![](/screenshots/6f778f44-1176-4d26-8a8f-fdafd6ade285.png)
coloradosecuresavings.vestwell.com
Open in
urlscan Pro
54.160.9.72
Public Scan
Effective URL: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=hea...
Submission: On August 02 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 13th 2023. Valid for: a year.
This is the only time coloradosecuresavings.vestwell.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.115.120 167.89.115.120 | 11377 (SENDGRID) (SENDGRID) | |
13 | 54.160.9.72 54.160.9.72 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 13.32.27.116 13.32.27.116 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.87.207.254 54.87.207.254 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
20 | 6 |
ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net
email.sumday.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-9-72.compute-1.amazonaws.com
coloradosecuresavings.vestwell.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-116.fra56.r.cloudfront.net
cdn.heapanalytics.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-207-254.compute-1.amazonaws.com
heapanalytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
vestwell.com
coloradosecuresavings.vestwell.com |
448 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79 |
2 KB |
2 |
heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 2776 heapanalytics.com — Cisco Umbrella Rank: 2307 |
39 KB |
1 |
gstatic.com
fonts.gstatic.com |
31 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 372 |
5 KB |
1 |
sumday.com
1 redirects
email.sumday.com |
408 B |
20 | 6 |
Domain | Requested by | |
---|---|---|
13 | coloradosecuresavings.vestwell.com |
coloradosecuresavings.vestwell.com
|
3 | fonts.googleapis.com |
coloradosecuresavings.vestwell.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.jsdelivr.net |
coloradosecuresavings.vestwell.com
|
1 | heapanalytics.com |
coloradosecuresavings.vestwell.com
|
1 | cdn.heapanalytics.com |
coloradosecuresavings.vestwell.com
|
1 | email.sumday.com | 1 redirects |
20 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.vestwell.com Go Daddy Secure Certificate Authority - G2 |
2023-06-13 - 2024-07-14 |
a year | crt.sh |
cdn.heapanalytics.com Amazon RSA 2048 M01 |
2023-06-29 - 2024-07-27 |
a year | crt.sh |
heapanalytics.com Amazon RSA 2048 M02 |
2022-12-09 - 2024-01-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
Frame ID: D1B6CB7CA7B4CCD102AAFE5B2E63523D
Requests: 20 HTTP requests in this frame
Screenshot
![](/screenshots/6f778f44-1176-4d26-8a8f-fdafd6ade285.png)
Page URL History Show full URLs
-
http://email.sumday.com/ls/click?upn=dw95f89FVFEs7wF56jCDNUk-2FM9bmDF6U2JqMUF2db2PM2v4KRELBysBkhyue6...
HTTP 302
https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=empl... Page URL
Detected technologies
![](/vendor/wappa/icons/Heap.png)
Detected patterns
- heap-\d+\.js
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://email.sumday.com/ls/click?upn=dw95f89FVFEs7wF56jCDNUk-2FM9bmDF6U2JqMUF2db2PM2v4KRELBysBkhyue648xgBYITei-2FTsC3KHTPXGH62KsKY12xY3pRJHR0cFcos3h-2F-2BbimDFk3Bsjth8ImJruN9-2FB2ZoLkXYIUkXIGJHLLabklUyabSiEVrlxfKzucCrf7-2F16Y0KxxUqrIaZZHeyg-2FCUv5weTeSFRCM2Se48hh3TkjUsXEDfz-2B6vi4iKkQtvp8pV-2BgaStsnNdPVWiBIb1mEfBpfJEcksoVFAFrL7gEiKK0gD3czMpH5nEwj58TJAA-3DR1Li_jw7PawE-2BevvTePxpusNtLzGIxEeb2iM-2FfbTKIfFKLdg-2Be-2B3qlT7L9ngiDOMFmmGuflbrZlpgC09uBZR9Kz3Y-2FV42-2FL-2Bf9TszS9fgZBdwRXgsdSajGtOCm5D8ub-2FzVfD5SJfnWIva-2BfIDyjymlZWAvgvrlQT4LBcXGL3BEUGfc1N5raSDE1USQ0Ld-2FC9PjA8gWhfTLHoY6CCZZxoG3zxbj27WgT3dJtFI6cMUf0RLw-2FEUfAEE5inTTbKyCWvLS9k0JWiHgZxXQ1L-2FWrC9tw0J9jXMiEci6B2VuJvgtDdbvxYVnvni4mYxvw9u6EZXWAYrZbN2tDPfhqvp8weT6o-2BnE0AYH6vmzA-2Fyo33Z3vFt9PkGI399hrI3kU2s47qs1itt2wM-2ByXawmiICS-2BQ9b2KkhQ-3D-3D
HTTP 302
https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
employer
coloradosecuresavings.vestwell.com/register/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.0ea47e31.js
coloradosecuresavings.vestwell.com/registration/static/js/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.a588f2c7.js
coloradosecuresavings.vestwell.com/registration/static/js/ |
778 KB 241 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.806bac60.js
coloradosecuresavings.vestwell.com/registration/static/js/ |
122 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.b7e96facb4cd7035f7ce.css
coloradosecuresavings.vestwell.com/registration/static/css/ |
130 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-1418109408.js
cdn.heapanalytics.com/js/ |
122 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 261 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 558 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 650 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@8/ |
16 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
coloradosecuresavings.vestwell.com/api/ |
125 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
coloradosecuresavings.vestwell.com/api/registration/ |
2 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
coloradosecuresavings.vestwell.com/api/login/ |
113 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
state
coloradosecuresavings.vestwell.com/api/registration/ |
34 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vestwell.webp
coloradosecuresavings.vestwell.com/images/banners/ |
55 KB 57 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coloradosecuresavings.webp
coloradosecuresavings.vestwell.com/images/registration/ |
7 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vestwell.webp
coloradosecuresavings.vestwell.com/images/banners/ |
55 KB 57 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coloradosecuresavings.webp
coloradosecuresavings.vestwell.com/images/registration/ |
7 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| VW object| heap object| webpackChunk_vestwell_frontend_registration function| _3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.vestwell.com/ | Name: _hp2_id.1418109408 Value: %7B%22userId%22%3A%221837072399815564%22%2C%22pageviewId%22%3A%224209756318872239%22%2C%22sessionId%22%3A%22406866464826914%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D |
|
.vestwell.com/ | Name: _hp2_ses_props.1418109408 Value: %7B%22us%22%3A%22registration%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%22header%22%2C%22ua%22%3A%22employer%22%2C%22ts%22%3A1690958546808%2C%22d%22%3A%22coloradosecuresavings.vestwell.com%22%2C%22h%22%3A%22%2Fregister%2Femployer%22%2C%22q%22%3A%22%3Futm_source%3Dregistration%26utm_medium%3Demail%26utm_campaign%3Demployer%26utm_content%3Dheader%26utm_source%3Dsendgrid.com%26utm_medium%3Demail%26utm_campaign%3Dwebsite%22%7D |
|
.vestwell.com/ | Name: Session Value: OrnrpGefVntKDX4%2Fn0OF4eAtuyuBDJlOk41BZBhUCxjZkVcm%2FGGgiJuXwPYURBmkx7Fz%2FHty483p9hsDxq5UVtRYnQco4j2xEkPa%2BGMpUWpfgFKaHDwxodQ06FkbfdWnodUf5XA7OAlMAz8wvWMq3075lb1fY9AsUrRUy%2BcuGIASGyMzxYIftVgYcwCx4D3p6A7R6XF9f7Gl%2FmkvDxH591yb%2BhwF3QfObBZEjdPQSNgPZ8h0k3Lqoyh2%2B6iEzw%3D%3D.PAW3w3aaQSCeTUe%2BRPO6mSpJznkKZZT8 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws: |
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
X-Content-Type-Options | nosniff |
X-Frame-Options | deny |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.heapanalytics.com
cdn.jsdelivr.net
coloradosecuresavings.vestwell.com
email.sumday.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
13.32.27.116
167.89.115.120
2606:4700::6810:5814
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
54.160.9.72
54.87.207.254
123f471c58b5cedb78d67b24cfffdaa30a69c7e436410aded09625fa2eca0d1f
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
1bccb3446354670ba7df3b3e96fb368e6ccdac7aab2c34abfedc1ad6c15ce7e8
292a3f57be17d586318c109702507a1ecc32b272da695eb800c09a075c4971bc
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
4278534015b2b417716d31110992dfa58529527292af2f6df686285b3a8c4570
4c1b016ff077ae8eae6dec4d1b81da389450cd374fd12f30ce6f3606a12e8805
5f349f2b3e4e3019caf993eba4450d8e6bd0761f31bc87d03ca7b223283dadda
740ee37f568ebbb8103ff3e764327afb4f1ce42ab1bfa17cb879ef3675ab447a
748a85482899efc49d41a9570386d1ae44e97e6edd4f72dbc460bc41a5e6ff5a
7a7735d6df6cd1510b192b8a1f73352a5ab767e4029bfac024c6db62bfa4b171
81c98ba7deee55d71e69a6cf1a554500f43e46cd727e76c60b0394e787ce2197
9b7a70bc9e44548238d7a4710f466e945dbf09aa8f6f52159ae23cc233850186
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd9ff61e493c5ef913bc749ac6351d9e947c9a415ae0098e6c1812cdded64595
d67054c5edbba16b9080511c1c2311ec563180e596974c7ca277ccf915b1a9b8
d7928e95b5decc2d06ff74ae0398f703c964e9f27d5bd7cd3624920f6a41336c
e602984a721696845784c79ebc0f223e15c24d446fd59b314cbf1f2b4f300e96