my.castandcrew.com Open in urlscan Pro
2600:9000:26db:9e00:4:b29d:8b80:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://studioplus.castandcrew.com/
Effective URL:
https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Submission: On April 17 via manual (April 17th 2024, 6:53:44 pm UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 48 HTTP transactions. The main IP is 2600:9000:26db:9e00:4:b29d:8b80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is my.castandcrew.com. The Cisco Umbrella rank of the primary domain is 978773.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 5th 2024. Valid for: a year.

This is the only time my.castandcrew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2600:9000:225... 2600:9000:225b:a600:1c:351e:ae40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	3.33.152.248 3.33.152.248	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:26d... 2600:9000:26db:e000:1e:cb94:adc0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:26d... 2600:9000:26db:9e00:4:b29d:8b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.173.154.79 18.173.154.79	16509 (AMAZON-02) (AMAZON-02)
6	161.71.0.165 161.71.0.165	14340 (SALESFORCE) (SALESFORCE)
1	2600:9000:237... 2600:9000:237d:b200:1b:ef38:3680:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
3	34.107.204.85 34.107.204.85	() ()
48	12

9 2600:9000:225b:a600:1c:351e:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)

studioplus.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.33.152.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: a9d4dea8e2661b2ed.awsglobalaccelerator.com

login.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26db:e000:1e:cb94:adc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.pendo.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:26db:9e00:4:b29d:8b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

my.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-79.muc50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 161.71.0.165 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg0-lhr3.um3-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:b200:1b:ef38:3680:21 (United States)

ASN16509 (AMAZON-02, US)

d21y75miwcfqoq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.204.85 (None, )

ASN- ()

data.pendo.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	castandcrew.com studioplus.castandcrew.com login.castandcrew.com — Cisco Umbrella Rank: 841933 content.pendo.castandcrew.com my.castandcrew.com — Cisco Umbrella Rank: 978773 Failed data.pendo.castandcrew.com sso-prd.prod.aws.castandcrew.com Failed	4 MB
6	force.com service.force.com — Cisco Umbrella Rank: 3873	28 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 594	16 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	cloudfront.net d21y75miwcfqoq.cloudfront.net	479 B
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14155	45 KB
0	salesforceliveagent.com Failed d.la3-c1-ia5.salesforceliveagent.com Failed
0	nr-data.net Failed bam-cell.nr-data.net Failed
48	9

	Domain	Requested by
9	studioplus.castandcrew.com	studioplus.castandcrew.com
7	login.castandcrew.com	studioplus.castandcrew.com my.castandcrew.com
6	service.force.com	my.castandcrew.com
5	my.castandcrew.com	studioplus.castandcrew.com my.castandcrew.com
3	data.pendo.castandcrew.com	my.castandcrew.com
3	fonts.googleapis.com	studioplus.castandcrew.com my.castandcrew.com
2	content.pendo.castandcrew.com	studioplus.castandcrew.com my.castandcrew.com
1	js-agent.newrelic.com	my.castandcrew.com
1	fonts.gstatic.com	fonts.googleapis.com
1	d21y75miwcfqoq.cloudfront.net	my.castandcrew.com
1	cdn.plaid.com	my.castandcrew.com
0	d.la3-c1-ia5.salesforceliveagent.com Failed	my.castandcrew.com
0	bam-cell.nr-data.net Failed	my.castandcrew.com
0	sso-prd.prod.aws.castandcrew.com Failed	my.castandcrew.com
48	14

This site contains no links.

Subject Issuer	Validity	Valid
studioplus.castandcrew.com Amazon RSA 2048 M02	`2023-12-08` - `2025-01-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
login.castandcrew.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-04` - `2024-09-20`	a year	crt.sh
content.pendo.castandcrew.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-22`	a year	crt.sh
my.castandcrew.com Amazon RSA 2048 M02	`2024-03-05` - `2025-04-03`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2024-03-12` - `2025-03-11`	a year	crt.sh
*.um3.force.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-26` - `2024-10-23`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
data.pendo.castandcrew.com GTS CA 1D4	`2024-03-08` - `2024-06-06`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Frame ID: C744652521CA4DE80077D5D1E1C2ABCD
Requests: 46 HTTP requests in this frame

Frame: https://login.castandcrew.com/oauth2/auske47mzvtRMKP3k356/v1/authorize?client_id=0oa88ttcujD6490qH356&nonce=KEsQFUXRO0epVh2J1VqsyZEVFPh5irgDdy3HJjt0YMUYhTxpMJK8q6XJgAO76KP0&prompt=none&redirect_uri=https%3A%2F%2Fstudioplus.castandcrew.com&response_mode=okta_post_message&response_type=token&state=7UGJfYFBjp4gQwfho9HqKEPBtvfPdAj5yJLjsE546I5p8bNAIxRAZpVuu9O6BJLo&scope=openid%20profile%20email
Frame ID: 67A8226D522682369A59133615FAA37E
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Frame ID: BA0469C300D4259DA461E497D2DCE6D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyCast&Crew

Page URL History Show full URLs

https://studioplus.castandcrew.com/ Page URL
https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Page URL

Detected technologies

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

Page Statistics

48
Requests

81 %
HTTPS

64 %
IPv6

9
Domains

14
Subdomains

12
IPs

3
Countries

4542 kB
Transfer

7209 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://studioplus.castandcrew.com/ Page URL
https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
studioplus.castandcrew.com/ 3 KB
3 KB 741ms
638ms Document
text/html 2600:9000:225b:a600:1c:351e:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a600:1c:351e:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a3b346513cdf8833899cb0a7ef62dc9b6adfdc533f71ce1c050e17a0a7cc3cb3

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' .pendo.castandcrew.com fonts.googleapis.com amp.azure.net .cloudfront.net; frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: public, max-age=0
content-length: 2688
content-security-policy: style-src 'self' 'unsafe-inline' *.pendo.castandcrew.com fonts.googleapis.com amp.azure.net *.cloudfront.net; frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 18:53:38 GMT
etag: W/"a80-18ed2601cd0"
last-modified: Fri, 12 Apr 2024 12:54:58 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-id: 9DSgES-4jL4frHpVLK0NcPRNWG04FqaQm5AlLbjtlqGqGVd6u8DsUA==
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 86ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Apr 2024 18:53:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 18:53:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Apr 2024 18:53:38 GMT

GET
H2 200 custom-events.js Show response
studioplus.castandcrew.com/js/ 1 KB
1 KB 57ms
52ms Script
application/javascript 2600:9000:225b:a600:1c:351e:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://studioplus.castandcrew.com/js/custom-events.js

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a600:1c:351e:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f1116e51857d160bfdc2825a4f7ea77384a48679ebb0d51c3a5aaf973752577c

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' .pendo.castandcrew.com fonts.googleapis.com amp.azure.net .cloudfront.net; frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: style-src 'self' 'unsafe-inline' *.pendo.castandcrew.com fonts.googleapis.com amp.azure.net *.cloudfront.net; frame-ancestors 'self';
x-content-type-options: nosniff
date: Wed, 17 Apr 2024 15:39:52 GMT
content-encoding: gzip
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 11626
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 12 Apr 2024 12:54:58 GMT
etag: W/"5f6-18ed2601cd0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
x-amz-cf-id: FldENjliP7hc6juT1Ankj0-G_g40wCR4CUhGUaA1B7WPZfZJf_PLZQ==

GET
H2 200 chunk-vendors.62efe9dd.js Show response
studioplus.castandcrew.com/ 2 MB
2 MB 649ms
644ms Script
application/javascript 2600:9000:225b:a600:1c:351e:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://studioplus.castandcrew.com/chunk-vendors.62efe9dd.js

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a600:1c:351e:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

61f8206fc300736bf7111ee2fbb94fbf3a3353b9a11d6d880e35d32712804688

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' .pendo.castandcrew.com fonts.googleapis.com amp.azure.net .cloudfront.net; frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://studioplus.castandcrew.com/
Origin: https://studioplus.castandcrew.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:53:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' *.pendo.castandcrew.com fonts.googleapis.com amp.azure.net *.cloudfront.net; frame-ancestors 'self';
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 2256275
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 12 Apr 2024 12:54:57 GMT
etag: W/"226d93-18ed26018e8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: _LN91ay8FnvKEojMpo0YyiFZv2bXK6uOYAFhXCetJL1cMEXKanjZuQ==

GET
H2 200 app.62efe9dd.js Show response
studioplus.castandcrew.com/ 1 MB
1 MB 636ms
632ms Script
application/javascript 2600:9000:225b:a600:1c:351e:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://studioplus.castandcrew.com/app.62efe9dd.js

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a600:1c:351e:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c7b8b29c61b6923c194d02806fa1f100553d7860dfff49af2a7c4a34795bb2b2

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' .pendo.castandcrew.com fonts.googleapis.com amp.azure.net .cloudfront.net; frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://studioplus.castandcrew.com/
Origin: https://studioplus.castandcrew.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:53:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' *.pendo.castandcrew.com fonts.googleapis.com amp.azure.net *.cloudfront.net; frame-ancestors 'self';
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-length: 1114271
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 12 Apr 2024 12:54:57 GMT
etag: W/"11009f-18ed26018e8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: qW3IB0gPqdRs-qgZTdY-6ODzUoap9Re3AyFzBwTb9v37fqmtO7ruiw==

GET
H2 200 app.42c61acf.css
studioplus.castandcrew.com/css/ 282 KB
51 KB 90ms
86ms Stylesheet
text/css 2600:9000:225b:a600:1c:351e:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://studioplus.castandcrew.com/css/app.42c61acf.css

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a600:1c:351e:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

63062a5ca6dcef13ab1178245ba1ad5355d9eb14410daab5df2f4d0b44f8b659

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' .pendo.castandcrew.com fonts.googleapis.com amp.azure.net .cloudfront.net; frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: style-src 'self' 'unsafe-inline' *.pendo.castandcrew.com fonts.googleapis.com amp.azure.net *.cloudfront.net; frame-ancestors 'self';
x-content-type-options: nosniff
date: Wed, 17 Apr 2024 15:39:52 GMT
content-encoding: gzip
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 11626
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 12 Apr 2024 12:54:21 GMT
etag: W/"46707-18ed25f8c48"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
x-amz-cf-id: Drpcz7Us9SReLqnbuIjeehnunIn3w2rkY4KU_CJVq4QveFmZrrAxNg==

GET
H2 200 Inter-Regular.8c0fe73b.ttf
studioplus.castandcrew.com/fonts/ 303 KB
144 KB 43ms
43ms Font
font/ttf 2600:9000:225b:a600:1c:351e:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://studioplus.castandcrew.com/fonts/Inter-Regular.8c0fe73b.ttf

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/css/app.42c61acf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a600:1c:351e:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

41ab0f707a2bfab8133ccdfcdab52282f5f79e5751f43a264805451c7bb95fb8

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' .pendo.castandcrew.com fonts.googleapis.com amp.azure.net .cloudfront.net; frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://studioplus.castandcrew.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: style-src 'self' 'unsafe-inline' *.pendo.castandcrew.com fonts.googleapis.com amp.azure.net *.cloudfront.net; frame-ancestors 'self';
x-content-type-options: nosniff
date: Wed, 17 Apr 2024 15:39:52 GMT
content-encoding: gzip
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 11626
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 12 Apr 2024 12:54:21 GMT
etag: W/"4ba44-18ed25f8c48"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-amz-cf-id: OEe0E6XCcMKWtPFeHFA-ov9iNZIsyVU0wC0Ctj3U6dv0_mo81ZQP6g==

OPTIONS
H/1.1 200
OK me
login.castandcrew.com/api/v1/sessions/ Frame 0
0 561ms
188ms Preflight 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.castandcrew.com/api/v1/sessions/me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com castandcrew.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com .tiles.mapbox.com .mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://studioplus.castandcrew.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Wed, 17 Apr 2024 18:53:40 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS
access-control-allow-origin: https://studioplus.castandcrew.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy: default-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com castandcrew.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: ZiAatKCrO4gg_0pksRmPXQAADOQ
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9952
x-rate-limit-reset: 1713380050
x-xss-protection: 0

GET
H2 200 pendo.js Show response
content.pendo.castandcrew.com/agent/static/10f85834-bacb-4d5f-511f-397c33f0eaab/ 473 KB
155 KB 252ms
154ms Script
application/javascript 2600:9000:26db:e000:1e:cb94:adc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.pendo.castandcrew.com/agent/static/10f85834-bacb-4d5f-511f-397c33f0eaab/pendo.js

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/app.62efe9dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e000:1e:cb94:adc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

UploadServer /

Resource Hash

327d14ad4fcb9957ce98e49c9a1dce442d0fbefa9d73624e37d8ba4ab95ca345

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:53:40 GMT
content-encoding: gzip
via: 1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MUC50-P3
x-guploader-uploadid: ABPtcPryTrt7kH0TsoKI1pEZncnSkd8mUly4SczPY71hRrOf2ds8vJcan82-XtCfM88F6GoQL0Q
x-cache: RefreshHit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 157612
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 14:29:25 GMT
server: UploadServer
etag: "3645b30db4c692d8c0937ef624853437"
vary: Accept-Encoding
x-goog-generation: 1713364164938326
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=gGJavA==, md5=NkWzDbTGktjAk372JIU0Nw==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 157612
x-frame-options: DENY
accept-ranges: bytes
x-amz-cf-id: fb6ixyGa51DsrTFmRN5kOBfjQy8FzeD_taYFho9geyIp0PlG5K2Oig==
expires: Wed, 17 Apr 2024 19:01:10 GMT

GET
H/1.1 404
Not Found me Show response
login.castandcrew.com/api/v1/sessions/ 168 B
3 KB 498ms
191ms Fetch
application/json 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.castandcrew.com/api/v1/sessions/me

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/chunk-vendors.62efe9dd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

d750524db3893ded289f6d26b323beb1bd1fbaafd508897024b5a322bfbf23c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com castandcrew.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com .tiles.mapbox.com .mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Okta-User-Agent-Extended: okta-auth-js/7.4.3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://studioplus.castandcrew.com/
sec-ch-ua-platform: "Win32"

Response headers

x-okta-request-id: ZiAataU3uoE8v4Ode4FOJgAAAPw
Date: Wed, 17 Apr 2024 18:53:41 GMT
content-security-policy: default-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com castandcrew.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit: 600
x-content-type-options: nosniff
Content-Encoding: gzip
x-rate-limit-remaining: 529
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
accept-ch: Sec-CH-UA-Platform-Version
Vary: Accept-Encoding,Origin
Content-Type: application/json
access-control-allow-origin: https://studioplus.castandcrew.com
x-rate-limit-reset: 1713380033
access-control-allow-credentials: true
cache-control: no-cache, no-store
access-control-allow-headers: Content-Type
Keep-Alive: timeout=5, max=100
expires: 0

GET
H2 200 favicon.png
studioplus.castandcrew.com/ 1 KB
1 KB 40ms
40ms Other
image/png 2600:9000:225b:a600:1c:351e:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://studioplus.castandcrew.com/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:a600:1c:351e:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73fafd58486526e40f3d5b6da5d177b9f01e49737a96c91ea789812d83a2a619

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: null
date: Wed, 17 Apr 2024 15:41:20 GMT
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 11:42:44 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 11541
x-amz-server-side-encryption: AES256
etag: "7799e9f4e3ec175f450f92cc3e63f83b"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1060
x-amz-cf-id: vUI0irk7UmrzzrcKpJaCHk3ljJI60cCSYQ7HvuLiJBMB0kKZOLGMIw==

GET
H/1.1 200
OK authorize Show response
login.castandcrew.com/oauth2/auske47mzvtRMKP3k356/v1/ Frame 67A8 2 KB
2 KB 229ms
229ms Document
text/html 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.castandcrew.com/oauth2/auske47mzvtRMKP3k356/v1/authorize?client_id=0oa88ttcujD6490qH356&nonce=KEsQFUXRO0epVh2J1VqsyZEVFPh5irgDdy3HJjt0YMUYhTxpMJK8q6XJgAO76KP0&prompt=none&redirect_uri=https%3A%2F%2Fstudioplus.castandcrew.com&response_mode=okta_post_message&response_type=token&state=7UGJfYFBjp4gQwfho9HqKEPBtvfPdAj5yJLjsE546I5p8bNAIxRAZpVuu9O6BJLo&scope=openid%20profile%20email

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/chunk-vendors.62efe9dd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

65cff5f143bd9274ec6436dc8f87818cd2135fa0ea36caab54efa74edf4a08e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://studioplus.castandcrew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Wed, 17 Apr 2024 18:53:41 GMT
Keep-Alive: timeout=5, max=99
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex,nofollow
accept-ch: Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store
content-language: de
expires: 0
p3p: CP="HONK"
pragma: no-cache
referrer-policy: no-referrer
x-content-type-options: nosniff
x-okta-request-id: ZiAataU3uoE8v4Ode4FOLgAAAPw
x-rate-limit-limit: 1200
x-rate-limit-remaining: 1014
x-rate-limit-reset: 1713380042
x-xss-protection: 0

DELETE
H/1.1 404
Not Found me Show response
login.castandcrew.com/api/v1/sessions/ 168 B
3 KB 184ms
183ms Fetch
application/json 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.castandcrew.com/api/v1/sessions/me

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/chunk-vendors.62efe9dd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

c3c1bbbb4cde07533e5c5cb3b1cc57f1b7cf56aa155111b0f1bb82d7c89f8f9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com castandcrew.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com .tiles.mapbox.com .mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Okta-User-Agent-Extended: okta-auth-js/7.4.3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://studioplus.castandcrew.com/
sec-ch-ua-platform: "Win32"

Response headers

x-okta-request-id: ZiAataU3uoE8v4Ode4FOMQAAAPw
Date: Wed, 17 Apr 2024 18:53:41 GMT
content-security-policy: default-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com castandcrew.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit: 600
x-content-type-options: nosniff
Content-Encoding: gzip
x-rate-limit-remaining: 528
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
accept-ch: Sec-CH-UA-Platform-Version
Vary: Accept-Encoding,Origin
Content-Type: application/json
access-control-allow-origin: https://studioplus.castandcrew.com
x-rate-limit-reset: 1713380033
access-control-allow-credentials: true
cache-control: no-cache, no-store
access-control-allow-headers: Content-Type
Keep-Alive: timeout=5, max=98
expires: 0

POST
H2 401 graphql Show response
studioplus.castandcrew.com/api/ 136 B
830 B 628ms
628ms Fetch
application/json 2600:9000:225b:a600:1c:351e:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://studioplus.castandcrew.com/api/graphql

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/chunk-vendors.62efe9dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a600:1c:351e:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

752e59799789e50a211b606e1b6ec3e2a6acc62ca432957251d2e083296991f7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';connect-src 'self';default-src 'none';frame-ancestors 'self';img-src 'self';script-src 'self' 'sha256-OccAvIoI371rInklVGpEQqnffQ7c6OrfzIjYqlOlVVE=';style-src 'self';
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://studioplus.castandcrew.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:53:42 GMT
content-security-policy: base-uri 'self';connect-src 'self';default-src 'none';frame-ancestors 'self';img-src 'self';script-src 'self' 'sha256-OccAvIoI371rInklVGpEQqnffQ7c6OrfzIjYqlOlVVE=';style-src 'self';
www-authenticate: validate-session error="Missing authorization header"
strict-transport-security: max-age=15768000
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
x-cache: Error from cloudfront
content-length: 136
x-xss-protection: 0
x-download-options: noopen
vary: origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://studioplus.castandcrew.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
x-amz-cf-id: dNrfFmdB7InP5gC-81t4n4Sdy-QOmTqyhB4xpPbv56cimr5Vnjze0Q==

GET /
studioplus.castandcrew.com/ 0
0

GET login
my.castandcrew.com/ 0
0

DELETE
H/1.1 404
Not Found me Show response
login.castandcrew.com/api/v1/sessions/ 168 B
3 KB 190ms
189ms Fetch
application/json 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.castandcrew.com/api/v1/sessions/me

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/chunk-vendors.62efe9dd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e99305e215a32168fc4cf637d55ec758b0a96a8f60e607630b9c6aa8c7c6a827

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com castandcrew.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com .tiles.mapbox.com .mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Okta-User-Agent-Extended: okta-auth-js/7.4.3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://studioplus.castandcrew.com/
sec-ch-ua-platform: "Win32"

Response headers

x-okta-request-id: ZiAatqU3uoE8v4Ode4FOPwAAAPw
Date: Wed, 17 Apr 2024 18:53:42 GMT
content-security-policy: default-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com castandcrew.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit: 600
x-content-type-options: nosniff
Content-Encoding: gzip
x-rate-limit-remaining: 525
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
accept-ch: Sec-CH-UA-Platform-Version
Vary: Accept-Encoding,Origin
Content-Type: application/json
access-control-allow-origin: https://studioplus.castandcrew.com
x-rate-limit-reset: 1713380033
access-control-allow-credentials: true
cache-control: no-cache, no-store
access-control-allow-headers: Content-Type
Keep-Alive: timeout=5, max=97
expires: 0

GET
DATA 200
OK truncated
/ 569 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17039e9f6e6a44fbc4228b0c6762f6c273a5d11d474c8da524da50b35cdfefea

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Inter-SemiBold.48eaf57b.ttf
studioplus.castandcrew.com/fonts/ 308 KB
155 KB 56ms
56ms Font
font/ttf 2600:9000:225b:a600:1c:351e:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://studioplus.castandcrew.com/fonts/Inter-SemiBold.48eaf57b.ttf

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/css/app.42c61acf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a600:1c:351e:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e8cbc2b88bc4268237ff5e251776d3c54edcb14e015a9e66e4883bde4b55f13f

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' .pendo.castandcrew.com fonts.googleapis.com amp.azure.net .cloudfront.net; frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://studioplus.castandcrew.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 15:40:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: style-src 'self' 'unsafe-inline' *.pendo.castandcrew.com fonts.googleapis.com amp.azure.net *.cloudfront.net; frame-ancestors 'self';
content-encoding: gzip
via: 1.1 551f2461af0b3bf4faaad831ee6e5b1e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 11600
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 12 Apr 2024 12:54:21 GMT
etag: W/"4d16c-18ed25f8c48"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=0
x-amz-cf-id: HrDyzAcp1uVRn0lG77QsFD6sHkU6PmYhgI3wLwAo4WgHS9aBPUDMyw==

GET /
studioplus.castandcrew.com/ 0
0

GET
H2 200 Primary Request login Show response
my.castandcrew.com/ 32 KB
11 KB 640ms
640ms Document
text/html 2600:9000:26db:9e00:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Requested by

Host: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/app.62efe9dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:9e00:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70d867df2bfb9321d7bc0a2e33423820b093519d2f436868497503ae8130a7d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://studioplus.castandcrew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 274
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: frame-ancestors 'self'; object-src 'none'
content-type: text/html
date: Wed, 17 Apr 2024 18:49:10 GMT
etag: W/"711904e62dd1de860ec98318b8d64ae3"
last-modified: Fri, 12 Apr 2024 02:28:47 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
x-amz-cf-id: i6QJloPEk_EReg7oEVwG7AdYPsF5a3aGDH20VJ9QUW-67E2zmG7H6A==
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: 0myVE1V2IAHF2hseC1bHrgNdXdVfgxWc
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 32ms
28ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dec36f15ba246cbcc1a584c1753b35ca3ff397859d849a6a7831d091959be3d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Apr 2024 18:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 17:03:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Apr 2024 18:53:43 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
821 B 33ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79d08edb5b23fcc8da45fcc77210c8e18771fcf3876dda7d2596cb3ed0512333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Apr 2024 18:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 18:53:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Apr 2024 18:53:43 GMT

GET
H2 200 main.c37cc684.js Show response
my.castandcrew.com/static/js/ 2 MB
404 KB 43ms
43ms Script
text/javascript 2600:9000:26db:9e00:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/main.c37cc684.js

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:9e00:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7099a4d50a3124a144c51c7b1105a216ee8a82a7668b8ed2829ecd207b07f91c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 5NtVvkmhu2ESPLv.hiUiiDIwmEHIYt8.
content-encoding: br
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
date: Wed, 17 Apr 2024 18:53:43 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; object-src 'none'
x-amz-cf-pop: MUC50-P3
age: 273
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 12 Apr 2024 02:28:43 GMT
server: AmazonS3
etag: W/"6e677c237dd340cec329b02ed70e8bde"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: qxAD_jbQx8u7jx5nfV4_iJzyEVkxC1e_n_sIxjuDjcv1bJyU-mQ9_Q==

GET
H2 200 main.7acefb32.css
my.castandcrew.com/static/css/ 174 B
814 B 49ms
47ms Stylesheet
text/css 2600:9000:26db:9e00:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/css/main.7acefb32.css

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:9e00:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f80bf5a7d9289d4c1fa5f3e0ebc2d8519ef840f03544cc0429370d454b54e7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: vNiRsmM7Yqn2tb6bXObL94ie3VQ9XSul
date: Wed, 17 Apr 2024 18:53:43 GMT
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self'; object-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-P3
age: 273
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 174
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 12 Apr 2024 02:28:45 GMT
server: AmazonS3
etag: "266721168997d576d0af6f941eb7d2c5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 3BLketExZ4btfNiS0BkOdK7t0oslWXqb8alzqmzqK_IFjQSTS_773Q==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 147 KB
45 KB 127ms
57ms Script
text/javascript 18.173.154.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-79.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 887a9d12890ed0564b981f9e11ef5a53afd839783f679ca189677d8ddde5f556

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: GlJiBTM26PidYa2ztbqIXkRVKsZn6IpM
content-encoding: gzip
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
date: Wed, 17 Apr 2024 17:15:07 GMT
x-amz-request-id: 7D5D8JSHJB0C0JS2
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
age: 5956
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: PukM6QXyAwa/Gj45crb/arN5Uv+FHhJtw4H+CI6mya5ZeTkyzAbatCsI0jZwyB6I/aXXjM4B6VQ=
last-modified: Tue, 16 Apr 2024 18:11:04 GMT
server: AmazonS3
etag: W/"2c2205358de65b668ce1d5ebabe9079a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: ZCG4bf7muga_yXSRIfbcUjj6Ufjr6CKm5WeyhDYBPIVLnkSlK7leuQ==

GET
H/1.1 200
OK esw.min.js Show response
service.force.com/embeddedservice/5.0/ 30 KB
9 KB 222ms
49ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.js

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 14:28:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 04 Jul 2023 00:26:54 GMT
Content-Encoding: gzip
Age: 15884
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Origin-Trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 8455
Expires: Thu, 18 Apr 2024 14:28:59 GMT

GET
H2 200 5eaa57bc
d21y75miwcfqoq.cloudfront.net/ 68 B
479 B 694ms
620ms Image
image/png 2600:9000:237d:b200:1b:ef38:3680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21y75miwcfqoq.cloudfront.net/5eaa57bc
Requested by: Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:b200:1b:ef38:3680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:53:44 GMT
x-amz-version-id: tL_CTIHiQw3ribGLlhA7UngCyS3xe0wz
via: 1.1 3fbcd51d3039c17ef404823aaeb1f66c.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jan 2024 18:06:57 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: "91e42db1c66c0b276abf6234dc50b2eb"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 68
x-amz-cf-id: 6hJNy5wPsDF2Vb4SVTOLxGuWRSf-X2lUAVXB1M7Aods5oe6QQTPVTg==

GET
H2 200 pendo.js Show response
content.pendo.castandcrew.com/agent/static/1e3667f1-3a8a-4706-53f7-380405fcc2ad/ 473 KB
155 KB 46ms
46ms Script
application/javascript 2600:9000:26db:e000:1e:cb94:adc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.pendo.castandcrew.com/agent/static/1e3667f1-3a8a-4706-53f7-380405fcc2ad/pendo.js

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:e000:1e:cb94:adc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

UploadServer /

Resource Hash

10717c7ee6cddbbbea76580b1e0d9992679ee7b59d0f04ec1511361a29ef8ea9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:49:13 GMT
content-encoding: gzip
via: 1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MUC50-P3
age: 270
x-guploader-uploadid: ABPtcPqfqKiJTXHYaI6_VL0gSbupXGquAWBY2ZlC5XvOeratS3Bz-y0jSl0j4u6wWSCTNapWan1QMTKduw
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 157614
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Apr 2024 14:29:24 GMT
server: UploadServer
etag: "b84abb1449d3b0b39a4dd9992ed25f1a"
vary: Accept-Encoding
x-goog-generation: 1713364164405016
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=SSvL5A==, md5=uEq7FEnTsLOaTdmZLtJfGg==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 157614
x-frame-options: DENY
accept-ranges: bytes
x-amz-cf-id: vk2poWUHZXyDDjtkRFPi4ftwYycZVL7BVuYZZrQWLpeSzdW9V7x9iQ==
expires: Wed, 17 Apr 2024 18:56:43 GMT

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 5 KB
3 KB 49ms
49ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 12:35:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding: gzip
Age: 22716
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Origin-Trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 1918
Expires: Thu, 18 Apr 2024 12:35:07 GMT

GET
H2 200 MyCast&CrewBlackLogo.ba6ab179f05ca7cfd75216d059277f4f.svg
my.castandcrew.com/static/media/ 9 KB
4 KB 55ms
55ms Image
image/svg+xml 2600:9000:26db:9e00:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.castandcrew.com/static/media/MyCast&CrewBlackLogo.ba6ab179f05ca7cfd75216d059277f4f.svg

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:9e00:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e8176a5aa803d964438269e98ca3d3801aa60ddbc106f37dc9292b1f048a848

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ekIXjk8Pn4oBv0IrDMTUeqOAClOrcZrA
content-encoding: br
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
date: Wed, 17 Apr 2024 18:49:15 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; object-src 'none'
x-amz-cf-pop: MUC50-P3
age: 269
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 12 Apr 2024 02:28:45 GMT
server: AmazonS3
etag: W/"6c5e46788917418c68e8e6d453da24a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: 0Xp3BzMUI9KyNaANzINsc8vxu7-YKtpEPttRyq8yVqUtuyGoauDocg==

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1245126bc3dd976cb257bc4f144770f0fa1154b7a586a541d147b2d24773eea8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 128ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:44:24 GMT
x-content-type-options: nosniff
age: 126559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Apr 2025 07:44:24 GMT

GET
H/1.1 404
Not Found me Show response
login.castandcrew.com/api/v1/sessions/ 168 B
3 KB 183ms
183ms Fetch
application/json 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.castandcrew.com/api/v1/sessions/me

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

cfe306d8d010cb56fadaf3f30f5285964188d41bc2f842abcccac19e545bc551

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com castandcrew.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com .tiles.mapbox.com .mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-Okta-User-Agent-Extended: okta-auth-js/7.5.0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer
sec-ch-ua-platform: "Win32"

Response headers

x-okta-request-id: ZiAat6U3uoE8v4Ode4FOUgAAAPw
Date: Wed, 17 Apr 2024 18:53:43 GMT
content-security-policy: default-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com castandcrew.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit: 600
x-content-type-options: nosniff
Content-Encoding: gzip
x-rate-limit-remaining: 516
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
x-xss-protection: 0
pragma: no-cache
Server: nginx
accept-ch: Sec-CH-UA-Platform-Version
Vary: Accept-Encoding,Origin
Content-Type: application/json
access-control-allow-origin: https://my.castandcrew.com
x-rate-limit-reset: 1713380033
access-control-allow-credentials: true
cache-control: no-cache, no-store
access-control-allow-headers: Content-Type
Keep-Alive: timeout=5, max=96
expires: 0

OPTIONS
H/1.1 200
OK me
login.castandcrew.com/api/v1/sessions/ Frame 0
0 188ms
187ms Preflight 3.33.152.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.castandcrew.com/api/v1/sessions/me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.152.248 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a9d4dea8e2661b2ed.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com castandcrew.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com .oktacdn.com .tiles.mapbox.com .mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://my.castandcrew.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 0
Date: Wed, 17 Apr 2024 18:53:43 GMT
Keep-Alive: timeout=5, max=99
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
accept-ch: Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS
access-control-allow-origin: https://my.castandcrew.com
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-security-policy: default-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; connect-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com castandcrew.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; style-src 'unsafe-inline' 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com; frame-src 'self' castandcrew.okta.com castandcrew-admin.okta.com login.castandcrew.com login.okta.com com-okta-authenticator:; img-src 'self' castandcrew.okta.com login.castandcrew.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' castandcrew.okta.com login.castandcrew.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
vary: Origin
x-frame-options: SAMEORIGIN
x-okta-request-id: ZiAat6CrO4gg_0pksRmPlQAADOQ
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9947
x-rate-limit-reset: 1713380050
x-xss-protection: 0

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 9 KB
5 KB 50ms
49ms Stylesheet
text/css 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 08:32:04 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding: gzip
Age: 37299
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Origin-Trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 4027
Expires: Thu, 18 Apr 2024 08:32:04 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 20 KB
6 KB 99ms
49ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 08:32:04 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 17 Aug 2022 20:11:18 GMT
Content-Encoding: gzip
Age: 37299
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Origin-Trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 5913
Expires: Thu, 18 Apr 2024 08:32:04 GMT

GET
H2 200 nr-spa-1210.min.js Show response
js-agent.newrelic.com/ 41 KB
16 KB 77ms
24ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1210.min.js

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VyYKZswnALGR.malamtbtfAmvUCTQzpB
content-encoding: br
via: 1.1 varnish
date: Wed, 17 Apr 2024 18:53:43 GMT
strict-transport-security: max-age=300
x-amz-request-id: GZPHNVM7M2DFSZJS
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16301
x-amz-id-2: GX8QBFwNQSwEoWVs4iTKw7FSL9P9JH3YS1v//5DGNiyJAKy339Bf3Yz/Hv+WgSZaFVQBD0jf9rw=
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Wed, 18 Oct 2023 21:31:09 GMT
server: AmazonS3
etag: "d5eff122d09ab2c851fb1780f0287cbf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 2028

GET
H/1.1 200
OK esw.html
service.force.com/embeddedservice/5.0/ Frame BA04 0
0 202ms
53ms Document
text/html 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html;charset=UTF-8
Date: Wed, 17 Apr 2024 18:53:44 GMT
Expires: Thu, 18 Apr 2024 18:53:44 GMT
Last-Modified: Thu, 14 Sep 2023 00:07:46 GMT
Origin-Trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: none

GET
H2 200 1e3667f1-3a8a-4706-53f7-380405fcc2ad
data.pendo.castandcrew.com/data/ptm.gif/ 42 B
102 B 418ms
242ms Image
image/gif 34.107.204.85

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.castandcrew.com/data/ptm.gif/1e3667f1-3a8a-4706-53f7-380405fcc2ad?v=2.226.1_prod&ct=1713380023943&jzb=eJzNUV1rwjAU_S95Lv1Iu9YKY-g2Nhk4mcqGY4TYxBppki5JFSf-dxOlfRn4NlieknPvOTn3ns8DMPuagj7g1GDggaWSO00VMoxbNMqiOO6FIYzzOPXAlmlmpEKMWAKaPI4fXtEMfTMy2SzY-8dTbgVwUchGmHOPaKrKA42qbPvamFr3g4Dv_QJrgwUpFN35heRBJUsm7lZK8vnb6LZt1KYhTNZVo38R7De1krUG_UPryV2v2aqwKBtcukmpQPMpOHZWW6pza9EaKyrMoKtZiGDjiFEWhEkAQ5hYwS1VmklhYehDmPoRspaIk70IzPBy1K3AXB6gh_m2TJc4HA7wC88XVmelMKfnIrsfjp-jZjY1CVlvfphLY2-onTKJ4qPXJVVJTK4m1fufSTnfrds4yfw8dOcmgzBM0j_ZG8zz49cJRMnyaQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:53:44 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 106
access-control-allow-headers: *
content-length: 42
alt-svc: clear

GET
H2 200 1e3667f1-3a8a-4706-53f7-380405fcc2ad Show response
data.pendo.castandcrew.com/data/guide.js/ 459 B
730 B 312ms
138ms Script
application/javascript 34.107.204.85

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo.castandcrew.com/data/guide.js/1e3667f1-3a8a-4706-53f7-380405fcc2ad?id=6&jzb=eJx9j89KAzEQxt9lzsumDUVxQURQpBctalW8hCGJayTJrMmkImXfvVmk60HwFr78vj-zh53LjimtDXSgNte3V3fqUX06s_l4dc8vN2fQAGpNJfKExOJ9AyX5Sr8zD7kTIny3GjNjNDrZr1ZTEJ56Fy_eEoXt_fr8CGYuxtHgS_5jqC3kzdPvlp-iYBkNMkI3D52e7p-xHmNfsLeVsFFtH2CcDzhap-yqDphs5Mv5r0q1azIuT8ViJeRCrmrgzqbsKFZZtlKetEs1JDIwjgcPdmrP&v=2.226.1_prod&ct=1713380023945

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

ca6523c2e799d44057ff72b8bf585f17759699e1dcaab0679d08b802fddc7aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:53:44 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 4
access-control-allow-headers: *
content-length: 459
alt-svc: clear

GET
H2 200 1e3667f1-3a8a-4706-53f7-380405fcc2ad
data.pendo.castandcrew.com/data/guide.gif/ 42 B
114 B 366ms
192ms Image
image/gif 34.107.204.85

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.castandcrew.com/data/guide.gif/1e3667f1-3a8a-4706-53f7-380405fcc2ad?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1713380023946&v=2.226.1_prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 17 Apr 2024 18:53:44 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: istio-envoy
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
x-envoy-upstream-service-time: 56
access-control-allow-headers: *
content-length: 42
alt-svc: clear

GET
H2 200 MyCast&CrewBlackLogo.ba6ab179f05ca7cfd75216d059277f4f.svg
my.castandcrew.com/static/media/ 9 KB
4 KB 29ms
29ms Image
image/svg+xml 2600:9000:26db:9e00:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.castandcrew.com/static/media/MyCast&CrewBlackLogo.ba6ab179f05ca7cfd75216d059277f4f.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:9e00:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e8176a5aa803d964438269e98ca3d3801aa60ddbc106f37dc9292b1f048a848

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ekIXjk8Pn4oBv0IrDMTUeqOAClOrcZrA
content-encoding: br
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
date: Wed, 17 Apr 2024 18:49:15 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; object-src 'none'
x-amz-cf-pop: MUC50-P3
age: 269
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 12 Apr 2024 02:28:45 GMT
server: AmazonS3
etag: W/"6c5e46788917418c68e8e6d453da24a0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: wwKSiv0SuTVvn_3xVxnsKWvJDId0zvI51vK3LjbjvE0IgM8bE6_dhA==

OPTIONS graphql
sso-prd.prod.aws.castandcrew.com/ Frame 0
0

POST graphql
sso-prd.prod.aws.castandcrew.com/ 0
0

GET 94bb01a884
bam-cell.nr-data.net/1/ 0
0

GET EmbeddedServiceConfig.jsonp
d.la3-c1-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/ 0
0

GET
H/1.1 200
OK invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 19 KB
5 KB 49ms
49ms Script
application/x-javascript 161.71.0.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 17 Apr 2024 07:48:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding: gzip
Age: 39925
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Origin-Trial: AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 4540
Expires: Thu, 18 Apr 2024 07:48:19 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer: https://service.force.com/
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET Settings.jsonp
d.la3-c1-ia5.salesforceliveagent.com/chat/rest/Visitor/ 0
0

GET inert.min.js
service.force.com/embeddedservice/5.0/utils/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/

Domain: my.castandcrew.com
URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/

Domain: studioplus.castandcrew.com
URL: https://studioplus.castandcrew.com/

Domain: sso-prd.prod.aws.castandcrew.com
URL: https://sso-prd.prod.aws.castandcrew.com/graphql

Domain: sso-prd.prod.aws.castandcrew.com
URL: https://sso-prd.prod.aws.castandcrew.com/graphql

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/1/94bb01a884?a=169871662&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=1439&ck=1&ref=https://my.castandcrew.com/login&be=662&fe=1353&dc=977&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1713380022570,%22n%22:0,%22f%22:5,%22dn%22:5,%22dne%22:5,%22c%22:5,%22ce%22:5,%22rq%22:6,%22rp%22:646,%22rpe%22:647,%22dl%22:651,%22di%22:881,%22ds%22:977,%22de%22:978,%22dc%22:1353,%22l%22:1353,%22le%22:1356%7D,%22navigation%22:%7B%7D%7D&fp=981&fcp=981&jsonp=NREUM.setToken

Domain: d.la3-c1-ia5.salesforceliveagent.com
URL: https://d.la3-c1-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00Di0000000aHzN&EmbeddedServiceConfig.configName=Cast_and_Crew_Chat_Bot&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Domain: d.la3-c1-ia5.salesforceliveagent.com
URL: https://d.la3-c1-ia5.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5734y00000000No]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5724y00000000NA&org_id=00Di0000000aHzN&version=48

Domain: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.castandcrew.com/	1969-12-31 23:59:59	Name: t Value: default
login.castandcrew.com/	1970-01-21 05:32:20	Name: DT Value: DI1OmZdpoCmRDCeWqkKqoOKcQ
login.castandcrew.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: BF9AE2BAC263A95E74A620ACEC3DE2BD
service.force.com/	1970-01-21 04:41:56	Name: CookieConsentPolicy Value: 0:0
service.force.com/	1970-01-21 04:41:56	Name: LSKey-c$CookieConsentPolicy Value: 0:0
.force.com/	1970-01-21 04:41:56	Name: BrowserId_sec Value: 0If5DvzrEe6jKU-q0A8qGA

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.castandcrew.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://login.castandcrew.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://studioplus.castandcrew.com/api/graphql Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://login.castandcrew.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://login.castandcrew.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.castandcrew.com/login?fromURI=https://studioplus.castandcrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' .pendo.castandcrew.com fonts.googleapis.com amp.azure.net .cloudfront.net; frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
cdn.plaid.com
content.pendo.castandcrew.com
d.la3-c1-ia5.salesforceliveagent.com
d21y75miwcfqoq.cloudfront.net
data.pendo.castandcrew.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
login.castandcrew.com
my.castandcrew.com
service.force.com
sso-prd.prod.aws.castandcrew.com
studioplus.castandcrew.com
bam-cell.nr-data.net
d.la3-c1-ia5.salesforceliveagent.com
my.castandcrew.com
service.force.com
sso-prd.prod.aws.castandcrew.com
studioplus.castandcrew.com
161.71.0.165
18.173.154.79
2600:9000:225b:a600:1c:351e:ae40:93a1
2600:9000:237d:b200:1b:ef38:3680:21
2600:9000:26db:9e00:4:b29d:8b80:93a1
2600:9000:26db:e000:1e:cb94:adc0:93a1
2602:816:5001::39
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
3.33.152.248
34.107.204.85
10717c7ee6cddbbbea76580b1e0d9992679ee7b59d0f04ec1511361a29ef8ea9
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
1245126bc3dd976cb257bc4f144770f0fa1154b7a586a541d147b2d24773eea8
17039e9f6e6a44fbc4228b0c6762f6c273a5d11d474c8da524da50b35cdfefea
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
327d14ad4fcb9957ce98e49c9a1dce442d0fbefa9d73624e37d8ba4ab95ca345
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3e8176a5aa803d964438269e98ca3d3801aa60ddbc106f37dc9292b1f048a848
41ab0f707a2bfab8133ccdfcdab52282f5f79e5751f43a264805451c7bb95fb8
4f80bf5a7d9289d4c1fa5f3e0ebc2d8519ef840f03544cc0429370d454b54e7b
61f8206fc300736bf7111ee2fbb94fbf3a3353b9a11d6d880e35d32712804688
63062a5ca6dcef13ab1178245ba1ad5355d9eb14410daab5df2f4d0b44f8b659
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65cff5f143bd9274ec6436dc8f87818cd2135fa0ea36caab54efa74edf4a08e3
7099a4d50a3124a144c51c7b1105a216ee8a82a7668b8ed2829ecd207b07f91c
70d867df2bfb9321d7bc0a2e33423820b093519d2f436868497503ae8130a7d6
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
73fafd58486526e40f3d5b6da5d177b9f01e49737a96c91ea789812d83a2a619
752e59799789e50a211b606e1b6ec3e2a6acc62ca432957251d2e083296991f7
79d08edb5b23fcc8da45fcc77210c8e18771fcf3876dda7d2596cb3ed0512333
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
887a9d12890ed0564b981f9e11ef5a53afd839783f679ca189677d8ddde5f556
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
a3b346513cdf8833899cb0a7ef62dc9b6adfdc533f71ce1c050e17a0a7cc3cb3
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49
c3c1bbbb4cde07533e5c5cb3b1cc57f1b7cf56aa155111b0f1bb82d7c89f8f9c
c7b8b29c61b6923c194d02806fa1f100553d7860dfff49af2a7c4a34795bb2b2
ca6523c2e799d44057ff72b8bf585f17759699e1dcaab0679d08b802fddc7aee
cfe306d8d010cb56fadaf3f30f5285964188d41bc2f842abcccac19e545bc551
d750524db3893ded289f6d26b323beb1bd1fbaafd508897024b5a322bfbf23c6
dec36f15ba246cbcc1a584c1753b35ca3ff397859d849a6a7831d091959be3d7
e8cbc2b88bc4268237ff5e251776d3c54edcb14e015a9e66e4883bde4b55f13f
e99305e215a32168fc4cf637d55ec758b0a96a8f60e607630b9c6aa8c7c6a827
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
f1116e51857d160bfdc2825a4f7ea77384a48679ebb0d51c3a5aaf973752577c

my.castandcrew.com Open in urlscan Pro 2600:9000:26db:9e00:4:b29d:8b80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

81 %HTTPS

64 %IPv6

9 Domains

14 Subdomains

12 IPs

3 Countries

4542 kBTransfer

7209 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

my.castandcrew.com Open in urlscan Pro
2600:9000:26db:9e00:4:b29d:8b80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

81 %
HTTPS

64 %
IPv6

9
Domains

14
Subdomains

12
IPs

3
Countries

4542 kB
Transfer

7209 kB
Size

6
Cookies

48 HTTP transactions
3 data transactions