urlscan.io logo urlscan.io
SecurityTrails logo

castledore.live Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://growwork.systeme.io/6de92217/#WEpaK1FlOUoxRnAxTlVzL2p1SUtBZ05yck5lYWxHWVdGTDl4OElBQVNkSWMzVFR0K01QaTFGNUp6SlhzZkpjeW...
Effective URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Submission Tags: falconsandbox
Submission: On November 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 22 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is castledore.live.
TLS certificate: Issued by E1 on October 30th 2023. Valid for: 3 months.
This is the only time castledore.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 108.138.26.80 16509 (AMAZON-02)
4 2600:9000:223... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 1 164.92.170.85 14061 (DIGITALOC...)
1 45.133.235.164 57271 (BITWEB-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
11 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
22 6
1    108.138.26.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-80.fra56.r.cloudfront.net
growwork.systeme.io
4    2600:9000:223c:fe00:1c:d937:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d3fit27i5nzkqh.cloudfront.net
1    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
www.polyfill.io
1    164.92.170.85 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
bbhop.com
1    45.133.235.164 (Moscow, Russian Federation)

ASN57271 (BITWEB-AS, RU)
PTR: 235019.bitweb.ru
gazellesummer.com
1    2606:4700:3036::ac43:dd33 (United States)

ASN13335 (CLOUDFLARENET, US)
distortbolt.site
11    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
castledore.live
trk-essursta.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-essursta.com
Apex Domain
Subdomains		 Transfer
10 castledore.live
castledore.live
36 KB
5 trk-essursta.com
trk-essursta.com — Cisco Umbrella Rank: 229296
event.trk-essursta.com — Cisco Umbrella Rank: 242638
3 KB
4 cloudfront.net
d3fit27i5nzkqh.cloudfront.net
472 KB
1 distortbolt.site
distortbolt.site
672 B
1 gazellesummer.com
gazellesummer.com
426 B
1 bbhop.com
bbhop.com
380 B
1 polyfill.io
www.polyfill.io
618 B
1 systeme.io
growwork.systeme.io
7 KB
22 8
Domain Requested by
10 castledore.live gazellesummer.com
castledore.live
4 event.trk-essursta.com trk-essursta.com
4 d3fit27i5nzkqh.cloudfront.net growwork.systeme.io
1 trk-essursta.com castledore.live
1 distortbolt.site 1 redirects
1 gazellesummer.com growwork.systeme.io
1 bbhop.com 1 redirects
1 www.polyfill.io growwork.systeme.io
1 growwork.systeme.io
22 9

This site contains no links.

Subject Issuer Validity Valid
systeme.io
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-24		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-10-23 -
2023-11-22		 a month crt.sh
gazellesummer.com
R3		 2023-09-12 -
2023-12-11		 3 months crt.sh
castledore.live
E1		 2023-10-30 -
2024-01-28		 3 months crt.sh
trk-essursta.com
GTS CA 1P5		 2023-10-19 -
2024-01-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Frame ID: 118ACB1531085E5B3AABF4FBE8C88A52
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Norton AV

Page URL History Show full URLs

  1. https://growwork.systeme.io/6de92217/ Page URL
  2. http://bbhop.com/WEpaK1FlOUoxRnAxTlVzL2p1SUtBZ05yck5lYWxHWVdGTDl4OElBQVNkSWMzVFR0K01QaTFGNUp6... HTTP 302
    https://gazellesummer.com/0/0/0/504c56791e8f22312f7c5f3cc0a73879/13/146334_90/2155_1875_57107_2686600_md Page URL
  3. https://distortbolt.site/?s1=351339&s2=1084137865&s3=5910&s4=&s10=3214 HTTP 302
    https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

22
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

519 kB
Transfer

2310 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://growwork.systeme.io/6de92217/ Page URL
  2. http://bbhop.com/WEpaK1FlOUoxRnAxTlVzL2p1SUtBZ05yck5lYWxHWVdGTDl4OElBQVNkSWMzVFR0K01QaTFGNUp6SlhzZkpjeWpIdjNEVENTSHZFWGcxbGRrcHVOSDZndGlQYXRqNCt3N09aRWk3bDJQTVE9 HTTP 302
    https://gazellesummer.com/0/0/0/504c56791e8f22312f7c5f3cc0a73879/13/146334_90/2155_1875_57107_2686600_md Page URL
  3. https://distortbolt.site/?s1=351339&s2=1084137865&s3=5910&s4=&s10=3214 HTTP 302
    https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://bbhop.com/WEpaK1FlOUoxRnAxTlVzL2p1SUtBZ05yck5lYWxHWVdGTDl4OElBQVNkSWMzVFR0K01QaTFGNUp6SlhzZkpjeWpIdjNEVENTSHZFWGcxbGRrcHVOSDZndGlQYXRqNCt3N09aRWk3bDJQTVE9 HTTP 302
  • https://gazellesummer.com/0/0/0/504c56791e8f22312f7c5f3cc0a73879/13/146334_90/2155_1875_57107_2686600_md

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
growwork.systeme.io/6de92217/ 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://growwork.systeme.io/6de92217/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-80.fra56.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
091de6bca21feadf7f0109f473c5500926b3b528979d34654c7f3ec3ce17ec33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 07:22:50 GMT
expires
Thu, 09 Nov 2023 07:22:50 GMT
server
nginx/1.24.0
vary
Accept-Encoding
via
1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
x-amz-cf-id
xy5y-qRYa4xTMa4_2Uh8o5d6hiHgtSKkkqweoSEYBEuBt7ska9sO9Q==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ 		486 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by
Host: growwork.systeme.io
URL: https://growwork.systeme.io/6de92217/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:fe00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://growwork.systeme.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 14:49:04 GMT
content-encoding
br
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 12:25:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
1442027
etag
W/"325672b036bab9b57f6873aed5eccc43"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
tNphec5wRyls0CbgHXbIKm5O5H4CSdYxMkskhKMFqEvEAZ2AlktULw==
polyfill.min.js
www.polyfill.io/v3/ 		101 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.polyfill.io/v3/polyfill.min.js?features=Intl.Locale%2CmatchMedia%2CIntl.DisplayNames
Requested by
Host: growwork.systeme.io
URL: https://growwork.systeme.io/6de92217/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://growwork.systeme.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Nov 2023 07:22:50 GMT
age
737802
detected-user-agent
Chrome Mobile WebView/119.0.6045
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/119.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
runtime.0c8d331c9fe756a58f71.js
d3fit27i5nzkqh.cloudfront.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/js/runtime.0c8d331c9fe756a58f71.js
Requested by
Host: growwork.systeme.io
URL: https://growwork.systeme.io/6de92217/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:fe00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://growwork.systeme.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 23:41:20 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
last-modified
Mon, 25 Sep 2023 13:49:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3483691
etag
W/"15371dacdd8bf944a20eec097edf9242"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
GPC48TTyZGXiAYHrIWAnT4VFAgHWfxElQieK8dzPHQaAoU_78PWwNw==
page.306be16d90614adc9179.js
d3fit27i5nzkqh.cloudfront.net/js/ 		869 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/js/page.306be16d90614adc9179.js
Requested by
Host: growwork.systeme.io
URL: https://growwork.systeme.io/6de92217/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:fe00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://growwork.systeme.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 11:59:15 GMT
content-encoding
br
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 11:59:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
588216
etag
W/"d2e7829478deb5c3fbfb245afadafbed"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
-kygJunXCFsG5Phwz3hXZeU9Ds4oBPiwl1klwGh0e9ZDxklPpihDAQ==
vendors~page.d2b745efae24388779fd.js
d3fit27i5nzkqh.cloudfront.net/js/ 		873 KB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/js/vendors~page.d2b745efae24388779fd.js
Requested by
Host: growwork.systeme.io
URL: https://growwork.systeme.io/6de92217/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:fe00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://growwork.systeme.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 00:03:45 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
last-modified
Mon, 25 Sep 2023 13:49:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
3309546
etag
W/"91b792ac31343ebb8a65d550baa21b0f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
oHSJ87iSNRL8mAsTDi1n-XHiDPUjo7990Rb3vLnOeFsrfGiPH6rsfg==
2155_1875_57107_2686600_md
gazellesummer.com/0/0/0/504c56791e8f22312f7c5f3cc0a73879/13/146334_90/
Redirect Chain
  • http://bbhop.com/WEpaK1FlOUoxRnAxTlVzL2p1SUtBZ05yck5lYWxHWVdGTDl4OElBQVNkSWMzVFR0K01QaTFGNUp6SlhzZkpjeWpIdjNEVENTSHZFWGcxbGRrcHVOSDZndGlQYXRqNCt3N09aRWk3bDJQTVE9
  • https://gazellesummer.com/0/0/0/504c56791e8f22312f7c5f3cc0a73879/13/146334_90/2155_1875_57107_2686600_md
133 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gazellesummer.com/0/0/0/504c56791e8f22312f7c5f3cc0a73879/13/146334_90/2155_1875_57107_2686600_md
Requested by
Host: growwork.systeme.io
URL: https://growwork.systeme.io/6de92217/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.133.235.164 Moscow, Russian Federation, ASN57271 (BITWEB-AS, RU),
Reverse DNS
235019.bitweb.ru
Software
Apache /
Resource Hash

Request headers

Referer
https://growwork.systeme.io/6de92217/#WEpaK1FlOUoxRnAxTlVzL2p1SUtBZ05yck5lYWxHWVdGTDl4OElBQVNkSWMzVFR0K01QaTFGNUp6SlhzZkpjeWpIdjNEVENTSHZFWGcxbGRrcHVOSDZndGlQYXRqNCt3N09aRWk3bDJQTVE9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
133
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 07:22:51 GMT
server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
163
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Nov 2023 07:22:50 GMT
Keep-Alive
timeout=5, max=100
Location
https://gazellesummer.com/0/0/0/504c56791e8f22312f7c5f3cc0a73879/13/146334_90/2155_1875_57107_2686600_md
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
Primary Request cb3c3a7c09f39c3defdfd48ee2a84ab5
castledore.live/
Redirect Chain
  • https://distortbolt.site/?s1=351339&s2=1084137865&s3=5910&s4=&s10=3214
  • https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Requested by
Host: gazellesummer.com
URL: https://gazellesummer.com/0/0/0/504c56791e8f22312f7c5f3cc0a73879/13/146334_90/2155_1875_57107_2686600_md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daec2f893ef44c3a92f829e8c8624a549c44b547e57ddf4a516a5f44f3b41416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gazellesummer.com/0/0/0/504c56791e8f22312f7c5f3cc0a73879/13/146334_90/2155_1875_57107_2686600_md
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82344e9ced1d5b74-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 09 Nov 2023 07:22:52 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNkcomt9cLXomqFs5%2BPCQoQWmFrf0HunOHRr40nT3DbMGnSVCg9nvfiCsvGvdbtIkZhffL5pfYQj%2Bkgp%2BVLSUN5gwZUnamTtAAx0hJrFSjLjdsfms05TXI7S1HUDtmqxqni4SykoV%2FvpwOf23SA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
82344e989b6e5c2c-FRA
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 07:22:52 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAbE3MsCVa7SEHXGaOUa0L4pi45yLqxRb4ZS1Be7wkOemJxCE7ZSyXPD2sRJNRmLuG7MaSUk4VytvP7V7alecPDA%2FxTECn86rB7dyi7k89YItGM3SelCWMvPavlQY%2FdY%2BpvfJs4%2B8fnkkZt77wPp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
_style0.css
castledore.live/fim/90725dd62494a48fb8adc0db75ffea2f/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://castledore.live/fim/90725dd62494a48fb8adc0db75ffea2f/_style0.css
Requested by
Host: castledore.live
URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9189c40bb35200cebcea3cb51d71949301d5973176bf8e4ebf4171000949ec2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/general/google-malware-us-v2/assets/_style0.css"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4HsMKfQPJ0nrPOxcHfVQhPeI%2BS0YDJTgmP4izBqGjB0sn6Omlg%2BYbGTxvpROLMGF88qSS0Lgqvwn6kIpfFi6pO2NkXbSeMy4JN1ODQFXfvXkqmWEGF4Z8lu%2FAjXtfaDS1mOFf%2FFCInHXymP4TM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
82344ea2b99b5b74-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
style.css
castledore.live/fim/90725dd62494a48fb8adc0db75ffea2f/ 		368 B
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://castledore.live/fim/90725dd62494a48fb8adc0db75ffea2f/style.css
Requested by
Host: castledore.live
URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9969c8de6ccc88ccdb237fc9034ff4feb3459adb511d16fc3463f824355bd312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/general/google-malware-us-v2/assets/style.css"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UD%2F3IcGGU0Xv2oK8fuZKd2I9b6VR1zbo4NrwY30DQysTw1djM%2FdcTskhBd3dgYjheOeBzv4zkt28IBqlhKH5NJD4dISmsOlBsEsOOdruWpv9FPGGUktyz%2FhtmfeMo9zYmaiuL3Y5JSRYT%2FYFR6Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
82344ea2b99c5b74-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
script.js
castledore.live/fim/90725dd62494a48fb8adc0db75ffea2f/ 		1 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://castledore.live/fim/90725dd62494a48fb8adc0db75ffea2f/script.js
Requested by
Host: castledore.live
URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762861b793c529836994eb25a7291ba81c10baee61666aae4fb6e3eaa87c82af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/general/google-malware-us-v2/assets/script.js"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Iw2DJby88LliipITPAJe0uicwoM89zxEEpzET8hNwHVWYmHMPf%2BDR0KJwPLTqeep3x%2FYP3QGvP%2BFbjO0%2F7wFT2hGQ6T81mudrzQIwcaBfMd5s08bGLj%2BkubBp0451U6NtbqdpCM5pyYG1iXpbc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
82344ea2b99d5b74-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
msg.v3.js
castledore.live/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://castledore.live/inc/msg.v3.js?654c88cce5067
Requested by
Host: castledore.live
URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448b2102656fc14a1cd8cc0e30a1d41aca27281ed91b00fb7cf5a23c7d8f8749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 11 Jul 2023 21:35:45 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8XNgrVVa4teEOwdkcdnzT6%2BXFTE6Gqvh1WTdGQtDsN4JUgOKYQbxj%2BWz8GRdwBN6vKlAeKHWwEccaLdQrojBsYZ5mkuyeu2eJvidhb%2B%2F1sw0Rgf32daHb3aa2HWmdDRfeHpgCb0yEkSs2vXjgI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
82344ea2b99e5b74-FRA
expires
Thu, 16 Nov 2023 07:22:53 GMT
047894ee7502d0d93e4f3cbc95ddcceb.png
castledore.live/fim/3214/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://castledore.live/fim/3214/047894ee7502d0d93e4f3cbc95ddcceb.png
Requested by
Host: castledore.live
URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a5ce6b7f2a2e4599acaf82195b2719023d9735475de984c69373f49382c717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:22:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5554
alt-svc
h3=":443"; ma=86400
content-length
2816
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 05:40:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TCvh4SRDloiIe0qd70fbS6AnHqyV76ZTal4Nec8sMreeSNqLqM%2BsmVDR80swqc3uo6m%2FmlSUjBUR1w%2BZXZiuzSqdkcIGF20AVsBJsS3Td9ftdMwXfKkek%2F4SpiAhL%2FHaqtyKrB5J8Rqn1nyOVc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
82344ea2b99f5b74-FRA
expires
Thu, 16 Nov 2023 05:50:19 GMT
functions.js
castledore.live/templates/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://castledore.live/templates/assets/functions.js?v=1699514572
Requested by
Host: castledore.live
URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1908b6d87018ef3498ad5977f9502a2f8ab1dfdd9b2d17bd3e9dad19aa1b447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 25 Oct 2023 20:25:26 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5AocWOluxMnC3JF8GauchNstUBLPlHCurPFKZ85Aw8PMhuP1D9t51xncwHtCkIlpdNCdDM5QP%2F2PONgibxrUzAqkCApwORFdTlLLhKDfmPAU8BUIzMShJXAKZIgEoJzFiUJzC18q%2FrrvEyFGqE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
82344ea2b9a05b74-FRA
expires
Thu, 16 Nov 2023 07:22:53 GMT
v9e118mez8
trk-essursta.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-essursta.com/scripts/push/v9e118mez8
Requested by
Host: castledore.live
URL: https://castledore.live/inc/msg.v3.js?654c88cce5067
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65c15e3af0d349af61501f7749076aacef349171d95638bb475f800d8367084
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:22:54 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBCuZxQ2B4Aj%2BSXav0cuy7BlKCv4Z%2Byg%2BRtvNv60KiY9z%2F0yObMiy6DlqqD76ZKxxS42fOL6HusHOGQLJ%2FUbc8EPaU7ShCpVb3KoSi8QbME6KHLuZVr4c1qWSmSBNjtQzcL1r6MwpUjYvCs%2B28EE"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
82344ea79bc5903a-FRA
expires
0
img1.jpeg
castledore.live/views/general/google-malware-us-v2/assets/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://castledore.live/views/general/google-malware-us-v2/assets/img1.jpeg
Requested by
Host: castledore.live
URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68bd43afffdd14a7f819839e34914e40358fc737841b254e6e5f341c5eac0fcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 07:22:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
158174
alt-svc
h3=":443"; ma=86400
content-length
11841
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jul 2023 20:39:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gd%2FdDR%2Bb0ASiSo2BwEq7chwEZQMKeQ2X5YTzGk6741nCZvHhAo7nohWzT%2BOqTHTwAVV5ZTYT6atoluaV4VAa1SgiWg9y7RqybUkBXSWYIKnMZKuwxOCi5XdVN3YUjGbpJdWeqatfvpTlIaUbpig%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
82344ea768019122-FRA
expires
Tue, 14 Nov 2023 11:26:40 GMT
cs4.mp3
castledore.live/views/general/google-malware-us-v2/assets/ 		10 KB
10 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://castledore.live/views/general/google-malware-us-v2/assets/cs4.mp3
Requested by
Host: castledore.live
URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dbb717513e60e28d05796164577a06f908500f177ad4a0db44b8a93dcb5c8cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 09 Nov 2023 07:22:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4681
Content-Range
bytes 0-9805/9806
alt-svc
h3=":443"; ma=86400
Content-Length
9806
x-xss-protection
1; mode=block
last-modified
Thu, 13 Jul 2023 20:39:34 GMT
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
audio/mpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhVscvyEkaHtBrw5ILBUiuDWmxCyD9m8GcCP%2Fu2hda8ODKRCGJbP9Q47YsiJ6vUo%2Fabbhpyyo30Tu3norf6LmI66dF0HYS1ufXECSsKIBXN7D4b8nx6a8fJkAx892LDN7QSYNTZDOd%2FsEqUnJzo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
82344ea778249122-FRA
cb3c3a7c09f39c3defdfd48ee2a84ab5
castledore.live/ 		25 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Requested by
Host: castledore.live
URL: https://castledore.live/inc/msg.v3.js?654c88cce5067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Nov 2023 07:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeqEcuZUx9VPGv65LmDxl%2FaJmPy9xAsYnF4H6IiWaHCbnVfTMvhKRlOH7N0ZQbbcJRmStgn5LsmxRRgQs06UXit2w2EmhqJbJuhfd35vh28VXiP3no1H9oXjk%2B8ViJ3Y%2F5xC0Y3jJP9igEtuHBk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
82344eaa1b2f9122-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Requested by
Host: trk-essursta.com
URL: https://trk-essursta.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Thu, 09 Nov 2023 07:22:55 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzCAbTeLBFkmGEKRZPzbJqqqhypdDhR24Ob7O%2BCwUzvoGMgNho0FeY75gRWeoDypk3TNzfL7w8%2B6WvAPp4AkbEAYNYFeQmxnJ1ARb%2F2BbYN%2F15WOPSBMQYOG0yCgnLmM%2BocKiJG2mIHSqLGaLqKoa3D03SIB"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
82344eaf58e43602-FRA
x-pushplatformapp-params
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://castledore.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82344eacfdf93602-FRA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Thu, 09 Nov 2023 07:22:55 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHvPoD7njW6G3%2BAiHts558RqFogS3xt8pZy7rjveEdZ2UXhOkLuUr8r1ijemM514RRb60Cqy8cdZ1IzZIVssUEqFmQbGt3bfCLvrNaROxZGzqyAxGZQ9oBaUCjbmeXXkMaYNwazJ1BUU4l9M3g9Wa0fb4SmI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Requested by
Host: trk-essursta.com
URL: https://trk-essursta.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Thu, 09 Nov 2023 07:22:55 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbyRE%2BP6YhWmcrNujAb7dGA7QQsOHJ1wzpbSLECOKUTtKOSjdWcsAOFro4YzqJ4O5MB7UVd4jTpIILaOKaPpn72R4MyQq8zYbkRRjL2aNwEmtsIN6FtSAFxZL89JUhwZUztoxMopEepQhaiZ7c%2FRs2AH5tfX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
82344eafa90492ad-FRA
x-pushplatformapp-params
v9e118mez8
event.trk-essursta.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-essursta.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://castledore.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82344eacfdf63602-FRA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Thu, 09 Nov 2023 07:22:55 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zNxqHH%2BoqvdD%2BSk3baQFkog%2FjonXZSznlfTvVgIcKnrks1eaSIYzRUek%2BVu5%2FB7F6PNaiz1ERBp%2B2RyP%2FGvZ21exNVbM7HJ65Qy8heRhtZpgVXj2k3WF61%2F9ElPMFXqKzTF%2BQu9AvfoF%2BMDzcaddZgFBN3V"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| timer function| countdown function| change function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint object| currentdate object| months number| refresh_page string| popUrl string| s3 undefined| time function| popunder function| mfq_tags undefined| data undefined| email_prepop undefined| refresh function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

4 Cookies

Domain/Path Name / Value
growwork.systeme.io/ Name: v
Value: 814a1dd9012a77ed1defb27a1a98f89483c97f0d42498a6d77d39ef6d9a8d5ed
gazellesummer.com/ Name: uid5910
Value: 1084137865-20231109022251-c5d60bbb17ea3f534253640ed7aa09c2-
distortbolt.site/ Name: PHPSESSID
Value: b80396e1e34bcc25da1a42e8fc6d297e
castledore.live/ Name: PHPSESSID
Value: f388e12c14973163ab4f13d2a4bebb1c

1 Console Messages

Source Level URL
Text
other error URL: https://castledore.live/cb3c3a7c09f39c3defdfd48ee2a84ab5
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block