my.castandcrew.com Open in urlscan Pro
2600:9000:223e:5400:4:b29d:8b80:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mail.mediaservices.com/e3t/Btc/5B+113/cvnCT04/VWNtMF86XSHCW1QVGSp7NwNbhW1TDTHt4C_vYpN4dVQbS3q3npV1-WJV7CgLljW9l01Cg3jkJ...
Effective URL:
https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2Zvqo...
Submission: On January 07 via manual (January 7th 2022, 4:16:06 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 8 domains to perform 49 HTTP transactions. The main IP is 2600:9000:223e:5400:4:b29d:8b80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is my.castandcrew.com.
TLS certificate: Issued by Amazon on May 29th 2021. Valid for: a year.

This is the only time my.castandcrew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67e2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
23	2600:9000:223... 2600:9000:223e:5400:4:b29d:8b80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	13.32.121.78 13.32.121.78	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:b600:1e:cb94:adc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
2	54.189.255.224 54.189.255.224	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:829::2013	15169 (GOOGLE) (GOOGLE)
2	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.98.18 143.204.98.18	16509 (AMAZON-02) (AMAZON-02)
49	13

2 2606:2c40::c73c:67e2 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

mail.mediaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:223e:5400:4:b29d:8b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

my.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:b600:1e:cb94:adc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.pendo.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o74335.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.189.255.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ok7-crtrs.okta.com

login.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

data.pendo.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-18.fra50.r.cloudfront.net

cncflags.castandcrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	castandcrew.com my.castandcrew.com content.pendo.castandcrew.com login.castandcrew.com data.pendo.castandcrew.com cncflags.castandcrew.com	2 MB
4	gstatic.com fonts.gstatic.com	64 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 327	1 KB
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14895	153 KB
2	mediaservices.com 1 redirects mail.mediaservices.com	4 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 320	16 KB
1	sentry.io o74335.ingest.sentry.io	247 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
49	8

	Domain	Requested by
23	my.castandcrew.com	mail.mediaservices.com my.castandcrew.com
4	data.pendo.castandcrew.com	my.castandcrew.com
4	fonts.gstatic.com	fonts.googleapis.com
2	cncflags.castandcrew.com	my.castandcrew.com
2	bam-cell.nr-data.net	my.castandcrew.com
2	login.castandcrew.com	my.castandcrew.com
2	cdn.plaid.com	my.castandcrew.com
2	mail.mediaservices.com	1 redirects
1	js-agent.newrelic.com	my.castandcrew.com
1	o74335.ingest.sentry.io	my.castandcrew.com
1	content.pendo.castandcrew.com	my.castandcrew.com
1	fonts.googleapis.com	my.castandcrew.com
49	12

This site contains no links.

Subject Issuer	Validity	Valid
mail.mediaservices.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
my.castandcrew.com Amazon	`2021-05-29` - `2022-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
content.pendo.castandcrew.com Amazon	`2021-09-26` - `2022-10-24`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.ingest.sentry.io R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
login.castandcrew.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-04` - `2022-09-16`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
data.pendo.castandcrew.com GTS CA 1D4	`2021-12-11` - `2022-03-11`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
cncflags.castandcrew.com Amazon	`2021-05-15` - `2022-06-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Frame ID: 3F6F3FBFEB735931F10636C9C8EB9DBC
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyCast&Crew

Page URL History Show full URLs

https://mail.mediaservices.com/e3t/Btc/5B+113/cvnCT04/VWNtMF86XSHCW1QVGSp7NwNbhW1TDTHt4C_vYpN4dVQbS3q3npV1-... Page URL
https://mail.mediaservices.com/events/public/v1/encoded/track/tc/5B+113/cvnCT04/VWNtMF86XSHCW1QVGSp7NwNbhW1... HTTP 307
https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANq... Page URL

Page Statistics

49
Requests

90 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

13
IPs

2
Countries

2536 kB
Transfer

9712 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.mediaservices.com/e3t/Btc/5B+113/cvnCT04/VWNtMF86XSHCW1QVGSp7NwNbhW1TDTHt4C_vYpN4dVQbS3q3npV1-WJV7CgLljW9l01Cg3jkJ81W6SYW1J5CNM_BW8qkNzX2t96GHW18zcjP7y6NktW6htxy58k5pRZW5WCFSd94XWmGW58rLw_81JBlqW529VWL1Gts4SN1g2VGktWCr1VtLdlF3LlbHdW2lTkFs9lLhzMW3JHYRt94mxJjW3Hh45127MTNZW2Gd32D3KZvRjN6XYFpMHR0VVW4L86Mx5yBF3yW8_v5XH40zXbXW3qs6rt54N-XbW9hwR5Q6XDg3NW2WLr5d7wGw04Vr5h063sdpW4W5LvLzj8Ykdv132qH1 Page URL
https://mail.mediaservices.com/events/public/v1/encoded/track/tc/5B+113/cvnCT04/VWNtMF86XSHCW1QVGSp7NwNbhW1TDTHt4C_vYpN4dVQbS3q3npV1-WJV7CgLljW9l01Cg3jkJ81W6SYW1J5CNM_BW8qkNzX2t96GHW18zcjP7y6NktW6htxy58k5pRZW5WCFSd94XWmGW58rLw_81JBlqW529VWL1Gts4SN1g2VGktWCr1VtLdlF3LlbHdW2lTkFs9lLhzMW3JHYRt94mxJjW3Hh45127MTNZW2Gd32D3KZvRjN6XYFpMHR0VVW4L86Mx5yBF3yW8_v5XH40zXbXW3qs6rt54N-XbW9hwR5Q6XDg3NW2WLr5d7wGw04Vr5h063sdpW4W5LvLzj8Ykdv132qH1?_ud=e08a99fa-8219-4598-b787-237b97ee21c2&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWNtMF86XSHCW1QVGSp7NwNbhW1TDTHt4C_vYpN4dVQbS3q3npV1-WJV7CgLljW9l01Cg3jkJ81W6SYW1J5CNM_BW8qkNzX2t96GHW18zcjP7y6NktW6htxy58k5pRZW5WCFSd94XWmGW58rLw_81JBlqW529VWL1Gts4SN1g2VGktWCr1VtLdlF3LlbHdW2lTkFs... Show response
mail.mediaservices.com/e3t/Btc/5B+113/cvnCT04/ 9 KB
3 KB 528ms
435ms Document
text/html 2606:2c40::c73c:67e2
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.mediaservices.com/e3t/Btc/5B+113/cvnCT04/VWNtMF86XSHCW1QVGSp7NwNbhW1TDTHt4C_vYpN4dVQbS3q3npV1-WJV7CgLljW9l01Cg3jkJ81W6SYW1J5CNM_BW8qkNzX2t96GHW18zcjP7y6NktW6htxy58k5pRZW5WCFSd94XWmGW58rLw_81JBlqW529VWL1Gts4SN1g2VGktWCr1VtLdlF3LlbHdW2lTkFs9lLhzMW3JHYRt94mxJjW3Hh45127MTNZW2Gd32D3KZvRjN6XYFpMHR0VVW4L86Mx5yBF3yW8_v5XH40zXbXW3qs6rt54N-XbW9hwR5Q6XDg3NW2WLr5d7wGw04Vr5h063sdpW4W5LvLzj8Ykdv132qH1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88387f8ae163a64dcc115a45627726574957d1266c87c08d2650de9bd00376ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 07 Jan 2022 16:15:58 GMT
content-type: text/html;charset=utf-8
cf-ray: 6c9e7ce62ea7704c-FRA
last-modified: Fri, 07 Jan 2022 16:15:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 4629ba98-892d-4066-9375-889506a5851f
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRX2HvQWKmV%2FCXq3t8nnVhIBG3yWkVlxgIYI8Lkl2C8rXHw6c4YQTW%2BD1g1Vd%2Foy2GsajAFh5w%2FKrSfz8VVTxU%2FQL2TCmlhuBvDD5OMk9h%2BCOEhZbmjI%2Fjd0BA7IhxsEF6pCjRHQuyPBPyw3beb5A7pfQ4c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
my.castandcrew.com/
Redirect Chain

https://mail.mediaservices.com/events/public/v1/encoded/track/tc/5B+113/cvnCT04/VWNtMF86XSHCW1QVGSp7NwNbhW1TDTHt4C_vYpN4dVQbS3q3npV1-WJV7CgLljW9l01Cg3jkJ81W6SYW1J5CNM_BW8qkNzX2t96GHW18zcjP7y6NktW6h...
https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjn...

33 KB
13 KB

1180ms
1133ms

Document
text/html

2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email

Requested by

Host: mail.mediaservices.com
URL: https://mail.mediaservices.com/e3t/Btc/5B+113/cvnCT04/VWNtMF86XSHCW1QVGSp7NwNbhW1TDTHt4C_vYpN4dVQbS3q3npV1-WJV7CgLljW9l01Cg3jkJ81W6SYW1J5CNM_BW8qkNzX2t96GHW18zcjP7y6NktW6htxy58k5pRZW5WCFSd94XWmGW58rLw_81JBlqW529VWL1Gts4SN1g2VGktWCr1VtLdlF3LlbHdW2lTkFs9lLhzMW3JHYRt94mxJjW3Hh45127MTNZW2Gd32D3KZvRjN6XYFpMHR0VVW4L86Mx5yBF3yW8_v5XH40zXbXW3qs6rt54N-XbW9hwR5Q6XDg3NW2WLr5d7wGw04Vr5h063sdpW4W5LvLzj8Ykdv132qH1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

870eedc036a3296f96397d448d47a0dcc024b50f6349817d8cdd8ad471b2bc3e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mail.mediaservices.com/e3t/Btc/5B+113/cvnCT04/VWNtMF86XSHCW1QVGSp7NwNbhW1TDTHt4C_vYpN4dVQbS3q3npV1-WJV7CgLljW9l01Cg3jkJ81W6SYW1J5CNM_BW8qkNzX2t96GHW18zcjP7y6NktW6htxy58k5pRZW5WCFSd94XWmGW58rLw_81JBlqW529VWL1Gts4SN1g2VGktWCr1VtLdlF3LlbHdW2lTkFs9lLhzMW3JHYRt94mxJjW3Hh45127MTNZW2Gd32D3KZvRjN6XYFpMHR0VVW4L86Mx5yBF3yW8_v5XH40zXbXW3qs6rt54N-XbW9hwR5Q6XDg3NW2WLr5d7wGw04Vr5h063sdpW4W5LvLzj8Ykdv132qH1

Response headers

content-type: text/html
x-amz-id-2: NnnfrcKDlv+yjgyIHec83vTR3jDQVa0IOfPD6JkevGx4rfbyOFB/YAgGiVgkF9eegkfeYxfK8Hs=
x-amz-request-id: EB5DFEPJZANP9G48
date: Fri, 07 Jan 2022 16:16:00 GMT
last-modified: Wed, 15 Dec 2021 03:28:13 GMT
etag: W/"39e96779f7cf120b0f3add1eed3742f3"
x-amz-server-side-encryption: AES256
x-amz-version-id: LIp5othBs3hwAiDV5dToCiTPA.2tJR_g
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: frame-ancestors self my.castandcrew.com
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 6NItlwIalrmBn9EyU1EahicPTy-RJCFtgzKJd1oqSYq-opUjOvuuxQ==

Redirect headers

date: Fri, 07 Jan 2022 16:15:59 GMT
location: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
cf-ray: 6c9e7ce90f4e704c-FRA
link: <https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 0ae4bfd7-8a16-4fc0-af23-91c83c6ab764
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXYxe%2B4uG4UCHvWg%2Bh2XWgO59HfYqVLdi1djCQG9dhpqpwYu1fSNJUKv5MqgyDMDYQOSeWZOLaUSNKrbdKgNlMn%2BShv9cYa3Y2Z8JSLB47g6WtzXS2equJ%2BkX%2FzGToXIC2qBzhE%2BTnno3F%2BLQvDk6s4AaiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 546ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

adef95e62536ef4a3c45c8d75acf53dbe25b3d3cbb0b0f3b542f163b1753f545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 14:25:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Jan 2022 16:16:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jan 2022 16:16:00 GMT

GET
H2 200 GlobalGatewayCapture.css
my.castandcrew.com/GlobalGatewayCapturePublic/css/ 2 KB
1 KB 661ms
660ms Stylesheet
text/css 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/GlobalGatewayCapturePublic/css/GlobalGatewayCapture.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

231f5aae91a230810981d18755cc752ed75eea1097bc200c3046cb2090b8be47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: dxUb1hG_4MkYNrEAJBa.jtlmAkUiKUBX
content-encoding: gzip
etag: W/"875ad32be09c79f0244c627dbfd5cdaa"
x-amz-request-id: HZQJC38PBMBD729D
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: blNY1GZZoKhq0LESRBojkdx0fmEwXkWQYW2EScsolV1KCWFPWB9DWoiKIjE1zvszJf+srdQB2Bo=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:12 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:01 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 3JZ4357rq3wUrcWmaI0UJ0UhRsQ4YN7EoUxWEQQCk4ZG09n_Au1LEA==
x-content-type-options: nosniff

GET
H2 200 main.cc3674c9.chunk.css
my.castandcrew.com/static/css/ 182 B
897 B 665ms
664ms Stylesheet
text/css 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/css/main.cc3674c9.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f104dbf2f2ac45ea3638262b7cc92d3784eda900e06993b79c8055134336e108

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 3g9I5.yCGuBFcE.7qszVBEO0O_Q3XMR.
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: T9HXXFWZ4G0P8E09
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 182
x-amz-id-2: G4lSpywdTDXR90gxG9crHH6wdxzndjS0UHPFzPhSCKUUCOmsRz+ma0enH38vPj1LOjYrA206D3g=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:09 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:01 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
etag: "bc42380d2841b966a649074f08f58819"
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-amz-cf-id: X3V4TKJfr1SeDybcj1WB9iOwaZ6ah64v3UdL5P02gt1M9Kq4T7Sxjg==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 86 KB
29 KB 80ms
38ms Script
application/javascript 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: my.castandcrew.com
URL: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2f7ce78d07ff49132deb4fdd5b024e3a9bf9645215e0df7cc03dce96de79349

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: lQ3U1_5aIADlPHTY_fsybYncxaU8Mn3W
content-encoding: gzip
etag: W/"a3e02facb07cf9749e1ab6253bbbf04a"
age: 54251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: Y9FTBJBCX5Y57RH7
x-amz-id-2: 5SBTleoXJHEd/OgYMo/bRFRV5yU3z2J9yapn7Torblw4jzTSj1HxndZblvbCJqw/Mt/DzhG42/I=
last-modified: Wed, 22 Dec 2021 20:18:54 GMT
server: AmazonS3
date: Fri, 07 Jan 2022 01:11:50 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: hc59WU1zAZctX34thQ9OCopHwevLcwhIjWA6Se3mUKO0RiyOyG3MAQ==

GET
H2 200 globalgateway-sdk.js Show response
my.castandcrew.com/GlobalGatewayCapturePublic/ 120 KB
37 KB 720ms
719ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/GlobalGatewayCapturePublic/globalgateway-sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a647b27baeeb3775feab095f666dd9877475ebe285372138c2308e49c23cb5c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: PxeY60haDBSj82Su9Bls2Gh.zU91.9vi
content-encoding: gzip
etag: W/"c7b332cd0c00e2181592eab784091645"
x-amz-request-id: B2APT6E9WRBDP2NJ
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: iO4+66Yiy9MggK7vwKiaH54vhX8YEoH7visn+iMy6eCPG321ACm9YL14huQtxMDtHb4GKE3c9ws=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:12 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:01 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: vwKwkvT3i3DIyJcNjJ5fX3Er9ddzGGU0CWKPkLTE64Ezoguec9jUuA==
x-content-type-options: nosniff

GET
H2 200 GlobalGatewayImageCapture.js Show response
my.castandcrew.com/GlobalGatewayCapturePublic/ 14 KB
4 KB 683ms
682ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/GlobalGatewayCapturePublic/GlobalGatewayImageCapture.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

71d08593f9b3916a9b22617bec8603e064b825e8fee4cffafe21793339735d8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: fdbj4IRwGCqilpfd5BO09Ui2E29KUe.h
content-encoding: gzip
etag: W/"e99b19d737bb48c2a48ad3ad26495fcf"
x-amz-request-id: B2AGKXMZBF271MQG
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: 52Ci/Mqrx1YFIjnoYAQSpeyWQRDjpXheGqo1TTdECxavc3TWCEedySn1xAngCxbF83coD9IpHbo=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:13 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:01 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: WGgyNc27W0yYv04KWu0kg3P2jcSPpyzUANpmK3o_fV_HFQ1Cp1IvrA==
x-content-type-options: nosniff

GET
H2 200 7.7ea2e628.chunk.js Show response
my.castandcrew.com/static/js/ 1 MB
338 KB 705ms
705ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/7.7ea2e628.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1b678ef83aff079340b1dca5cc5f88937eb591203192d83d87a4c5c0b81ab7d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: vbqAuIoYAUQmr1JXBsKl1epkboD88zTD
content-encoding: gzip
etag: W/"aa3fda7cf938e6df4cfaf283ccbc6b52"
x-amz-request-id: B55A634HE0PHWFZP
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: VXV3ZYcA4d6U4sWPAQKLXgrAAfxziMavXtU2uJHw0LWic42PfNAM4liqvtjzq35IQ55XUG123y8=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:08 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:01 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: rM7cnMdFTEqwrRWwa5cTZN_ZM9wBjzjHijrl63zOPuk0E4Hnrn2vxg==
x-content-type-options: nosniff

GET
H2 200 main.b21be30d.chunk.js Show response
my.castandcrew.com/static/js/ 260 KB
55 KB 674ms
674ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/main.b21be30d.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e2dd5b6c01a03451a22578053f7ddf23fbb3b1e3979488c7913183f827a99f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: JDCRF4n5dQUcSx7U8J.DxdA01l0_0eSh
content-encoding: gzip
etag: W/"deb4e2c7ed856581f2013ff2b3f29898"
x-amz-request-id: S0N4RVJPFE363BP1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: 40TEIscr2qoNCdci0mf8E2BeYoErz+Ok/6bcIBQIwxf9H0kaT+EkV7NJuISexolNonDUlwjB8FE=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:07 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:01 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 5TCcvp7hTTRwRiIfqZjlp6NtL3cRScwL0PLHh4xm7XHCnlA-oRiZ1Q==
x-content-type-options: nosniff

GET
H2 200 pendo.js Show response
content.pendo.castandcrew.com/agent/static/1e3667f1-3a8a-4706-53f7-380405fcc2ad/ 446 KB
138 KB 749ms
258ms Script
application/javascript 2600:9000:225e:b600:1e:cb94:adc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.pendo.castandcrew.com/agent/static/1e3667f1-3a8a-4706-53f7-380405fcc2ad/pendo.js
Requested by: Host: my.castandcrew.com
URL: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b600:1e:cb94:adc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6c229375f3eeccbd9dabc843c6124db5e52d68707ff042f53a5df13b1d9ba34d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 16:16:00 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P4
x-guploader-uploadid: ADPycdtc1FeCP1E_7MR9Qz-n37FKAsRBE9tcvvW4kegHPhlENwWNQVYinNVQ4-f4uD8lDGs3QUhoZ3DGqLnvgBnuZrs
x-cache: Miss from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 140810
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 20:13:53 GMT
server: UploadServer
etag: "6e28c4d218a5f32504cd5a428b80ddbb"
vary: Accept-Encoding
x-goog-hash: crc32c=8dm6tQ==, md5=bijE0hil8yUEzVpCi4Dduw==
x-goog-generation: 1641500033458942
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 140810
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: EFRUk8vJI3xkmo17bSzW4_Gg1ywS8tvjmTXUWtWjGbhbbipDjdf7Lw==
expires: Fri, 07 Jan 2022 16:23:30 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1228/ 0
124 KB 10ms
10ms Other
application/javascript 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1228/link-dynamic-loader.js
Requested by: Host: my.castandcrew.com
URL: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: EMzzqMrGKn_GZRRIcDQiq8gfmfXMhFti
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
etag: "7d4d0b584159476d9f5e332df85ea451"
age: 4094
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 126332
last-modified: Wed, 22 Dec 2021 20:18:54 GMT
server: AmazonS3
date: Fri, 07 Jan 2022 15:07:47 GMT
content-type: application/javascript
cache-control: max-age=10800
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: R9ChHM9-bOaPmWifKce271-8drNk6MBAX8xJgPT-U02uG-PdH2B4OQ==

GET
H2 200 piexif.js Show response
my.castandcrew.com/GlobalGatewayCapturePublic/ 75 KB
13 KB 657ms
656ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/GlobalGatewayCapturePublic/piexif.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9baaefc9cda7c17d14c63afdf27f184200710cb519b40d42f8774987cbb2bc48

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: FAUEFqNViA0OiJ1t9xBtiOxgKOth1ynf
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 95AWV822B6W7D4B4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-id-2: vD5Tq4xDc6Jl4uIlzPMO3u+XoVqNW59NGlLweif7Kyczo9y0lM3uh2aJb9ighRt/k18DDlApx08=
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:13 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
etag: W/"5cad633090e1a208e5de35f9d055daf7"
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: yy98pyFsZeUpp3k9k5AfUG292nuxr5i-t-fGx8K0HlwPF-78VsmkhQ==

GET
H2 200 MessageFormat.js Show response
my.castandcrew.com/GlobalGatewayCapturePublic/ 4 KB
2 KB 688ms
688ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/GlobalGatewayCapturePublic/MessageFormat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05b5f70cbf8ef093ab1d43bf5c157b73087ab5a51944c905b9d39c146b7de905

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: UsvEMmyW56RuN9CEci.eZcSIKfb8yC5h
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: BNZG6QCM1FSNJG5K
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-id-2: hvqsXkSivH7p60GR5LtoTYlsDhgmpE91hoUyKKuHlCmW1Uku056kwFnIe1r7P9ZCUOlcPNOlmgU=
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:12 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
etag: W/"3966225a26557279410ec67c2c5d2151"
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 1PVKlTafCVv8r_IPWWtViP8l8AO1-b1jb-Kxj7FC9vLt4lJei95Uzg==

GET
H2 200 common.js Show response
my.castandcrew.com/GlobalGatewayCapturePublic/ 2 KB
2 KB 659ms
659ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/GlobalGatewayCapturePublic/common.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eb2a9082fb728a905243bad3a1b5197dea3814172c29184941d2fbb54ef07da6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: xWP2dS_GFB_2EgOBHpc80yiZ3q5tH5NW
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: BNZT7YC966SDWTVY
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-id-2: Lj0LWcxCl2iPk6lXuoE9l/1opY+F4yEBIBSUpFqoyufFY1IbmtWAJA/ujg40G9PY1e6MJy8aEtA=
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:13 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
etag: W/"79f870487b870d1c0404d720510f4319"
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: yezR1R1ujPzI6jbYXn7_E-MBhQUhQiB_QqjY7SDOfp1Ll3JRQMCw4Q==

GET
H2 200 sdk-errors.js Show response
my.castandcrew.com/GlobalGatewayCapturePublic/ 1 KB
1 KB 706ms
706ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/GlobalGatewayCapturePublic/sdk-errors.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7ddcb68a08c33d68049bce3aa077df83eb6764d435b4a1ce72883c46d2b5b24c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: EvWU2Xap4iNuXaYDqGTM9vv9TpQJ9v2w
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: BNZVN5THNM6JGMR3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-id-2: GmCB6RTTg08QnEegsNV4HPu8fuCIQmce44ewRx2ouc3q9WKcZ7P2mT+QeWOFtUVojXfq3UEPf0k=
access-control-allow-origin: *
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:12 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
etag: W/"5746a59636af46271137bb6510bea9b7"
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 18TQ4K8VjdKXWm-Wcgki-WmtdXh3-iDciAegX0wM1tISRrD3lklJsA==

GET
H2 200 browser-image-compression.js Show response
my.castandcrew.com/GlobalGatewayCapturePublic/ 68 KB
23 KB 660ms
660ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/GlobalGatewayCapturePublic/browser-image-compression.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3965da9e98cc267fcb05bf6fb018ef16c4827d308a6fc4f788f10663b1e9d3b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: HP_0gZEp_W5bhenewZyRB8wcBg.67r3S
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: S5V0BJ4YZE5MVBEN
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-id-2: vTiiLImJ5LuEJ+KTvswqpEpj/Mr5LnYmpKmkHP4lk+FuFGuswqNRV58Kd4oYSRWP/oNIDDyjNpg=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:13 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
etag: W/"7182c2c7196adcbadb0d16ff45380a07"
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 2k2m_1vxpHuM7vAR_Isdyj_SD0UWuMu86ejkeEg0MwwtBIrz5vopzw==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 209ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 9373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 13:39:48 GMT

POST
H2 200 / Show response
o74335.ingest.sentry.io/api/1250819/envelope/ 2 B
247 B 102ms
27ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o74335.ingest.sentry.io/api/1250819/envelope/?sentry_key=a8fea4b78c784594bb4cae320ddc1378&sentry_version=7

Requested by

Host: my.castandcrew.com
URL: https://my.castandcrew.com/static/js/7.7ea2e628.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://my.castandcrew.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 07 Jan 2022 16:16:01 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://my.castandcrew.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

OPTIONS
H/1.1 200
OK me
login.castandcrew.com/api/v1/sessions/ 0
0 691ms
227ms Preflight 54.189.255.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.castandcrew.com/api/v1/sessions/me

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.255.224 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ok7-crtrs.okta.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Origin: https://my.castandcrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Fri, 07 Jan 2022 16:16:01 GMT
Server: nginx
Content-Length: 0
x-okta-request-id: YdhnQdXfU552aJqHmc3D4wAACLU
x-xss-protection: 0
p3p: CP="HONK"
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9991
x-rate-limit-reset: 1641572213
access-control-allow-origin: https://my.castandcrew.com
access-control-allow-methods: DELETE, GET, OPTIONS
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
vary: Origin
cache-control: no-cache, no-store
pragma: no-cache
expires: 0
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
x-frame-options: SAMEORIGIN
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Strict-Transport-Security: max-age=315360000; includeSubDomains
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

GET
H/1.1 404
Not Found me Show response
login.castandcrew.com/api/v1/sessions/ 168 B
1 KB 642ms
224ms Fetch
application/json 54.189.255.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.castandcrew.com/api/v1/sessions/me

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.189.255.224 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ok7-crtrs.okta.com

Software

nginx /

Resource Hash

22346f4872bf551b5ff47aa02bf5a4321bed59a35e41419f37b84252e7341517

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer
X-Okta-User-Agent-Extended: okta-auth-js/4.9.0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

x-okta-request-id: YdhnQoMZ8R35pxKd4rKXoAAACzY
Date: Fri, 07 Jan 2022 16:16:02 GMT
Content-Encoding: gzip
x-rate-limit-limit: 600
x-rate-limit-remaining: 587
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
Vary: Accept-Encoding,Origin
x-xss-protection: 0
pragma: no-cache
access-control-allow-headers: Content-Type
Server: nginx
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Strict-Transport-Security: max-age=315360000; includeSubDomains
Content-Type: application/json
access-control-allow-origin: https://my.castandcrew.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-rate-limit-reset: 1641572201
Keep-Alive: timeout=5, max=100
x-content-type-options: nosniff
expires: 0

GET
H2 200 nr-spa-1210.min.js Show response
js-agent.newrelic.com/ 41 KB
16 KB 132ms
33ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1210.min.js
Requested by: Host: my.castandcrew.com
URL: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-encoding: gzip
etag: "d5eff122d09ab2c851fb1780f0287cbf"
x-amz-request-id: 80GXS5F6Z6VT2GH1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15563
x-amz-id-2: pzQCizQXC8bLo/w7VNZ5E4hvC+8IjxFQseqvHMsNMnr1ney1AbIgoeh5oVqfWHhqVuER6FIryd0=
x-served-by: cache-hhn4042-HHN
last-modified: Tue, 22 Jun 2021 22:47:08 GMT
server: AmazonS3
x-timer: S1641572162.837509,VS0,VE0
date: Fri, 07 Jan 2022 16:16:01 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 593

GET
H2 200 1e3667f1-3a8a-4706-53f7-380405fcc2ad
data.pendo.castandcrew.com/data/ptm.gif/ 42 B
115 B 1007ms
292ms Image
image/gif 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.castandcrew.com/data/ptm.gif/1e3667f1-3a8a-4706-53f7-380405fcc2ad?v=2.119.1_prod&ct=1641572161757&jzb=eJztUl1v2jAU_S-W1icKsUlCQEJTliINWr4-JgHTZBnHEI_YDrYDoxX_vQ7dUJ_6MGlve8s9997jk3PP9xdgzwUDHSCYJaAGNlqdDNPYcuFQGPowaCEYwpYf1sCRG26Vxjx1C3jSGz2M8QL7-_X612oXs-DRERBKVSntdUaWeV4Dpc7deGZtYTqNhjjXKTGWyJRqdqpTJRqfSyswJaIgfCe7Sc6ZtJ-QN1KWU2buqq5gKS9FlwnC8zucGcG7yPNgEDaDdlUzSbsFikcH-3wfHQe8eBrODxs5Q-vjQZGn2X6bPG9p88tjNGYTNJ0no-Q0SzRLCzmOJqLsUwZXvLdf9o7xPR330DaI5XTITkO9FsEkSQez9eqnjK9iqJLWSXynoEKNKjVl3czgq0pnRaFVYUDn5Y9v1edH1uVE7kqyq67BJP42B5ebnW7VFQXR7t34PZQSW817rYYHG8hDyPEcmTZcSQejOoTtOsROSVqxvREsyKZ_u459K8CqqebtRWuY-Usy-TpYOZ6tJoJdmz21bM3PoT_eZlHWD6ZVUM6WuZ8LwuhSu4UoVyT9METR_xD9bYgqb387isKw-U-u6fvty49XOrlYWQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 16:16:02 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 1e3667f1-3a8a-4706-53f7-380405fcc2ad Show response
data.pendo.castandcrew.com/data/guide.js/ 884 B
882 B 908ms
193ms Script
application/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo.castandcrew.com/data/guide.js/1e3667f1-3a8a-4706-53f7-380405fcc2ad?jzb=eJx9kMtu4jAYhd_FUllxDZOKIkWjNM2CWxLCVCrZWB7nJ7jETvAltFS8Ow4L2lV3PsfH8qfvCzVMMV3JWY6mCCdh9BLjf_jPIcs-toUP7gJ1EaG0MkK3E2HKsouMLO16r3WtpoMB_-xTojQROZVw6tOKD_4azTElvCasEF5QMhD6wRlGlWYUVKe95ZAzwz3ghJUdvFecec5wOHIfx-5Tm0FQr3b86KjPvUkzZ_VytTn-F6mTNceKLNPDLjjv6Ph5MYkhcdabIApOaSAhr0U8SbiZURhtWXh4Cxu_R-PQ2bm-WK_gtJIZd5Mgn6fZ9l34NxhaCW0RfxC0raqMpODtFb5RWhMcNMmJJmh6F9ce2S_ySiIKQwqwCxD4dYMud6H2qQ01kfZr_7u6XK7fxIsy&v=2.119.1_prod&ct=1641572161761

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

6de9ce31a218dc3f173495e95264b29b27c765b1c3a57ccdfd735d4a0c918ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 16:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
via: 1.1 google
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization

GET
H/1.1 200
OK 94bb01a884 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 720ms
641ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/94bb01a884?a=169871662&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=3001&ck=1&ref=https://my.castandcrew.com/&be=1392&fe=2852&dc=2325&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1641572158883,%22n%22:0,%22f%22:189,%22dn%22:190,%22dne%22:215,%22c%22:215,%22s%22:222,%22ce%22:236,%22rq%22:236,%22rp%22:1369,%22rpe%22:1370,%22dl%22:1373,%22di%22:2324,%22ds%22:2324,%22de%22:2324,%22dc%22:2851,%22l%22:2852,%22le%22:2853%7D,%22navigation%22:%7B%7D%7D&fp=2329&fcp=2329&jsonp=NREUM.setToken
Requested by: Host: my.castandcrew.com
URL: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 07 Jan 2022 16:16:02 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6c9e7cfc4dc45c8c-FRA

OPTIONS
H2 200 graphql
cncflags.castandcrew.com/ 0
0 716ms
478ms Preflight
application/json 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cncflags.castandcrew.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://my.castandcrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Fri, 07 Jan 2022 16:16:03 GMT
x-amzn-requestid: 70ee14cf-2159-4282-b241-a3d80575674d
access-control-allow-origin: https://my.castandcrew.com
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: LlUShERqPHcFR-g=
access-control-allow-methods: OPTIONS,POST
access-control-allow-credentials: false
x-cache: Miss from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: CzH6DDKfcm3q6WTMegsPrjU1yp6PCqavJGuCcmflJjYqjv_AsOIiig==

POST
H2 200 graphql Show response
cncflags.castandcrew.com/ 1 KB
2 KB 505ms
504ms Fetch
application/json 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cncflags.castandcrew.com/graphql
Requested by: Host: my.castandcrew.com
URL: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-18.fra50.r.cloudfront.net
Software: /
Resource Hash: 26e7cdd05e2c205a0bb4cefc8ffca90684c27601b53713452274b5c8bc9596b0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jan 2022 16:16:03 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 1319
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 4eb66f41-8768-4ff5-8397-b73af09edb53
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61d86743-308d98de43a70a9e646a8214;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: LlUSmHkQvHcF9hw=
content-length: 1319
x-amz-cf-id: D-GceKBRGX9LIgiFnIS-CMdZZngteh9Wh1_-NsIq-vWxsP8uGOTirA==

POST
H/1.1 200
OK 94bb01a884 Show response
bam-cell.nr-data.net/events/1/ 24 B
506 B 647ms
647ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/94bb01a884?a=169871662&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=4585&ck=1&ref=https://my.castandcrew.com/
Requested by: Host: my.castandcrew.com
URL: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 07 Jan 2022 16:16:04 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://my.castandcrew.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6c9e7d05b9a05c8c-FRA
Content-Length: 24

GET
H2 200 meta.json Show response
my.castandcrew.com/ 20 B
735 B 636ms
636ms Fetch
application/json 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/meta.json?1641572163786

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8b602bc1d0bb10311f6eb6bb869a04ca2215182dae170df74f02748cace3baa8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
tracestate: 1117440@nr=0-1-2071650-169871662-c6def3224a0306e6----1641572163786
traceparent: 00-c035f00ea34adab405c819b6f00314c0-c6def3224a0306e6-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 16:16:05 GMT
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: VN0PPR5E0BGV9YFM
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 20
x-amz-id-2: 6WXddJymeRJ5RAnaIwEw8g4r3TjMZBWyor1jmhWCJjujUHFhtzF/QUg5LaFn5qAN/h6zdISATT8=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:13 GMT
server: AmazonS3
x-frame-options: DENY
etag: "564dc23f8b31eb12a4b4be2965332c3d"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-version-id: PngH8NNq0w5QbSMiete2M6DMaRpeY..A
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: 3DiqRPcEr5Imuq5CxKdQrhHpeeLVRl52EkUh7-yeKJFPFzi1I0qI0g==

GET
H2 200 0.78638afe.chunk.js Show response
my.castandcrew.com/static/js/ 19 KB
8 KB 644ms
644ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/0.78638afe.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ce5f53bea532167d185674ee8b348f0779ad733549f189af77ce02fb22f9f2c3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: mqF7JiHQBebbo0WTiIRIEg_KXCml8m3W
content-encoding: gzip
etag: W/"ae56b766e2bc95dda8af0de087160d0d"
x-amz-request-id: 0VBYPSKKNDD1X9TG
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: ClE8bKfAlEffxawCkNEXFPrszZno8DGZH963XxG+BtUZJYyGCu1jTmFMmumcyD3HKzG7A7n/t+E=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:09 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:05 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Ej_NqbKnpG0HWAENPozo6wHbAEE89WrkjNLZorRyajwW0g8XtOIVMg==
x-content-type-options: nosniff

GET
H2 200 1.c9948da6.chunk.js Show response
my.castandcrew.com/static/js/ 28 KB
10 KB 742ms
742ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/1.c9948da6.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f552871c4630c3aad609b6250e6b6e30ff25b372e6ab3dbee11be5422c783e47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: jZ6y8lIp9jQE4GOtqs80dvMiCfZeF3NA
content-encoding: gzip
etag: W/"8c88cca3870b7e6e5632d1abf5a1dde2"
x-amz-request-id: 79RF3PYGHS5CEVDX
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: nLw2JjVbjGyHxAi3bO3NX6hKcbB4yHlX9Q1t91q211bj8ecGbWLbIiyGxtMKx4lKeeogXRf+X/c=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:08 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:05 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: lyhyfcOCvHPkE1efihM5IATJqjKt9XrKBsnBn5NaRLJ_6EtQJ0QlAA==
x-content-type-options: nosniff

GET
H2 200 2.4b9ee011.chunk.js Show response
my.castandcrew.com/static/js/ 427 KB
108 KB 634ms
634ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/2.4b9ee011.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7a7f77425bec06b9e8645463da87e6407238236cb8e05a727fa3482f7b948464

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: Zvj4GvKJdcgbbxCZX7sIPlmz2kt.7drL
content-encoding: gzip
etag: W/"aa5e52ed000cf5c49fb83e8cc877fa0b"
x-amz-request-id: 0VBRV137G6PGN93Q
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: MeC3qmYOozA6cgT0mFlqLOFArq5atPcBWLpJEaZiKVR3FbAPzkWtu3kcMtYaZIH/Y6KeuyMJ61w=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:09 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:05 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: l0u1FinAwACS_KBHNiuUzgOY0ki_EsE3ZWjtKtrcUa2fgg9uvCWSdg==
x-content-type-options: nosniff

GET
H2 200 3.4abf0e5c.chunk.js Show response
my.castandcrew.com/static/js/ 4 MB
665 KB 651ms
651ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/3.4abf0e5c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f6fae892bdf80f9ed712b91c2dea4c5a014f85e1bc10ea35e404e0751f36ca31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ufJK5UNEmkZW7pM2Qznnz634Bq_1OEOT
content-encoding: gzip
etag: W/"0fa97e92c41f012661297ebe9e031e07"
x-amz-request-id: 79RDMWB657FZS8YP
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: DDXuo6AqWg4hNxn6lb/mYtISkU309hkQd8rSnbZbjg85kFFIN8klZXXoSPlpIVdiH2rZazGldPk=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:08 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:05 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 2Yp9bIkx30Z1raOBO4-WjtGZGQ8YDVCr-t0mO2bBYMoFmJ0h_I08Xg==
x-content-type-options: nosniff

GET
H2 200 8.05ade4fa.chunk.css
my.castandcrew.com/static/css/ 15 KB
3 KB 740ms
739ms Stylesheet
text/css 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/css/8.05ade4fa.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c4570e8e705849803134ec0847a314ba44c9be250d93cb2367b8d66f42f87412

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ogncHswtGYCbEhRWfzwjWgHcy_OxfMLF
content-encoding: gzip
etag: W/"57aad3410490ea29ac783e9b43197d24"
x-amz-request-id: SK02RJS4MA4TB8C3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: M5sMSEdCqv2Zm77u9Mr2KJ4cOQUjDyW9nufJr+aJgcc2zmnbT4Dm7iVPExdPIgl+RNX8D3xJ7xY=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:09 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:05 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 8OJ16q1BbHuxUuIDCbqrICjV6NhAj5PUoUzdhRyEnvyfVk3YxENQVw==
x-content-type-options: nosniff

GET
H2 200 8.36a29941.chunk.js Show response
my.castandcrew.com/static/js/ 1 MB
309 KB 672ms
671ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/8.36a29941.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4618830cf69616891af312e29b22fcf423a9e5af93247e103d58b97424031420

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/?utm_campaign=Client%20Notices&utm_medium=email&_hsmi=200156359&_hsenc=p2ANqtz-8vJipLMSqbnR2ZvqoaLRkfCzfc3BK8OeP2QSCNCwRCredpnO8PmuIce1YiEkXEvA-cOE2f5AnQMewMrZm5PCdJRZYjnA&utm_content=200156359&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: a838E9rGK71tt_h82s6x4kyFHxKfW8qU
content-encoding: gzip
etag: W/"8b78d73589ac4cc7c1a6c3cd18b82f45"
x-amz-request-id: 0VBWC8KYS59C4HKM
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: SqhU/8iNYvimM5PCyF6gh7EPJrwrpR08+G9Vd+NfgHlELPWLS39MVxYY/3O4qp4CTKPf1rf497Y=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:07 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:05 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 3UbKzzClMe5UbV4EZ0RpfHnDXWuE4X5QmIe6imTLsfPiSieT2G_3VA==
x-content-type-options: nosniff

GET
H2 200 4.28097b21.chunk.css
my.castandcrew.com/static/css/ 499 KB
206 KB 647ms
646ms Stylesheet
text/css 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/css/4.28097b21.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1114ec6e38a05964392732b971c71d95e2fa466b7765c0b236973aefa4bcf7f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: reWYyfAjoVPg4QfywL7J9rUMb77gDjVZ
content-encoding: gzip
etag: W/"1daff50f6b69c99e9453fbb99ba7f75d"
x-amz-request-id: 0E2J0ZYC84GDRTY7
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: ATyyKEUjXT/W1Cbc6L2T/AA9cwsVMtq4reTj/4UhfiKidm4EV8rcKXVS7YnOKx86ycceqk9ZkYY=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:09 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:06 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: LE7F7dJBATnvzMVim4Usd4h9b2N5ORfqg5wW8xqBv1qhdz4I5ODqDQ==
x-content-type-options: nosniff

GET
H2 200 4.9f9a0559.chunk.js Show response
my.castandcrew.com/static/js/ 1 MB
342 KB 669ms
669ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/4.9f9a0559.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d791712048a219f75f62312402b834b6020da0b870e348e86e91843c05fedf0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: MyfBikn2d0gOb_NiMAagaCDGm8i7EPov
content-encoding: gzip
etag: W/"483222905fc9cf99ace1b59d247370b1"
x-amz-request-id: KFCQ1KS9BS3JJDPP
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: 583dyjEQPwTDsBKlKEUgPYtWiGgCl3YVj7RhbXmtMWKR7+wM0IsjrT7VaCTKpjVdPHNSzMPiqpc=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:09 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:06 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Fjq5HPXr8HMlUDAma66tfNfbvOr682d5J2NRjqlYKPcez0uAmTl9rw==
x-content-type-options: nosniff

GET
H2 200 15.7bb637d4.chunk.css
my.castandcrew.com/static/css/ 12 KB
4 KB 701ms
701ms Stylesheet
text/css 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/css/15.7bb637d4.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e4217628fd313b07d07cab5b778b4686896a8059c1824faecf4f416fecf7dd1f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 0LfxNxYx4ccIIsST7PLlM_UHk.pdM5vg
content-encoding: gzip
etag: W/"f181b7bb8e926a1edd5ab2f9b44e8231"
x-amz-request-id: ZPP2ERNS9HJBVJAB
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: g6P6mEoQmksS8xlUpIOknJQaV1aQFObeYwr3M4pAqTQ5V5t6Q845AKW0vM0FaNIVqREGrGpZIWo=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:09 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:06 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: wdBqQ5kPn07neWOwniTN5y6ywllVsbv7m4vZiPIbak97C6Mt1lehdg==
x-content-type-options: nosniff

GET
H2 200 15.93b3450e.chunk.js Show response
my.castandcrew.com/static/js/ 20 KB
7 KB 640ms
640ms Script
application/javascript 2600:9000:223e:5400:4:b29d:8b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://my.castandcrew.com/static/js/15.93b3450e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:5400:4:b29d:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6c8bd166813b68ebba47b2f81dcc131405b170dd5b2f40bdff14969b40c27057

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors self my.castandcrew.com
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://my.castandcrew.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: i11RUSDsu4Yll08tBTygTt25YcrpIi1b
content-encoding: gzip
etag: W/"bb22318d208b29d6141bb98d1e53e805"
x-amz-request-id: 10VC04MNQNVSZ4E2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-amz-id-2: /hc4fOHmVRsO5zewsDaLmO2BWRBw4FmQouCVY6QbZZOwrDdFH+P/QMmvqaieldNO83AFXaY7wQs=
referrer-policy: same-origin
last-modified: Wed, 15 Dec 2021 03:28:08 GMT
server: AmazonS3
x-frame-options: DENY
date: Fri, 07 Jan 2022 16:16:06 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors self my.castandcrew.com
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 7SNtCWdbMeKzuU9ZTRPL5IpGhLJ_JwOjXbTP3QwvZ6Hams1I5A9lMA==
x-content-type-options: nosniff

GET
H2 200 1e3667f1-3a8a-4706-53f7-380405fcc2ad Show response
data.pendo.castandcrew.com/data/guide.js/ 653 B
533 B 148ms
148ms Script
application/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo.castandcrew.com/data/guide.js/1e3667f1-3a8a-4706-53f7-380405fcc2ad?jzb=eJx9jj0LwjAQQP_LzaVddOlW0EEEFdTBLuFIjxhMLyW5-IH0vzdd6uZ2d7zHuy88bbTiw66DGtRpe9gc1UWtHm37vpmG1nsoALX2iWVGODlXQAou03eRIdZV1X9KjVGQOx3oVWrfV84by9nsSbBDQaiX0DzaPzGHbBIaygSxup5hXB7Ial4GDMTS_E7jOAELpkOX&v=2.119.1_prod&ct=1641572165405

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

8108ed1da87593d4b73517a05777577c948b9e7aad0fadb72a29345a70de5299

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 16:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
via: 1.1 google
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization

GET
H2 200 1e3667f1-3a8a-4706-53f7-380405fcc2ad
data.pendo.castandcrew.com/data/ptm.gif/ 42 B
104 B 214ms
214ms Image
image/gif 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.castandcrew.com/data/ptm.gif/1e3667f1-3a8a-4706-53f7-380405fcc2ad?v=2.119.1_prod&ct=1641572165406&jzb=eJw9kF9PgzAUxb9Ln8kI_4rwZiKJaHTTkQgzhnRQRrPSS3qLE5d991U0Pvb-zvnlpO9nYuaRk5RIYC1xyF7DCbmujRjs1aOhF8W-R6MgSRzyKVAY0LVobaHeZM9367qow-Nu91Udbnn0aAWsaWBSZsmoSUqHTFraeG_MiKnrDvOqYWiYahvNT6sGBlfCQShbHTWMSNLzsuVvgU9pcLGIaa5Mwfb5v9b8PkgVwDYp4qc-LNnm_qGyok6zgS8wgzLezjRcd_1Nn0cvFiJHFKAWPGH5PQGVRxR59_qW_XzAbLgd4cf-5eMKST9dAQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 16:16:05 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET CnCCapsMsLogo.797c4836.svg
my.castandcrew.com/static/media/ 0
0

GET login_profile.13658a1b.svg
my.castandcrew.com/static/media/ 0
0

GET login_bank.b7b85a21.svg
my.castandcrew.com/static/media/ 0
0

GET login_computer.c53b3e37.svg
my.castandcrew.com/static/media/ 0
0

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 13:21:56 GMT
x-content-type-options: nosniff
age: 10450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 13:21:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 52ms
52ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 267246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 14:02:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.castandcrew.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 166787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 17:56:19 GMT

GET montserrat-light-webfont.47314ef8.woff
my.castandcrew.com/static/media/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: my.castandcrew.com
URL: https://my.castandcrew.com/static/media/CnCCapsMsLogo.797c4836.svg

Domain: my.castandcrew.com
URL: https://my.castandcrew.com/static/media/login_profile.13658a1b.svg

Domain: my.castandcrew.com
URL: https://my.castandcrew.com/static/media/login_bank.b7b85a21.svg

Domain: my.castandcrew.com
URL: https://my.castandcrew.com/static/media/login_computer.c53b3e37.svg

Domain: my.castandcrew.com
URL: https://my.castandcrew.com/static/media/montserrat-light-webfont.47314ef8.woff

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mail.mediaservices.com/	1969-12-31 23:59:59	Name: __cfruid Value: 13d66f12986e37bfc24a89cbeda2ed897e0c12f1-1641572158
login.castandcrew.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: AE553655DE08B5D9EC1C09388576F443
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3ddff6cc58e6acd8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.castandcrew.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
cdn.plaid.com
cncflags.castandcrew.com
content.pendo.castandcrew.com
data.pendo.castandcrew.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
login.castandcrew.com
mail.mediaservices.com
my.castandcrew.com
o74335.ingest.sentry.io
my.castandcrew.com
13.32.121.78
143.204.98.18
151.101.194.137
162.247.243.146
2600:9000:223e:5400:4:b29d:8b80:93a1
2600:9000:225e:b600:1e:cb94:adc0:93a1
2606:2c40::c73c:67e2
2a00:1450:4001:80e::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2013
34.120.195.249
54.189.255.224
05b5f70cbf8ef093ab1d43bf5c157b73087ab5a51944c905b9d39c146b7de905
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0e2dd5b6c01a03451a22578053f7ddf23fbb3b1e3979488c7913183f827a99f1
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1114ec6e38a05964392732b971c71d95e2fa466b7765c0b236973aefa4bcf7f3
1b678ef83aff079340b1dca5cc5f88937eb591203192d83d87a4c5c0b81ab7d5
22346f4872bf551b5ff47aa02bf5a4321bed59a35e41419f37b84252e7341517
231f5aae91a230810981d18755cc752ed75eea1097bc200c3046cb2090b8be47
26e7cdd05e2c205a0bb4cefc8ffca90684c27601b53713452274b5c8bc9596b0
3965da9e98cc267fcb05bf6fb018ef16c4827d308a6fc4f788f10663b1e9d3b4
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4618830cf69616891af312e29b22fcf423a9e5af93247e103d58b97424031420
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
6c229375f3eeccbd9dabc843c6124db5e52d68707ff042f53a5df13b1d9ba34d
6c8bd166813b68ebba47b2f81dcc131405b170dd5b2f40bdff14969b40c27057
6d791712048a219f75f62312402b834b6020da0b870e348e86e91843c05fedf0
6de9ce31a218dc3f173495e95264b29b27c765b1c3a57ccdfd735d4a0c918ef9
71d08593f9b3916a9b22617bec8603e064b825e8fee4cffafe21793339735d8a
7a7f77425bec06b9e8645463da87e6407238236cb8e05a727fa3482f7b948464
7ddcb68a08c33d68049bce3aa077df83eb6764d435b4a1ce72883c46d2b5b24c
8108ed1da87593d4b73517a05777577c948b9e7aad0fadb72a29345a70de5299
870eedc036a3296f96397d448d47a0dcc024b50f6349817d8cdd8ad471b2bc3e
88387f8ae163a64dcc115a45627726574957d1266c87c08d2650de9bd00376ff
8b602bc1d0bb10311f6eb6bb869a04ca2215182dae170df74f02748cace3baa8
9baaefc9cda7c17d14c63afdf27f184200710cb519b40d42f8774987cbb2bc48
a2f7ce78d07ff49132deb4fdd5b024e3a9bf9645215e0df7cc03dce96de79349
a647b27baeeb3775feab095f666dd9877475ebe285372138c2308e49c23cb5c1
adef95e62536ef4a3c45c8d75acf53dbe25b3d3cbb0b0f3b542f163b1753f545
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c4570e8e705849803134ec0847a314ba44c9be250d93cb2367b8d66f42f87412
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce5f53bea532167d185674ee8b348f0779ad733549f189af77ce02fb22f9f2c3
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4217628fd313b07d07cab5b778b4686896a8059c1824faecf4f416fecf7dd1f
eb2a9082fb728a905243bad3a1b5197dea3814172c29184941d2fbb54ef07da6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f104dbf2f2ac45ea3638262b7cc92d3784eda900e06993b79c8055134336e108
f552871c4630c3aad609b6250e6b6e30ff25b372e6ab3dbee11be5422c783e47
f6fae892bdf80f9ed712b91c2dea4c5a014f85e1bc10ea35e404e0751f36ca31

my.castandcrew.com Open in urlscan Pro 2600:9000:223e:5400:4:b29d:8b80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

49 Requests

90 %HTTPS

50 %IPv6

8 Domains

12 Subdomains

13 IPs

2 Countries

2536 kBTransfer

9712 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

my.castandcrew.com Open in urlscan Pro
2600:9000:223e:5400:4:b29d:8b80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

90 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

13
IPs

2
Countries

2536 kB
Transfer

9712 kB
Size

3
Cookies

49 HTTP transactions
1 data transactions