urlscan.io logo urlscan.io
SecurityTrails logo

my.castlighthealth.com Open in urlscan Pro
95.101.88.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.secure.castlighthealth.com/?qs=45d517e0c61c1ab93cebaa3ab7ba227c0af0c1a5713cdc7423ed1d2536f8355fdf88ddbd80406193f385084dcd3a...
Effective URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Submission: On November 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 47 HTTP transactions. The main IP is 95.101.88.18, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is my.castlighthealth.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 14th 2021. Valid for: 9 months.
This is the only time my.castlighthealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.245.89.43 22606 (EXACT-7)
1 16 95.101.88.18 20940 (AKAMAI-ASN1)
4 216.58.212.170 15169 (GOOGLE)
6 142.250.184.196 15169 (GOOGLE)
1 136.147.100.133 14340 (SALESFORCE)
1 95.101.88.122 20940 (AKAMAI-ASN1)
9 142.250.186.35 15169 (GOOGLE)
2 104.111.214.229 16625 (AKAMAI-AS)
9 142.250.185.67 15169 (GOOGLE)
47 9
1    198.245.89.43 (United States)

ASN22606 (EXACT-7, US)
PTR: click.secure.castlighthealth.com
click.secure.castlighthealth.com
16    95.101.88.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-88-18.deploy.static.akamaitechnologies.com
my.castlighthealth.com
4    216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net
fonts.googleapis.com
6    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
1    136.147.100.133 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl2-phx.la3-c1-phx.salesforceliveagent.com
c.la3-c1-phx.salesforceliveagent.com
1    95.101.88.122 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-88-122.deploy.static.akamaitechnologies.com
us.castlighthealth.com
9    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
2    104.111.214.229 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-229.deploy.static.akamaitechnologies.com
s.go-mpulse.net
c.go-mpulse.net
9    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
www.gstatic.com
Domain Requested by
16 my.castlighthealth.com 1 redirects my.castlighthealth.com
9 www.gstatic.com www.google.com
www.gstatic.com
9 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 www.google.com my.castlighthealth.com
www.gstatic.com
www.google.com
4 fonts.googleapis.com my.castlighthealth.com
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net my.castlighthealth.com
1 us.castlighthealth.com my.castlighthealth.com
1 c.la3-c1-phx.salesforceliveagent.com my.castlighthealth.com
1 click.secure.castlighthealth.com 1 redirects
47 10

This site contains links to these domains. Also see Links.

Domain
us.castlighthealth.com
m.us.castlighthealth.com
Subject Issuer Validity Valid
us.castlighthealth.com
DigiCert SHA2 Secure Server CA		 2021-10-14 -
2022-07-26		 9 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
la3-c1-phx.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-08 -
2022-09-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
akstat.io
DigiCert SHA2 Secure Server CA		 2021-06-08 -
2022-06-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Frame ID: 8FB77BA38B4588D4326D2E9621B610D1
Requests: 29 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/MB8HU-S8EL9-4RBCE-VDHH2-FPGUY
Frame ID: 973524272B8C04EC2B7213C3A600032B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=t8ncyv5z59n
Frame ID: 0269FDA3544DBAFBD9D16F9FD3E98BA7
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5
Frame ID: 867B450A6D2C35F058FD49AA21EA3FA9
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get Castlight Mobile App

Page URL History Show full URLs

  1. https://click.secure.castlighthealth.com/?qs=45d517e0c61c1ab93cebaa3ab7ba227c0af0c1a5713cdc7423ed1d2536f8355fdf88ddbd... HTTP 302
    https://my.castlighthealth.com/mobile?utm_campaign=castlight_watermark HTTP 301
    https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark Page URL

Page Statistics

47
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

10
Subdomains

9
IPs

2
Countries

920 kB
Transfer

2159 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.secure.castlighthealth.com/?qs=45d517e0c61c1ab93cebaa3ab7ba227c0af0c1a5713cdc7423ed1d2536f8355fdf88ddbd80406193f385084dcd3ab77a8a90297d52554fa4813554f97daefa60 HTTP 302
    https://my.castlighthealth.com/mobile?utm_campaign=castlight_watermark HTTP 301
    https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.castlighthealth.com/mobile/
Redirect Chain
  • https://click.secure.castlighthealth.com/?qs=45d517e0c61c1ab93cebaa3ab7ba227c0af0c1a5713cdc7423ed1d2536f8355fdf88ddbd80406193f385084dcd3ab77a8a90297d52554fa4813554f97daefa60
  • https://my.castlighthealth.com/mobile?utm_campaign=castlight_watermark
  • https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4770742fb5f94ca721c89319ed36524979681b0f7ae4e850a3faa5e316347e5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=2592000
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Expires
Wed, 01 Dec 2021 15:14:01 GMT
Server
Apache
X-Akamai-Transformed
9 2735 0 pmb=mTOE,2mRUM,1
Date
Mon, 01 Nov 2021 15:14:01 GMT
Content-Length
4622
Connection
keep-alive
Vary
Accept-Encoding
Server-Timing
cdn-cache; desc=MISS edge; dur=91 origin; dur=31

Redirect headers

Cache-Control
max-age=2592000
Content-Type
text/html; charset=iso-8859-1
Expires
Wed, 01 Dec 2021 15:14:01 GMT
Location
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Server
Apache
Content-Length
279
Date
Mon, 01 Nov 2021 15:14:01 GMT
Connection
keep-alive
Server-Timing
cdn-cache; desc=MISS edge; dur=394 origin; dur=123
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,600,700
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
7027755ee45cb32abe679cdba5eeaa32e24a8a1020501a122c07fb67f03d5b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 15:01:29 GMT
server
ESF
date
Mon, 01 Nov 2021 15:14:01 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 15:14:01 GMT
css
fonts.googleapis.com/ 		5 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,700,800
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
d9593a9dbb31458bb49bfa2519c48badfd36bc4e880e011aaf1a57680ac27fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 15:14:01 GMT
server
ESF
date
Mon, 01 Nov 2021 15:14:01 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 15:14:01 GMT
libs.min.css
my.castlighthealth.com/mobile/css/ 		153 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/mobile/css/libs.min.css
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0481ea5491fd130141b53e76e299f9f8dd062ac6a633059e14c671134ac31cae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache
ETag
"263b8-569f2b679f000-gzip"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=2592000
Server-Timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=8
Accept-Ranges
bytes
Content-Length
28729
Expires
Wed, 01 Dec 2021 15:14:01 GMT
style.min.css
my.castlighthealth.com/mobile/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/mobile/css/style.min.css?v=1.0.9
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14d8fa5cd01b315f35057c0c5dda4156b7176f4eff3a5368f7a829b28f246b81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache
ETag
"8f81-569f2b679f000-gzip"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=2592000
Server-Timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=29
Accept-Ranges
bytes
Content-Length
7244
Expires
Wed, 01 Dec 2021 15:14:01 GMT
castlight.min.css
my.castlighthealth.com/mobile/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/mobile/css/castlight.min.css?v=1.1.16
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
80ed03fc58d4483a9e35058711c0495b946da9fc8deb912d24a196ef76005bf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Aug 2018 16:55:22 GMT
Server
Apache
ETag
"1523-573a46cdff280-gzip"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=2592000
Server-Timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=39
Accept-Ranges
bytes
Content-Length
1685
Expires
Wed, 01 Dec 2021 15:14:01 GMT
castlight-page-updated.css
my.castlighthealth.com/mobile/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/mobile/css/castlight-page-updated.css
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11b146a968a0d08a866cca7e85a8256bf3b7ffdcfd4a98da8e0fc4a92fa640ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2019 16:31:19 GMT
Server
Apache
ETag
"e87-58b0ed39343c0-gzip"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=2592000
Server-Timing
cdn-cache; desc=MISS, edge; dur=267, origin; dur=6
Accept-Ranges
bytes
Content-Length
1286
Expires
Wed, 01 Dec 2021 15:14:02 GMT
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
641c7b38de5430ec983a3286f78f0aa10305b8c7b1cd48fdf85dc2ef48275228
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 15:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 15:14:01 GMT
6dd238a3
my.castlighthealth.com/akam/11/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/akam/11/6dd238a3
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
09476e837d3baf63899c9ef117385f1522afb1622a711f7e9e03686dfb43e0c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 15:14:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 May 2019 20:04:32 GMT
ETag
"66fdfeceec0d0594c84abfb8ebd1d527026e7e54b3293ea45578c3b94963412c"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store
Server-Timing
cdn-cache; desc=HIT, edge; dur=317
Content-Length
10460
Expires
Mon, 01 Nov 2021 15:14:02 GMT
castlight-logo.svg
my.castlighthealth.com/assets/images/ 		21 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.castlighthealth.com/assets/images/castlight-logo.svg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1dae5d503b0510d32dbe15da5748878ff8dc3328d16f040a7124139d86c52468

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache
ETag
"55a9-569f2b679f000-gzip"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Server-Timing
cdn-cache; desc=MISS, edge; dur=123, origin; dur=11
Accept-Ranges
bytes
Content-Length
9350
Expires
Wed, 01 Dec 2021 15:14:02 GMT
faq.jpg
my.castlighthealth.com/mobile/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.castlighthealth.com/mobile/images/faq.jpg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5223414022c4dee876f90bc719aa20259f250057f63e1049be5e7662382fe61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Last-Modified
Tue, 11 Jun 2019 16:32:11 GMT
Server
Apache
ETag
"57e-58b0ed6acb8c0"
Connection
keep-alive
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Server-Timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=5
Accept-Ranges
bytes
Content-Length
1406
Expires
Tue, 01 Nov 2022 15:14:02 GMT
chat.jpg
my.castlighthealth.com/mobile/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.castlighthealth.com/mobile/images/chat.jpg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d8abb48aef4837d72f4587a20ef13a5f7dadf15c31eb91c34ba41e31751b633e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Last-Modified
Tue, 11 Jun 2019 16:33:25 GMT
Server
Apache
ETag
"59a-58b0edb15df40"
Connection
keep-alive
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Server-Timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=3
Accept-Ranges
bytes
Content-Length
1434
Expires
Tue, 01 Nov 2022 15:14:02 GMT
call.jpg
my.castlighthealth.com/mobile/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.castlighthealth.com/mobile/images/call.jpg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0f466615f23dd6b1c4de3fc8e0a5a43d80fb1b84f660a9d0fcfdf191f96b183f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Last-Modified
Tue, 11 Jun 2019 16:32:11 GMT
Server
Apache
ETag
"562-58b0ed6acb8c0"
Connection
keep-alive
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Server-Timing
cdn-cache; desc=MISS, edge; dur=89, origin; dur=18
Accept-Ranges
bytes
Content-Length
1378
Expires
Tue, 01 Nov 2022 15:14:02 GMT
libs.min.js
my.castlighthealth.com/mobile/js/ 		185 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/mobile/js/libs.min.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
458644482032d71d25c8457d7f81c7eb77a7d8edb8194af8e570f5e930dd1f20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache
ETag
"2e54c-569f2b679f000-gzip"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=2592000
Server-Timing
cdn-cache; desc=MISS, edge; dur=262, origin; dur=14
Accept-Ranges
bytes
Content-Length
56409
Expires
Wed, 01 Dec 2021 15:14:02 GMT
script.min.js
my.castlighthealth.com/mobile/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/mobile/js/script.min.js?v=1.0.2
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
23c55595e0c71d919a34f444dc9f9683f18a899b339dac226df6fd1ecb27a697

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Apr 2018 08:07:28 GMT
Server
Apache
ETag
"58d-569f2b679f000-gzip"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=2592000
Server-Timing
cdn-cache; desc=MISS, edge; dur=271, origin; dur=9
Accept-Ranges
bytes
Content-Length
690
Expires
Wed, 01 Dec 2021 15:14:02 GMT
castlight.min.js
my.castlighthealth.com/mobile/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/mobile/js/castlight.min.js?v=1.0.23
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad30c968ad6e9c19b3d44fe5f696887880d3cde0b823973c57c9f8bfba8e2f80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Aug 2018 20:40:44 GMT
Server
Apache
ETag
"1316-5731ac1f5ab00-gzip"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=2592000
Server-Timing
cdn-cache; desc=MISS, edge; dur=261, origin; dur=7
Accept-Ranges
bytes
Content-Length
1933
Expires
Wed, 01 Dec 2021 15:14:02 GMT
deployment.js
c.la3-c1-phx.salesforceliveagent.com/content/g/js/43.0/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.la3-c1-phx.salesforceliveagent.com/content/g/js/43.0/deployment.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.147.100.133 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-phx.la3-c1-phx.salesforceliveagent.com
Software
Jetty /
Resource Hash
b8110357aae2db89818d644e22aa475887532f287302e02aab2c12b8cf9deb21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:03 GMT
Cache-Control
max-age=60, must-revalidate
Last-Modified
Fri, 15 Oct 2021 16:53:58 GMT
Server
Jetty
Accept-Ranges
bytes
Content-Length
41960
Content-Type
application/javascript
salesforce_live_agent.js
us.castlighthealth.com/v2/lib/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://us.castlighthealth.com/v2/lib/salesforce_live_agent.js
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-122.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		9 KB
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,700,800|Poppins:300,400,600,700
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/css/style.min.css?v=1.0.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
4db2948d93b4dea5a4e5f461692873ae53b171e6847767be177f781d60a9796a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 15:14:02 GMT
server
ESF
date
Mon, 01 Nov 2021 15:14:02 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 15:14:02 GMT
pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v15/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJnecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
738cb7aba1703ee4705776436452858e9832ef81847f0f646ed83949c7763c53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.castlighthealth.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 13:30:27 GMT
x-content-type-options
nosniff
age
6215
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5504
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 01 Nov 2022 13:30:27 GMT
css
fonts.googleapis.com/ 		2 KB
429 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/css/castlight-page-updated.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f10.1e100.net
Software
ESF /
Resource Hash
47d10c916915480806f7e1066ff6194fd0bde12ef7c36e68f8155d47a10bd531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 14:15:50 GMT
server
ESF
date
Mon, 01 Nov 2021 15:14:02 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 15:14:02 GMT
S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v20/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjxAwXjeu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
2b7ad361cce9dbab34c8fd714b379707d7aa40199bf90b90f9f19c7c1db5171b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.castlighthealth.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 03:39:13 GMT
x-content-type-options
nosniff
age
300889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5480
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:00 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Oct 2022 03:39:13 GMT
MB8HU-S8EL9-4RBCE-VDHH2-FPGUY
s.go-mpulse.net/boomerang/ Frame 9735 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/MB8HU-S8EL9-4RBCE-VDHH2-FPGUY
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.229 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 15:14:02 GMT
content-encoding
br
last-modified
Thu, 29 Jul 2021 16:50:21 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
recaptcha__de.js
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ 		348 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://my.castlighthealth.com/
Origin
https://my.castlighthealth.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 14:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139303
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 04:03:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 01 Nov 2022 14:45:50 GMT
bike.svg
my.castlighthealth.com/mobile/images/ 		16 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.castlighthealth.com/mobile/images/bike.svg
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/mobile/css/castlight-page-updated.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
acc9307c63daf06064991e471bb30434804716bd9827929e0ff7c4023aadba03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/mobile/css/castlight-page-updated.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 15:14:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2019 16:32:09 GMT
Server
Apache
ETag
"3f68-58b0ed68e3440-gzip"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Server-Timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=4
Accept-Ranges
bytes
Content-Length
7310
Expires
Wed, 01 Dec 2021 15:14:02 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.castlighthealth.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 12:11:32 GMT
x-content-type-options
nosniff
age
356550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 12:11:32 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.castlighthealth.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 10:51:57 GMT
x-content-type-options
nosniff
age
102125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 31 Oct 2022 10:51:57 GMT
config.json
c.go-mpulse.net/api/ Frame 9735 		51 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=MB8HU-S8EL9-4RBCE-VDHH2-FPGUY&d=my.castlighthealth.com&t=5452599&v=1.632.0&if=&sl=0&si=00n0ozxrxucu-r1wfne&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=551127
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/MB8HU-S8EL9-4RBCE-VDHH2-FPGUY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.229 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a78ac9458bd1e93516c9f9e93af8be380564b7bcd27d49567c0c0ef5c951c923

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 01 Nov 2021 15:14:02 GMT
Cache-Control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
51
Content-Type
application/json
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
anchor
www.google.com/recaptcha/api2/ Frame 0269 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=t8ncyv5z59n
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
cea522c0716ae4f295f1cbe402b33bb8a3b253fa1304fd8e0b4ca13f1181e2c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MyfXcb5WuUZr0twzzq0xZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 01 Nov 2021 15:14:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-MyfXcb5WuUZr0twzzq0xZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20776
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame 0269 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=t8ncyv5z59n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 14:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25743
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 04:03:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 01 Nov 2022 14:45:51 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame 0269 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=t8ncyv5z59n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 14:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139303
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 04:03:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 01 Nov 2022 14:45:50 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0269 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
age
266158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Fri, 05 Nov 2021 13:18:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0269 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=t8ncyv5z59n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 06:41:55 GMT
x-content-type-options
nosniff
age
376336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 06:41:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0269 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=t8ncyv5z59n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 20:32:05 GMT
x-content-type-options
nosniff
age
326526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 20:32:05 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 0269 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=t8ncyv5z59n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
254853b06629a0510c2e9252f92aa2b525cf9851b29a3cdeeb41c94dc91d632c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5&co=aHR0cHM6Ly9teS5jYXN0bGlnaHRoZWFsdGguY29tOjQ0Mw..&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=invisible&cb=t8ncyv5z59n
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 15:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 15:14:11 GMT
bframe
www.google.com/recaptcha/api2/ Frame 867B 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
01012cc4991f9892e4b54d9946386e88cdbc94213a91fe20aac177ab4743ca4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h4ieAhHQMXfoKIWbApv7Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://my.castlighthealth.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 01 Nov 2021 15:14:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-h4ieAhHQMXfoKIWbApv7Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame 867B 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 14:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25743
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 04:03:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 01 Nov 2022 14:45:51 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame 867B 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 14:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139303
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 04:03:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Tue, 01 Nov 2022 14:45:50 GMT
reload
www.google.com/recaptcha/api2/ Frame 867B 		37 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
9c0051503e4550732b144d1002fcbfbee520460d7da4052a7e692b4b56f11f17
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 01 Nov 2021 15:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22789
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 15:14:11 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 867B 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 22:11:21 GMT
x-content-type-options
nosniff
age
320570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Thu, 04 Nov 2021 22:11:21 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 867B 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 04:14:01 GMT
x-content-type-options
nosniff
age
298810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Fri, 05 Nov 2021 04:14:01 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 867B 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 22:30:58 GMT
x-content-type-options
nosniff
age
60193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sun, 07 Nov 2021 22:30:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 867B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 06:41:55 GMT
x-content-type-options
nosniff
age
376336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 06:41:55 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 867B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 15:45:37 GMT
x-content-type-options
nosniff
age
343714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 15:45:37 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 867B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 20:32:05 GMT
x-content-type-options
nosniff
age
326526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 20:32:05 GMT
payload
www.google.com/recaptcha/api2/ Frame 867B 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AGdBq271ubdLb53fD_kY3wdy1kLNgY0favsOEPq7GcCcnyv2swWBCVFZUrDS7Q3IjK0rBrnlC75i6GeFT7ZVWdaYzzTH7ncDqNgZ80Ap4HxLlsd4POpRH8WKHX6rSQTyUrtfRePWMg2je7SH7dfPHDkuO3EgF2bBIbz82p2vJNwFpk5fMtcaLbJ8urNtQ74skMq5oyU8SyaDyToWywBpnzpqAxIogoCXQA&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
94507cb9a2cf6651a3ff642967ec21363b611d9391ef4081c4be12236ff7ac52
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&k=6LdcAR0UAAAAAJsCVtj-ZGMZTZ9PVa1bRbSSG2g5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 15:14:11 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46062
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 15:14:11 GMT
pixel_6dd238a3
my.castlighthealth.com/akam/11/ 		0
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.castlighthealth.com/akam/11/pixel_6dd238a3
Requested by
Host: my.castlighthealth.com
URL: https://my.castlighthealth.com/akam/11/6dd238a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.88.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-88-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.castlighthealth.com/mobile/?utm_campaign=castlight_watermark
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 01 Nov 2021 15:14:12 GMT
Connection
keep-alive
Server-Timing
cdn-cache; desc=HIT, edge; dur=2
Content-Length
0
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| BOOMR_API_key object| BOOMR number| BOOMR_lstart string| bazadebezolkohpepadr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| BOOMR_mq number| BOOMR_configt function| $ function| jQuery function| resetPhone function| get_utm_campaign function| onSubmit function| viewport function| demo_video_resize function| demo_video function| curve_background_position object| inArr object| outArr undefined| phoneNumber undefined| key boolean| liveAgentDeployment object| liveagent string| urhehlevkedkilrobacf object| closure_lm_155766 number| BOOMR_onload

7 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AINsHFcyhmUeRVK3R53xYQnvjg-LBKEtvnN4LGRmJiEIDZOmLVUvb5VrF5tPk5T0_1PIvXivYUeo5vHkF3fCqco
.castlighthealth.com/ Name: _abck
Value: 6CC646CE5E2A00EDB97F2590F51E7F95~-1~YAAQDlhlX74GC9J8AQAAZIEQ3AYhdpKdfLi8HXobrgxAs8wUgucEbAo0S2SoXK9qKht+bZ/BesCdOEpV5fEc8t/8hfKIXhyqS1remAgDWYUMcuPC9AVtF97KzOTxwh35vvMm9GYCFfGXkd4cO22on0KN24J7IFIglMQBUEEgatyZhSankchFBG9kfRSn03k/JPF1po2QwKiqIW1trKu/4pi5VocgwcCW5Yj/Szeu4qg40pARe+QhViPKHKIqtH0XzSSoO8nhYegjlapGJv22coI9NfMFPoEDbAX7tg1wL2iIH9sq0sYUbpUlI0zqtXXVjZnWhoohl8DlIN6nf+MEYW/anv6Y08/xE/6erZwL4L8GJWCSml9M9R1Th/QK/0zvd7+xL0E=~-1~-1~-1
.castlighthealth.com/ Name: bm_sz
Value: 7C98876F3C25D6A74555D4776CF6E8F4~YAAQDlhlX8AGC9J8AQAAZIEQ3A21+MhmoQVTlIXlTEJkKmvoV5yhDytbeiwxh/DjMXiBEtgAQDPy6WyoHGfPLCQCzBhO1KQtbUqB7wmM6lMYRVP0lTlsR48N6Ega7wIRx1VDxGGqCF7ur2EzqHZB3udyPNHwHW1DU+0en5zbDt6bWpmZ+icLGwLGLndMHmfbi1BNTpcqbS1CjZeO8mWjE0ZunsbeCpQUywCPdJ2qiEHcTfHGWqAGdsgX7PtXZk/9cn27kGitFeZ7Le8SXzefIz3TX6UO8spcvMEXgPhJl16ME0C1sqdDGPfvZXY=~3486786~3682882
.castlighthealth.com/ Name: bm_sv
Value: 87FA362F84A6412188A996B20FBAAA84~KZm6pyQVC5BOKuN+QmFSYGYXs8XqoP/TSVBtM5/QG/Mw9ROK5ZQMg+r2pIKVv0WQEVYBYhZZZn0eDXUygVOHezLZvnaaLT+tpmER1LtCvTyd538d4lIyxuiXh/5LGR208vA8f88nLjZBTx8pzvGavqqDXQ0+thmbzo1ZUIzQ/To=
.castlighthealth.com/ Name: RT
Value: "z=1&dm=castlighthealth.com&si=00n0ozxrxucu&ss=kvgsypuk&sl=0&tt=0"
.castlighthealth.com/ Name: bm_mi
Value: D3865008663F1C5DE335655746D287DF~XffMUY2Yiue30QAiRCjwIft3SY38zDcxCeiWRZNgX+UefZhz9NM2BM/TQCS02i+pEH5Gc04OK1sw4WDzhfnUKIF1eN9Y+a2joXy7ByeFDesxF5HgGqyZRc6s9zt03SBavUVPrzXqPmllgYkAfGto77bNX9RhciJZ/Y8gv8ZB4d5+834BGKTCDS0l7FjnpGZTMDsX1BKfrAvpm8JQTq2+0yGFmN/A1yPJl5eQ6jy0uMbeP4KjrKfpth1J6aT27CkoEzDThigZhIyquVsETHF9AMS2RLpJCvknNQ+qyXztZbk=
.castlighthealth.com/ Name: ak_bmsc
Value: 0D1104F7B6A9552919E1DEE209BE5DC6~000000000000000000000000000000~YAAQDlhlX8IGC9J8AQAAHqoQ3A3FYO6bN8mpk6WMGNs1JHAzvORrnjiQ+yFT+mKGaPa/kFfpBy/lk/jrxtuFbI/Mgd5PrupyC+hkwrdxpKvxGJLsBMK0K3KVuAWf2OQ/9dVHGk/SiCWUNKnKRE0XYzfWPKXg9ABYKtJQwup9nagvdxYbdHQFX6oGeJdlIQ9FUXZJ6MaCOXbNsvNaPN2/fKufz2+12zSVBfJOwna6jb14GLj6MMsQqil1EH2gUlHrjA6pCZpej12SfJd+z8PWmc9/BKwczMInAp0HdKZJiQAVhZxWgK+GGyHTkG0dRSEcRKFWcE+30Vyw3AjPTVzYqv5ByOg+hC+Qbk3ckb7JSfAzmioNX7K6PEkeWREzj7nUjUaHdloEyTmo+WBhgu95/UV4bilW3Q==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.go-mpulse.net
c.la3-c1-phx.salesforceliveagent.com
click.secure.castlighthealth.com
fonts.googleapis.com
fonts.gstatic.com
my.castlighthealth.com
s.go-mpulse.net
us.castlighthealth.com
www.google.com
www.gstatic.com
104.111.214.229
136.147.100.133
142.250.184.196
142.250.185.67
142.250.186.35
198.245.89.43
216.58.212.170
95.101.88.122
95.101.88.18
01012cc4991f9892e4b54d9946386e88cdbc94213a91fe20aac177ab4743ca4a
0481ea5491fd130141b53e76e299f9f8dd062ac6a633059e14c671134ac31cae
09476e837d3baf63899c9ef117385f1522afb1622a711f7e9e03686dfb43e0c2
0f466615f23dd6b1c4de3fc8e0a5a43d80fb1b84f660a9d0fcfdf191f96b183f
11b146a968a0d08a866cca7e85a8256bf3b7ffdcfd4a98da8e0fc4a92fa640ec
14d8fa5cd01b315f35057c0c5dda4156b7176f4eff3a5368f7a829b28f246b81
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dae5d503b0510d32dbe15da5748878ff8dc3328d16f040a7124139d86c52468
23c55595e0c71d919a34f444dc9f9683f18a899b339dac226df6fd1ecb27a697
254853b06629a0510c2e9252f92aa2b525cf9851b29a3cdeeb41c94dc91d632c
295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10
2b7ad361cce9dbab34c8fd714b379707d7aa40199bf90b90f9f19c7c1db5171b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
458644482032d71d25c8457d7f81c7eb77a7d8edb8194af8e570f5e930dd1f20
4770742fb5f94ca721c89319ed36524979681b0f7ae4e850a3faa5e316347e5b
47d10c916915480806f7e1066ff6194fd0bde12ef7c36e68f8155d47a10bd531
4db2948d93b4dea5a4e5f461692873ae53b171e6847767be177f781d60a9796a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
641c7b38de5430ec983a3286f78f0aa10305b8c7b1cd48fdf85dc2ef48275228
7027755ee45cb32abe679cdba5eeaa32e24a8a1020501a122c07fb67f03d5b13
738cb7aba1703ee4705776436452858e9832ef81847f0f646ed83949c7763c53
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
80ed03fc58d4483a9e35058711c0495b946da9fc8deb912d24a196ef76005bf5
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
94507cb9a2cf6651a3ff642967ec21363b611d9391ef4081c4be12236ff7ac52
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9c0051503e4550732b144d1002fcbfbee520460d7da4052a7e692b4b56f11f17
a78ac9458bd1e93516c9f9e93af8be380564b7bcd27d49567c0c0ef5c951c923
aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a
acc9307c63daf06064991e471bb30434804716bd9827929e0ff7c4023aadba03
ad30c968ad6e9c19b3d44fe5f696887880d3cde0b823973c57c9f8bfba8e2f80
b8110357aae2db89818d644e22aa475887532f287302e02aab2c12b8cf9deb21
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5223414022c4dee876f90bc719aa20259f250057f63e1049be5e7662382fe61
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cea522c0716ae4f295f1cbe402b33bb8a3b253fa1304fd8e0b4ca13f1181e2c6
d8abb48aef4837d72f4587a20ef13a5f7dadf15c31eb91c34ba41e31751b633e
d9593a9dbb31458bb49bfa2519c48badfd36bc4e880e011aaf1a57680ac27fd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855