Submitted URL: http://www.mycastlight.com/onb
Effective URL: https://my.castlighthealth.com/?key=old_national_bancorp
Submission: On May 18 via manual from US

Summary

This website contacted 16 IPs in 2 countries across 15 domains to perform 41 HTTP transactions. The main IP is 34.232.205.163, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is my.castlighthealth.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 7th 2017. Valid for: 3 years.
This is the only time my.castlighthealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 199.167.37.238 7381 (SUNGARDRS)
8 34.232.205.163 14618 (AMAZON-AES)
1 216.58.208.42 15169 (GOOGLE)
1 104.25.123.99 13335 (CLOUDFLAR...)
1 2.19.34.83 20940 (AKAMAI-ASN1)
9 52.205.48.3 14618 (AMAZON-AES)
1 136.147.42.7 14340 (SALESFORCE)
1 216.58.210.8 15169 (GOOGLE)
6 216.58.210.3 15169 (GOOGLE)
1 2 216.58.210.14 15169 (GOOGLE)
1 216.58.214.34 15169 (GOOGLE)
2 157.240.20.19 32934 (FACEBOOK)
1 1 64.233.166.155 15169 (GOOGLE)
1 5 216.58.210.4 15169 (GOOGLE)
1 172.217.23.162 15169 (GOOGLE)
2 157.240.20.35 32934 (FACEBOOK)
1 136.147.41.7 14340 (SALESFORCE)
1 136.147.110.0 14340 (SALESFORCE)
41 16
Domain Requested by
17 my.castlighthealth.com my.castlighthealth.com
5 www.google.com 1 redirects my.castlighthealth.com
www.gstatic.com
3 fonts.gstatic.com my.castlighthealth.com
2 www.facebook.com my.castlighthealth.com
2 www.google.de my.castlighthealth.com
2 connect.facebook.net my.castlighthealth.com
connect.facebook.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.mycastlight.com 2 redirects
1 www.gstatic.com www.google.com
1 d.la4-c1-dfw.salesforceliveagent.com c.la1-c2-phx.salesforceliveagent.com
1 d.la1-c2-phx.salesforceliveagent.com c.la1-c2-phx.salesforceliveagent.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com my.castlighthealth.com
1 c.la1-c2-phx.salesforceliveagent.com my.castlighthealth.com
1 cdn.optimizely.com my.castlighthealth.com
1 code.ionicframework.com my.castlighthealth.com
1 fonts.googleapis.com my.castlighthealth.com
41 19

This site contains links to these domains. Also see Links.

Domain
m.us.castlighthealth.com
us.castlighthealth.com
Subject Issuer Validity Valid
*.castlighthealth.com
DigiCert SHA2 Secure Server CA
2017-03-07 -
2020-06-04
3 years crt.sh
www.google.com
Google Internet Authority G3
2018-04-17 -
2018-07-10
3 months crt.sh

This page contains 3 frames:

Primary Page: https://my.castlighthealth.com/?key=old_national_bancorp
Frame ID: 0CB7663F7F2D3341E646BFA518C24A9D
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=en&v=v1526338122299&size=invisible&cb=gcsm2490d19j
Frame ID: 1CBD5A58027276B5090B0C926C98A9F5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1526338122299&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&cb=2xaeatcidimg
Frame ID: B2AE266828F6033BCBAC30AE2E100A0B
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.mycastlight.com/onb HTTP 302
    https://www.mycastlight.com/onb HTTP 301
    https://my.castlighthealth.com/?key=old_national_bancorp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Red Hat/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+foundation[^>"]+css/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • env /^LiveAgent$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i
  • env /^optimizely$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

41
Requests

46 %
HTTPS

0 %
IPv6

15
Domains

19
Subdomains

16
IPs

2
Countries

610 kB
Transfer

1309 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mycastlight.com/onb HTTP 302
    https://www.mycastlight.com/onb HTTP 301
    https://my.castlighthealth.com/?key=old_national_bancorp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=876436600&t=pageview&_s=1&dl=https%3A%2F%2Fmy.castlighthealth.com%2F%3Fkey%3Dold_national_bancorp&ul=en-us&de=UTF-8&dt=Castlight%3A%20Your%20personalized%20healthcare%20assistant&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1910036194&gjid=1933122409&cid=1006122147.1526646234&tid=UA-15150851-20&_gid=873662926.1526646234&_r=1&gtm=G4sKVQNQW8&z=513634868 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15150851-20&cid=1006122147.1526646234&jid=1910036194&_gid=873662926.1526646234&gjid=1933122409&_v=j67&z=513634868 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1006122147.1526646234&jid=1910036194&_v=j67&z=513634868 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1006122147.1526646234&jid=1910036194&_v=j67&z=513634868&slf_rd=1&random=3884814361

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
my.castlighthealth.com/
Redirect Chain
  • http://www.mycastlight.com/onb
  • https://www.mycastlight.com/onb
  • https://my.castlighthealth.com/?key=old_national_bancorp
18 KB
5 KB
Document
General
Full URL
https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
c680b268c27f8a069f32135a3fd592354409138f72b74d12cedc6e593949bcd8

Request headers

Host
my.castlighthealth.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0CB7663F7F2D3341E646BFA518C24A9D

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 May 2018 12:23:53 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache/2.2.15 (Red Hat)
Set-Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; path=/
Vary
Accept-Encoding
Content-Length
4958
Connection
keep-alive

Redirect headers

Date
Fri, 18 May 2018 12:23:53 GMT
Server
Apache
Location
https://my.castlighthealth.com/?key=old_national_bancorp
Content-Length
264
Connection
close
Content-Type
text/html; charset=iso-8859-1
Set-Cookie
CASTLIGHT=1107957002.20480.0000; path=/
css
fonts.googleapis.com/
652 B
343 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
216.58.208.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f42.1e100.net
Software
ESF /
Resource Hash
acca94bf443b7912ed63e3d93910d25a747d3fd97974a7b7762d8a1ca4229659
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 12:23:54 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Fri, 18 May 2018 12:23:54 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/
50 KB
10 KB
Stylesheet
General
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
104.25.123.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-fastly-request-id
0b279988309d7a42880a726977dfb222576c4c03
date
Fri, 18 May 2018 12:23:54 GMT
content-encoding
gzip
cf-cache-status
MISS
access-control-allow-origin
*
x-cache
HIT
status
200
x-cache-hits
449
content-length
9682
x-served-by
cache-fra19122-FRA
last-modified
Mon, 13 Nov 2017 21:48:50 GMT
server
cloudflare
x-github-request-id
30DA:109F:1EFC01F:2A8B6BC:5ACC2C66
x-timer
S1526646234.080645,VS0,VE0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
41ce4c32f84f97a4-FRA
expires
Fri, 18 May 2018 14:23:54 GMT
bootstrap.min.css
my.castlighthealth.com/assets/libs/
63 KB
12 KB
Stylesheet
General
Full URL
https://my.castlighthealth.com/assets/libs/bootstrap.min.css?v=1.0.0.04252018
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
f78a468ebdcf139619b02e597babe1a8b7f3a3641c91c77df7a00415aaaf45e6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2017 23:28:35 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"8569b-fad2-54f47f2a5bfab"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11483
Expires
Sun, 17 Jun 2018 12:23:54 GMT
foundation.min.css
my.castlighthealth.com/assets/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://my.castlighthealth.com/assets/css/foundation.min.css?v=1.0.0.04252018
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
95b984503b5ae9e081721fd2206291c79abbc1e37a53e5bd59c5bbb08e2adbd4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"855eb-b41-569f2b679f000"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1019
Expires
Sun, 17 Jun 2018 12:23:54 GMT
home-page.min.css
my.castlighthealth.com/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://my.castlighthealth.com/assets/css/home-page.min.css?v=1.0.0.04252018
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
67812b872041b107a24054bfb3690264f5e7293fe039c815a371d52b114c8428

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"855ec-144c-569f2b679f000"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1511
Expires
Sun, 17 Jun 2018 12:23:54 GMT
7870096506.js
cdn.optimizely.com/js/
193 KB
66 KB
Script
General
Full URL
https://cdn.optimizely.com/js/7870096506.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Server
2.19.34.83 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-34-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d947cb6543056d79c482d4af75ce79320ec5f42c7a5441311a194cafe5d1871a
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-amz-version-id
aRlIq0e.XOKpwa23EgHsJz0hpuEdriIq
Content-Encoding
gzip
ETag
"3ff64c747f573849b89b83c767c8e766"
x-amz-request-id
EE8D740282AF7DF2
x-amz-meta-revision
16
Access-Control-Allow-Methods
GET, HEAD
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
67096
x-amz-id-2
QW4teFqaoinWB7iZjaGJKGyiPbdaqkZOi7i0NBuaAuBUFFp7Y0nMN7cGk0fTV6vHq01vw4HBYiQ=
Last-Modified
Thu, 15 Jun 2017 18:04:20 GMT
Server
AmazonS3
Date
Fri, 18 May 2018 12:23:54 GMT
Access-Control-Max-Age
86400
Strict-Transport-Security
max-age=86400
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amz-meta-revision
Cache-Control
max-age=120
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
*
castlight-logo.svg
my.castlighthealth.com/assets/images/
21 KB
10 KB
Image
General
Full URL
https://my.castlighthealth.com/assets/images/castlight-logo.svg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
1dae5d503b0510d32dbe15da5748878ff8dc3328d16f040a7124139d86c52468

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"850af-55a9-569f2b685fd7f"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9350
Expires
Sun, 17 Jun 2018 12:23:54 GMT
first-cta-icon.png
my.castlighthealth.com/assets/images/
2 KB
3 KB
Image
General
Full URL
https://my.castlighthealth.com/assets/images/first-cta-icon.png
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
f3fc893f60e640e7ffd74b72c464fc947c22a829411308993d2da23a0146c322

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Last-Modified
Mon, 03 Apr 2017 23:35:30 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"85612-8bf-54c4b9d5f7b57"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2239
Expires
Sat, 18 May 2019 12:23:54 GMT
second-cta-icon.png
my.castlighthealth.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://my.castlighthealth.com/assets/images/second-cta-icon.png
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
f5298d989f85c627ab1c6ab5f096c1aa2ae60d735579d1cff0251bcdc97974e1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Last-Modified
Mon, 03 Apr 2017 23:35:30 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"85615-850-54c4b9d5f7b57"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2128
Expires
Sat, 18 May 2019 12:23:54 GMT
third-cta-icon.png
my.castlighthealth.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://my.castlighthealth.com/assets/images/third-cta-icon.png
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
cb342909af42f6fe35b784b43c75125814c6bd6c8ba32413b390bf6a73315c4e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Last-Modified
Mon, 03 Apr 2017 23:35:30 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"85616-711-54c4b9d5f7b57"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1809
Expires
Sat, 18 May 2019 12:23:54 GMT
castlight-demo-video-041918.png
my.castlighthealth.com/assets/images/
37 KB
37 KB
Image
General
Full URL
https://my.castlighthealth.com/assets/images/castlight-demo-video-041918.png
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
5a8350fcaff30cf9eeecfad15214727d4dd54d78b713990182b0ffad6038c2b0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D; _ga=GA1.2.1006122147.1526646234; _gid=GA1.2.873662926.1526646234; _gat_UA-15150851-20=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Last-Modified
Fri, 20 Apr 2018 18:45:45 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"850c4-94a0-56a4c1893fcc3"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38048
Expires
Sat, 18 May 2019 12:23:54 GMT
castlight-app-download-041918.png
my.castlighthealth.com/assets/images/
49 KB
49 KB
Image
General
Full URL
https://my.castlighthealth.com/assets/images/castlight-app-download-041918.png
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
8f1577c544e3b513c974f560cba5276e700ebe053da8df7e5f89d7787bc0fc6d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D; _ga=GA1.2.1006122147.1526646234; _gid=GA1.2.873662926.1526646234; _gat_UA-15150851-20=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Last-Modified
Fri, 20 Apr 2018 18:45:45 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"850be-c221-56a4c1893fcc3"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49697
Expires
Sat, 18 May 2019 12:23:54 GMT
jquery.min.js
my.castlighthealth.com/assets/libs/
95 KB
33 KB
Script
General
Full URL
https://my.castlighthealth.com/assets/libs/jquery.min.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.205.163 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-205-163.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Apr 2017 23:35:30 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"8561e-17b8a-54c4b9d5fa267"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33758
Expires
Sun, 17 Jun 2018 12:23:54 GMT
bootstrap.min.js
my.castlighthealth.com/assets/libs/
21 KB
6 KB
Script
General
Full URL
https://my.castlighthealth.com/assets/libs/bootstrap.min.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
f45c672f6edebdb2e89a79f2fd87a23dfe73a4ebfaf9c9dffda2387605dc6521

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 May 2017 23:28:35 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"8569c-541c-54f47f2a5c393"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5935
Expires
Sun, 17 Jun 2018 12:23:54 GMT
navbar.min.js
my.castlighthealth.com/assets/js/
451 B
643 B
Script
General
Full URL
https://my.castlighthealth.com/assets/js/navbar.min.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
9410a1ebfa42aad1b32911b57f7af5cd3e27552f7080cfc1a64c2139325f0452

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Content-Encoding
gzip
Last-Modified
Sat, 15 Apr 2017 02:42:07 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"852cc-1c3-54d2b810970d6"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
258
Expires
Sun, 17 Jun 2018 12:23:54 GMT
home-script.min.js
my.castlighthealth.com/assets/js/
7 KB
3 KB
Script
General
Full URL
https://my.castlighthealth.com/assets/js/home-script.min.js?v=1.0.0.04172018
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
090ef66e625b04958665ceb5b00e90fc8bfb5ad1b9cb5374de13582cf9541175

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D; _ga=GA1.2.1006122147.1526646234; _gid=GA1.2.873662926.1526646234; _gat_UA-15150851-20=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 May 2018 17:35:11 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"858a1-1c16-56bb5354c51c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2881
Expires
Sun, 17 Jun 2018 12:23:54 GMT
deployment.js
c.la1-c2-phx.salesforceliveagent.com/content/g/js/39.0/
41 KB
41 KB
Script
General
Full URL
https://c.la1-c2-phx.salesforceliveagent.com/content/g/js/39.0/deployment.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Server
136.147.42.7 San Francisco, United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-phx.la1-c2-phx.salesforceliveagent.com
Software
Jetty(9.4.z-SNAPSHOT) /
Resource Hash
5c4ab19ec5fd0311393648381f1241f72c2c026396c8eb9618cbd25efa66900b

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Cache-Control
max-age=60, must-revalidate
Last-Modified
Mon, 14 May 2018 23:01:38 GMT
Server
Jetty(9.4.z-SNAPSHOT)
Accept-Ranges
bytes
Content-Length
41591
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/
53 KB
21 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KVQNQW8
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
216.58.210.8 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f8.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
8d8fe09390886ca285fec19a4ff89dc4f518541be60cc3b55f74e0e801c18350
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 12:23:54 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
20707
x-xss-protection
1; mode=block
expires
Fri, 18 May 2018 12:23:54 GMT
join-castlight-background.jpg
my.castlighthealth.com/assets/images/
15 KB
15 KB
Image
General
Full URL
https://my.castlighthealth.com/assets/images/join-castlight-background.jpg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
f6d40e909e89b3689a962dc80ae91c5a89a6db23346b48d9b1adf2d16029f9ca

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/assets/css/home-page.min.css?v=1.0.0.04252018
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D; _ga=GA1.2.1006122147.1526646234; _gid=GA1.2.873662926.1526646234; _gat_UA-15150851-20=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/assets/css/home-page.min.css?v=1.0.0.04252018
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Last-Modified
Mon, 03 Apr 2017 23:35:30 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"85614-3aed-54c4b9d5f7b57"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15085
Expires
Sat, 18 May 2019 12:23:54 GMT
castlight_testimonial_1.jpg
my.castlighthealth.com/assets/images/
17 KB
17 KB
Image
General
Full URL
https://my.castlighthealth.com/assets/images/castlight_testimonial_1.jpg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
8a54e7ff0d1760236ac1ae18fca4d5226e0e44769ba690bc4031e1f5cec3cc53

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/assets/css/home-page.min.css?v=1.0.0.04252018
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/assets/css/home-page.min.css?v=1.0.0.04252018
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"85ad3-4277-569f2b679f000"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17015
Expires
Sat, 18 May 2019 12:23:54 GMT
castlight-home-hero-image-041618.jpg
my.castlighthealth.com/assets/images/
56 KB
56 KB
Image
General
Full URL
https://my.castlighthealth.com/assets/images/castlight-home-hero-image-041618.jpg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.48.3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-48-3.compute-1.amazonaws.com
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
cb623f434a4ec65cecdae4cd8a4285a18de46d3c14b22c4a4e7492f541064f87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
my.castlighthealth.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
Cookie
PHPSESSID=77d32a18f1008d66e874baa61a8127ba; optimizelyEndUserId=oeu1526646234365r0.5072106723534071; optimizelySegments=%7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Fri, 18 May 2018 12:23:54 GMT
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache/2.2.15 (Red Hat)
ETag
"850ae-dfa1-569f2b685fd7f"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57249
Expires
Sat, 18 May 2019 12:23:54 GMT
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v14/
59 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
216.58.210.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f3.1e100.net
Software
sffe /
Resource Hash
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://my.castlighthealth.com

Response headers

date
Wed, 09 May 2018 03:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808285
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
30035
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:23:16 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2019 03:52:29 GMT
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/
57 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPHA.ttf
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
216.58.210.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f3.1e100.net
Software
sffe /
Resource Hash
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://my.castlighthealth.com

Response headers

date
Wed, 09 May 2018 04:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
807583
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
29554
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:24:09 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2019 04:04:11 GMT
S6u9w4BMUTPHh7USSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/
62 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh7USSwiPHA.ttf
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
216.58.210.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f3.1e100.net
Software
sffe /
Resource Hash
4977f8d8f865c43ee26dc31409cd4fe8945048d5800719133d79ab053527d859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin
https://my.castlighthealth.com

Response headers

date
Tue, 13 Feb 2018 15:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8110409
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
33428
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:24:04 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Feb 2019 15:30:25 GMT
analytics.js
www.google-analytics.com/
34 KB
14 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVQNQW8
Protocol
SPDY
Server
216.58.210.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Apr 2018 18:13:11 GMT
server
Golfe2
age
6062
date
Fri, 18 May 2018 10:42:52 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14353
expires
Fri, 18 May 2018 12:42:52 GMT
conversion_async.js
www.googleadservices.com/pagead/
16 KB
6 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVQNQW8
Protocol
SPDY
Server
216.58.214.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s09-in-f2.1e100.net
Software
cafe /
Resource Hash
264eb2b70231987744c375f70d1d789ce01c96a9b639838d94eb8364d3179f4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 12:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
6022
x-xss-protection
1; mode=block
server
cafe
etag
8126536220825983203
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 May 2018 12:23:54 GMT
fbevents.js
connect.facebook.net/en_US/
39 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
112560223d7dcf6f78bd1f4f1271590233b6cd02adf7a10f896b0f628c2c4d24
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
12398
x-xss-protection
0
pragma
public
x-fb-debug
sFNRfE/lRLfuyFeJSKmT0kq2CP9815Jz+EHSyCnj9cFcQKK/JAPHtblVHQEAEIUuVALnc8rp+BAgfnisHIVULg==
x-frame-options
DENY
date
Fri, 18 May 2018 12:23:54 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=876436600&t=pageview&_s=1&dl=https%3A%2F%2Fmy.castlighthealth.com%2F%3Fkey%3Dold_national_bancorp&ul=en-us&de=UTF-8&dt=Castlight%3A%20Your%20...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15150851-20&cid=1006122147.1526646234&jid=1910036194&_gid=873662926.1526646234&gjid=1933122409&_v=j67&z=513634868
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1006122147.1526646234&jid=1910036194&_v=j67&z=513634868
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1006122147.1526646234&jid=1910036194&_v=j67&z=513634868&slf_rd=1&random=3884814361
42 B
453 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1006122147.1526646234&jid=1910036194&_v=j67&z=513634868&slf_rd=1&random=3884814361
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
216.58.210.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 May 2018 12:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 May 2018 12:23:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15150851-20&cid=1006122147.1526646234&jid=1910036194&_v=j67&z=513634868&slf_rd=1&random=3884814361
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
331443480525137
connect.facebook.net/signals/config/
55 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/331443480525137?v=2.8.14&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
86678fe97b078dd3e3fca11526b635e333cec5bc2ccf6983cee8030585be0432
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
2ioWdzzdrjJFVZweAuwXIXJ99V48RqPVAJnfK8mKna6hs/qi9NKWaSITSgxUjplz/IhKEgvB9xrMefXGsz68uQ==
x-frame-options
DENY
date
Fri, 18 May 2018 12:23:54 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964221379/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964221379/?random=1526646234523&cv=9&fst=1526646234523&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G4s&sendb=1&frm=0&url=https%3A%2F%2Fmy.castlighthealth.com%2F%3Fkey%3Dold_national_bancorp&tiba=Castlight%3A%20Your%20personalized%20healthcare%20assistant&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
200c3ed0eeb9382c3e589c61f5e8030a2f9b3d5e2d46c32110019b7275b77819
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 May 2018 12:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
958
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/ads/user-lists/964221379/
42 B
155 B
Image
General
Full URL
https://www.google.com/ads/user-lists/964221379/?random=1526646234523&cv=9&fst=1526644800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G4s&sendb=1&frm=0&url=https%3A%2F%2Fmy.castlighthealth.com%2F%3Fkey%3Dold_national_bancorp&tiba=Castlight%3A%20Your%20personalized%20healthcare%20assistant&async=1&fmt=3&cdct=2&is_vtc=1&random=3786324444&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
216.58.210.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f4.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 May 2018 12:23:54 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/ads/user-lists/964221379/
42 B
144 B
Image
General
Full URL
https://www.google.de/ads/user-lists/964221379/?random=1526646234523&cv=9&fst=1526644800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G4s&sendb=1&frm=0&url=https%3A%2F%2Fmy.castlighthealth.com%2F%3Fkey%3Dold_national_bancorp&tiba=Castlight%3A%20Your%20personalized%20healthcare%20assistant&async=1&fmt=3&cdct=2&is_vtc=1&random=3786324444&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
216.58.210.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f3.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 May 2018 12:23:54 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
295 B
Image
General
Full URL
https://www.facebook.com/tr/?id=331443480525137&ev=PageView&dl=https%3A%2F%2Fmy.castlighthealth.com%2F%3Fkey%3Dold_national_bancorp&rl=&if=false&ts=1526646234582&sw=1600&sh=1200&v=2.8.14&r=stable&ec=0&o=28&it=1526646234513
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 12:23:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 18 May 2018 12:23:54 GMT
/
www.facebook.com/tr/
44 B
144 B
Image
General
Full URL
https://www.facebook.com/tr/?id=331443480525137&ev=Microdata&dl=https%3A%2F%2Fmy.castlighthealth.com%2F%3Fkey%3Dold_national_bancorp&rl=&if=false&ts=1526646235085&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Castlight%3A%20Your%20personalized%20healthcare%20assistant%22%2C%22og%3Adescription%22%3A%22Castlight%20helps%20you%20get%20more%20out%20of%20your%20health%20plan%20and%20benefits%20so%20you%20can%20experience%20healthcare%20in%20a%20whole%20new%20way.%20Register%20or%20log%20in%20today.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmy.castlighthealth.com%2Fassets%2Fimages%2Fmycastlight-preview.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fmy.castlighthealth.com%22%7D&cd[Meta]=%7B%22title%22%3A%22Castlight%3A%20Your%20personalized%20healthcare%20assistant%22%2C%22meta%3Adescription%22%3A%22Castlight%20helps%20you%20get%20more%20out%20of%20your%20health%20plan%20and%20benefits%20so%20you%20can%20experience%20healthcare%20in%20a%20whole%20new%20way.%20Register%20or%20log%20in%20today.%22%2C%22meta%3Akeywords%22%3A%22Castlight%2C%20Mycastlight%2C%20Mycastlighthealth%2C%20Castlight%20Health%2C%20Castlight%20login%2C%20Health%20benefits%20platform%2C%20Healthcare%20costs%2C%20Healthcare%20cost%20transparency%2C%20Healthcare%20dashboard%2C%20Find%20a%20doctor%2C%20Search%20for%20doctor%2C%20Healthcare%20claims%2C%20Manage%20healthcare%2C%20My%20healthcare%2C%20Healthcare%2C%20Primary%20care%20for%20adults%2C%20Adult%20Primary%20Care%2C%20Obstetrics%20and%20gynecologic%20care%2C%20Dermatologist%20visit%2C%20MRI%2C%20Colonoscopy%2C%20Psychological%20and%20psychiatric%20care%2C%20Orthopedic%20surgeon%20visit%2C%20Dermatologist%2C%20Primary%20Care%20for%20Children%2C%20Lab%20te%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.14&r=stable&ec=1&o=28&it=1526646234513&es=automatic
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/?key=old_national_bancorp
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 12:23:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 18 May 2018 12:23:55 GMT
MultiNoun.jsonp
d.la1-c2-phx.salesforceliveagent.com/chat/rest/System/
226 B
513 B
Script
General
Full URL
https://d.la1-c2-phx.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[573500000004D4v]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572500000004CzZ&org_id=00D50000000Mzb3&version=39
Requested by
Host: c.la1-c2-phx.salesforceliveagent.com
URL: https://c.la1-c2-phx.salesforceliveagent.com/content/g/js/39.0/deployment.js
Protocol
HTTP/1.1
Server
136.147.41.7 San Francisco, United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl3-phx.la1-c2-phx.salesforceliveagent.com
Software
/
Resource Hash
e13593b2a011a2e8a60f77d10baf726b13a396f65bd99b5472170775415f98fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
Settings.jsonp
d.la4-c1-dfw.salesforceliveagent.com/chat/rest/Visitor/
320 B
578 B
Script
General
Full URL
https://d.la4-c1-dfw.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?sid=517b1c08-98df-43fa-9041-0fd1a53664a9&Settings.prefix=Visitor&Settings.buttonIds=[573500000004D4v]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572500000004CzZ&org_id=00D50000000Mzb3&version=39
Requested by
Host: c.la1-c2-phx.salesforceliveagent.com
URL: https://c.la1-c2-phx.salesforceliveagent.com/content/g/js/39.0/deployment.js
Protocol
HTTP/1.1
Server
136.147.110.0 San Francisco, United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-dfw.la4-c1-dfw.salesforceliveagent.com
Software
/
Resource Hash
ed3339200f22d7cc7c81952ac9d5e78c8b727a62c8daa2609f2b909f93fa01e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
api.js
www.google.com/recaptcha/
763 B
610 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/assets/js/home-script.min.js?v=1.0.0.04172018
Protocol
SPDY
Server
216.58.210.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f4.1e100.net
Software
GSE /
Resource Hash
8ca61fff98a6df4a130500da31533224c9315b4fc71ea9a2d1b87ccc5bc4e59e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Fri, 18 May 2018 12:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
448
x-xss-protection
1; mode=block
expires
Fri, 18 May 2018 12:23:56 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1526338122299/
232 KB
75 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/api2/v1526338122299/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
SPDY
Server
216.58.210.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f3.1e100.net
Software
sffe /
Resource Hash
def37689ffcff89a7b72d457b467e9dfaab8bbafd9356e77a8dd92a30e31cfbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.castlighthealth.com/?key=old_national_bancorp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 16 May 2018 18:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 May 2018 23:45:00 GMT
server
sffe
age
149849
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
76797
x-xss-protection
1; mode=block
expires
Thu, 16 May 2019 18:46:27 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1CBD
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=en&v=v1526338122299&size=invisible&cb=gcsm2490d19j
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1526338122299/recaptcha__en.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.210.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ua04p2TSgpp0F8PMZPSg6TGOQZM' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=en&v=v1526338122299&size=invisible&cb=gcsm2490d19j
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://my.castlighthealth.com/?key=old_national_bancorp
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0CB7663F7F2D3341E646BFA518C24A9D
Referer
https://my.castlighthealth.com/?key=old_national_bancorp

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 18 May 2018 12:23:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-Ua04p2TSgpp0F8PMZPSg6TGOQZM' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10518
server
GSE
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
bframe
www.google.com/recaptcha/api2/ Frame B2AE
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1526338122299&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&cb=2xaeatcidimg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1526338122299/recaptcha__en.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.210.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b6UzYCM1LZ+XlsQLA86SvfV1cFo' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=v1526338122299&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&cb=2xaeatcidimg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://my.castlighthealth.com/?key=old_national_bancorp
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
0CB7663F7F2D3341E646BFA518C24A9D
Referer
https://my.castlighthealth.com/?key=old_national_bancorp

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 18 May 2018 12:23:56 GMT
content-security-policy
script-src 'report-sample' 'nonce-b6UzYCM1LZ+XlsQLA86SvfV1cFo' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
681
server
GSE
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| geolocation object| optly function| $ function| jQuery object| optimizely object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| jQuery112409773144349776604 function| viewport function| blueBtn_fix object| _laq function| hero_resize function| call_button_display function| load_vimeo_iframe function| demo_video_resize function| demo_video function| get_utm_campaign function| onSubmit function| app_download_link object| inArr object| outArr undefined| phoneNumber undefined| key function| homeOnload boolean| liveAgentDeployment object| liveagent object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| closure_lm_301503

12 Cookies

Domain/Path Name / Value
my.castlighthealth.com/ Name: liveagent_vc
Value: 2
.castlighthealth.com/ Name: _gat_UA-15150851-20
Value: 1
.castlighthealth.com/ Name: optimizelyPendingLogEvents
Value: %5B%5D
my.castlighthealth.com/ Name: liveagent_ptid
Value: 517b1c08-98df-43fa-9041-0fd1a53664a9
my.castlighthealth.com/ Name: liveagent_oref
Value:
.castlighthealth.com/ Name: _gid
Value: GA1.2.873662926.1526646234
.castlighthealth.com/ Name: optimizelyEndUserId
Value: oeu1526646234365r0.5072106723534071
.castlighthealth.com/ Name: optimizelyBuckets
Value: %7B%7D
my.castlighthealth.com/ Name: liveagent_sid
Value: 517b1c08-98df-43fa-9041-0fd1a53664a9
.castlighthealth.com/ Name: _ga
Value: GA1.2.1006122147.1526646234
.castlighthealth.com/ Name: optimizelySegments
Value: %7B%227878514191%22%3A%22false%22%2C%227868635585%22%3A%22direct%22%2C%227891402226%22%3A%22gc%22%2C%227870037174%22%3A%22none%22%7D
my.castlighthealth.com/ Name: PHPSESSID
Value: 77d32a18f1008d66e874baa61a8127ba

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.la1-c2-phx.salesforceliveagent.com
cdn.optimizely.com
code.ionicframework.com
connect.facebook.net
d.la1-c2-phx.salesforceliveagent.com
d.la4-c1-dfw.salesforceliveagent.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
my.castlighthealth.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.mycastlight.com
104.25.123.99
136.147.110.0
136.147.41.7
136.147.42.7
157.240.20.19
157.240.20.35
172.217.23.162
199.167.37.238
2.19.34.83
216.58.208.42
216.58.210.14
216.58.210.3
216.58.210.4
216.58.210.8
216.58.214.34
34.232.205.163
52.205.48.3
64.233.166.155
090ef66e625b04958665ceb5b00e90fc8bfb5ad1b9cb5374de13582cf9541175
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112560223d7dcf6f78bd1f4f1271590233b6cd02adf7a10f896b0f628c2c4d24
1dae5d503b0510d32dbe15da5748878ff8dc3328d16f040a7124139d86c52468
200c3ed0eeb9382c3e589c61f5e8030a2f9b3d5e2d46c32110019b7275b77819
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
264eb2b70231987744c375f70d1d789ce01c96a9b639838d94eb8364d3179f4b
4977f8d8f865c43ee26dc31409cd4fe8945048d5800719133d79ab053527d859
5a8350fcaff30cf9eeecfad15214727d4dd54d78b713990182b0ffad6038c2b0
5c4ab19ec5fd0311393648381f1241f72c2c026396c8eb9618cbd25efa66900b
67812b872041b107a24054bfb3690264f5e7293fe039c815a371d52b114c8428
86678fe97b078dd3e3fca11526b635e333cec5bc2ccf6983cee8030585be0432
8a54e7ff0d1760236ac1ae18fca4d5226e0e44769ba690bc4031e1f5cec3cc53
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8ca61fff98a6df4a130500da31533224c9315b4fc71ea9a2d1b87ccc5bc4e59e
8d8fe09390886ca285fec19a4ff89dc4f518541be60cc3b55f74e0e801c18350
8f1577c544e3b513c974f560cba5276e700ebe053da8df7e5f89d7787bc0fc6d
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
9410a1ebfa42aad1b32911b57f7af5cd3e27552f7080cfc1a64c2139325f0452
95b984503b5ae9e081721fd2206291c79abbc1e37a53e5bd59c5bbb08e2adbd4
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
acca94bf443b7912ed63e3d93910d25a747d3fd97974a7b7762d8a1ca4229659
c680b268c27f8a069f32135a3fd592354409138f72b74d12cedc6e593949bcd8
cb342909af42f6fe35b784b43c75125814c6bd6c8ba32413b390bf6a73315c4e
cb623f434a4ec65cecdae4cd8a4285a18de46d3c14b22c4a4e7492f541064f87
d947cb6543056d79c482d4af75ce79320ec5f42c7a5441311a194cafe5d1871a
def37689ffcff89a7b72d457b467e9dfaab8bbafd9356e77a8dd92a30e31cfbb
e13593b2a011a2e8a60f77d10baf726b13a396f65bd99b5472170775415f98fb
ed3339200f22d7cc7c81952ac9d5e78c8b727a62c8daa2609f2b909f93fa01e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fc893f60e640e7ffd74b72c464fc947c22a829411308993d2da23a0146c322
f45c672f6edebdb2e89a79f2fd87a23dfe73a4ebfaf9c9dffda2387605dc6521
f5298d989f85c627ab1c6ab5f096c1aa2ae60d735579d1cff0251bcdc97974e1
f6d40e909e89b3689a962dc80ae91c5a89a6db23346b48d9b1adf2d16029f9ca
f78a468ebdcf139619b02e597babe1a8b7f3a3641c91c77df7a00415aaaf45e6