urlscan.io logo urlscan.io
SecurityTrails logo

my.castlighthealth.com Open in urlscan Pro
34.232.205.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.secure.castlighthealth.com/u/?qs=24031b6c2eb14e594328016381dabbb4e56f1bd4767a3be968099d5a1a123e1c734e3654ec629806f3402d1371...
Effective URL: https://my.castlighthealth.com/security
Submission: On August 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 26 HTTP transactions. The main IP is 34.232.205.163, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is my.castlighthealth.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 7th 2017. Valid for: 3 years.
This is the only time my.castlighthealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 198.245.89.43 22606 (EXACT-7)
5 34.232.205.163 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 172.227.105.112 16625 (AKAMAI-AS)
2 52.205.48.3 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.162 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 52.21.153.156 14618 (AMAZON-AES)
26 14
2    198.245.89.43 (Indianapolis, United States)

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.secure.castlighthealth.com
click.secure.castlighthealth.com
5    34.232.205.163 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-232-205-163.compute-1.amazonaws.com
my.castlighthealth.com
1    2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2400:cb00:2048:1::6819:7c63 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
code.ionicframework.com
1    172.227.105.112 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-105-112.deploy.static.akamaitechnologies.com
cdn.optimizely.com
2    52.205.48.3 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-205-48-3.compute-1.amazonaws.com
my.castlighthealth.com
1    2a00:1450:4001:814::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
5    2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
www.google.de
2    2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    172.217.23.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f162.1e100.net
www.googleadservices.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2a00:1450:400c:c0c::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81d::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a03:2880:f11c:8186:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    52.21.153.156 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-21-153-156.compute-1.amazonaws.com
errors.client.optimizely.com
Domain Requested by
7 my.castlighthealth.com my.castlighthealth.com
3 fonts.gstatic.com my.castlighthealth.com
2 errors.client.optimizely.com cdn.optimizely.com
2 www.facebook.com my.castlighthealth.com
2 www.google.de my.castlighthealth.com
2 www.google.com 1 redirects my.castlighthealth.com
2 connect.facebook.net my.castlighthealth.com
connect.facebook.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 click.secure.castlighthealth.com 2 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com my.castlighthealth.com
1 cdn.optimizely.com my.castlighthealth.com
1 code.ionicframework.com my.castlighthealth.com
1 fonts.googleapis.com my.castlighthealth.com
26 16

This site contains links to these domains. Also see Links.

Domain
m.us.castlighthealth.com
Subject Issuer Validity Valid
*.castlighthealth.com
DigiCert SHA2 Secure Server CA		 2017-03-07 -
2020-06-04		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://my.castlighthealth.com/security
Frame ID: AAED911054FB45BE323579EAFADB8062
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.secure.castlighthealth.com/u/?qs=24031b6c2eb14e594328016381dabbb4e56f1bd4767a3be968099d5a1a123e1c734e36... HTTP 302
    https://click.secure.castlighthealth.com/index.aspx?qs=24031b6c2eb14e594328016381dabbb4e56f1bd4767a3be968099d5a1a123e... HTTP 302
    https://my.castlighthealth.com/security Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Red Hat/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

26
Requests

27 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

14
IPs

2
Countries

297 kB
Transfer

896 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.secure.castlighthealth.com/u/?qs=24031b6c2eb14e594328016381dabbb4e56f1bd4767a3be968099d5a1a123e1c734e3654ec629806f3402d1371d331db083dcd10f14de9b3509e3f6e7d74bcfb HTTP 302
    https://click.secure.castlighthealth.com/index.aspx?qs=24031b6c2eb14e594328016381dabbb4e56f1bd4767a3be968099d5a1a123e1c734e3654ec629806f3402d1371d331db083dcd10f14de9b3509e3f6e7d74bcfb HTTP 302
    https://my.castlighthealth.com/security Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1676398622&t=pageview&_s=1&dl=https%3A%2F%2Fmy.castlighthealth.com%2Fsecurity&ul=en-us&de=UTF-8&dt=Castlight%20Health%20-%20Security&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1951703984&gjid=1380203644&cid=1100818033.1533162855&tid=UA-15150851-20&_gid=1432093520.1533162855&_r=1&gtm=G7nKVQNQW8&z=1826210066 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15150851-20&cid=1100818033.1533162855&jid=1951703984&_gid=1432093520.1533162855&gjid=1380203644&_v=j68&z=1826210066 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1100818033.1533162855&jid=1951703984&_v=j68&z=1826210066 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1100818033.1533162855&jid=1951703984&_v=j68&z=1826210066&slf_rd=1&random=2850778176

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set security
my.castlighthealth.com/
Redirect Chain
  • https://click.secure.castlighthealth.com/u/?qs=24031b6c2eb14e594328016381dabbb4e56f1bd4767a3be968099d5a1a123e1c734e3654ec629806f3402d1371d331db083dcd10f14de9b3509e3f6e7d74bcfb
  • https://click.secure.castlighthealth.com/index.aspx?qs=24031b6c2eb14e594328016381dabbb4e56f1bd4767a3be968099d5a1a123e1c734e3654ec629806f3402d1371d331db083dcd10f14de9b3509e3f6e7d74bcfb
  • https://my.castlighthealth.com/security
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/security
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
452a4e99149f4a1f74c4d08b86bbf858a58d3b57439b9f1cd8a9c3b956b512e2

Request headers

Host
my.castlighthealth.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
AAED911054FB45BE323579EAFADB8062

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Aug 2018 22:34:14 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache/2.2.15 (Red Hat)
Set-Cookie
PHPSESSID=5c31e2420a401343a81a321f11175be7; path=/
Vary
Accept-Encoding
Content-Length
3364
Connection
keep-alive

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://my.castlighthealth.com/security
Date
Wed, 01 Aug 2018 22:34:13 GMT
Connection
close
Content-Length
156
css
fonts.googleapis.com/ 		2 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ad1713108de064055fca09575e9886223be01a21b82dad29405283a568486608
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=3600
content-encoding
gzip
last-modified
Wed, 01 Aug 2018 22:34:14 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 01 Aug 2018 22:34:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Wed, 01 Aug 2018 22:34:14 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2400:cb00:2048:1::6819:7c63 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fastly-request-id
df0df47e7283e5d0c9130b89810603109144ffbe
date
Wed, 01 Aug 2018 22:34:14 GMT
content-encoding
gzip
cf-cache-status
MISS
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-hits
79
content-length
8313
x-served-by
cache-fra19127-FRA
last-modified
Mon, 13 Nov 2017 21:48:50 GMT
server
cloudflare
x-github-request-id
6476:1A98:3D85C20:5572269:5B21DAF1
x-timer
S1533162855.739965,VS0,VE0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
443bc5621ad696be-FRA
expires
Thu, 02 Aug 2018 00:34:14 GMT
bootstrap.min.css
my.castlighthealth.com/assets/libs/ 		63 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/assets/libs/bootstrap.min.css?v=1.0.0.04252018
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
f78a468ebdcf139619b02e597babe1a8b7f3a3641c91c77df7a00415aaaf45e6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://my.castlighthealth.com/security
Cookie
PHPSESSID=5c31e2420a401343a81a321f11175be7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 01 Aug 2018 22:34:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2017 23:28:35 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"8569b-fad2-54f47f2a5bfab"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11483
Expires
Fri, 31 Aug 2018 22:34:14 GMT
foundation.min.css
my.castlighthealth.com/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/assets/css/foundation.min.css?v=1.0.0.04252018
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
95b984503b5ae9e081721fd2206291c79abbc1e37a53e5bd59c5bbb08e2adbd4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://my.castlighthealth.com/security
Cookie
PHPSESSID=5c31e2420a401343a81a321f11175be7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 01 Aug 2018 22:34:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"850a3-b41-569f2b685e9f6"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1019
Expires
Fri, 31 Aug 2018 22:34:14 GMT
7870096506.js
cdn.optimizely.com/js/ 		323 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/7870096506.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
172.227.105.112 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-105-112.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3d711a1794b7e4e9bc6a4b5f4371bddb7ddb09a67a15ba92343dfdcc0e776690
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
DwaPdVYBnpRJKaPDUpDEYlysu_w1ony2
content-encoding
gzip
etag
"154900a92ad8da4e01d2bedef660d4d9"
x-amz-request-id
12699CB2485DCC37
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=86400
vary
Accept-Encoding
content-length
104081
x-amz-id-2
IpaRA32ws71KuiCMwKw4PWOs/Cj+VcfQVU+m5QYDOLeF6hTNNCt+O/L2WbaAJDcDpKVrO24v4oY=
last-modified
Thu, 19 Jul 2018 23:59:15 GMT
server
AmazonS3
date
Wed, 01 Aug 2018 22:34:14 GMT
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
17
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
castlight-logo.svg
my.castlighthealth.com/assets/images/ 		21 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.castlighthealth.com/assets/images/castlight-logo.svg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
1dae5d503b0510d32dbe15da5748878ff8dc3328d16f040a7124139d86c52468

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/security
Cookie
PHPSESSID=5c31e2420a401343a81a321f11175be7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 01 Aug 2018 22:34:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"85ad2-55a9-569f2b679f000"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9350
Expires
Fri, 31 Aug 2018 22:34:15 GMT
jquery.min.js
my.castlighthealth.com/assets/libs/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/assets/libs/jquery.min.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://my.castlighthealth.com/security
Cookie
PHPSESSID=5c31e2420a401343a81a321f11175be7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 01 Aug 2018 22:34:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2017 23:35:30 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"8561e-17b8a-54c4b9d5fa267"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33758
Expires
Fri, 31 Aug 2018 22:34:14 GMT
bootstrap.min.js
my.castlighthealth.com/assets/libs/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/assets/libs/bootstrap.min.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
f45c672f6edebdb2e89a79f2fd87a23dfe73a4ebfaf9c9dffda2387605dc6521

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://my.castlighthealth.com/security
Cookie
PHPSESSID=5c31e2420a401343a81a321f11175be7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 01 Aug 2018 22:34:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2017 23:28:35 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"8569c-541c-54f47f2a5c393"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5935
Expires
Fri, 31 Aug 2018 22:34:15 GMT
navbar.min.js
my.castlighthealth.com/assets/js/ 		451 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/assets/js/navbar.min.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
9410a1ebfa42aad1b32911b57f7af5cd3e27552f7080cfc1a64c2139325f0452

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://my.castlighthealth.com/security
Cookie
PHPSESSID=5c31e2420a401343a81a321f11175be7
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 01 Aug 2018 22:34:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 15 Apr 2017 02:42:07 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"852cc-1c3-54d2b810970d6"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
258
Expires
Fri, 31 Aug 2018 22:34:15 GMT
gtm.js
www.googletagmanager.com/ 		90 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KVQNQW8
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a00:1450:4001:814::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
f81c17ccbd348734632ed578f5df14a389d40de06f6df0525a5eac3ee08053da
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 01 Aug 2018 22:34:15 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
25555
x-xss-protection
1; mode=block
expires
Wed, 01 Aug 2018 22:34:15 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://my.castlighthealth.com

Response headers

date
Tue, 17 Jul 2018 00:22:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:20 GMT
server
sffe
age
1375878
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13944
x-xss-protection
1; mode=block
expires
Wed, 17 Jul 2019 00:22:57 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://my.castlighthealth.com

Response headers

date
Tue, 17 Jul 2018 00:23:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
1375860
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14076
x-xss-protection
1; mode=block
expires
Wed, 17 Jul 2019 00:23:15 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://my.castlighthealth.com

Response headers

date
Fri, 13 Jul 2018 20:11:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:23:56 GMT
server
sffe
age
1650181
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13828
x-xss-protection
1; mode=block
expires
Sat, 13 Jul 2019 20:11:14 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVQNQW8
Protocol
SPDY
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
5727
date
Wed, 01 Aug 2018 20:58:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Wed, 01 Aug 2018 22:58:48 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVQNQW8
Protocol
SPDY
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
f3ca766f15c08a52b36c3d080fa934f2c5b3c758e8c8a6e099d464e8375e4a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 01 Aug 2018 22:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
6845
x-xss-protection
1; mode=block
server
cafe
etag
2112158640234685715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Aug 2018 22:34:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b6143b6b4d86918d18cd84b60ae0f37f74522fc145896a4f9645746070cb28d4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
PyVy+6VByfznFYlrKXsppXGf59k9XuhAnSKmf6OcW9IQy0NfPmx0NHxx3V7eju6oyfCvZQc5BgLIw6hR6OuXfw==
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Aug 2018 22:34:15 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
13455
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1676398622&t=pageview&_s=1&dl=https%3A%2F%2Fmy.castlighthealth.com%2Fsecurity&ul=en-us&de=UTF-8&dt=Castlight%20Health%20-%20Security&sd=24-bi...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15150851-20&cid=1100818033.1533162855&jid=1951703984&_gid=1432093520.1533162855&gjid=1380203644&_v=j68&z=1826210066
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1100818033.1533162855&jid=1951703984&_v=j68&z=1826210066
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1100818033.1533162855&jid=1951703984&_v=j68&z=1826210066&slf_rd=1&random=2850778176
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1100818033.1533162855&jid=1951703984&_v=j68&z=1826210066&slf_rd=1&random=2850778176
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Aug 2018 22:34:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 01 Aug 2018 22:34:15 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1100818033.1533162855&jid=1951703984&_v=j68&z=1826210066&slf_rd=1&random=2850778176
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
331443480525137
connect.facebook.net/signals/config/ 		80 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/331443480525137?v=2.8.24&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
aed01dec35a890e3993f572a0f72396a96d1263a4667dd71a1513fdd6d97ebca
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
+BcJL9zA+y70w/V5nlTh/ELehYiHSO6kZM8lE4mfrVS5OzwVrErnf9YkMAXtVTCXSsZK5uh3xmE4iLjF14c+XA==
x-frame-options
DENY
date
Wed, 01 Aug 2018 22:34:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964221379/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964221379/?random=1533162855161&cv=9&fst=1533162855161&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G7n&sendb=1&frm=0&url=https%3A%2F%2Fmy.castlighthealth.com%2Fsecurity&tiba=Castlight%20Health%20-%20Security&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a3d844805cbf47b640facb42680a15708b902cc6040627cf1a5ee86e502080f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Aug 2018 22:34:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
923
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/ads/user-lists/964221379/ 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/user-lists/964221379/?random=1533162855161&cv=9&fst=1533160800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G7n&sendb=1&frm=0&url=https%3A%2F%2Fmy.castlighthealth.com%2Fsecurity&tiba=Castlight%20Health%20-%20Security&async=1&fmt=3&cdct=2&is_vtc=1&random=879518301&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a00:1450:4001:81d::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Aug 2018 22:34:15 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/ads/user-lists/964221379/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/user-lists/964221379/?random=1533162855161&cv=9&fst=1533160800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G7n&sendb=1&frm=0&url=https%3A%2F%2Fmy.castlighthealth.com%2Fsecurity&tiba=Castlight%20Health%20-%20Security&async=1&fmt=3&cdct=2&is_vtc=1&random=879518301&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Aug 2018 22:34:15 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=331443480525137&ev=PageView&dl=https%3A%2F%2Fmy.castlighthealth.com%2Fsecurity&rl=&if=false&ts=1533162855209&sw=1600&sh=1200&v=2.8.24&r=stable&ec=0&o=28&it=1533162855157&exp=button_click_send_beacon
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/security
Protocol
SPDY
Server
2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 01 Aug 2018 22:34:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 01 Aug 2018 22:34:15 GMT
log
errors.client.optimizely.com/ 		13 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/7870096506.js
Protocol
HTTP/1.1
Server
52.21.153.156 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-153-156.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://my.castlighthealth.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Wed, 01 Aug 2018 22:34:15 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://my.castlighthealth.com
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
log
errors.client.optimizely.com/ 		0
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Server
52.21.153.156 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-153-156.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.castlighthealth.com/security
Origin
https://my.castlighthealth.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://my.castlighthealth.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Wed, 01 Aug 2018 22:34:15 GMT
Content-Type
text/plain
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=331443480525137&ev=Microdata&dl=https%3A%2F%2Fmy.castlighthealth.com%2Fsecurity&rl=&if=false&ts=1533162855711&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Castlight%20Health%20-%20Security%22%2C%22og%3Adescription%22%3A%22Get%20more%20out%20of%20your%20health%20plan%20and%20benefits%20so%20you%20can%20experience%20healthcare%20in%20a%20whole%20new%20way.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmy.castlighthealth.com%2Fassets%2Fimages%2Fmycastlight-preview.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fmy.castlighthealth.com%22%7D&cd[Meta]=%7B%22title%22%3A%22Castlight%20Health%20-%20Security%22%2C%22meta%3Adescription%22%3A%22Castlight%20helps%20you%20get%20more%20out%20of%20your%20health%20plan%20and%20benefits%20so%20you%20can%20experience%20healthcare%20in%20a%20whole%20new%20way.%20Register%20or%20log%20in%20today.%22%2C%22meta%3Akeywords%22%3A%22castlight%2Cmycastlight%2Cmy%20castlight%2C%20mycastlighthealth%2Ccastlighthealth%2Cmycastlight%2Ccastlight%20Blog%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.24&r=stable&ec=1&o=28&it=1533162855157&es=automatic&exp=button_click_send_beacon
Protocol
SPDY
Server
2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://my.castlighthealth.com/security
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 01 Aug 2018 22:34:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 01 Aug 2018 22:34:15 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| _ object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| jQuery112408183885990837512 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| viewport function| blueBtn_fix

4 Cookies

Domain/Path Name / Value
.castlighthealth.com/ Name: _ga
Value: GA1.2.1100818033.1533162855
.castlighthealth.com/ Name: _gat_UA-15150851-20
Value: 1
.castlighthealth.com/ Name: _gid
Value: GA1.2.1432093520.1533162855
my.castlighthealth.com/ Name: PHPSESSID
Value: 5c31e2420a401343a81a321f11175be7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.optimizely.com
click.secure.castlighthealth.com
code.ionicframework.com
connect.facebook.net
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
my.castlighthealth.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.23.162
172.227.105.112
198.245.89.43
2400:cb00:2048:1::6819:7c63
2a00:1450:4001:814::2008
2a00:1450:4001:814::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:81d::200a
2a00:1450:400c:c0c::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8186:face:b00c:0:50fb
34.232.205.163
52.205.48.3
52.21.153.156
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1dae5d503b0510d32dbe15da5748878ff8dc3328d16f040a7124139d86c52468
3d711a1794b7e4e9bc6a4b5f4371bddb7ddb09a67a15ba92343dfdcc0e776690
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
452a4e99149f4a1f74c4d08b86bbf858a58d3b57439b9f1cd8a9c3b956b512e2
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
9410a1ebfa42aad1b32911b57f7af5cd3e27552f7080cfc1a64c2139325f0452
95b984503b5ae9e081721fd2206291c79abbc1e37a53e5bd59c5bbb08e2adbd4
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a3d844805cbf47b640facb42680a15708b902cc6040627cf1a5ee86e502080f4
ad1713108de064055fca09575e9886223be01a21b82dad29405283a568486608
aed01dec35a890e3993f572a0f72396a96d1263a4667dd71a1513fdd6d97ebca
b6143b6b4d86918d18cd84b60ae0f37f74522fc145896a4f9645746070cb28d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ca766f15c08a52b36c3d080fa934f2c5b3c758e8c8a6e099d464e8375e4a8b
f45c672f6edebdb2e89a79f2fd87a23dfe73a4ebfaf9c9dffda2387605dc6521
f78a468ebdcf139619b02e597babe1a8b7f3a3641c91c77df7a00415aaaf45e6
f81c17ccbd348734632ed578f5df14a389d40de06f6df0525a5eac3ee08053da