mail.theworkshopcastlerea.com Open in urlscan Pro
91.210.232.75 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.theworkshopcastlerea.com/
Submission Tags: phishingrod
Submission: On October 26 via api (October 26th 2022, 2:31:18 am UTC) from DE — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 9 domains to perform 43 HTTP transactions. The main IP is 91.210.232.75, located in Dublin, Ireland and belongs to BLACKNIGHT-AS, IE. The main domain is mail.theworkshopcastlerea.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 26th 2022. Valid for: 3 months.

This is the only time mail.theworkshopcastlerea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	91.210.232.75 91.210.232.75	39122 (BLACKNIGH...) (BLACKNIGHT-AS)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
1	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:cc5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:7f59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:243... 2600:1f18:243f:2d01:a8b2:59f5:cd56:39b5	14618 (AMAZON-AES) (AMAZON-AES)
1	3.224.216.74 3.224.216.74	14618 (AMAZON-AES) (AMAZON-AES)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
43	15

14 91.210.232.75 (Dublin, Ireland)

ASN39122 (BLACKNIGHT-AS, IE)
PTR: teal.webhostingireland.ie

mail.theworkshopcastlerea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:cc5f (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.yolacdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f59 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:243f:2d01:a8b2:59f5:cd56:39b5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

analytics.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.216.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-216-74.compute-1.amazonaws.com

connect.sitewit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	theworkshopcastlerea.com mail.theworkshopcastlerea.com	2 MB
7	google.com apis.google.com — Cisco Umbrella Rank: 112 accounts.google.com — Cisco Umbrella Rank: 83	133 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 731 syndication.twitter.com — Cisco Umbrella Rank: 1061	150 KB
4	gstatic.com fonts.gstatic.com ssl.gstatic.com	122 KB
3	sitewit.com analytics.sitewit.com — Cisco Umbrella Rank: 47245 connect.sitewit.com — Cisco Umbrella Rank: 82875	22 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	3 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 44	53 KB
1	yola.com pixel.yola.com — Cisco Umbrella Rank: 216657	406 B
1	yolacdn.net analytics.yolacdn.net — Cisco Umbrella Rank: 217690	6 KB
43	9

	Domain	Requested by
14	mail.theworkshopcastlerea.com	mail.theworkshopcastlerea.com
5	apis.google.com	mail.theworkshopcastlerea.com apis.google.com accounts.google.com
4	platform.twitter.com	mail.theworkshopcastlerea.com platform.twitter.com
3	www.facebook.com	mail.theworkshopcastlerea.com
3	fonts.gstatic.com	fonts.googleapis.com
2	syndication.twitter.com	platform.twitter.com mail.theworkshopcastlerea.com
2	analytics.sitewit.com	analytics.yolacdn.net mail.theworkshopcastlerea.com
2	accounts.google.com	apis.google.com mail.theworkshopcastlerea.com
2	ajax.googleapis.com	mail.theworkshopcastlerea.com
1	connect.sitewit.com	analytics.sitewit.com
1	pixel.yola.com	analytics.yolacdn.net
1	ssl.gstatic.com	accounts.google.com
1	analytics.yolacdn.net	mail.theworkshopcastlerea.com
1	fonts.googleapis.com	mail.theworkshopcastlerea.com
43	14

This site contains no links.

Subject Issuer	Validity	Valid
theworkshopcastlerea.com cPanel, Inc. Certification Authority	`2022-10-26` - `2023-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-04` - `2022-11-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
analytics.sitewit.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-30` - `2022-10-31`	a year	crt.sh
*.sitewit.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-22` - `2023-08-22`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://mail.theworkshopcastlerea.com/
Frame ID: 7F216CD80FB78FCF05E164DCC6FCAD49
Requests: 31 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?send=false&href=https%3A%2F%2Fmail.theworkshopcastlerea.com%2F&layout=button_count&show_faces=false&action=like&width=92&height=20&locale=en_US
Frame ID: F8E50398C8BEDD3F1339E100773E879E
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=en-US&origin=https%3A%2F%2Fmail.theworkshopcastlerea.com&url=https%3A%2F%2Fmail.theworkshopcastlerea.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
Frame ID: 6694E2821DD6F42F2B65722F5A59A7D4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FtheWorkshopCastlerea%2F&send=false&layout=button_count&width=150&show_faces=true&action=like&colorscheme=light&font=arial&height=30&locale=en_US
Frame ID: 107B7EE4C7E93EB26E6327AA8FCCF6EF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fmail.theworkshopcastlerea.com%2F&send=false&layout=button_count&width=90&show_faces=true&action=like&colorscheme=light&font=arial&height=30&locale=en_US
Frame ID: EFC5B3A87C7B70B93C7CC0BABFB29175
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmail.theworkshopcastlerea.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
Frame ID: 94B7A7262887CD420B678BEE409CF4A3
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fmail.theworkshopcastlerea.com
Frame ID: 8D403528623559690CE462E43391A897
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.en.html
Frame ID: C13F40F8008ACD961CBA6AA70C977920
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Workshop Castlerea

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

64 %
IPv6

9
Domains

14
Subdomains

15
IPs

3
Countries

2547 kB
Transfer

3158 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mail.theworkshopcastlerea.com/ 58 KB
58 KB 29169ms
236ms Document
text/html 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache / PHP/7.2.34

Resource Hash

a9745af634c5bff25e4040a4f107864dc375ad5792ce8d233610b828e39eebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60 max-age=0
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 02:31:06 GMT
expires: Wed, 26 Oct 2022 02:31:06 GMT
last-modified: Sat, 28 Nov 2020 14:18:06 GMT
server: Apache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34
x-xss-protection: 1; mode=block

GET
H2 200 reset.css
mail.theworkshopcastlerea.com/templates/Skyline_v2/resources/css/ 4 KB
4 KB 205ms
205ms Stylesheet
text/css 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.theworkshopcastlerea.com/templates/Skyline_v2/resources/css/reset.css

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

f3116f804fa4354cc33259bc437632b085db890519faa6a42fe7601be7d9327a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:29:48 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 4184
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 02:31:06 GMT

GET
H2 200 less.build.css
mail.theworkshopcastlerea.com/templates/Skyline_v2/resources/css/ 10 KB
10 KB 205ms
204ms Stylesheet
text/css 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.theworkshopcastlerea.com/templates/Skyline_v2/resources/css/less.build.css

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

84425fabd49b409cd16c1101c1f7f8a75fcd53b7bcb6cfea561be8498032d44c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:29:48 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 10154
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 02:31:06 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.4.2/ 18 KB
19 KB 517ms
69ms Script
text/javascript 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.4.2/webfont.js

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 04:04:54 GMT
x-content-type-options: nosniff
age: 167173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18365
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 04:04:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 530ms
80ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville%3Aregular%2C400|PT+Sans%3Aregular%2C700|Lato%3Aregular&subset=latin,latin-ext

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

84e8e9cbc6660c36269b9fd342faade9af121179df31d3b74a846d0f7718a287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 02:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 02:31:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 02:31:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 657ms
209ms Script
text/javascript 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:03:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 16:03:37 GMT

GET
H2 200 flyoutmenu.css
mail.theworkshopcastlerea.com/classes/commons/resources/flyoutmenu/ 1 KB
1 KB 1026ms
1024ms Stylesheet
text/css 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.theworkshopcastlerea.com/classes/commons/resources/flyoutmenu/flyoutmenu.css?1001092

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

2ed1493cf17b6473e225f0272f54aa47a16870422d0a17e73e869e4498f6ce9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:29:59 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 1144
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 02:31:07 GMT

GET
H2 200 flyoutmenu.js Show response
mail.theworkshopcastlerea.com/classes/commons/resources/flyoutmenu/ 3 KB
3 KB 1026ms
1025ms Script
application/javascript 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.theworkshopcastlerea.com/classes/commons/resources/flyoutmenu/flyoutmenu.js?1001092

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

4b7dd2923843fa2780f4a26f9230c200538a6d6204093fe1a0d692eea3f777e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:29:59 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 3032
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 02:31:07 GMT

GET
H2 200 global.css
mail.theworkshopcastlerea.com/classes/commons/resources/global/ 969 B
1 KB 1025ms
1024ms Stylesheet
text/css 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.theworkshopcastlerea.com/classes/commons/resources/global/global.css?1001092

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

23750febfc516242a42c64e41801ad5692a672bbdcd3fd1ccbf3a5c027b60bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:29:59 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 969
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 02:31:07 GMT

GET
H2 200 Default.css
mail.theworkshopcastlerea.com/classes/components/Image/layouts/Default/ 58 B
161 B 806ms
805ms Stylesheet
text/css 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.theworkshopcastlerea.com/classes/components/Image/layouts/Default/Default.css?1001092

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

0def7d910ba984548b75f1800d12a026d635be3f1fedb4659b78d49e192b6d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:30:02 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0
accept-ranges: bytes
content-length: 58
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 02:31:07 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 529ms
70ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 02:31:07 GMT
Content-Encoding: gzip
Age: 430
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29223
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/6762)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 477ms
78ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e7ed3170d46c0c30cf8f19f2b4084ba19161c7da2fb49e7d78001075ef28b4c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 02:31:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20983
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "06ae5522502db396"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Oct 2022 02:31:07 GMT

GET
H2 200 20200415_180348.jpg.opt560x716o0%2C0s560x716.jpg
mail.theworkshopcastlerea.com/resources/ 63 KB
63 KB 283ms
283ms Image
image/jpeg 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.theworkshopcastlerea.com/resources/20200415_180348.jpg.opt560x716o0%2C0s560x716.jpg

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

886f8c0775f52b02872f04b48dd82fb5d49b2e24ffbdb9ae8f84fd741236d520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:29:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 64333
x-xss-protection: 1; mode=block
expires: Wed, 02 Nov 2022 02:31:07 GMT

GET
H2 200 browserify.build.js Show response
mail.theworkshopcastlerea.com/templates/Skyline_v2/resources/js/ 331 KB
334 KB 364ms
364ms Script
application/javascript 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mail.theworkshopcastlerea.com/templates/Skyline_v2/resources/js/browserify.build.js

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

4f7c1add88a38d5e79892eab7ce5ffbae3b4e622c820ac6852caffa44859ddb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:29:48 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 339154
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 02:31:07 GMT

GET
H2 200 photo-1557564437-0995702f88fc.jpg
mail.theworkshopcastlerea.com/resources/ 192 KB
193 KB 449ms
448ms Image
image/jpeg 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.theworkshopcastlerea.com/resources/photo-1557564437-0995702f88fc.jpg

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

a8dabc0379cad8b0f42bc1f422a8dd1e0e6b3af5fb187705e75e075eb9a09222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:29:33 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 196482
x-xss-protection: 1; mode=block
expires: Wed, 02 Nov 2022 02:31:07 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 26 KB
27 KB 1379ms
1207ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3Aregular%2C400|PT+Sans%3Aregular%2C700|Lato%3Aregular&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.theworkshopcastlerea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 17:13:18 GMT
x-content-type-options: nosniff
age: 33471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27120
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:13:18 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 1331ms
1159ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3Aregular%2C400|PT+Sans%3Aregular%2C700|Lato%3Aregular&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.theworkshopcastlerea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 393376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 1249ms
1077ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3Aregular%2C400|PT+Sans%3Aregular%2C700|Lato%3Aregular&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.theworkshopcastlerea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 19:26:38 GMT
x-content-type-options: nosniff
age: 543871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 19:26:38 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame F8E5 0
3 KB 358ms
192ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?send=false&href=https%3A%2F%2Fmail.theworkshopcastlerea.com%2F&layout=button_count&show_faces=false&action=like&width=92&height=20&locale=en_US

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.theworkshopcastlerea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Oct 2022 02:31:08 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
x-content-type-options: nosniff
x-fb-debug: uprMsfeJRHUnUvj+hrOxdzMsauMEV99jjmBOiYgF2kRfKoyYEG2xyNwnQp8wKCJ8KFImdkUpZ/z+grmKQTwKrw==
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ 146 KB
51 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d78676babff3013075446ab110ddf03133f87d862dd52c1c95f6c8ef3b4ad7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51273
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 14:39:21 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ 100 KB
35 KB 147ms
146ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d03eb9bbf7c0aca831f9b35da5ed27e0a3bc3edbb18a5d95f6cbe737c2ca3b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35321
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 16:39:59 GMT

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 6694 0
0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 107B 0
131 B 346ms
194ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FtheWorkshopCastlerea%2F&send=false&layout=button_count&width=150&show_faces=true&action=like&colorscheme=light&font=arial&height=30&locale=en_US

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.theworkshopcastlerea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Oct 2022 02:31:08 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
x-content-type-options: nosniff
x-fb-debug: eQtosf0Ku9NMIY19xhDBQ7PLv8I4cfZiF0mCFdl9+nnrQAxfV3UNPPMtkS7922KmGPvUX1ovkJedwkt8IVvWdw==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame EFC5 0
118 B 344ms
193ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fmail.theworkshopcastlerea.com%2F&send=false&layout=button_count&width=90&show_faces=true&action=like&colorscheme=light&font=arial&height=30&locale=en_US

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.theworkshopcastlerea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 26 Oct 2022 02:31:08 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
x-content-type-options: nosniff
x-fb-debug: mNKfsKn7hAOrfX/BnrbKGh7Wltbh4nUWr08kChvBd60oibbR9IZHmsYWgU+kakM4mz3Fcy7TsZNqjSDMbsXASw==
x-xss-protection: 0

GET
H2 200 74880660_551098248956818_7087121592349622272_n.jpg
mail.theworkshopcastlerea.com/resources/ 137 KB
138 KB 423ms
423ms Image
image/jpeg 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.theworkshopcastlerea.com/resources/74880660_551098248956818_7087121592349622272_n.jpg

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

d4422b9ca6d7ba144b6213c18c595779e9e8f8f2dea1f8c8150884c0e4384ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 12:29:34 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 140460
x-xss-protection: 1; mode=block
expires: Wed, 02 Nov 2022 02:31:07 GMT

GET
H2 200 tracking.js Show response
analytics.yolacdn.net/ 13 KB
6 KB 530ms
77ms Script
application/javascript 2606:4700::6812:cc5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.yolacdn.net/tracking.js
Requested by: Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:cc5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f0654bb14da45d2f727dcd0112097ee7e31b1f2f4ea77184d86bf0d8e4dae4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 11:18:24 GMT
server: cloudflare
age: 3867
etag: W/"62cc0700-342e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200, public
cf-ray: 75ffc625dbd79061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 47018443_10157099864695827_2095383774849138688_o.jpg
mail.theworkshopcastlerea.com/resources/ 392 KB
394 KB 417ms
416ms Image
image/jpeg 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.theworkshopcastlerea.com/resources/47018443_10157099864695827_2095383774849138688_o.jpg

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

e406df40cc107ee81f2238cfab2be6bc73d7f46863c2fd55514cf0d9b6851bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 13:09:39 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 401794
x-xss-protection: 1; mode=block
expires: Wed, 02 Nov 2022 02:31:07 GMT

GET
H2 200 45154471_10157033703920827_8763068103841021952_o.jpg
mail.theworkshopcastlerea.com/resources/ 441 KB
441 KB 417ms
416ms Image
image/jpeg 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.theworkshopcastlerea.com/resources/45154471_10157033703920827_8763068103841021952_o.jpg

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

1a895d90d04ada67272ada484c43f3de8ac42953287fe7150a3100420a7f790c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 13:09:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 451807
x-xss-protection: 1; mode=block
expires: Wed, 02 Nov 2022 02:31:07 GMT

GET
H2 200 47108097_10157091952715827_6736428037933367296_o.jpg
mail.theworkshopcastlerea.com/resources/ 416 KB
417 KB 417ms
416ms Image
image/jpeg 91.210.232.75
BLACKNIGHT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mail.theworkshopcastlerea.com/resources/47108097_10157091952715827_6736428037933367296_o.jpg

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.210.232.75 Dublin, Ireland, ASN39122 (BLACKNIGHT-AS, IE),

Reverse DNS

teal.webhostingireland.ie

Software

Apache /

Resource Hash

8a502c10ad5cfc7813a6c459e9978ee8c9aa644af8cad31b7bb94cd3d5e7960e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 13:09:40 GMT
server: Apache
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 426491
x-xss-protection: 1; mode=block
expires: Wed, 02 Nov 2022 02:31:07 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 94B7 566 B
903 B 335ms
178ms Document
text/html 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmail.theworkshopcastlerea.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe6e5fb99f8934df5b41eee216e6f0291838a5eb8850008012d5eb4003183161

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bTt_TNJa5k0gGK_QlTpnaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.theworkshopcastlerea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bTt_TNJa5k0gGK_QlTpnaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 02:31:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 cspreport
accounts.google.com/o/ Frame 94B7 0
20 B 570ms
310ms Other
text/html 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j9UvEf_hSW48M-GremxSqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmail.theworkshopcastlerea.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:31:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-j9UvEf_hSW48M-GremxSqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 94B7 10 KB
5 KB 332ms
71ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fmail.theworkshopcastlerea.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:09:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 11:21:02 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 94B7 17 KB
7 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74f17c4d4f0436e40a424c3c73d549cbaf6c5a4d6e38403914f5bf43e9c63a4a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 02:31:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "f64f8d096399e6a9"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Oct 2022 02:31:08 GMT

GET
H2 200 LoggingAgent Show response
pixel.yola.com/LoggingAgent/ 12 B
406 B 815ms
562ms Script
application/x-javascript 2606:4700::6812:7f59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yola.com/LoggingAgent/LoggingAgent?url=//mail.theworkshopcastlerea.com/&pagename=index&siteid=31764d1e36574a86a392f9d5803455e5&resolution=1600x1200&colorDepth=24&flash=0&java=0&sitereferer=&visitorId=CA079174-3C20-0001-F8B1-E380196F1262&visitId=CA079174-3C20-0001-D5A4-14698DE32B30&user_id=0e26e68875154c4bbc986fcf7b90c11a&partner_id=WL_HOSTINGIRELAND&LoggingAgentReturnType=script
Requested by: Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:31:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 75ffc6289fae68e9-FRA
expires: -1

GET
H2 200 sw.js Show response
analytics.sitewit.com/partner/yola/31764d1e36574a86a392f9d5803455e5/ 20 KB
20 KB 2147ms
1816ms Script
text/javascript 2600:1f18:243f:2d01:a8b2:59f5:cd56:39b5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.sitewit.com/partner/yola/31764d1e36574a86a392f9d5803455e5/sw.js
Requested by: Host: analytics.yolacdn.net
URL: https://analytics.yolacdn.net/tracking.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d01:a8b2:59f5:cd56:39b5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 29f64b0387272831ba36c4e16d392847fcc352a654c0cc7bdb5e6dedec6af1db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Wed, 26 Oct 2022 02:31:10 GMT
cache-control: private,no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 20194
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ Frame 94B7 54 KB
19 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ea7d85303f8e75a396d30bfdebca03c3ebaa6a534ef807cbb1fb67fb7e412dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19179
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 16:34:41 GMT

GET
H2 200 sw_connect.js Show response
connect.sitewit.com/js/31764D1E36574A86A392F9D5803455E5/ 32 B
653 B 821ms
474ms Script
text/javascript 3.224.216.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.sitewit.com/js/31764D1E36574A86A392F9D5803455E5/sw_connect.js?ispartner=yola&ns=sw
Requested by: Host: analytics.sitewit.com
URL: https://analytics.sitewit.com/partner/yola/31764d1e36574a86a392f9d5803455e5/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.216.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-216-74.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/javascript; charset=utf-8
date: Wed, 26 Oct 2022 02:31:11 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-length: 32
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"

GET
H2 200 cq_blank.gif
analytics.sitewit.com/images/ 35 B
623 B 160ms
160ms Image
image/gif 2600:1f18:243f:2d01:a8b2:59f5:cd56:39b5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.sitewit.com/images/cq_blank.gif?_sw_yolaid=31764D1E36574A86A392F9D5803455E5&_sw_uid=a1793d91-9421-48f0-a128-5a8451cf73ba&_sw_fp=04a9afb7139b5ba86ddac9c235d2b15b7979a923&_sw_pl=306&_sw_pc=3&_sw_dat=MXxtYWlsLnRoZXdvcmtzaG9wY2FzdGxlcmVhLmNvbXxodHRwczovL21haWwudGhld29ya3Nob3BjYXN0bGVyZWEuY29tL3xlbi1VU3wxNjAwfDEyMDB8MjR8Q2hyb21lLzEwNi4wLjUyNDkuMTE5fHg2NHwxfDB8MXwwfC18fC18LXwtfDIwMDE6MWI2MDoxMDEwOjI6MTAxMTpkMWE2OmQzYjc6YWE5YXww&to=789
Requested by: Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:243f:2d01:a8b2:59f5:cd56:39b5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:31:10 GMT
last-modified: Thu, 24 Jun 2010 20:21:15 GMT
server: Microsoft-IIS/10.0
etag: "9f8deacbda13cb1:0"
content-type: image/gif
p3p: CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame 8D40 320 KB
104 KB 70ms
70ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fmail.theworkshopcastlerea.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://mail.theworkshopcastlerea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 488836
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Oct 2022 02:31:11 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8D40 851 B
677 B 1036ms
327ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=c2b65fb65d96b7e857ad5f5f530e964a9fd29460

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fmail.theworkshopcastlerea.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 26 Oct 2022 02:31:11 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 26 Oct 2022 02:31:12 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: f74764c4c155812e
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 9853cf6760d42d1a1ad49fec98aeefecd5692df33a43de576200aeb65fa76d43
content-length: 355

GET
H/1.1 200
OK button.d2f864f87f544dc0c11d7d712a191c1f.js Show response
platform.twitter.com/js/ 7 KB
3 KB 70ms
69ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 02:31:12 GMT
Content-Encoding: gzip
Age: 488837
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2362
Last-Modified: Wed, 28 Sep 2022 20:04:20 GMT
Server: ECS (frb/6762)
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.7dae38096d06923d683a2a807172322a.en.html Show response
platform.twitter.com/widgets/ Frame C13F 37 KB
14 KB 69ms
69ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.7dae38096d06923d683a2a807172322a.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 9ef70c77286b42ad41baf16b6895cf1e921540d159438439a9a31dc05e11ef5a

Request headers

Referer: https://mail.theworkshopcastlerea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 488837
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13753
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Oct 2022 02:31:12 GMT
Etag: "5f5bf2b99100f854c01f4f321282f861+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:24 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6762)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
103 B 182ms
182ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmail.theworkshopcastlerea.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1666751472398%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=c2b65fb65d96b7e857ad5f5f530e964a9fd29460

Requested by

Host: mail.theworkshopcastlerea.com
URL: https://mail.theworkshopcastlerea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mail.theworkshopcastlerea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 26 Oct 2022 02:31:11 GMT
strict-transport-security: max-age=631138519
last-modified: Wed, 26 Oct 2022 02:31:12 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: ec600ce613db99ee
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 9853cf6760d42d1a1ad49fec98aeefecd5692df33a43de576200aeb65fa76d43
content-length: 43

GET
DATA 200
OK truncated
/ Frame C13F 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=true&hl=en-US&origin=https%3A%2F%2Fmail.theworkshopcastlerea.com&url=https%3A%2F%2Fmail.theworkshopcastlerea.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mail.theworkshopcastlerea.com/	1970-01-20 15:44:47	Name: synthasiteVisitorId Value: CA079174-3C20-0001-F8B1-E380196F1262
mail.theworkshopcastlerea.com/	1970-01-20 06:59:11	Name: synthasiteVisitId Value: CA079174-3C20-0001-D5A4-14698DE32B30
.yola.com/	1970-01-20 06:59:13	Name: __cf_bm Value: K1ZXuRmZgTZJCsnyAO3YGiMG5jf1kmrf41K1npDkHUQ-1666751469-0-AfFa/FLvkRoWrzImQBAOw8pC7HXhGJebGK2ZEWIT+gzSzvu2S4KYySisPp4OIgKWXK66nEHpIR8WKxa7tVbXsON1AeTtKuQKEntnbtEoBSaH
.theworkshopcastlerea.com/	1970-01-20 16:35:11	Name: _swa_u Value: a1793d91-9421-48f0-a128-5a8451cf73ba
analytics.sitewit.com/	1970-01-20 07:09:16	Name: AWSALBCORS Value: wNoDNVfk9nkUkgQxeYnhWUWdqBMlvERoBumaRfQoQMlkEO6ocQRo7Ifp9ZWvM+/z0rW7ab0lPJZ5kn/1LyAoXLqYuk51cTyunY2FUo0Q5p1Rv2InZDDiEky0VmK+
connect.sitewit.com/	1970-01-20 07:09:16	Name: AWSALBCORS Value: dLiZ907CpcqGTZilQXsZH0nOcstLR2GWYpUln4RvBMHFAP8CB7+2obEwQhCrDLentmNjKOVSmpVmBTWoCP5lzUneDcU/6/V/xgc/+rzYr39wGzUbtq24rw0vo/k+

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	URL: https://apis.google.com/js/plusone.js(Line 64) Message: Mixed Content: The page at 'https://mail.theworkshopcastlerea.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1666751467938&_gfid=I0_1666751467938&parent=https%3A%2F%2Fmail.theworkshopcastlerea.com&pfname=&rpctoken=21756901'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
analytics.sitewit.com
analytics.yolacdn.net
apis.google.com
connect.sitewit.com
fonts.googleapis.com
fonts.gstatic.com
mail.theworkshopcastlerea.com
pixel.yola.com
platform.twitter.com
ssl.gstatic.com
syndication.twitter.com
www.facebook.com
apis.google.com
104.244.42.72
142.250.185.106
142.250.185.74
2600:1f18:243f:2d01:a8b2:59f5:cd56:39b5
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:7f59
2606:4700::6812:cc5f
2a00:1450:4001:802::200e
2a00:1450:4001:80b::200d
2a00:1450:4001:80e::2003
2a00:1450:4001:830::2003
2a03:2880:f12d:83:face:b00c:0:25de
3.224.216.74
91.210.232.75
00f0654bb14da45d2f727dcd0112097ee7e31b1f2f4ea77184d86bf0d8e4dae4
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0def7d910ba984548b75f1800d12a026d635be3f1fedb4659b78d49e192b6d0f
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1a895d90d04ada67272ada484c43f3de8ac42953287fe7150a3100420a7f790c
236dca679b9983d1fbea0415d584b17d80f1c6942506fc508a5384db924e8795
23750febfc516242a42c64e41801ad5692a672bbdcd3fd1ccbf3a5c027b60bf9
29f64b0387272831ba36c4e16d392847fcc352a654c0cc7bdb5e6dedec6af1db
2ed1493cf17b6473e225f0272f54aa47a16870422d0a17e73e869e4498f6ce9a
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
4b7dd2923843fa2780f4a26f9230c200538a6d6204093fe1a0d692eea3f777e8
4ea7d85303f8e75a396d30bfdebca03c3ebaa6a534ef807cbb1fb67fb7e412dd
4f7c1add88a38d5e79892eab7ce5ffbae3b4e622c820ac6852caffa44859ddb0
52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
74f17c4d4f0436e40a424c3c73d549cbaf6c5a4d6e38403914f5bf43e9c63a4a
7ba60db4e4c1bf698247d9873e3bf61ebe517f299773270d4d40789be29d0d4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84425fabd49b409cd16c1101c1f7f8a75fcd53b7bcb6cfea561be8498032d44c
84e8e9cbc6660c36269b9fd342faade9af121179df31d3b74a846d0f7718a287
886f8c0775f52b02872f04b48dd82fb5d49b2e24ffbdb9ae8f84fd741236d520
8a502c10ad5cfc7813a6c459e9978ee8c9aa644af8cad31b7bb94cd3d5e7960e
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8e7ed3170d46c0c30cf8f19f2b4084ba19161c7da2fb49e7d78001075ef28b4c
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9cca325e1db08583f7d7c9ff4012d2fd9ee24a62ac3a54dccc71673f137a6244
9d78676babff3013075446ab110ddf03133f87d862dd52c1c95f6c8ef3b4ad7c
9ef70c77286b42ad41baf16b6895cf1e921540d159438439a9a31dc05e11ef5a
a8dabc0379cad8b0f42bc1f422a8dd1e0e6b3af5fb187705e75e075eb9a09222
a9745af634c5bff25e4040a4f107864dc375ad5792ce8d233610b828e39eebf6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
d03eb9bbf7c0aca831f9b35da5ed27e0a3bc3edbb18a5d95f6cbe737c2ca3b3a
d4422b9ca6d7ba144b6213c18c595779e9e8f8f2dea1f8c8150884c0e4384ac6
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e406df40cc107ee81f2238cfab2be6bc73d7f46863c2fd55514cf0d9b6851bd4
f3116f804fa4354cc33259bc437632b085db890519faa6a42fe7601be7d9327a
fe6e5fb99f8934df5b41eee216e6f0291838a5eb8850008012d5eb4003183161

mail.theworkshopcastlerea.com Open in urlscan Pro 91.210.232.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

64 %IPv6

9 Domains

14 Subdomains

15 IPs

3 Countries

2547 kBTransfer

3158 kBSize

6 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mail.theworkshopcastlerea.com Open in urlscan Pro
91.210.232.75 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

64 %
IPv6

9
Domains

14
Subdomains

15
IPs

3
Countries

2547 kB
Transfer

3158 kB
Size

6
Cookies

43 HTTP transactions
1 data transactions