Submitted URL: https://www.mycwt.com
Effective URL: https://www.mycwt.com/c/portal/login?redirect=%2Fgroup%2Fguest&refererPlid=51466&p_l_id=20528069
Submission: On January 11 via api

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 46 HTTP transactions.
The main IP is 198.177.7.133, located in Hopkins, United States and belongs to CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US. The main domain is www.mycwt.com.
The TLS certificate was issued by DigiCert SHA2 Secure Server CA on February 9th 2018 with a validity of a year.
This is the first time this domain was scanned on urlscan.io!

Domain & IP information

IP Address AS Autonomous System
2 3 198.177.7.133 63061 (CARLSONWA...)
10 198.177.7.134 63061 (CARLSONWA...)
14 52.85.188.218 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:4... 15169 (GOOGLE)
3 107.178.240.159 15169 (GOOGLE)
1 151.101.194.110 54113 (FASTLY)
1 1 54.230.95.149 16509 (AMAZON-02)
3 52.222.161.54 16509 (AMAZON-02)
2 162.247.242.19 23467 (NEWRELIC-...)
1 54.230.95.91 16509 (AMAZON-02)
1 52.222.161.187 16509 (AMAZON-02)
1 54.175.160.150 14618 (AMAZON-AES)
1 52.202.131.87 14618 (AMAZON-AES)
3 54.230.95.156 16509 (AMAZON-02)
46 14
Domain
Subdomains
Transfer
14 worldmate.com
2 MB
13 mycwt.com
152 KB
4 intercomcdn.com
367 KB
4 intercom.io
3 KB
4 gstatic.com
79 KB
3 intercomassets.com
18 KB
3 mixpanel.com
541 B
2 nr-data.net
446 B
1 newrelic.com
13 KB
1 mxpnl.com
22 KB
46 10
Domain Requested by
14 cdn.worldmate.com accounts.mycwt.com
10 accounts.mycwt.com www.mycwt.com
accounts.mycwt.com
4 js.intercomcdn.com js.intercomcdn.com
4 fonts.gstatic.com accounts.mycwt.com
3 static.intercomassets.com
3 api.mixpanel.com accounts.mycwt.com
3 www.mycwt.com 2 redirects
2 bam.nr-data.net accounts.mycwt.com
1 nexus-websocket-b.intercom.io js.intercomcdn.com
1 nexus-websocket-a.intercom.io js.intercomcdn.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 js-agent.newrelic.com accounts.mycwt.com
1 cdn.mxpnl.com accounts.mycwt.com
46 14

This site contains links to these domains. Also see Links.

Domain
help.mycwt.com
www.carlsonwagonlit.com
Subject / Issuer Validity Valid
*.mycwt.com
DigiCert SHA2 Secure Server CA
2018-02-09 -
2019-02-10
a year
*.worldmate.com
DigiCert SHA2 Secure Server CA
2018-02-09 -
2019-02-10
a year
*.google.com
Google Internet Authority G3
2018-12-19 -
2019-03-13
3 months
*.mxpnl.com
RapidSSL RSA CA 2018
2018-02-16 -
2019-08-30
2 years
*.mixpanel.com
RapidSSL RSA CA 2018
2018-01-11 -
2020-05-01
2 years
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-01-08 -
2019-04-14
3 months
*.intercomcdn.com
Amazon
2018-05-25 -
2019-06-25
a year
*.nr-data.net
GeoTrust RSA CA 2018
2018-01-11 -
2020-03-17
2 years
*.intercom.com
Amazon
2018-07-09 -
2019-08-09
a year
intercomassets.com
Amazon
2018-10-11 -
2019-11-11
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Web
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
  • env /^Modernizr$/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /Apache-Coyote(\/1\.1)?/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /Apache-Coyote(\/1\.1)?/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Web
Overall confidence: 100%
Detected patterns
  • env /^Intercom$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^Mixpanel$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
login?redirect=%2Fgroup%2Fguest&refererPlid=51466&p_l_id=20528069
/c/portal
Redirect Chain
  • https://www.mycwt.com/
  • https://www.mycwt.com/group/guest
  • https://www.mycwt.com/c/portal/login?redirect=%2Fgroup%2Fguest&refererPlid=51466&p_l_id=20528069
5 KB
5 KB
Document
General
Full URL
https://www.mycwt.com/c/portal/login?redirect=%2Fgroup%2Fguest&refererPlid=51466&p_l_id=20528069
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.133 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8d2aa3876608074cfd87276d733ab7d9cdb7c94974e87baf061a4553dcd90af1
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Host
www.mycwt.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=1FCDA296CC9DB0C170BB5B270E919FC2; NSC_QSPE-Mjgfsbz-dmvtufs_mcwt=ffffffff09dcfc5645525d5f4f58455e445a4a4229a0; pf-accept-language=en_us
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
Apache-Coyote/1.1
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
Cache-control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Date
Fri, 11 Jan 2019 19:05:46 GMT
Strict-Transport-Security
max-age=157680000

Redirect headers

Server
Apache-Coyote/1.1
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
Set-Cookie
pf-accept-language=en_us;path=/;expires=Fri, 18 Jan 2019 19:05:46 GMT;domain=.mycwt.com;secure;
Content-Encoding
gzip
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Pragma
no-cache
Location
https://www.mycwt.com/c/portal/login?redirect=%2Fgroup%2Fguest&refererPlid=51466&p_l_id=20528069
Content-Length
0
Date
Fri, 11 Jan 2019 19:05:46 GMT
Strict-Transport-Security
max-age=157680000
Cookie set SSO.saml2
accounts.mycwt.com/idp
33 KB
34 KB
Document
General
Full URL
https://accounts.mycwt.com/idp/SSO.saml2
Requested by
Host: www.mycwt.com
URL: https://www.mycwt.com/c/portal/login?redirect=%2Fgroup%2Fguest&refererPlid=51466&p_l_id=20528069
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
3d4b53bb3d4b425a52b2bce38b2927cbe1984df5f6fd838d0904e968737af280
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Host
accounts.mycwt.com
Connection
keep-alive
Content-Length
4084
Pragma
no-cache
Cache-Control
no-cache
Origin
https://www.mycwt.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.mycwt.com/c/portal/login?redirect=%2Fgroup%2Fguest&refererPlid=51466&p_l_id=20528069
Accept-Encoding
gzip, deflate, br
Cookie
pf-accept-language=en_us
Origin
https://www.mycwt.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.mycwt.com/c/portal/login?redirect=%2Fgroup%2Fguest&refererPlid=51466&p_l_id=20528069

Response headers

Date
Fri, 11 Jan 2019 19:05:47 GMT
Access-Control-Allow-Origin
https://www.mycwt.com
Vary
Origin
Access-Control-Allow-Credentials
true
Content-Security-Policy
referrer origin
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Set-Cookie
PF=9C4xl4AznJS34XTkTNEvRx;Path=/;Secure;HttpOnly pfidpaid="";Version=1;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0 NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577;path=/;secure;httponly
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=157680000
Verified bootstrap.min.css
cdn.worldmate.com/ping
118 KB
119 KB
Stylesheet
General
Full URL
https://cdn.worldmate.com/ping/bootstrap.min.css
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Verified resource
twitter-bootstrap/3.3.7/css/bootstrap.min.css at cdnjs.com, project twitter-bootstrap

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 08:00:44 GMT
Via
1.1 63c6fe97aba90610d2a46b7713c49586.cloudfront.net (CloudFront)
Last-Modified
Tue, 17 Jul 2018 11:34:19 GMT
Server
AmazonS3
Age
42227
ETag
"ec3bb52a00e176a7181d454dffaea219"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
121200
X-Amz-Cf-Id
FdoM9_1A1KOAwSxCpMyvbMMFcj6IXyX-zGUzqsSsJplk796dboEfgA==
font-awesome.min.css
cdn.worldmate.com/ping
30 KB
31 KB
Stylesheet
General
Full URL
https://cdn.worldmate.com/ping/font-awesome.min.css
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Origin
https://accounts.mycwt.com

Response headers

Date
Fri, 11 Jan 2019 09:57:48 GMT
Via
1.1 f51b809c33f0bb5b1d5504f4df0c0a3f.cloudfront.net (CloudFront)
Age
43814
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
31000
Last-Modified
Tue, 17 Jul 2018 11:16:13 GMT
Server
AmazonS3
ETag
"269550530cc127b6aa5a35925a7de6ce"
Access-Control-Max-Age
300000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
Accept-Ranges
bytes
X-Amz-Cf-Id
GZL8RMtZDeqeADPf0Qj-ra2HTIA10PvPmPMauNUSxJG2BIY8V4hd6A==
main.min.css
accounts.mycwt.com/assets/css
43 KB
43 KB
Stylesheet
General
Full URL
https://accounts.mycwt.com/assets/css/main.min.css
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
11cca80d24d61a369b528bcdf058570260644fec810eed81aff3b448852e68a0
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Cookie
pf-accept-language=en_us; PF=9C4xl4AznJS34XTkTNEvRx; NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 19:05:48 GMT
Last-Modified
Sun, 16 Dec 2018 11:42:34 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
referrer origin
Strict-Transport-Security
max-age=157680000
Content-Length
43784
Verified jquery.min.js
cdn.worldmate.com/js/1.1.2.0
95 KB
96 KB
Script
General
Full URL
https://cdn.worldmate.com/js/1.1.2.0/jquery.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Verified resource
jquery/1.12.0/jquery.min.js at cdnjs.com, project jquery

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 08:00:44 GMT
Via
1.1 143574384d395dec5e078f9c0bab3391.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 Jan 2018 11:58:59 GMT
Server
AmazonS3
Age
43813
ETag
"cbb11b58473b2d672f4ed53abbb67336"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97362
X-Amz-Cf-Id
azwGVoq82HTiPSKNEhidrBA3I_E0K-YuTYRr1PfuKnEDVdfikEZT8A==
Verified bootstrap.min.js
cdn.worldmate.com/ping
36 KB
37 KB
Script
General
Full URL
https://cdn.worldmate.com/ping/bootstrap.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Verified resource
twitter-bootstrap/3.3.7/js/bootstrap.min.js at cdnjs.com, project twitter-bootstrap

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 10:19:59 GMT
Via
1.1 63c6fe97aba90610d2a46b7713c49586.cloudfront.net (CloudFront)
Last-Modified
Tue, 17 Jul 2018 11:16:39 GMT
Server
AmazonS3
Age
36721
ETag
"5869c96cc8f19086aee625d670d741f9"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37045
X-Amz-Cf-Id
KbOIboMNkPddyCnsQN8QSgwPAMLv22rlZEtegHwFv-nTHkfux_jPhA==
modernizr-custom.js
accounts.mycwt.com/assets/js
18 KB
18 KB
Script
General
Full URL
https://accounts.mycwt.com/assets/js/modernizr-custom.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
b0c9ae63abcb6c80827b1ebda076c2ef1766b393b2b21c64b90a5f417b3b4e9c
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Cookie
pf-accept-language=en_us; PF=9C4xl4AznJS34XTkTNEvRx; NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 19:05:48 GMT
Last-Modified
Sun, 16 Dec 2018 11:42:34 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
referrer origin
Strict-Transport-Security
max-age=157680000
Content-Length
17985
bowser.min.js
cdn.worldmate.com/ping
7 KB
8 KB
Script
General
Full URL
https://cdn.worldmate.com/ping/bowser.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c9985ea365b49413889bb0894ab72479f06457c55267e906047ebfd3735700f

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 10:20:00 GMT
Via
1.1 a2289d8b15b881db1c42086062568883.cloudfront.net (CloudFront)
Last-Modified
Tue, 17 Jul 2018 11:25:49 GMT
Server
AmazonS3
Age
103330
ETag
"6fe930ec2238836a05e50277aa1e94af"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7485
X-Amz-Cf-Id
FOJ8PozmyXTvs64O-dmdpjW-wh0MtwSmkq5Xn6Y2bSP8wxzezvM1Sw==
newRelic-prod.js
accounts.mycwt.com/assets/js
20 KB
20 KB
Script
General
Full URL
https://accounts.mycwt.com/assets/js/newRelic-prod.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
538f5079a42aafec14ddb154cea6bf520c33731701385ff2732e8e8f8819a209
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Cookie
pf-accept-language=en_us; PF=9C4xl4AznJS34XTkTNEvRx; NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 19:05:48 GMT
Last-Modified
Sun, 16 Dec 2018 11:42:34 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
referrer origin
Strict-Transport-Security
max-age=157680000
Content-Length
19976
cwt-mixpanel.cb7032a405dcd720d17f.js
cdn.worldmate.com/wm-mixpanel-client
4 KB
4 KB
Script
General
Full URL
https://cdn.worldmate.com/wm-mixpanel-client/cwt-mixpanel.cb7032a405dcd720d17f.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
305fc8cf55b745bf14cfb5d6bf7146cc9289b04ac47b27fbe40f60ac02fe4115

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 10:20:00 GMT
Via
1.1 3aa04125cfbe212eb3783a1b1caebdb5.cloudfront.net (CloudFront)
Last-Modified
Mon, 27 Aug 2018 11:10:40 GMT
Server
AmazonS3
Age
97728
ETag
"db1c407f2465caeea47c7408c7c308aa"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3788
X-Amz-Cf-Id
uN9fl7ZIDin16O6VmMYlR-Q8zOhUCgdUVaBI_O75aR_KO4sj_Obaew==
focus-visible.min.js
accounts.mycwt.com/assets/js
3 KB
3 KB
Script
General
Full URL
https://accounts.mycwt.com/assets/js/focus-visible.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
47ee394fad4b6914088eda507f3caf2e598586b265f40dd36ed21e35a5131e25
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Cookie
pf-accept-language=en_us; PF=9C4xl4AznJS34XTkTNEvRx; NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 19:05:48 GMT
Last-Modified
Sun, 16 Dec 2018 11:42:34 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
referrer origin
Strict-Transport-Security
max-age=157680000
Content-Length
2633
myCWT-logo.png
cdn.worldmate.com/img
16 KB
16 KB
Image
General
Full URL
https://cdn.worldmate.com/img/myCWT-logo.png
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37d43778d72014e4eff2523b9eb7d02b7d47b346c41b95318becd8741cc1600a

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 09:04:50 GMT
Via
1.1 143574384d395dec5e078f9c0bab3391.cloudfront.net (CloudFront)
Last-Modified
Mon, 29 Jan 2018 15:10:23 GMT
Server
AmazonS3
Age
36642
ETag
"47e8be4e2362c5f2dc2c100dc7717972"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16058
X-Amz-Cf-Id
a7yuteFo4MBbDCABK7hErg_GOjSvgZDMnPtDbe70c6qxbZ9-q7UCkQ==
logo.svg
accounts.mycwt.com/assets/images
1 KB
1 KB
Image
General
Full URL
https://accounts.mycwt.com/assets/images/logo.svg
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
5745553b00dc56b2dfeeb862fc630f394f78b84e50f7433ba63b2e55a91ace75
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Cookie
pf-accept-language=en_us; PF=9C4xl4AznJS34XTkTNEvRx; NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 19:05:48 GMT
Last-Modified
Sun, 16 Dec 2018 11:42:34 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
referrer origin
Strict-Transport-Security
max-age=157680000
Content-Length
1216
ua-parser.min.js
accounts.mycwt.com/assets/js
17 KB
17 KB
Script
General
Full URL
https://accounts.mycwt.com/assets/js/ua-parser.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
1603f2aaf83e3fadda51531612f1ac73f4ab2c58a1ece329ba146300d827ebc8
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Cookie
pf-accept-language=en_us; PF=9C4xl4AznJS34XTkTNEvRx; NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 19:05:48 GMT
Last-Modified
Sun, 16 Dec 2018 11:42:34 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
referrer origin
Strict-Transport-Security
max-age=157680000
Content-Length
17347
feedback-mailbox.js
accounts.mycwt.com/assets/js
4 KB
4 KB
Script
General
Full URL
https://accounts.mycwt.com/assets/js/feedback-mailbox.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
f642746309b93af9bd6aa67209a4307ce03a92d12771c4f36c3dbc807d24a058
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Cookie
pf-accept-language=en_us; PF=9C4xl4AznJS34XTkTNEvRx; NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 19:05:48 GMT
Last-Modified
Sun, 16 Dec 2018 11:42:34 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
referrer origin
Strict-Transport-Security
max-age=157680000
Content-Length
3590
mxp-super-props.js
accounts.mycwt.com/assets/js
3 KB
3 KB
Script
General
Full URL
https://accounts.mycwt.com/assets/js/mxp-super-props.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
fd96a717173b01d93a762e1567d1e721778b9d45c3fa2a2352066dc7f85eeb1b
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Cookie
pf-accept-language=en_us; PF=9C4xl4AznJS34XTkTNEvRx; NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577
Connection
keep-alive
Cache-Control
no-cache
Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 19:05:48 GMT
Last-Modified
Sun, 16 Dec 2018 11:42:34 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Security-Policy
referrer origin
Strict-Transport-Security
max-age=157680000
Content-Length
2922
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v11
39 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/modernizr-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8a927acc033e29e44a856a4c4b90761f033ef287ddb8309e26481acb80f07f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/assets/css/main.min.css
Origin
https://accounts.mycwt.com

Response headers

date
Wed, 09 Jan 2019 14:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191009
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
20239
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:25:35 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2020 14:02:17 GMT
Adblocked mixpanel-2-latest.min.js
cdn.mxpnl.com/libs
64 KB
22 KB
Script
General
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:498c:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
UploadServer /
Resource Hash
54692b3848125d4bb74b105a463e1675e3f764ef5af0215958417fadb53e4a22
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 11 Jan 2019 19:01:21 GMT
content-encoding
gzip
age
265
status
200
x-guploader-uploadid
AEnB2UqRNdpPQdzEtS-TXl9dersPnJz7prhP8gnPhXgySKBN2ho2oLzR3npVnr-3XQNmO7VhljiQgX8DgVmzvwqNn05eTazv7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
22032
last-modified
Wed, 09 Jan 2019 23:10:17 GMT
server
UploadServer
etag
"2e7fa7f8e6d76f1635af64a43e9f9590"
vary
Accept-Encoding
x-goog-hash
crc32c=WZFuvw==, md5=Ln+n+ObXbxY1r2SkPp+VkA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1547075417668861
cache-control
public,max-age=600
x-goog-stored-content-length
22032
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 11 Jan 2019 19:11:21 GMT
img-1-2x.jpg
cdn.worldmate.com/ping-images
284 KB
284 KB
Image
General
Full URL
https://cdn.worldmate.com/ping-images/img-1-2x.jpg
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e994c49b448fbec62e1db5fab5661d51fb39f30ae0fe21c271df83b91de966a4

Request headers

Referer
https://accounts.mycwt.com/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 09:23:28 GMT
Via
1.1 143574384d395dec5e078f9c0bab3391.cloudfront.net (CloudFront)
Last-Modified
Tue, 09 Jan 2018 09:53:48 GMT
Server
AmazonS3
Age
38459
ETag
"57b76cec3712af5bbe19c36bad599693"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
290545
X-Amz-Cf-Id
A45mWxRAgLCvQYYRnOqkEh34YVeI17gsWWCEBEL6k8ZmW3yCYxnzfA==
img-2-2x.jpg
cdn.worldmate.com/ping-images
51 KB
51 KB
Image
General
Full URL
https://cdn.worldmate.com/ping-images/img-2-2x.jpg
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b8e202f50515964d191f9559f201c3e0528d6f2b39062519c7228e1760491ff

Request headers

Referer
https://accounts.mycwt.com/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 09:23:28 GMT
Via
1.1 63c6fe97aba90610d2a46b7713c49586.cloudfront.net (CloudFront)
Last-Modified
Tue, 09 Jan 2018 09:53:49 GMT
Server
AmazonS3
Age
38459
ETag
"235f491a8aa809e45522fbc20707436a"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51844
X-Amz-Cf-Id
Yyqufyo1TIZqBAeQ3F99BYMtM3wN-FXwtiR7jRX0B8zZ02gj87L8RQ==
img-3-2x.jpg
cdn.worldmate.com/ping-images
196 KB
197 KB
Image
General
Full URL
https://cdn.worldmate.com/ping-images/img-3-2x.jpg
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9985e664e57e1e7a07b582c2bdf8a9d157416d62f97757acfa22048a9365c5b1

Request headers

Referer
https://accounts.mycwt.com/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 09:23:28 GMT
Via
1.1 3aa04125cfbe212eb3783a1b1caebdb5.cloudfront.net (CloudFront)
Last-Modified
Tue, 09 Jan 2018 09:53:50 GMT
Server
AmazonS3
Age
38459
ETag
"247018d513193f68d892db0035ecaaa6"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
201022
X-Amz-Cf-Id
2YEBrh6BrcKvhX_yGfmOlc1NiQl1-lkWj8luFv6gvGlS9T4NBNB-FQ==
img-4-2x.jpg
cdn.worldmate.com/ping-images
217 KB
217 KB
Image
General
Full URL
https://cdn.worldmate.com/ping-images/img-4-2x.jpg
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ab703b01168116f93c442a80b4ea7ac9d0da1a5103deb6e87f22a6b34833d70

Request headers

Referer
https://accounts.mycwt.com/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 11:08:33 GMT
Via
1.1 63c6fe97aba90610d2a46b7713c49586.cloudfront.net (CloudFront)
Last-Modified
Tue, 09 Jan 2018 09:53:51 GMT
Server
AmazonS3
Age
52004
ETag
"73504affaadcc32cb89555f3dda7731e"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
222046
X-Amz-Cf-Id
4juRjntmekvoZdef6r7BqBUp9kMO3ul4GzqZwqEdoAjpHVDONu0UAQ==
img-5-2x.jpg
cdn.worldmate.com/ping-images
292 KB
293 KB
Image
General
Full URL
https://cdn.worldmate.com/ping-images/img-5-2x.jpg
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4266419b2217887b791dd1121f50189d125811a1c4e37cb87be8e7046d562add

Request headers

Referer
https://accounts.mycwt.com/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 11:19:56 GMT
Via
1.1 a2289d8b15b881db1c42086062568883.cloudfront.net (CloudFront)
Last-Modified
Tue, 09 Jan 2018 09:53:51 GMT
Server
AmazonS3
Age
35909
ETag
"33be0763651a7065e7643d61fea1c1f6"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
299125
X-Amz-Cf-Id
5z_dj7or1L42h-67D7nHBBX8TKiQXn8fQ4dQjUrJfizKgYG_n11okg==
img-6-2x.jpg
cdn.worldmate.com/ping-images
237 KB
237 KB
Image
General
Full URL
https://cdn.worldmate.com/ping-images/img-6-2x.jpg
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fe36b90527e3d6830cb381f1eacda9b95f2fbd097f347f48e94a9d15989df89

Request headers

Referer
https://accounts.mycwt.com/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 08:50:55 GMT
Via
1.1 63c6fe97aba90610d2a46b7713c49586.cloudfront.net (CloudFront)
Last-Modified
Tue, 09 Jan 2018 09:53:52 GMT
Server
AmazonS3
Age
36892
ETag
"9bef774edac3f6867beeb93df823abb4"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
242283
X-Amz-Cf-Id
V4bxM09SJwRZRzPNdbmEnd4isrAmIXsYuozCUbGBQpHZEgys8rV37w==
img-7-2x.jpg
cdn.worldmate.com/ping-images
217 KB
218 KB
Image
General
Full URL
https://cdn.worldmate.com/ping-images/img-7-2x.jpg
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.188.218 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-188-218.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
006f5ab14c76c9af7465b9f5972feea111956d6e36018f51af23abef5068aca5

Request headers

Referer
https://accounts.mycwt.com/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 11 Jan 2019 11:19:56 GMT
Via
1.1 143574384d395dec5e078f9c0bab3391.cloudfront.net (CloudFront)
Last-Modified
Tue, 09 Jan 2018 09:53:53 GMT
Server
AmazonS3
Age
36586
ETag
"dac400ed4b54b43a8e49067bbd052ef5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
222354
X-Amz-Cf-Id
tWy8NFtMn-vDppdnjBxBFGfwZ5M7jZTis_VZEUPGUBs-PjnqTHHYBg==
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
fonts.gstatic.com/s/sourcesanspro/v11
39 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
898ab48e439e72de77598748c641141700a2e924949b58b264a79acb9ef2dd4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/assets/css/main.min.css
Origin
https://accounts.mycwt.com

Response headers

date
Fri, 21 Dec 2018 05:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1861587
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
20225
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:26:06 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2019 05:59:19 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v11
38 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
91d5178b53a5e1c8c6a744f5044314d54bf91f37b038c7f35a958c8a1430a152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/assets/css/main.min.css
Origin
https://accounts.mycwt.com

Response headers

date
Thu, 03 Jan 2019 09:55:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
724215
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
19928
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:26:07 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2020 09:55:31 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v11
38 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdr.ttf
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1e8fec28743b973efe38a1cd78b4d6443cd1ca12a7ed357faee485b32201b9c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/assets/css/main.min.css
Origin
https://accounts.mycwt.com

Response headers

date
Thu, 20 Dec 2018 22:04:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1890089
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
20119
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:25:44 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Dec 2019 22:04:17 GMT
IDM_Icons-Regular.woff2
accounts.mycwt.com/assets/fonts
2 KB
2 KB
Font
General
Full URL
https://accounts.mycwt.com/assets/fonts/IDM_Icons-Regular.woff2
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.177.7.134 Hopkins, United States, ASN63061 (CARLSONWAGONLITTRAVEL - Carlson Wagonlit Travel, Inc, US),
Reverse DNS
Software
/
Resource Hash
bc1e8c83e5549fd605602cde6a35929dfe82e5bb135c553247475910f8a7b390
Security Headers
Name Value
Content-Security-Policy referrer origin
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Origin
https://accounts.mycwt.com
Accept-Encoding
gzip, deflate, br
Host
accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://accounts.mycwt.com/assets/css/main.min.css
Cookie
pf-accept-language=en_us; PF=9C4xl4AznJS34XTkTNEvRx; NSC_QSPE_QjohGfe_dmvtufs_mcwt=ffffffff09dcee0745525d5f4f58455e445a4a421577
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/assets/css/main.min.css
Origin
https://accounts.mycwt.com

Response headers

Date
Fri, 11 Jan 2019 19:05:48 GMT
Cache-Control
max-age=0, must-revalidate
Last-Modified
Sun, 16 Dec 2018 11:42:34 GMT
Content-Security-Policy
referrer origin
X-Frame-Options
SAMEORIGIN
Content-Length
2124
Strict-Transport-Security
max-age=157680000
Adblocked ?verbose=1&version=1&lib=web&token=934b4bdebe6efba72ebd90c32e0fdd17&ip=1&_=1547233546942
api.mixpanel.com/decide
65 B
143 B
XHR
General
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=934b4bdebe6efba72ebd90c32e0fdd17&ip=1&_=1547233546942
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
gunicorn/19.3.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Origin
https://accounts.mycwt.com

Response headers

date
Fri, 11 Jan 2019 19:05:46 GMT
via
1.1 google
server
gunicorn/19.3.0
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://accounts.mycwt.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
Adblocked ?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkcmVmZXJyZXIiOiAiaHR0cHM6Ly93d3cubXljd3QuY29tL2MvcG9ydGFsL2xvZ2luP3JlZGlyZWN0PSUyRmd...
api.mixpanel.com/track
1 B
324 B
XHR
General
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkcmVmZXJyZXIiOiAiaHR0cHM6Ly93d3cubXljd3QuY29tL2MvcG9ydGFsL2xvZ2luP3JlZGlyZWN0PSUyRmdyb3VwJTJGZ3Vlc3QmcmVmZXJlclBsaWQ9NTE0NjYmcF9sX2lkPTIwNTI4MDY5IiwiJHJlZmVycmluZ19kb21haW4iOiAid3d3Lm15Y3d0LmNvbSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL2FjY291bnRzLm15Y3d0LmNvbS9pZHAvU1NPLnNhbWwyIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDY3LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMjYuMCIsInRpbWUiOiAxNTQ3MjMzNTQ2Ljk0NiwiZGlzdGluY3RfaWQiOiAiMTY4M2U0ZTUyYmE3MWYtMDk2YjBkMmUwYzI4NmQtMTczNjY5NTItMWQ0YzAwLTE2ODNlNGU1MmJiNmE2IiwiJGRldmljZV9pZCI6ICIxNjgzZTRlNTJiYTcxZi0wOTZiMGQyZTBjMjg2ZC0xNzM2Njk1Mi0xZDRjMDAtMTY4M2U0ZTUyYmI2YTYiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICJodHRwczovL3d3dy5teWN3dC5jb20vYy9wb3J0YWwvbG9naW4%2FcmVkaXJlY3Q9JTJGZ3JvdXAlMkZndWVzdCZyZWZlcmVyUGxpZD01MTQ2NiZwX2xfaWQ9MjA1MjgwNjkiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogInd3dy5teWN3dC5jb20iLCJtcF9wYWdlIjogImh0dHBzOi8vYWNjb3VudHMubXljd3QuY29tL2lkcC9TU08uc2FtbDIiLCJtcF9yZWZlcnJlciI6ICJodHRwczovL3d3dy5teWN3dC5jb20vYy9wb3J0YWwvbG9naW4%2FcmVkaXJlY3Q9JTJGZ3JvdXAlMkZndWVzdCZyZWZlcmVyUGxpZD01MTQ2NiZwX2xfaWQ9MjA1MjgwNjkiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIk1hYyBPUyBYIiwidG9rZW4iOiAiOTM0YjRiZGViZTZlZmJhNzJlYmQ5MGMzMmUwZmRkMTcifX0%3D&ip=1&_=1547233546948
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Origin
https://accounts.mycwt.com

Response headers

date
Fri, 11 Jan 2019 19:05:46 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://accounts.mycwt.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
1
Adblocked ?data=eyJldmVudCI6ICJMb2dpbiBTY3JlZW4gRGlzcGxheWVkIiwicHJvcGVydGllcyI6IHsiJG9zIjogIk1hYyBPUyBYIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJHJlZmVycmVyIjogImh0dHBzOi8vd3d3Lm15Y3d0LmNvbS9jL3BvcnRhbC9sb2dpbj9yZWR...
api.mixpanel.com/track
1 B
74 B
XHR
General
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJMb2dpbiBTY3JlZW4gRGlzcGxheWVkIiwicHJvcGVydGllcyI6IHsiJG9zIjogIk1hYyBPUyBYIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJHJlZmVycmVyIjogImh0dHBzOi8vd3d3Lm15Y3d0LmNvbS9jL3BvcnRhbC9sb2dpbj9yZWRpcmVjdD0lMkZncm91cCUyRmd1ZXN0JnJlZmVyZXJQbGlkPTUxNDY2JnBfbF9pZD0yMDUyODA2OSIsIiRyZWZlcnJpbmdfZG9tYWluIjogInd3dy5teWN3dC5jb20iLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9hY2NvdW50cy5teWN3dC5jb20vaWRwL1NTTy5zYW1sMiIsIiRicm93c2VyX3ZlcnNpb24iOiA2NywiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjI2LjAiLCJ0aW1lIjogMTU0NzIzMzU0Ny4wNCwiZGlzdGluY3RfaWQiOiAiMTY4M2U0ZTUyYmE3MWYtMDk2YjBkMmUwYzI4NmQtMTczNjY5NTItMWQ0YzAwLTE2ODNlNGU1MmJiNmE2IiwiJGRldmljZV9pZCI6ICIxNjgzZTRlNTJiYTcxZi0wOTZiMGQyZTBjMjg2ZC0xNzM2Njk1Mi0xZDRjMDAtMTY4M2U0ZTUyYmI2YTYiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICJodHRwczovL3d3dy5teWN3dC5jb20vYy9wb3J0YWwvbG9naW4%2FcmVkaXJlY3Q9JTJGZ3JvdXAlMkZndWVzdCZyZWZlcmVyUGxpZD01MTQ2NiZwX2xfaWQ9MjA1MjgwNjkiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogInd3dy5teWN3dC5jb20iLCJTb3VyY2UiOiAiV2ViIiwiT3JpZ2luIjogIk5vbmUiLCJ0b2tlbiI6ICI5MzRiNGJkZWJlNmVmYmE3MmViZDkwYzMyZTBmZGQxNyJ9fQ%3D%3D&ip=1&_=1547233547040
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.240.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
159.240.178.107.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Origin
https://accounts.mycwt.com

Response headers

date
Fri, 11 Jan 2019 19:05:47 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://accounts.mycwt.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
37
alt-svc
clear
content-length
1
Adblocked nr-spa-1071.min.js
js-agent.newrelic.com
32 KB
13 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1071.min.js
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0f3a0b6bb569a4c29d1bf5e034f9ec975d04b45edfd66ebff73ed5cf4a22447
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 11 Jan 2019 19:05:47 GMT
content-encoding
gzip
x-amz-request-id
66173AD248FC2AC2
x-cache
HIT
status
200
content-length
12624
x-amz-id-2
OFBzYka+LY1SeuZFqNyMEbK05VrcPPb6tn0EAyX9DOgP7Rehyue4VMa5IdAWy6NDbFkLyrrleVw=
x-served-by
cache-hhn1530-HHN
last-modified
Wed, 28 Feb 2018 23:35:17 GMT
server
AmazonS3
x-timer
S1547233547.062530,VS0,VE0
etag
"c4be07d99198e723860aeee65fd397cf"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5777
shim.latest.js
js.intercomcdn.com
Redirect Chain
  • https://widget.intercom.io/widget/lwx93sjz
  • https://js.intercomcdn.com/shim.latest.js
4 KB
2 KB
Script
General
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-54.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5262bd456aa0a96ff608aa4e9b5538f03ed147fe4ab901e67d7217fb0e705454

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 11 Jan 2019 19:01:59 GMT
content-encoding
gzip
etag
"5fcd60b1104be0a965d80b367bf76af5"
last-modified
Fri, 11 Jan 2019 17:56:49 GMT
server
AmazonS3
age
237
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
content-length
1538
via
1.1 0176a7920fd558900dd5f893f79acb9e.cloudfront.net (CloudFront)
x-amz-cf-id
UxLtwHTqD6RWDReYgWMHO86UJArxu8Ng-LlDZx0TtBVNPrZmdH72Dg==

Redirect headers

date
Fri, 11 Jan 2019 16:49:03 GMT
via
1.1 5954578e851092964f39f2f5f0596950.cloudfront.net (CloudFront)
server
AmazonS3
age
8205
location
https://js.intercomcdn.com/shim.latest.js
x-cache
Hit from cloudfront
status
302
content-length
0
x-amz-cf-id
ViGFdW7EGBhvozxflhnuA9Knc_80HzqpWBnV0bwfKofK4_Kr_-g5hQ==
Adblocked SSO.saml2&be=1518&fe=1715&dc=1705&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1547233545339,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:26,%22c%22:26,%22s%22:208,%22ce%22:403,%22rq%22:403,...
bam.nr-data.net/1/6565738008?a=110109231&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=1730&ref=https://accounts.mycwt.com/idp
57 B
261 B
Script
General
Full URL
https://bam.nr-data.net/1/6565738008?a=110109231&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=1730&ref=https://accounts.mycwt.com/idp/SSO.saml2&be=1518&fe=1715&dc=1705&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1547233545339,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:26,%22c%22:26,%22s%22:208,%22ce%22:403,%22rq%22:403,%22rp%22:613,%22rpe%22:979,%22dl%22:616,%22di%22:1702,%22ds%22:1702,%22de%22:1706,%22dc%22:1714,%22l%22:1714,%22le%22:1716%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
frame.a1f7e036.js
js.intercomcdn.com
1 MB
136 KB
Script
General
Full URL
https://js.intercomcdn.com/frame.a1f7e036.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-54.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86090887f1b3bd4e9797a138385a3e319e7a9e8bed58e2b64b8690c263c10572

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 11 Jan 2019 17:56:52 GMT
content-encoding
gzip
etag
"c747263c6f453890af18b76a3d6671b4"
last-modified
Fri, 11 Jan 2019 17:53:27 GMT
server
AmazonS3
age
4136
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
content-length
138806
via
1.1 0176a7920fd558900dd5f893f79acb9e.cloudfront.net (CloudFront)
x-amz-cf-id
au6qHGNCUIrncJktdYwGPqFj9deTjQ3PeU59HhJ97i8IpiDbsqbYhA==
vendor.f6b4f979.js
js.intercomcdn.com
643 KB
200 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor.f6b4f979.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-54.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab50677d833ab83d24a6eed1698fd98084a74115828a583a97321b12ed058367

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 11 Jan 2019 17:12:13 GMT
content-encoding
gzip
etag
"7c2d55eb74960ed37420d3692e5a13f6"
last-modified
Fri, 11 Jan 2019 05:09:36 GMT
server
AmazonS3
age
6830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
content-length
204120
via
1.1 0176a7920fd558900dd5f893f79acb9e.cloudfront.net (CloudFront)
x-amz-cf-id
3oJYbkCLoQI-TRSK5DgEFjyXO8Ffc-AdAVBAJwZrFgTYCsoLjhj8JQ==
ping
api-iam.intercom.io/messenger/web
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.a1f7e036.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.91 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-91.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
99dd44c545dbdd046753e3ebb40a004610ad0a9c28123036c01fe44ef1bd526f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
Origin
https://accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Jan 2019 19:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://accounts.mycwt.com
x-cache
Miss from cloudfront
status
200, 200 OK
strict-transport-security
max-age=31557600; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0004b9jvsc1ll09e8gk0
x-runtime
0.184680
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"99dd44c545dbdd046753e3ebb40a0046"
x-ratelimit-remaining
1863
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
via
1.1 a907498188cf5fbb13fb98b2dcde84cd.cloudfront.net (CloudFront)
x-intercom-version
7e4f827eda64b12cb098c86dd1e571f14573ea03
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1547233560
x-ratelimit-limit
2000
access-control-allow-headers
Content-Type
x-amz-cf-id
jDBlAC5nLyMdT95glnm6ScYqYRI7p9Saj49NUa9Qz_8TWzHLeiQM4A==
Adblocked SSO.saml2
bam.nr-data.net/events/1/6565738008?a=110109231&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=2197&ref=https://accounts.mycwt.com/idp
24 B
185 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/6565738008?a=110109231&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=2197&ref=https://accounts.mycwt.com/idp/SSO.saml2
Requested by
Host: accounts.mycwt.com
URL: https://accounts.mycwt.com/assets/js/newRelic-prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
Origin
https://accounts.mycwt.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://accounts.mycwt.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif
proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts
28 KB
29 KB
Font
General
Full URL
https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.a1f7e036.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.161.187 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-161-187.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Origin
https://accounts.mycwt.com

Response headers

date
Fri, 11 Jan 2019 18:50:58 GMT
via
1.1 79503619d600dbc1c9e04a650d3d7f3f.cloudfront.net (CloudFront)
vary
Origin
age
1202
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
28960
last-modified
Fri, 02 Nov 2018 11:14:44 GMT
server
AmazonS3
etag
"a7942249ca925ef356c0f2b1dab17ef3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
9561613OGP8Gr2pQZIfI5oDZMCPLyx6nWsirTDqvLRRrN8amJASm9A==
client-test
nexus-websocket-a.intercom.io
2 B
100 B
XHR
General
Full URL
https://nexus-websocket-a.intercom.io/client-test
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendor.f6b4f979.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.160.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-175-160-150.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Origin
https://accounts.mycwt.com

Response headers

status
200
date
Fri, 11 Jan 2019 19:05:47 GMT
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
client-test
nexus-websocket-b.intercom.io
2 B
100 B
XHR
General
Full URL
https://nexus-websocket-b.intercom.io/client-test
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/vendor.f6b4f979.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.131.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-202-131-87.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.mycwt.com/idp/SSO.saml2
Origin
https://accounts.mycwt.com

Response headers

status
200
date
Fri, 11 Jan 2019 19:05:47 GMT
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
Aiman_Kubeisi-1506956466.jpg?1506956466
static.intercomassets.com/avatars/1410462/square_128
3 KB
3 KB
Image
General
Full URL
https://static.intercomassets.com/avatars/1410462/square_128/Aiman_Kubeisi-1506956466.jpg?1506956466
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-156.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af81c1903daec8c4f0cf78d8fc38939aadbdc41049fc21553038cbc8b61cb308

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 11 Jan 2019 09:38:18 GMT
via
1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2017 15:01:07 GMT
server
AmazonS3
age
34063
etag
"f033d3ebc4eaeedd7e1e398e266af99a"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
2953
x-amz-cf-id
3IzmJeZ9yngXNBNDOAFNwAhprwxG_dgDKgiuWDT_0k39IsvJ1ZD2ZA==
expires
Tue, 03 Oct 2017 15:00:18 GMT
Marek_Giemza_UMXG616-1546942243.jpg?1546942243
static.intercomassets.com/avatars/2867193/square_128
9 KB
9 KB
Image
General
Full URL
https://static.intercomassets.com/avatars/2867193/square_128/Marek_Giemza_UMXG616-1546942243.jpg?1546942243
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-156.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4510a30247a3da59af8225468fa2f1677cbaeb9137a934b707394239972dd553

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 11 Jan 2019 09:31:12 GMT
via
1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)
etag
"693ffce44fecb35db17f694ca2678de3"
last-modified
Tue, 08 Jan 2019 10:10:44 GMT
server
AmazonS3
age
34505
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
9051
x-amz-cf-id
VGqcmqW5O7VZlpDSv_R9O-77dodfPgRqOSUubSWBWAE98xbuG9udag==
unnamed-1503993441.jpg?1503993441
static.intercomassets.com/avatars/1384680/square_128
5 KB
6 KB
Image
General
Full URL
https://static.intercomassets.com/avatars/1384680/square_128/unnamed-1503993441.jpg?1503993441
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-156.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8b4e040dbaade70135c2b9713e0374c51b9661ccf28eafc658465839e5592a7

Request headers

Referer
https://accounts.mycwt.com/idp/SSO.saml2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 11 Jan 2019 08:51:50 GMT
via
1.1 503a28017d94e3a67757eb66ee760010.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2017 07:57:23 GMT
server
AmazonS3
age
37033
etag
"aa5f12b908a1b7d3eda8704c07b98447"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
5472
x-amz-cf-id
8-Gl-_iFBHJCKk7hW3RHzICiSBH0VaUSWTyOhuzcavLkpehevEVdXA==
expires
Wed, 30 Aug 2017 02:24:38 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://www.mycwt.com/
  • https://www.mycwt.com/group/guest
  • https://www.mycwt.com/c/portal/login?redirect=%2Fgroup%2Fguest&refererPlid=51466&p_l_id=20528069
Request 34
  • https://widget.intercom.io/widget/lwx93sjz
  • https://js.intercomcdn.com/shim.latest.js

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| jQuery1120004457462452457417 object| html5 object| Modernizr object| bowser object| NREUM object| newrelic function| __nr_require object| cwtMixpanel object| mixpanel string| errorIcon boolean| isBootstrapSupported function| getRequestParam function| getCookie function| Password function| togglePassword function| requiredField function| Username function| Email function| resetFieldError function| moveNext function| postOnReturn function| forgotPasswordResendEmail function| registrationResendEmail function| resendEmail function| mailtoTechSupport function| decodeURIParams function| encodeURIParams function| navigateWithURIParams function| setPFLangCookie object| intercomSettings function| Intercom function| UAParser function| checkIfMobileDevice function| getParameterByName function| isCWTToGo function| isMobileOrTablet function| getSource object| usernameInput object| username object| passwordInput object| password object| passwordIcon boolean| passwordChanged boolean| usernameChanged function| forgotPasswordClicked function| forgotUsernameClicked function| postNext number| refreshAfter function| openCantLoginModal function| closeCantLoginModal number| __INTERCOM_BUNDLE_LOAD_TIME__

4 Cookies

Domain/Path Name / Value
.mycwt.com/ Name: mp_934b4bdebe6efba72ebd90c32e0fdd17_mixpanel
Value: %7B%22distinct_id%22%3A%20%221683e4e52ba71f-096b0d2e0c286d-17366952-1d4c00-1683e4e52bb6a6%22%2C%22%24device_id%22%3A%20%221683e4e52ba71f-096b0d2e0c286d-17366952-1d4c00-1683e4e52bb6a6%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.mycwt.com%2Fc%2Fportal%2Flogin%3Fredirect%3D%252Fgroup%252Fguest%26refererPlid%3D51466%26p_l_id%3D20528069%22%2C%22%24initial_referring_domain%22%3A%20%22www.mycwt.com%22%2C%22Source%22%3A%20%22Web%22%7D
accounts.mycwt.com/ Name: NSC_QSPE_QjohGfe_dmvtufs_mcwt
Value: ffffffff09dcee0745525d5f4f58455e445a4a421577
accounts.mycwt.com/ Name: PF
Value: 9C4xl4AznJS34XTkTNEvRx
.mycwt.com/ Name: pf-accept-language
Value: en_us

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=157680000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

accounts.mycwt.com
api-iam.intercom.io
api.mixpanel.com
bam.nr-data.net
cdn.mxpnl.com
cdn.worldmate.com
fonts.gstatic.com
js-agent.newrelic.com
js.intercomcdn.com
nexus-websocket-a.intercom.io
nexus-websocket-b.intercom.io
static.intercomassets.com
widget.intercom.io
www.mycwt.com


107.178.240.159
151.101.194.110
162.247.242.19
198.177.7.133
198.177.7.134
2600:1901:0:498c::
2a00:1450:4001:819::2003
52.202.131.87
52.222.161.187
52.222.161.54
52.85.188.218
54.175.160.150
54.230.95.149
54.230.95.156
54.230.95.91

006f5ab14c76c9af7465b9f5972feea111956d6e36018f51af23abef5068aca5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
11cca80d24d61a369b528bcdf058570260644fec810eed81aff3b448852e68a0
1603f2aaf83e3fadda51531612f1ac73f4ab2c58a1ece329ba146300d827ebc8
1b8e202f50515964d191f9559f201c3e0528d6f2b39062519c7228e1760491ff
1e8fec28743b973efe38a1cd78b4d6443cd1ca12a7ed357faee485b32201b9c9
305fc8cf55b745bf14cfb5d6bf7146cc9289b04ac47b27fbe40f60ac02fe4115
37d43778d72014e4eff2523b9eb7d02b7d47b346c41b95318becd8741cc1600a
3ab703b01168116f93c442a80b4ea7ac9d0da1a5103deb6e87f22a6b34833d70
3d4b53bb3d4b425a52b2bce38b2927cbe1984df5f6fd838d0904e968737af280
4266419b2217887b791dd1121f50189d125811a1c4e37cb87be8e7046d562add
4510a30247a3da59af8225468fa2f1677cbaeb9137a934b707394239972dd553
47ee394fad4b6914088eda507f3caf2e598586b265f40dd36ed21e35a5131e25
5262bd456aa0a96ff608aa4e9b5538f03ed147fe4ab901e67d7217fb0e705454
538f5079a42aafec14ddb154cea6bf520c33731701385ff2732e8e8f8819a209
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54692b3848125d4bb74b105a463e1675e3f764ef5af0215958417fadb53e4a22
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5745553b00dc56b2dfeeb862fc630f394f78b84e50f7433ba63b2e55a91ace75
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9985ea365b49413889bb0894ab72479f06457c55267e906047ebfd3735700f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fe36b90527e3d6830cb381f1eacda9b95f2fbd097f347f48e94a9d15989df89
86090887f1b3bd4e9797a138385a3e319e7a9e8bed58e2b64b8690c263c10572
898ab48e439e72de77598748c641141700a2e924949b58b264a79acb9ef2dd4f
8a927acc033e29e44a856a4c4b90761f033ef287ddb8309e26481acb80f07f88
8d2aa3876608074cfd87276d733ab7d9cdb7c94974e87baf061a4553dcd90af1
91d5178b53a5e1c8c6a744f5044314d54bf91f37b038c7f35a958c8a1430a152
9985e664e57e1e7a07b582c2bdf8a9d157416d62f97757acfa22048a9365c5b1
99dd44c545dbdd046753e3ebb40a004610ad0a9c28123036c01fe44ef1bd526f
ab50677d833ab83d24a6eed1698fd98084a74115828a583a97321b12ed058367
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
af81c1903daec8c4f0cf78d8fc38939aadbdc41049fc21553038cbc8b61cb308
b0c9ae63abcb6c80827b1ebda076c2ef1766b393b2b21c64b90a5f417b3b4e9c
bc1e8c83e5549fd605602cde6a35929dfe82e5bb135c553247475910f8a7b390
e0f3a0b6bb569a4c29d1bf5e034f9ec975d04b45edfd66ebff73ed5cf4a22447
e994c49b448fbec62e1db5fab5661d51fb39f30ae0fe21c271df83b91de966a4
f642746309b93af9bd6aa67209a4307ce03a92d12771c4f36c3dbc807d24a058
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8b4e040dbaade70135c2b9713e0374c51b9661ccf28eafc658465839e5592a7
fd96a717173b01d93a762e1567d1e721778b9d45c3fa2a2352066dc7f85eeb1b