain Requested by
14 travel-cdn.mycwt.com travel.mycwt.com
travel-cdn.mycwt.com
13 cdn.worldmate.com travel.mycwt.com
cdn.worldmate.com
accounts.mycwt.com
12 accounts.mycwt.com travel-cdn.mycwt.com
accounts.mycwt.com
4 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com client
accounts.mycwt.com
2 api-js.mixpanel.com travel-cdn.mycwt.com
2 travel.mycwt.com travel-cdn.mycwt.com
1 bam.nr-data.net accounts.mycwt.com
1 js-agent.newrelic.com accounts.mycwt.com
1 cdn.mxpnl.com accounts.mycwt.com
1 na.eventscloud.com 1 redirects
52 11

This site contains links to these domains. Also see Links.

Domain
travel.mycwt.com
help.mycwt.com
www.mycwt.com
Subject Issuer Validity Valid
mycwt.com
GeoTrust TLS RSA CA G1		 2024-05-13 -
2025-05-12		 a year crt.sh
www.worldmate.com
GeoTrust TLS RSA CA G1		 2024-06-19 -
2025-06-18		 a year crt.sh
*.mixpanel.com
GeoTrust TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2024-07-15 -
2025-07-29		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Frame ID: F4A5F56A44FB2EEC60537691B6F3F7A0
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

myCWT - Your gateway to business travel - Login

Page URL History Show full URLs

  1. https://na.eventscloud.com/emarketing/go.php?id=DJjuwO0mR87XqfQUoxtsiRmHTSxdD2xTLBy2x4l4s2Uwc2nylcNrZDw... HTTP 302
    https://travel.mycwt.com/ Page URL
  2. https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOaut... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

11166 kB
Transfer

40234 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://na.eventscloud.com/emarketing/go.php?id=DJjuwO0mR87XqfQUoxtsiRmHTSxdD2xTLBy2x4l4s2Uwc2nylcNrZDwFSZbVX%2BEgv39EvEePE3OwbgrHHkLj4w%3D%3D HTTP 302
    https://travel.mycwt.com/ Page URL
  2. https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://na.eventscloud.com/emarketing/go.php?id=DJjuwO0mR87XqfQUoxtsiRmHTSxdD2xTLBy2x4l4s2Uwc2nylcNrZDwFSZbVX%2BEgv39EvEePE3OwbgrHHkLj4w%3D%3D HTTP 302
  • https://travel.mycwt.com/

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
travel.mycwt.com/
Redirect Chain
  • https://na.eventscloud.com/emarketing/go.php?id=DJjuwO0mR87XqfQUoxtsiRmHTSxdD2xTLBy2x4l4s2Uwc2nylcNrZDwFSZbVX%2BEgv39EvEePE3OwbgrHHkLj4w%3D%3D
  • https://travel.mycwt.com/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travel.mycwt.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.131 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
nginx /
Resource Hash
8592f5b545951a04a56775cde61ab235ae7f0647bb7dfdac585c2db62586634d
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Content-Type
text/html
Date
Fri, 23 Aug 2024 14:24:46 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Last-Modified
Wed, 07 Aug 2024 17:05:29 GMT
Referrer-Policy
strict-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains max-age=157680000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1; mode=block 1;

Redirect headers

access-control-allow-origin
https://na.eventscloud.com
cache-control
no-cache, no-store, max-age=0
content-length
0
content-security-policy
frame-src *; frame-ancestors 'self' https://*.eventscloud.com;
content-type
text/html; charset=UTF-8
date
Fri, 23 Aug 2024 14:24:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://travel.mycwt.com/
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
main.1.0.215.js
travel-cdn.mycwt.com/common-deps/ 		633 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Requested by
Host: travel.mycwt.com
URL: https://travel.mycwt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b8e9e2ab0c2c01d517c979a722114892fe35a6652f4a962768ba9288ae3c8150
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 04:09:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
36895
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:28 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
e4MGRH9-sNuvuylI6LGytLN1dBWVLdVmilQcy16jgIZxe9xqoG-6uw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
loader.json
cdn.worldmate.com/smooch/ 		193 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/smooch/loader.json
Requested by
Host: travel.mycwt.com
URL: https://travel.mycwt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f2260ba5f934995ef06690d841676b0e73bd16347ab0495596c00d909d8f96d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
zTXFDNakn7KX34KNHOhbS0y7Ur.AqVxO
date
Fri, 23 Aug 2024 01:50:39 GMT
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
45248
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
193
x-xss-protection
1; mode=block
last-modified
Sun, 03 Dec 2023 10:54:30 GMT
server
AmazonS3
etag
"803658f3f2cc25619e734d97f669280b"
access-control-max-age
300000
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options
SAMEORIGIN
accept-ranges
bytes
x-amz-cf-id
WfTZ8KwHIIDUUAnMmLGictX5KnfJWo9YKv175N6Ps5aq27yS7LySQw==
mycwt.2.4.4.min.js
cdn.worldmate.com/smooch/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/smooch/mycwt.2.4.4.min.js
Requested by
Host: travel.mycwt.com
URL: https://travel.mycwt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e323ebad088c4894d2c8bd12505dea09cf114feb1729c252a10ceabe14a9d1ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
h2nr6My0om4Q6rgO2iTTDe6gORsjBP1V
content-encoding
gzip
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 03:28:15 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-amz-cf-pop
FRA56-P7
age
39420
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sun, 03 Dec 2023 10:52:11 GMT
server
AmazonS3
etag
W/"a58ca48931d5e4fc50e02964054d6065"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-amz-cf-id
ftp7h3BAp6oQpAsibAYCi6jpja2vUb4Ql8H4ZSXTa5l2N9Iz_4pOnQ==
x-amz-meta-mtime
1701162748
main.1.0.799.js
travel-cdn.mycwt.com/ 		122 KB
40 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/main.1.0.799.js?ts=1723048569032travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f8c4e776764b5956b5e923ac187f20f50525d9c2395e6e84de9890bedf554788
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 02:58:15 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
46228
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
j-VALdkDuLp8UOpt66nA_mrgFF7p0k205RMepXhYZFn5QdkNjFVu1g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
mycwt.2.4.4.css
cdn.worldmate.com/smooch/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/smooch/mycwt.2.4.4.css
Requested by
Host: cdn.worldmate.com
URL: https://cdn.worldmate.com/smooch/mycwt.2.4.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b27d7d38c8d89f90c121fa0afcc227d67d5bacd1d0f488d8ccd85695ee216517
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 03:27:35 GMT
x-amz-version-id
9wIzkYiOiehAnnxvK59MSeKeNGu_dT07
content-encoding
gzip
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
39433
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sun, 03 Dec 2023 10:52:11 GMT
server
AmazonS3
etag
W/"a18fec43e8a9e21e5fcd845e2d36ab83"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-amz-cf-id
YFgVZHz3RhhFQfzWHcpZPnqzP5CVEUc-zu9xBaOLH5SNcLBnqJ-SeA==
x-amz-meta-mtime
1701162748
favicon-32x32.png
cdn.worldmate.com/ping-images/ 		18 KB
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/ping-images/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8287d0a4e0fdb231d71ec0c3e787541448a839e09dff43594908853e21c2f6d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 03:14:38 GMT
x-amz-version-id
1VBsFajbQta2dLdam3gyfSVz8wMqOfKG
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
40209
x-cache
Hit from cloudfront
content-length
17959
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:14:36 GMT
server
AmazonS3
etag
"2b82f3903c12ce45d66fe5f86ce65da1"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
2c5fouOTNlkPwlbFhjSkSa9H53M3WaOLBsoGvy9F90r9GPOP_Xep8Q==
main.1.0.1715.js
travel-cdn.mycwt.com/my-cwt-spa/ 		8 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/my-cwt-spa/main.1.0.1715.js?ts=1723048569032travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
78d3621ced5cf62582c569e9618d30bf821f10b03994733d18e84f15a6a02e53
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 03:19:47 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
40036
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
vJ2kgQaOuOtgaJNGhj3dUARdN5Rv8XRFSEqSDFuNFvGiNUR4q7WwHA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.1715.css
travel-cdn.mycwt.com/my-cwt-spa/ 		161 KB
88 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/my-cwt-spa/main.1.0.1715.css?ts=1723048569032travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9eaa8e27834a3fc1d388756a601afd3dc6a8efa816f052ad0b9ec11c9a1efda9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 03:58:15 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
37651
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
vfX4XKQNPqK15u6JB67k6kOHNpms-NTEBQQ8elWC7BNZEJK1jQzzYA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
api-js.mixpanel.com/decide/ 		65 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=934b4bdebe6efba72ebd90c32e0fdd17&ip=1&_=1724423088399
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
gunicorn /
Resource Hash

Request headers

Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 14:24:48 GMT
via
1.1 google
server
gunicorn
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://travel.mycwt.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
alt-svc
clear
main.1.0.878.js
travel-cdn.mycwt.com/hotel-spa/ 		7 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/hotel-spa/main.1.0.878.js?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 04:04:50 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
37209
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:25 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
PaXeXZ-nSO8a5k1BrBW-1_N-_Ec9-Cox0rcbS579zia-oi45S4QDBw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.1328.js
travel-cdn.mycwt.com/air-spa/ 		7 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/air-spa/main.1.0.1328.js?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 04:13:17 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
36756
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
_pgTNSjbZf3jgNi5VvYETYUYZGPkwp22-7ZdHjnpYRiin6SLPd-urQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.453.js
travel-cdn.mycwt.com/car-spa/ 		6 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/car-spa/main.1.0.453.js?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 04:13:17 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
36756
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:24 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
d0g2uZUBNaOCaqV_wIsSdARpl8boLWT1mn9lOR5HIrkLkzGNb8fp8Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.367.js
travel-cdn.mycwt.com/rail-spa/ 		6 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/rail-spa/main.1.0.367.js?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 03:19:48 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
40018
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:27 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
xQ_FqbxfoniUk7TrSjw88-lM9qcBAimdbwtzVs0yPkMUEUBBGtw9ag==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.309.js
travel-cdn.mycwt.com/admin-spa/ 		4 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/admin-spa/main.1.0.309.js?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 01:43:18 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
45690
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:22 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
e23U27Ha64r-IUrkLcOG7oLUwqXHEBTSrbTN2_dgyiAqA8vNeBSuhQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.878.css
travel-cdn.mycwt.com/hotel-spa/ 		167 KB
89 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/hotel-spa/main.1.0.878.css?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 01:34:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
46224
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:25 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
WQl1z8l9wDM9A6ShJAqt8KcLWxl3ZdhRFoE1B894qnCOzWqN_hGRCA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.1328.css
travel-cdn.mycwt.com/air-spa/ 		166 KB
89 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/air-spa/main.1.0.1328.css?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 01:34:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
46224
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
Z_qyBFKSL8iqg0GPOAY4QvjWf9fuaRfi4McJl0cOMP6JRr4yaUMVxw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.453.css
travel-cdn.mycwt.com/car-spa/ 		139 KB
80 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/car-spa/main.1.0.453.css?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 04:04:50 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
37346
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:24 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
-tbvKIJsIiRjB9yJS2sWrUfFQLhjQo-7K7s63wT1NmwdhGMKrmDKtg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.367.css
travel-cdn.mycwt.com/rail-spa/ 		139 KB
80 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/rail-spa/main.1.0.367.css?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 02:58:17 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
46223
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:27 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
5-KfGmFBmnNDY1TBrFFpdmHarhT1nV_HOiv4SZLHgTm_PRp5OHXWMg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.309.css
travel-cdn.mycwt.com/admin-spa/ 		139 KB
80 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/admin-spa/main.1.0.309.css?ts=1723048564929travel.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 03:58:16 GMT
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
x-amz-cf-pop
FRA56-P2
age
37691
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 07 Aug 2024 17:05:22 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://travel.mycwt.com
cache-control
max-age=315360000
x-amz-cf-id
_JxByRqAT34T8TZ_zDpVNapWq-0sXpNazo5QH5i_xn94CAuNo5YYZA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
api-js.mixpanel.com/track/ 		1 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1724423088532
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 23 Aug 2024 14:24:48 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://travel.mycwt.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
26
access-control-allow-headers
X-Requested-With, Content-Type
content-length
1
alt-svc
clear
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Aug 2024 14:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 13:58:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Aug 2024 14:24:48 GMT
config.json
travel.mycwt.com/idp/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://travel.mycwt.com/idp/config.json
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/my-cwt-spa/main.1.0.1715.js?ts=1723048569032travel.mycwt.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.131 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 0, 1;

Request headers

Accept
application/json, text/plain, */*
Referer
https://travel.mycwt.com/
cwt-token-type
pingFed
cwt-client-id
myCwtWebOauthClient
Authorization
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:48 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options
nosniff, nosniff
Content-Security-Policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Surrogate-Control
no-store
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
2
X-XSS-Protection
0, 1;
Pragma
no-cache
Referrer-Policy
strict-origin
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Origin
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Expires
0
favicon-32x32.png
cdn.worldmate.com/ping-images/ 		18 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/ping-images/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travel.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 03:14:38 GMT
x-amz-version-id
1VBsFajbQta2dLdam3gyfSVz8wMqOfKG
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P7
age
40209
x-cache
Hit from cloudfront
content-length
17959
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:14:36 GMT
server
AmazonS3
etag
"2b82f3903c12ce45d66fe5f86ce65da1"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
2c5fouOTNlkPwlbFhjSkSa9H53M3WaOLBsoGvy9F90r9GPOP_Xep8Q==
Primary Request authorization.oauth2
accounts.mycwt.com/as/ 		38 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/my-cwt-spa/main.1.0.1715.js?ts=1723048569032travel.mycwt.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
a4e227be8af0884f132ab44413306e8e65783c509bb2e84e9ee86225152fb168
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://travel.mycwt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Security-Policy
referrer origin
Content-Type
text/html;charset=utf-8
Date
Fri, 23 Aug 2024 14:24:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=157680000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-XSS-Protection
1;
bootstrap.min.css
cdn.worldmate.com/ping/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/ping/bootstrap.min.css
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
v4rZR3TcmmVF5xMAZbvagsY3PSewT8Mq
content-encoding
gzip
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 02:18:09 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-amz-cf-pop
FRA56-P7
age
43601
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:14:39 GMT
server
AmazonS3
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
NkM4YZj1YWG0UkkyflW0XUPseaRrLWfV8ODQz7xyT7qGufYOXIt70Q==
font-awesome.min.css
cdn.worldmate.com/ping/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/ping/font-awesome.min.css
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.mycwt.com/
Origin
https://accounts.mycwt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 02:28:59 GMT
x-amz-version-id
__5g7NXQU9i5Sis9GhXw2lwwIw2Z6.Cy
content-encoding
gzip
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
42952
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:14:40 GMT
server
AmazonS3
etag
W/"269550530cc127b6aa5a35925a7de6ce"
access-control-max-age
300000
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options
SAMEORIGIN
x-amz-cf-id
l0JMJQxye-2iYPVUnm2-cNJp1i-rTmqWjI0BtvqlmOdBpUboMTDxaQ==
main.min.css
accounts.mycwt.com/assets/css/ 		48 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/assets/css/main.min.css
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
6f3aa0cae42f9756920b1b7bba5cdb3994533f719b5e41593f85015d39905738
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:50 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Content-Length
48684
X-XSS-Protection
1;
jquery.min.js
cdn.worldmate.com/js/1.1.2.0/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/js/1.1.2.0/jquery.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Ag6oaCNj0S0k4R7kUPY9U8BRUiRcbqxA
content-encoding
gzip
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 04:04:55 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-amz-cf-pop
FRA56-P7
age
41265
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:12:10 GMT
server
AmazonS3
etag
W/"cbb11b58473b2d672f4ed53abbb67336"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
7Lr7dd1CYjjxjQ4dwnVD8shrfYWpLHxnJZVntmrpSbGT7WxCsqrygA==
bootstrap.min.js
cdn.worldmate.com/ping/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/ping/bootstrap.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ipyj2hcmlIV3hnLfSWuNEousgfnvceHY
content-encoding
gzip
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 03:43:21 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-amz-cf-pop
FRA56-P7
age
41265
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:14:39 GMT
server
AmazonS3
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
Yuvx9VHgGWsBzJ3EvKWieO9OGXNXa5tam8AkPBOfvAo_FmARjWnM4A==
modernizr-custom.js
accounts.mycwt.com/assets/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/assets/js/modernizr-custom.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
b0c9ae63abcb6c80827b1ebda076c2ef1766b393b2b21c64b90a5f417b3b4e9c
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:50 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
17985
X-XSS-Protection
1;
bowser.min.js
cdn.worldmate.com/ping/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/ping/bowser.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c9985ea365b49413889bb0894ab72479f06457c55267e906047ebfd3735700f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
1oU3q6XiFjsMsrMu6h3KdwfkXw2o4n_K
content-encoding
gzip
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 03:21:10 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-amz-cf-pop
FRA56-P7
age
39821
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:14:39 GMT
server
AmazonS3
etag
W/"6fe930ec2238836a05e50277aa1e94af"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
RBtb-Irp8l6mIowYosbtkjjvW0N8I3szJje_q6N03PMIPVXv0qexcg==
newRelic-prod.js
accounts.mycwt.com/assets/js/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/assets/js/newRelic-prod.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
098ae95c51c4e55eb9fbec5212fdc6eb96f69cdf154542a63441322593248431
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:54 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
22018
X-XSS-Protection
1;
cwt-mixpanel.cb7032a405dcd720d17f.js
cdn.worldmate.com/wm-mixpanel-client/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/wm-mixpanel-client/cwt-mixpanel.cb7032a405dcd720d17f.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
305fc8cf55b745bf14cfb5d6bf7146cc9289b04ac47b27fbe40f60ac02fe4115
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 03:27:39 GMT
x-amz-version-id
g28Fzjg0QWqd83KiQ0AfjHV5AeAIPmdk
content-encoding
gzip
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
39431
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:19:10 GMT
server
AmazonS3
etag
W/"db1c407f2465caeea47c7408c7c308aa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
xi1Far3eYViuAL16_7VO42gSAUyD0P1vAIsC0DjrxyAkRAusu68uqg==
focus-visible.min.js
accounts.mycwt.com/assets/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/assets/js/focus-visible.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
47ee394fad4b6914088eda507f3caf2e598586b265f40dd36ed21e35a5131e25
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:54 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
2633
X-XSS-Protection
1;
my-cwt.png
cdn.worldmate.com/ping-images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.worldmate.com/ping-images/my-cwt.png
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a34098a93f0041dfe713edf552fde1b9320e71e8e8f9684f952fdad3aa92cf9
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 02:11:58 GMT
x-amz-version-id
i06qp5X6eh.FLtNf3mBQEBlVmOGobqMG
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P7
age
43977
x-cache
Hit from cloudfront
content-length
2226
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:14:38 GMT
server
AmazonS3
etag
"fc4aa37bc35851ecad42521d25f7a3e0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
uYdxseGr4q1_9e0TPSYf6vq5ND--lAWNuv5X0lcMzkb2PqxSdutO4A==
nojavascript.svg
cdn.worldmate.com/ping-images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.worldmate.com/ping-images/nojavascript.svg
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4000:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c7dc0b32a9011de08d203a78b90896ea94825745873feb7b8b38061ca75f34e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
8VABBCuN5VjxEQGj2.fyZlBc3u0GF2sm
content-encoding
gzip
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
date
Fri, 23 Aug 2024 02:58:23 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-amz-cf-pop
FRA56-P7
age
41188
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sat, 12 Feb 2022 21:14:39 GMT
server
AmazonS3
etag
W/"f313bf68624d8474df94c926e99c1dcb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-amz-cf-id
UoKAr5-18odBgwLcabYYnVlMKWF5l-HzLSW-AOsQwdFSu7Bs-5PsbQ==
logo.png
accounts.mycwt.com/assets/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.mycwt.com/assets/images/logo.png
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
f8c386bdbc089724671c7e6f8fe7a30ac960ef9978463c0b13247c2f06a95b21
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:54 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=0, must-revalidate
Content-Length
9361
X-XSS-Protection
1;
ua-parser.min.js
accounts.mycwt.com/assets/js/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/assets/js/ua-parser.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
1603f2aaf83e3fadda51531612f1ac73f4ab2c58a1ece329ba146300d827ebc8
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:54 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
17347
X-XSS-Protection
1;
feedback-mailbox.js
accounts.mycwt.com/assets/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/assets/js/feedback-mailbox.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
d6eff9679aa206acc62aa8631e16f3367cdebb5a808705503d05c9ce1991a8ae
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:54 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
3579
X-XSS-Protection
1;
mxp-super-props.js
accounts.mycwt.com/assets/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/assets/js/mxp-super-props.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
a85c849da6ff8a09940d8878f397971d15031561b5b3d9115747f72be473f436
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:54 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
3256
X-XSS-Protection
1;
css
fonts.googleapis.com/ 		12 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,700
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a53224625e94e636ad6e0c7316d83ae4c2a0c9b4627906f20567ed74b02dc953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 14:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 23 Aug 2024 13:58:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Aug 2024 14:24:48 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f1363db8936c4340b85abf3c024ccd868a15175717a0529e1cb883fa217b09e4

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 14:16:53 GMT
content-encoding
gzip
age
481
x-guploader-uploadid
AHxI1nOggC9ZWAUWuuXUvVANDYf_iPpHFtnR614y3Mlcyi4Qun_5EQAUZ-aoTBFxQAPUS3eioZtwIcVmaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18965
last-modified
Fri, 02 Aug 2024 22:47:47 GMT
server
UploadServer
etag
"509a98813635113311ff61c358d0831c"
vary
Accept-Encoding
x-goog-generation
1722638867419324
x-goog-hash
crc32c=iIObjA==, md5=UJqYgTY1ETMR/2HDWNCDHA==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18965
accept-ranges
bytes
expires
Fri, 23 Aug 2024 14:26:53 GMT
logo.png
accounts.mycwt.com/assets/images/ 		9 KB
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.mycwt.com/assets/images/logo.png
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
f8c386bdbc089724671c7e6f8fe7a30ac960ef9978463c0b13247c2f06a95b21
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:54 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=0, must-revalidate
Content-Length
9361
X-XSS-Protection
1;
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://accounts.mycwt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:50:42 GMT
x-content-type-options
nosniff
age
257652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14780
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:50:42 GMT
IDM_Icons-Regular.woff2
accounts.mycwt.com/assets/fonts/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/assets/fonts/IDM_Icons-Regular.woff2
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
c01f207876112c37c5eadcbfa4d3ce0da9399561873771041baeb32d33ef7e17
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
Origin
https://accounts.mycwt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:54 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Origin
https://accounts.mycwt.com
Cache-Control
max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Content-Length
2124
X-XSS-Protection
1;
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://accounts.mycwt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:43:04 GMT
x-content-type-options
nosniff
age
258110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:43:04 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://accounts.mycwt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 13:55:28 GMT
x-content-type-options
nosniff
age
260966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 13:55:28 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://accounts.mycwt.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 14:04:01 GMT
x-content-type-options
nosniff
age
260453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 14:04:01 GMT
nr-spa-1123.min.js
js-agent.newrelic.com/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1123.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6c380163cfb4ec488d8231f891ae8deaa8d82ae8c18ba3a6d6a3b2168b3d1ef
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
opLbND32LIEBr9fdAQ09EwkOsBUnncHG
content-encoding
br
via
1.1 varnish
date
Fri, 23 Aug 2024 14:24:54 GMT
strict-transport-security
max-age=300
x-amz-request-id
R873FVPXEW80DEF8
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12526
x-amz-id-2
vWnxH2kZJDx62iGdB6mDdtGBAf0FEZgjvXD8v30cfFvjEjlXo1XwXurTrsOstlPIza8pOdD3Becy5wtknXwD4mjsHEU4PlTlDmUcWNx8jbA=
x-served-by
cache-mxp6933-MXP
last-modified
Wed, 18 Oct 2023 21:30:35 GMT
server
AmazonS3
etag
"73372dea50ae4e01a4e1d2f2b5cd5e6a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
537
favicon-32x32.png
accounts.mycwt.com/assets/favicon/ 		18 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.mycwt.com/assets/favicon/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 , United States, ASN63061 (CARLSONWAGONLITTRAVEL, US),
Reverse DNS
Software
/
Resource Hash
e8287d0a4e0fdb231d71ec0c3e787541448a839e09dff43594908853e21c2f6d
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 23 Aug 2024 14:24:54 GMT
Content-Security-Policy
referrer origin
Referrer-Policy
strict-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=157680000
Last-Modified
Mon, 06 May 2024 09:57:45 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=0, must-revalidate
Content-Length
17959
X-XSS-Protection
1;
6565738008
bam.nr-data.net/1/ 		79 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/6565738008?a=110109231&sa=1&v=1123.df1c7f8&t=Unnamed%20Transaction&rst=6223&ref=https://accounts.mycwt.com/as/authorization.oauth2&be=5796&fe=6053&dc=5941&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1724423088773,%22n%22:0,%22f%22:3,%22dn%22:10,%22dne%22:45,%22c%22:45,%22s%22:223,%22ce%22:1258,%22rq%22:1258,%22rp%22:1456,%22rpe%22:1812,%22dl%22:1508,%22di%22:5938,%22ds%22:5938,%22de%22:5942,%22dc%22:6052,%22l%22:6052,%22le%22:6053%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
304473768ad971e58e740f09226b9107a832b85b8ce92489379cbe7c1cded3b2

Request headers

Referer
https://accounts.mycwt.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 23 Aug 2024 14:24:55 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
timing-allow-origin
*
Content-Length
79
x-served-by
cache-fra-etou8220027-FRA

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery11200232169306784062 object| html5 object| Modernizr object| bowser object| NREUM object| newrelic function| __nr_require object| cwtMixpanel object| mixpanel string| errorIcon boolean| isBootstrapSupported function| getRequestParam function| getCookie function| Password function| togglePassword function| requiredField function| isUsernameAllowed function| Username function| Email function| moveNext function| postOnReturn function| forgotPasswordResendEmail function| registrationResendEmail function| resendEmail function| mailtoTechSupport function| decodeURIParams function| encodeURIParams function| navigateWithURIParams function| removeFocus function| fixLang function| setPFLangCookie function| UAParser function| checkIfMobileDevice function| getParameterByName function| getCWTToGoKey function| getSATOToGoKey function| isCWTToGo function| isMobileOrTablet function| getSource object| usernameInput object| username object| passwordInput object| password object| passwordIcon object| signUpLink object| dontHaveAccountMsg function| forgotPasswordClicked function| forgotUsernameClicked number| refreshAfter function| openCantLoginModal function| closeCantLoginModal function| postNext function| onErrorOccurred

10 Cookies

Domain/Path Name / Value
na.eventscloud.com/ Name: PHPSESSID
Value: cl1te579hdv2673v7plqpt9pkd
.mycwt.com/ Name: pf-accept-language
Value: en_us
travel.mycwt.com/ Name: ADRUM_BT
Value: R:25|i:2330262|g:9618ccae-a2f9-401a-918b-a90d0d727c7b1809963|e:220|n:cwt-prod_5581b28f-b7f3-4eec-852d-e557ec1ca14b
accounts.mycwt.com/ Name: ADRUM_BTa
Value: R:25|g:dba530b4-2e5d-4459-b5d5-a87f7643643d|n:cwt-prod_5581b28f-b7f3-4eec-852d-e557ec1ca14b
accounts.mycwt.com/ Name: SameSite
Value: None
accounts.mycwt.com/ Name: ADRUM_BT1
Value: R:25|i:1725244|e:21
accounts.mycwt.com/ Name: PF
Value: aPITIz0jwHZyLBrEmVdtLR
accounts.mycwt.com/ Name: NSC_QDJ_QjohGfe_dmvtufs_mcwt
Value: 7ce2a3d9560d9f4e2fdb3b60a846215605381845563535f34f476194619c18f09e91debe
.mycwt.com/ Name: mp_934b4bdebe6efba72ebd90c32e0fdd17_mixpanel
Value: %7B%22distinct_id%22%3A%20%221917fa0290de7b-0e2af5455b2d4d-1f462c6f-1d4c00-1917fa0290e1b36%22%2C%22%24device_id%22%3A%20%221917fa0290de7b-0e2af5455b2d4d-1f462c6f-1d4c00-1917fa0290e1b36%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22Source%22%3A%20%22Web%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.nr-data.net/ Name: JSESSIONID
Value: 382f8c32db38e607

2 Console Messages

Source Level URL
Text
security error URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Message:
Unrecognized Content-Security-Policy directive 'referrer'.
recommendation verbose URL: https://accounts.mycwt.com/as/authorization.oauth2?grant_type=authorization_code&client_id=myCwtWebOauthClient&scope=openid%20profile%20mycwt-portal&response_type=code&code_challenge_method=S256&code_challenge=RZ11rhHnX-vDfqwZJAk3gOyI3gvavFrBmtfvLr8G02o&nonce=rN7pzhnWf77kRNoa&redirect_uri=https%3A%2F%2Ftravel.mycwt.com%2Fauthentication%2Fcallback&cwtWebOAuth2Adapter=myCwtWeb
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.mycwt.com
api-js.mixpanel.com
bam.nr-data.net
cdn.mxpnl.com
cdn.worldmate.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
na.eventscloud.com
travel-cdn.mycwt.com
travel.mycwt.com
162.247.243.29
198.177.7.131
198.177.7.134
2600:1901:0:498c::
2600:9000:223c:b800:11:b83:4ec0:93a1
2600:9000:2491:4000:5:9883:5700:93a1
2602:816:5001::39
2a00:1450:4001:81d::200a
2a00:1450:4001:82b::2003
35.186.241.51
52.4.179.1
098ae95c51c4e55eb9fbec5212fdc6eb96f69cdf154542a63441322593248431
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
1603f2aaf83e3fadda51531612f1ac73f4ab2c58a1ece329ba146300d827ebc8
304473768ad971e58e740f09226b9107a832b85b8ce92489379cbe7c1cded3b2
305fc8cf55b745bf14cfb5d6bf7146cc9289b04ac47b27fbe40f60ac02fe4115
3a34098a93f0041dfe713edf552fde1b9320e71e8e8f9684f952fdad3aa92cf9
47ee394fad4b6914088eda507f3caf2e598586b265f40dd36ed21e35a5131e25
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6c7dc0b32a9011de08d203a78b90896ea94825745873feb7b8b38061ca75f34e
6c9985ea365b49413889bb0894ab72479f06457c55267e906047ebfd3735700f
6f3aa0cae42f9756920b1b7bba5cdb3994533f719b5e41593f85015d39905738
78d3621ced5cf62582c569e9618d30bf821f10b03994733d18e84f15a6a02e53
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f2260ba5f934995ef06690d841676b0e73bd16347ab0495596c00d909d8f96d
8592f5b545951a04a56775cde61ab235ae7f0647bb7dfdac585c2db62586634d
9eaa8e27834a3fc1d388756a601afd3dc6a8efa816f052ad0b9ec11c9a1efda9
a4e227be8af0884f132ab44413306e8e65783c509bb2e84e9ee86225152fb168
a53224625e94e636ad6e0c7316d83ae4c2a0c9b4627906f20567ed74b02dc953
a6c380163cfb4ec488d8231f891ae8deaa8d82ae8c18ba3a6d6a3b2168b3d1ef
a85c849da6ff8a09940d8878f397971d15031561b5b3d9115747f72be473f436
b0c9ae63abcb6c80827b1ebda076c2ef1766b393b2b21c64b90a5f417b3b4e9c
b27d7d38c8d89f90c121fa0afcc227d67d5bacd1d0f488d8ccd85695ee216517
b8e9e2ab0c2c01d517c979a722114892fe35a6652f4a962768ba9288ae3c8150
c01f207876112c37c5eadcbfa4d3ce0da9399561873771041baeb32d33ef7e17
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d6eff9679aa206acc62aa8631e16f3367cdebb5a808705503d05c9ce1991a8ae
e323ebad088c4894d2c8bd12505dea09cf114feb1729c252a10ceabe14a9d1ad
e8287d0a4e0fdb231d71ec0c3e787541448a839e09dff43594908853e21c2f6d
f1363db8936c4340b85abf3c024ccd868a15175717a0529e1cb883fa217b09e4
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8c386bdbc089724671c7e6f8fe7a30ac960ef9978463c0b13247c2f06a95b21
f8c4e776764b5956b5e923ac187f20f50525d9c2395e6e84de9890bedf554788