![](/screenshots/6a16525b-3a90-4da5-ae03-7aec12feddaa.png)
jnj.returntoworkplaceadvisor.watson-health.ibm.com
Open in
urlscan Pro
2606:4700::6812:1c53
Public Scan
Effective URL: https://jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/?loginType=combined
Submission: On January 11 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2021. Valid for: a year.
This is the only time jnj.returntoworkplaceadvisor.watson-health.ibm.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.131.82 13.111.131.82 | 22606 (EXACT-7) (EXACT-7) | |
12 | 2606:4700::68... 2606:4700::6812:1c53 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.2.137 151.101.2.137 | 54113 (FASTLY) (FASTLY) | |
3 | 162.247.242.20 162.247.242.20 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
3 | 2606:4700::68... 2606:4700::6813:9256 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2600:9000:224... 2600:9000:224a:1400:7:67a6:d1c0:21 | 16509 (AMAZON-02) (AMAZON-02) | |
21 | 5 |
ASN22606 (EXACT-7, US)
PTR: click.inform.jnj.com
click.inform.jnj.com |
ASN13335 (CLOUDFLARENET, US)
jnj.returntoworkplaceadvisor.watson-health.ibm.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net |
ASN16509 (AMAZON-02, US)
d2styx7sq9nl1j.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
ibm.com
jnj.returntoworkplaceadvisor.watson-health.ibm.com us-south.appid.cloud.ibm.com — Cisco Umbrella Rank: 725535 |
440 KB |
3 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 590 |
788 B |
2 |
cloudfront.net
d2styx7sq9nl1j.cloudfront.net |
47 KB |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 320 |
14 KB |
1 |
jnj.com
1 redirects
click.inform.jnj.com — Cisco Umbrella Rank: 948340 |
262 B |
21 | 5 |
Domain | Requested by | |
---|---|---|
12 | jnj.returntoworkplaceadvisor.watson-health.ibm.com |
jnj.returntoworkplaceadvisor.watson-health.ibm.com
|
3 | us-south.appid.cloud.ibm.com |
jnj.returntoworkplaceadvisor.watson-health.ibm.com
|
3 | bam.nr-data.net |
jnj.returntoworkplaceadvisor.watson-health.ibm.com
|
2 | d2styx7sq9nl1j.cloudfront.net |
jnj.returntoworkplaceadvisor.watson-health.ibm.com
d2styx7sq9nl1j.cloudfront.net |
1 | js-agent.newrelic.com |
jnj.returntoworkplaceadvisor.watson-health.ibm.com
|
1 | click.inform.jnj.com | 1 redirects |
21 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
returntoworkplaceadvisor.watson-health.ibm.com Cloudflare Inc ECC CA-3 |
2021-08-16 - 2022-08-15 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-10-06 - 2022-11-07 |
a year | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
us-south.appid.cloud.ibm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-08-09 - 2022-08-08 |
a year | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/?loginType=combined
Frame ID: 8B7BED16BECB40574CD27600B8E68E2B
Requests: 20 HTTP requests in this frame
Screenshot
![](/screenshots/6a16525b-3a90-4da5-ae03-7aec12feddaa.png)
Page Title
IBM Return to Workplace AdvisorActive loading indicatorPage URL History Show full URLs
-
https://click.inform.jnj.com/?qs=8c4b1f50df30896555e0a7fcc0ccea9a2b1d36c1782e6627d2487ab8bf0e17eddfb0d78d...
HTTP 302
https://jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/?loginType=combined Page URL
Detected technologies
![](/vendor/wappa/icons/React.png)
Detected patterns
- <[^>]+data-react
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.inform.jnj.com/?qs=8c4b1f50df30896555e0a7fcc0ccea9a2b1d36c1782e6627d2487ab8bf0e17eddfb0d78df058c7ec69beb7e87fe17eee417c4bb157720c9d
HTTP 302
https://jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/?loginType=combined Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newrelic.js
jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/js/ |
27 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.75cdac5c.chunk.css
jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/static/css/ |
277 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.1612b3de.js
jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/static/js/ |
2 KB 952 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.43688cc5.chunk.js
jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/static/js/ |
1 MB 350 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.ab71ead6.chunk.js
jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/static/js/ |
160 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1177.min.js
js-agent.newrelic.com/ |
37 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-init-config
jnj.returntoworkplaceadvisor.watson-health.ibm.com/employee/api/ |
564 B 485 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-config
jnj.returntoworkplaceadvisor.watson-health.ibm.com/wh-return-to-work/api/v1/return-to-work/public/ |
380 B 338 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fd75358858
bam.nr-data.net/1/ |
57 B 322 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openid-configuration
us-south.appid.cloud.ibm.com/oauth/v4/ee14a885-f726-4dcc-ba42-24239b0b339e/.well-known/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jnj-custom.css
d2styx7sq9nl1j.cloudfront.net/dist/styles/ |
22 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundles
jnj.returntoworkplaceadvisor.watson-health.ibm.com/wh-return-to-work/api/v1/return-to-work/public/message/ |
7 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundles
jnj.returntoworkplaceadvisor.watson-health.ibm.com/wh-return-to-work/api/v1/return-to-work/public/message/ |
15 KB 5 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundles
jnj.returntoworkplaceadvisor.watson-health.ibm.com/wh-return-to-work/api/v1/return-to-work/public/message/ |
2 B 61 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundles
jnj.returntoworkplaceadvisor.watson-health.ibm.com/wh-return-to-work/api/v1/return-to-work/public/message/ |
2 B 59 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fd75358858
bam.nr-data.net/resources/1/ |
36 B 249 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
fd75358858
bam.nr-data.net/events/1/ |
24 B 217 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
publickeys
us-south.appid.cloud.ibm.com/oauth/v4/ee14a885-f726-4dcc-ba42-24239b0b339e/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publickeys
us-south.appid.cloud.ibm.com/oauth/v4/ee14a885-f726-4dcc-ba42-24239b0b339e/ |
472 B 552 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RTW-Banner-Large.gif
d2styx7sq9nl1j.cloudfront.net/dist/images/ |
24 KB 25 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange object| NREUM object| newrelic function| __nr_require boolean| resourceLoadError object| webpackJsonpclient function| setImmediate function| clearImmediate object| regeneratorRuntime function| flatpickr object| __eventListeners3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
jnj.returntoworkplaceadvisor.watson-health.ibm.com/ | Name: _csrf-rtw-employee Value: 8yBJz-6jbqqchTRkU0S_MXEa |
|
jnj.returntoworkplaceadvisor.watson-health.ibm.com/ | Name: __cflb Value: 02DiuGFe5oMcyuchqSVnCkhcPMKHRKGsWTogjkF8MnAYL |
|
.nr-data.net/ | Name: JSESSIONID Value: d36b0b884ba69661 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' *.ibm.com 'sha256-Xh1+LuZXGCm3M0p6k76A0eUJdfUN2R2gR7lCA3AlAog=' *.newrelic.com *.nr-data.net cloudfront.net d2styx7sq9nl1j.cloudfront.net; font-src 'self' fonts.gstatic.com cloudfront.net d2styx7sq9nl1j.cloudfront.net; style-src 'self' 'unsafe-inline' d2styx7sq9nl1j.cloudfront.net |
Strict-Transport-Security | max-age=15724800; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
click.inform.jnj.com
d2styx7sq9nl1j.cloudfront.net
jnj.returntoworkplaceadvisor.watson-health.ibm.com
js-agent.newrelic.com
us-south.appid.cloud.ibm.com
13.111.131.82
151.101.2.137
162.247.242.20
2600:9000:224a:1400:7:67a6:d1c0:21
2606:4700::6812:1c53
2606:4700::6813:9256
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
23749a55163e8a72b8728cb75844246b7e1ad1ae6ac834159192367f31ffec24
24eb931e69855b677a6bc6ec35344c20fee104327050ab04e95e07639c498068
28c3b88fffcb910fe7174704057112b9a1e4c92056f3fe1c83f3c38aa1fb768c
2dcf32ad8591bf3e321705fea36421340f7742a6828af405b337e0d897373adc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e79716b0b5bda155be917b0ae82be55b7bfe18fc841c2686cec03ee21a056d4
54cb1f867060c01677649ce2d5e65485b33ce06ea271cb4244cbdd22c31fe69a
7aee4654b9659f861f96cd672ad478ba3b497a66049b05d191d6f1c7308032ca
94edf6ea32f15a3a5749ef5576805d4cc39e185ac94bff154bccca90dbd645d5
a5f6cdc5d354d8b777c578c83bad7c8c3c029a3d4f2195c2e3a0a83d46bb87bf
a9407ff5ced0e0cce1b0800595719c39bb898fbf4eb3ab032f303cf586d25be3
bdce0dcaa2fbcfdb9080459873d8bd9d87b7e84ab82d10f362bac099f150d42d
bfdb2b75ac805554e562644ee60f95ddb57c2db9479557629e88f8c5e0c5aa06
caac9935aadaddf407de6da6f46cdc14532260f7c1a8ff85a15afc7d13af6f30
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
e6a6413daa3631fcece1a64fe4f0c12e7a095a5655ad5d032cc1fb10e7d4322f
f08f80178809cdc3868cec6016bf9911017023ff9ae9ba7ceaa4009cd6d4d0c7
f8ecb9bd6b1083cfb8420658088e55573306c1d5e3c221e3268b519efc6eabf6