urlscan.io logo urlscan.io
SecurityTrails logo

travel-cdn.mycwt.com Open in urlscan Pro
2600:9000:223c:aa00:11:b83:4ec0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://travel-cdn.mycwt.com/
Effective URL: https://travel-cdn.mycwt.com/
Submission: On March 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 34 HTTP transactions. The main IP is 2600:9000:223c:aa00:11:b83:4ec0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is travel-cdn.mycwt.com. The Cisco Umbrella rank of the primary domain is 284810.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on May 29th 2023. Valid for: a year.
This is the only time travel-cdn.mycwt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    2600:9000:223c:aa00:11:b83:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
travel-cdn.mycwt.com
3    2600:9000:2491:8a00:5:9883:5700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.worldmate.com
1    3.161.82.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-65.fra56.r.cloudfront.net
cdn.moengage.com
10    2600:9000:275d:b600:11:652e:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk-02.moengage.com
2    130.211.34.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api-js.mixpanel.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
17 mycwt.com
travel-cdn.mycwt.com — Cisco Umbrella Rank: 284810
11 MB
11 moengage.com
cdn.moengage.com — Cisco Umbrella Rank: 16553
sdk-02.moengage.com — Cisco Umbrella Rank: 11479
64 KB
3 worldmate.com
cdn.worldmate.com — Cisco Umbrella Rank: 284205
9 KB
2 mixpanel.com
api-js.mixpanel.com — Cisco Umbrella Rank: 1996
467 B
1 gstatic.com
fonts.gstatic.com
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
34 6
Domain Requested by
17 travel-cdn.mycwt.com 1 redirects travel-cdn.mycwt.com
10 sdk-02.moengage.com cdn.moengage.com
3 cdn.worldmate.com travel-cdn.mycwt.com
cdn.worldmate.com
2 api-js.mixpanel.com travel-cdn.mycwt.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com client
1 cdn.moengage.com travel-cdn.mycwt.com
34 7

This site contains no links.

Subject Issuer Validity Valid
mycwt.com
GeoTrust TLS RSA CA G1		 2023-05-29 -
2024-05-28		 a year crt.sh
www.worldmate.com
GeoTrust TLS RSA CA G1		 2023-07-13 -
2024-07-12		 a year crt.sh
*.moengage.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-30		 a year crt.sh
*.mixpanel.com
GeoTrust TLS RSA CA G1		 2024-02-08 -
2025-03-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://travel-cdn.mycwt.com/
Frame ID: 57C0DDBC72553A31808F626E7165FDC9
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

myCWT

Page URL History Show full URLs

  1. http://travel-cdn.mycwt.com/ HTTP 301
    https://travel-cdn.mycwt.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.moengage\.\w+

Page Statistics

34
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

11040 kB
Transfer

40764 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://travel-cdn.mycwt.com/ HTTP 301
    https://travel-cdn.mycwt.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
travel-cdn.mycwt.com/
Redirect Chain
  • http://travel-cdn.mycwt.com/
  • https://travel-cdn.mycwt.com/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2eceaed160946575c6a0ba27d1f88296b0114d514fad231407108dcb92a89e31
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
content-type
text/html
date
Fri, 01 Mar 2024 13:11:20 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
last-modified
Thu, 22 Feb 2024 13:39:57 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-id
eSHlqc9mh95NJ4ffdB7Xhnyra630PbW_T87PJGaQl47NcY22VfUXgg==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Security-Policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Content-Type
text/html
Date
Fri, 01 Mar 2024 13:11:20 GMT
Location
https://travel-cdn.mycwt.com/
Server
CloudFront
Via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
X-Amz-Cf-Id
HBe_LWQG4Lo8rYdjfvrXgZpd7uaMwtbuy_0D58XSv6WM7Y4ZKy8gvw==
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
X-Content-Type-Options
nosniff
main.1.0.213.js
travel-cdn.mycwt.com/common-deps/ 		633 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f4ba117554302b583194e8f0cc0b5fe01ef5d66a366212c1f72b66612fce6c33
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel-cdn.mycwt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:43:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
34086
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:56 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
nPRbuBPmI5RwE8NmqjXRTIvqyX-yGH4MsMyyI2oJJ0i3bf0lcRwmfg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
loader.json
cdn.worldmate.com/smooch/ 		193 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/smooch/loader.json
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f2260ba5f934995ef06690d841676b0e73bd16347ab0495596c00d909d8f96d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel-cdn.mycwt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 13:11:22 GMT
x-amz-version-id
zTXFDNakn7KX34KNHOhbS0y7Ur.AqVxO
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
193
x-xss-protection
1; mode=block
last-modified
Sun, 03 Dec 2023 10:54:30 GMT
server
AmazonS3
etag
"803658f3f2cc25619e734d97f669280b"
access-control-max-age
300000
access-control-allow-methods
POST, GET, DELETE, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options
SAMEORIGIN
accept-ranges
bytes
x-amz-cf-id
bd_uUf7h4nFGlwjj3TlNeySWOEoSoLGr0FTmtyhqSGnBx-RiPdIiCw==
moe_webSdk.min.latest.js
cdn.moengage.com/webpush/ 		214 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-65.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e084b9510b6c2ad0d8df341ade46919b3f53e022431138ec4bc6bccf6ccb50fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel-cdn.mycwt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 12:53:23 GMT
content-encoding
gzip
via
1.1 de11a38373aee7f9d5ba9d586bb8bfd2.cloudfront.net (CloudFront)
last-modified
Tue, 27 Feb 2024 10:08:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P10
age
1078
x-amz-server-side-encryption
AES256
etag
W/"f90b0a75a6894ddf33392e6923c47707"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
x-amz-cf-id
8_4cw2zBfGKYX6N8o9rzovG2tmsxGdvIf4sChPbi0yEpunCHIGVxJQ==
main.1.0.797.js
travel-cdn.mycwt.com/ 		122 KB
40 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/main.1.0.797.js?ts=1708606925559travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9d56296c8903d4f35d7a9e347a351f763c144f2d6aee278908911ef265f3d6fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24954
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
WHWIYhLuZprrC5WLRNJkM6yLQWUYsc7URB_7FYKGrgQ379eFHbmwJg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
websdksettings
sdk-02.moengage.com/ 		353 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/websdksettings?app_id=8MTCSV30IKS7BSAK0MC7MP5A&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b0a0af4b697b5ebd58ce9f364f90b9d87d499cbe6592c063eccbceb301d1fb04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel-cdn.mycwt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 13:11:20 GMT
content-encoding
gzip
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
9rF5E448QbWEL0kc_oIrjX80tv5puk74s0M_cW10jDjWw4shfZCZdw==
expires
Fri, 01 Mar 2024 13:11:19 GMT
main.1.0.1643.js
travel-cdn.mycwt.com/my-cwt-spa/ 		8 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/my-cwt-spa/main.1.0.1643.js?ts=1708606925559travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4819614bcc84bf7c9e14d16c312dcae7ff0f28dfae167fe841388e39ad425e37
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24953
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
hfEbdQzg-Q1-LU2l95406AynDeeTh8M_BXePszNU1h9_x1_Ia135LA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.1643.css
travel-cdn.mycwt.com/my-cwt-spa/ 		161 KB
88 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/my-cwt-spa/main.1.0.1643.css?ts=1708606925559travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7edb9fa4ba10ba4fd1e12f5f5dc93a69fd4f35d1b1e74af9333b74c6b33b5024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24953
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
Ry88UrfbZXlvhjj_lSVL-cXe04CQXEIyvEImoljctJTpJDGSLVcZ1w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
8MTCSV30IKS7BSAK0MC7MP5A
sdk-02.moengage.com/v3/sdkconfig/web/ 		267 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v3/sdkconfig/web/8MTCSV30IKS7BSAK0MC7MP5A?
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
265034f46b6dce684f841f7f66559c7af5730355298e25b6a1bc352ccdccf3c6

Request headers

Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 01 Mar 2024 13:11:20 GMT
content-encoding
gzip
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dykkYHZsE6hlk-euHYPw1jCL1jMhMypGd3dZYZWca0iwjcZ-NpaDGQ==
expires
Fri, 01 Mar 2024 13:11:19 GMT
add
sdk-02.moengage.com/v2/device/ 		81 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v2/device/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&is_incognito=false&app_id=8MTCSV30IKS7BSAK0MC7MP5A&os_ver=Google%20Chrome&sdk_ver=2.22.1&model=Google%20Chrome&app_ver=1.0&device_ts=1709298680961&device_tz_offset=3600000&unique_id=b4cf12c0-467c-4347-a165-66c3188f0547&device_tz=-60&subscription_type=vapid&vapid_public=BGQEQF2ncVTeZq-wWLJmY6Il6Qwa8Xne4H_3UhYblJ9G6z-J8pTyKIhWLJe75RhLFOa9tdd5hybSx7esTMoCzsU&environment=sdk-02.moengage.com&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bb8b86a15c64fd109e4ebecafb8fe461838d1f73f1cb84d87b84da4fee00aae3

Request headers

Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 01 Mar 2024 13:11:21 GMT
moe-request-id
JXWgyAtL
content-encoding
gzip
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ADASBiZd1ZNtI2dwTsx7Dxm_8OdnrzRmmajYy_Bmv6xwiR93QrTVZQ==
expires
Fri, 01 Mar 2024 13:11:20 GMT
add
sdk-02.moengage.com/v2/report/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v2/report/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&is_incognito=false&app_id=8MTCSV30IKS7BSAK0MC7MP5A&os_ver=Google%20Chrome&sdk_ver=2.22.1&model=Google%20Chrome&app_ver=1.0&device_ts=1709298680963&device_tz_offset=3600000&unique_id=b4cf12c0-467c-4347-a165-66c3188f0547&device_tz=-60&subscription_type=vapid&vapid_public=BGQEQF2ncVTeZq-wWLJmY6Il6Qwa8Xne4H_3UhYblJ9G6z-J8pTyKIhWLJe75RhLFOa9tdd5hybSx7esTMoCzsU&environment=sdk-02.moengage.com&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers
add
sdk-02.moengage.com/v2/report/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v2/report/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&is_incognito=false&app_id=8MTCSV30IKS7BSAK0MC7MP5A&os_ver=Google%20Chrome&sdk_ver=2.22.1&model=Google%20Chrome&app_ver=1.0&device_ts=1709298680963&device_tz_offset=3600000&unique_id=b4cf12c0-467c-4347-a165-66c3188f0547&device_tz=-60&subscription_type=vapid&vapid_public=BGQEQF2ncVTeZq-wWLJmY6Il6Qwa8Xne4H_3UhYblJ9G6z-J8pTyKIhWLJe75RhLFOa9tdd5hybSx7esTMoCzsU&environment=sdk-02.moengage.com&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers
/
api-js.mixpanel.com/decide/ 		65 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=934b4bdebe6efba72ebd90c32e0fdd17&ip=1&_=1709298681385
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
gunicorn /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel-cdn.mycwt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 13:11:21 GMT
via
1.1 google
server
gunicorn
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://travel-cdn.mycwt.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
alt-svc
clear
main.1.0.827.js
travel-cdn.mycwt.com/hotel-spa/ 		7 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/hotel-spa/main.1.0.827.js?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2766befb03fef7ed14e089265edb6344732f51a961a3ef24201496aa4a53af29
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:50 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
udgvorf9S49VwQFL5nD3CYwQhkhcL26Kpb4Uylh48zjZl4v9vyCA4Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.1276.js
travel-cdn.mycwt.com/air-spa/ 		7 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/air-spa/main.1.0.1276.js?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cecfd06e316ae9033558305ee65423eb7c4b93ca3a1ca0eda2755e46caf16237
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:48 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
-0A80vFBjnWI-yaUHUS0im4HJtxx18EU_79ONGVIbmLBVQ-RogYtjg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.405.js
travel-cdn.mycwt.com/car-spa/ 		6 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/car-spa/main.1.0.405.js?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f309a7c66fc0353af0f9c03122f5e10e288ba3d7ed341f8107a640868e53b302
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:49 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
MlyYLAhRWdAyaqpq3i_gN2_D97T-jmVFDX7Ot_ipC7TImQ4lVkFwcQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.322.js
travel-cdn.mycwt.com/rail-spa/ 		6 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/rail-spa/main.1.0.322.js?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a98e99801d9a3f18ca1627895c72c665a9bf64f2a8007425cf83733effb65408
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:53 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Ay1JFi0lp-Aw2HPQStFVHnPnIabeWdrHisvlJmhWg5ZejEwMW4XngA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.281.js
travel-cdn.mycwt.com/admin-spa/ 		4 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/admin-spa/main.1.0.281.js?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fc1d1ff3143d07ab063e4c4335a112e5dab74f262af1032dd96ee1e3234ef542
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ymtg8s3Hrq9eHLYbIqXHt1y90HuO1kL_mPelMkrNcoPa6tkS04I5qA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.827.css
travel-cdn.mycwt.com/hotel-spa/ 		166 KB
89 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/hotel-spa/main.1.0.827.css?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ca0b8d183b6119af92191f3971c80ca380c23a6407c9095f25bfe7585ff8e09
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:50 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
zUY0oo0Mm9eYUllKZTVF1J5axLaV3qEtcdK-hn1WxoDQ3K1o0TCuFg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.1276.css
travel-cdn.mycwt.com/air-spa/ 		166 KB
89 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/air-spa/main.1.0.1276.css?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
840653611894e48afe01d6eb66693abb138eaae5078bdf3717fe71ca4759fd0b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:48 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
fF8WiKXMCfNsWWYA46VeUUQHQH5KTbM7VijUHnNYBXr5JbBud44GqA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.405.css
travel-cdn.mycwt.com/car-spa/ 		139 KB
80 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/car-spa/main.1.0.405.css?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
834eb306f4f08e6835b371903152150a4957f5ded527081646cad6e968ebd2d5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:49 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
zQXg13hhVQs2Iz96wWiuYkOuprJ1OvnJ3au9Ob5zfB159MMEzWlucA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.322.css
travel-cdn.mycwt.com/rail-spa/ 		139 KB
80 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/rail-spa/main.1.0.322.css?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e38108c8c5fc32d306f4a389d4eabfdf7a5c45785ec9af01ad56cee82c8defc6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:53 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
YvDVO9dl43dl0tuDouT4zad3UjvB6vOaoDxXMZMQFMCcODYTVyNtEg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.1.0.281.css
travel-cdn.mycwt.com/admin-spa/ 		139 KB
80 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/admin-spa/main.1.0.281.css?ts=1708606922453travel-cdn.mycwt.com
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c7f4c87be84d5f9a833336661a815a0f6870fa024a30b0758227a26c9d49c247
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/x-es-module, */*
Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
age
24947
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
Gq31ZMwx1IsxHzn64fK5mRtgC_BjW3pog9jIWexrxVjOYPXnUZTXFA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
api-js.mixpanel.com/track/ 		1 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1709298681560
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/common-deps/main.1.0.213.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.34.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
date
Fri, 01 Mar 2024 13:11:21 GMT
via
1.1 google
server
envoy
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://travel-cdn.mycwt.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
38
access-control-allow-headers
X-Requested-With
content-length
1
alt-svc
clear
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a53224625e94e636ad6e0c7316d83ae4c2a0c9b4627906f20567ed74b02dc953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel-cdn.mycwt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Mar 2024 13:11:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Mar 2024 13:07:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Mar 2024 13:11:21 GMT
config.json
travel-cdn.mycwt.com/idp/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://travel-cdn.mycwt.com/idp/config.json
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/my-cwt-spa/main.1.0.1643.js?ts=1708606925559travel-cdn.mycwt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:aa00:11:b83:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2eceaed160946575c6a0ba27d1f88296b0114d514fad231407108dcb92a89e31
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://travel-cdn.mycwt.com/login
cwt-token-type
pingFed
accept-language
de-DE,de;q=0.9
cwt-client-id
myCwtWebOauthClient
Authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 13:11:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Feb 2024 13:39:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html
cache-control
no-cache
x-amz-cf-id
7nnLlpOS36ngqzZUMYBVNI3XZsIEWVjY6UCuyYV_k8uL16eRCTvZkg==
expires
Thu, 01 Jan 1970 00:00:01 GMT
add
sdk-02.moengage.com/v2/report/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v2/report/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&is_incognito=false&app_id=8MTCSV30IKS7BSAK0MC7MP5A&os_ver=Google%20Chrome&sdk_ver=2.22.1&model=Google%20Chrome&app_ver=1.0&device_ts=1709298681626&device_tz_offset=3600000&unique_id=b4cf12c0-467c-4347-a165-66c3188f0547&device_tz=-60&subscription_type=vapid&vapid_public=BGQEQF2ncVTeZq-wWLJmY6Il6Qwa8Xne4H_3UhYblJ9G6z-J8pTyKIhWLJe75RhLFOa9tdd5hybSx7esTMoCzsU&environment=sdk-02.moengage.com&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers
add
sdk-02.moengage.com/v2/report/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v2/report/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&is_incognito=false&app_id=8MTCSV30IKS7BSAK0MC7MP5A&os_ver=Google%20Chrome&sdk_ver=2.22.1&model=Google%20Chrome&app_ver=1.0&device_ts=1709298681626&device_tz_offset=3600000&unique_id=b4cf12c0-467c-4347-a165-66c3188f0547&device_tz=-60&subscription_type=vapid&vapid_public=BGQEQF2ncVTeZq-wWLJmY6Il6Qwa8Xne4H_3UhYblJ9G6z-J8pTyKIhWLJe75RhLFOa9tdd5hybSx7esTMoCzsU&environment=sdk-02.moengage.com&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers
add
sdk-02.moengage.com/v2/report/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v2/report/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.94%20Safari%2F537.36&is_incognito=false&app_id=8MTCSV30IKS7BSAK0MC7MP5A&os_ver=Google%20Chrome&sdk_ver=2.22.1&model=Google%20Chrome&app_ver=1.0&device_ts=1709298681808&device_tz_offset=3600000&unique_id=b4cf12c0-467c-4347-a165-66c3188f0547&device_tz=-60&subscription_type=vapid&vapid_public=BGQEQF2ncVTeZq-wWLJmY6Il6Qwa8Xne4H_3UhYblJ9G6z-J8pTyKIhWLJe75RhLFOa9tdd5hybSx7esTMoCzsU&environment=sdk-02.moengage.com&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://travel-cdn.mycwt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers
mycwt.2.4.4.min.js
cdn.worldmate.com/smooch/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/smooch/mycwt.2.4.4.min.js
Requested by
Host: travel-cdn.mycwt.com
URL: https://travel-cdn.mycwt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e323ebad088c4894d2c8bd12505dea09cf114feb1729c252a10ceabe14a9d1ad
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel-cdn.mycwt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
h2nr6My0om4Q6rgO2iTTDe6gORsjBP1V
content-encoding
gzip
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
date
Fri, 01 Mar 2024 04:04:48 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-amz-cf-pop
FRA56-P7
age
32794
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sun, 03 Dec 2023 10:52:11 GMT
server
AmazonS3
etag
W/"a58ca48931d5e4fc50e02964054d6065"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-amz-cf-id
_6QC6SzEcZwGa9WIxCp6_rgX7nEu_A_SLF6BUkTuue4eDG-y1gwDLw==
x-amz-meta-mtime
1701162748
mycwt.2.4.4.css
cdn.worldmate.com/smooch/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.worldmate.com/smooch/mycwt.2.4.4.css
Requested by
Host: cdn.worldmate.com
URL: https://cdn.worldmate.com/smooch/mycwt.2.4.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:5:9883:5700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b27d7d38c8d89f90c121fa0afcc227d67d5bacd1d0f488d8ccd85695ee216517
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel-cdn.mycwt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
9wIzkYiOiehAnnxvK59MSeKeNGu_dT07
content-encoding
gzip
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
date
Fri, 01 Mar 2024 03:49:46 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors https://www.cwtanalytiqs.com https://int.cwtanalytiqs.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https://cdn.cookielaw.org https://cdnjs.cloudflare.com service.maxymiser.net https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://img04.en25.com https://connect.facebook.net https://fonts.googleapis.com https://s.ytimg.com https://content.mycwt.com https://content-d.mycwt.com https://www.google-analytics.com https://bugcrowd.com https://assets.bugcrowdusercontent.com https://geolocation.onetrust.com https://www.youtube.com img04.en25.com/i/elqCfg.min.js https://s.go-mpulse.net siteimproveanalytics.com *.contentsquare.com *.infogram.com *.contentsquare.net *.adobe.com *.turtl.co *.joinsherpa.io https://snap.licdn.com https://s2068514591.t.eloqua.com https://www.buzzsprout.com; object-src 'self';
x-amz-cf-pop
FRA56-P7
age
42166
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sun, 03 Dec 2023 10:52:11 GMT
server
AmazonS3
etag
W/"a18fec43e8a9e21e5fcd845e2d36ab83"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-amz-cf-id
VFoEVHTZmu5kJWfhkrXi9LYSC7-qlbRHRcgKEQEgqDV4D7319zBX3g==
x-amz-meta-mtime
1701162748
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://travel-cdn.mycwt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:46:31 GMT
x-content-type-options
nosniff
age
275092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:46:31 GMT
live
sdk-02.moengage.com/v3/campaigns/inapp/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v3/campaigns/inapp/live?sdk_ver=2.22.1&os=web&unique_id=b4cf12c0-467c-4347-a165-66c3188f0547&
Requested by
Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
58e639c4149c242e3a54311c2ffe69a0f1aaf3e54827fb1696f042b7f8720b34

Request headers

Referer
https://travel-cdn.mycwt.com/
MOE-APPKEY
8MTCSV30IKS7BSAK0MC7MP5A
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Mar 2024 13:11:24 GMT
content-encoding
gzip
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
moe-request-id
DlUAFJrf
server
nginx
x-amz-cf-pop
FRA56-P11
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-headers
DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID
content-length
902
x-amz-cf-id
gpmAkCB5cZHDrJxExgt4jB377-EN9wEgBke0fJ24EjewwgfclfimBA==
live
sdk-02.moengage.com/v3/campaigns/inapp/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk-02.moengage.com/v3/campaigns/inapp/live?sdk_ver=2.22.1&os=web&unique_id=b4cf12c0-467c-4347-a165-66c3188f0547&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:b600:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,moe-appkey
Access-Control-Request-Method
POST
Origin
https://travel-cdn.mycwt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 01 Mar 2024 13:11:24 GMT
moe-request-id
xmwPWsxR
server
nginx
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
x-amz-cf-id
-WV00r0GyYPrKknI6vTYmg_qcUUAKnzAIPE5xfculOZL8x-pEUS_dQ==
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| MyCWT string| moengage_object object| t function| q object| f object| h string| k function| moe function| Moengage object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| System object| SystemJS function| moeOnsite object| moeInternals object| MoeOsm string| moeBannerText function| MoengagePageEventHistoryManager undefined| define function| _ undefined| require function| singleSpaNavigate object| scCGSHMRCache object| webpackJsonpmy_cwt_spa object| Base64 number| 2f1acc6c3a606b082e5eef5e54414ffb object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __SECRET_EMOTION__ object| dispatchList object| ENV object| MYCWT object| webpackJsonphotel_spa object| webpackJsonpair_spa object| AIR object| webpackJsonpadmin_spa object| ADMIN function| __onWebMessengerFrameReady__ object| webpackJsonpcar_spa object| CAR object| webpackJsonprail_spa object| RAIL

3 Cookies

Domain/Path Name / Value
.mycwt.com/ Name: moe_uuid
Value: b4cf12c0-467c-4347-a165-66c3188f0547
.mycwt.com/ Name: mp_934b4bdebe6efba72ebd90c32e0fdd17_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218dfa2406277fb-0fe2ad3c910c81-14313374-1d4c00-18dfa2406281a14%22%2C%22%24device_id%22%3A%20%2218dfa2406277fb-0fe2ad3c910c81-14313374-1d4c00-18dfa2406281a14%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.mycwt.com/ Name: pf-accept-language
Value: en_us

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: data: https: wss://*.smooch.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
cdn.moengage.com
cdn.worldmate.com
fonts.googleapis.com
fonts.gstatic.com
sdk-02.moengage.com
travel-cdn.mycwt.com
130.211.34.183
2600:9000:223c:aa00:11:b83:4ec0:93a1
2600:9000:2491:8a00:5:9883:5700:93a1
2600:9000:275d:b600:11:652e:c280:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200a
3.161.82.65
265034f46b6dce684f841f7f66559c7af5730355298e25b6a1bc352ccdccf3c6
2766befb03fef7ed14e089265edb6344732f51a961a3ef24201496aa4a53af29
2eceaed160946575c6a0ba27d1f88296b0114d514fad231407108dcb92a89e31
4819614bcc84bf7c9e14d16c312dcae7ff0f28dfae167fe841388e39ad425e37
58e639c4149c242e3a54311c2ffe69a0f1aaf3e54827fb1696f042b7f8720b34
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7edb9fa4ba10ba4fd1e12f5f5dc93a69fd4f35d1b1e74af9333b74c6b33b5024
7f2260ba5f934995ef06690d841676b0e73bd16347ab0495596c00d909d8f96d
834eb306f4f08e6835b371903152150a4957f5ded527081646cad6e968ebd2d5
840653611894e48afe01d6eb66693abb138eaae5078bdf3717fe71ca4759fd0b
8ca0b8d183b6119af92191f3971c80ca380c23a6407c9095f25bfe7585ff8e09
9d56296c8903d4f35d7a9e347a351f763c144f2d6aee278908911ef265f3d6fe
a53224625e94e636ad6e0c7316d83ae4c2a0c9b4627906f20567ed74b02dc953
a98e99801d9a3f18ca1627895c72c665a9bf64f2a8007425cf83733effb65408
b0a0af4b697b5ebd58ce9f364f90b9d87d499cbe6592c063eccbceb301d1fb04
b27d7d38c8d89f90c121fa0afcc227d67d5bacd1d0f488d8ccd85695ee216517
bb8b86a15c64fd109e4ebecafb8fe461838d1f73f1cb84d87b84da4fee00aae3
c7f4c87be84d5f9a833336661a815a0f6870fa024a30b0758227a26c9d49c247
cecfd06e316ae9033558305ee65423eb7c4b93ca3a1ca0eda2755e46caf16237
e084b9510b6c2ad0d8df341ade46919b3f53e022431138ec4bc6bccf6ccb50fc
e323ebad088c4894d2c8bd12505dea09cf114feb1729c252a10ceabe14a9d1ad
e38108c8c5fc32d306f4a389d4eabfdf7a5c45785ec9af01ad56cee82c8defc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f309a7c66fc0353af0f9c03122f5e10e288ba3d7ed341f8107a640868e53b302
f4ba117554302b583194e8f0cc0b5fe01ef5d66a366212c1f72b66612fce6c33
fc1d1ff3143d07ab063e4c4335a112e5dab74f262af1032dd96ee1e3234ef542