coloradosecuresavings.vestwell.com Open in urlscan Pro
54.160.9.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.sumday.com/ls/click?upn=dw95f89FVFEs7wF56jCDNUk-2FM9bmDF6U2JqMUF2db2PM2v4KRELBysBkhyue648xgBYITei-2FTsC3KHT...
Effective URL:
https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=hea...
Submission: On August 02 via manual (August 2nd 2023, 6:42:32 am UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 54.160.9.72, located in United States and belongs to AMAZON-AES, US. The main domain is coloradosecuresavings.vestwell.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 13th 2023. Valid for: a year.

This is the only time coloradosecuresavings.vestwell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.120 167.89.115.120	11377 (SENDGRID) (SENDGRID)
13	54.160.9.72 54.160.9.72	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.27.116 13.32.27.116	16509 (AMAZON-02) (AMAZON-02)
1	54.87.207.254 54.87.207.254	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
20	6

1 167.89.115.120 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net

email.sumday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.160.9.72 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-9-72.compute-1.amazonaws.com

coloradosecuresavings.vestwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-116.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.207.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-207-254.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	vestwell.com coloradosecuresavings.vestwell.com	448 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	2 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2776 heapanalytics.com — Cisco Umbrella Rank: 2307	39 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 372	5 KB
1	sumday.com 1 redirects email.sumday.com	408 B
20	6

	Domain	Requested by
13	coloradosecuresavings.vestwell.com	coloradosecuresavings.vestwell.com
3	fonts.googleapis.com	coloradosecuresavings.vestwell.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	coloradosecuresavings.vestwell.com
1	heapanalytics.com	coloradosecuresavings.vestwell.com
1	cdn.heapanalytics.com	coloradosecuresavings.vestwell.com
1	email.sumday.com	1 redirects
20	7

This site contains no links.

Subject Issuer	Validity	Valid
*.vestwell.com Go Daddy Secure Certificate Authority - G2	`2023-06-13` - `2024-07-14`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
Frame ID: D1B6CB7CA7B4CCD102AAFE5B2E63523D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://email.sumday.com/ls/click?upn=dw95f89FVFEs7wF56jCDNUk-2FM9bmDF6U2JqMUF2db2PM2v4KRELBysBkhyue6... HTTP 302
https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=empl... Page URL

Detected technologies

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

20
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

525 kB
Transfer

1344 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.sumday.com/ls/click?upn=dw95f89FVFEs7wF56jCDNUk-2FM9bmDF6U2JqMUF2db2PM2v4KRELBysBkhyue648xgBYITei-2FTsC3KHTPXGH62KsKY12xY3pRJHR0cFcos3h-2F-2BbimDFk3Bsjth8ImJruN9-2FB2ZoLkXYIUkXIGJHLLabklUyabSiEVrlxfKzucCrf7-2F16Y0KxxUqrIaZZHeyg-2FCUv5weTeSFRCM2Se48hh3TkjUsXEDfz-2B6vi4iKkQtvp8pV-2BgaStsnNdPVWiBIb1mEfBpfJEcksoVFAFrL7gEiKK0gD3czMpH5nEwj58TJAA-3DR1Li_jw7PawE-2BevvTePxpusNtLzGIxEeb2iM-2FfbTKIfFKLdg-2Be-2B3qlT7L9ngiDOMFmmGuflbrZlpgC09uBZR9Kz3Y-2FV42-2FL-2Bf9TszS9fgZBdwRXgsdSajGtOCm5D8ub-2FzVfD5SJfnWIva-2BfIDyjymlZWAvgvrlQT4LBcXGL3BEUGfc1N5raSDE1USQ0Ld-2FC9PjA8gWhfTLHoY6CCZZxoG3zxbj27WgT3dJtFI6cMUf0RLw-2FEUfAEE5inTTbKyCWvLS9k0JWiHgZxXQ1L-2FWrC9tw0J9jXMiEci6B2VuJvgtDdbvxYVnvni4mYxvw9u6EZXWAYrZbN2tDPfhqvp8weT6o-2BnE0AYH6vmzA-2Fyo33Z3vFt9PkGI399hrI3kU2s47qs1itt2wM-2ByXawmiICS-2BQ9b2KkhQ-3D-3D HTTP 302
https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request employer Show response
coloradosecuresavings.vestwell.com/register/
Redirect Chain

http://email.sumday.com/ls/click?upn=dw95f89FVFEs7wF56jCDNUk-2FM9bmDF6U2JqMUF2db2PM2v4KRELBysBkhyue648xgBYITei-2FTsC3KHTPXGH62KsKY12xY3pRJHR0cFcos3h-2F-2BbimDFk3Bsjth8ImJruN9-2FB2ZoLkXYIUkXIGJHLLab...
https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=...

3 KB
3 KB

488ms
103ms

Document
text/html

54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

740ee37f568ebbb8103ff3e764327afb4f1ce42ab1bfa17cb879ef3675ab447a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1186
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
content-type: text/html; charset=utf-8
date: Wed, 02 Aug 2023 06:42:26 GMT
etag: "1dc09d84-4a2"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
x-forwarded-proto: https
x-frame-options: deny
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 251
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Aug 2023 06:42:25 GMT
Location: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 runtime.0ea47e31.js Show response
coloradosecuresavings.vestwell.com/registration/static/js/ 2 KB
3 KB 103ms
102ms Script
application/javascript 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coloradosecuresavings.vestwell.com/registration/static/js/runtime.0ea47e31.js

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d7928e95b5decc2d06ff74ae0398f703c964e9f27d5bd7cd3624920f6a41336c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 1284
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx
etag: "1dc09d84-504"
x-frame-options: deny
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-store, no-cache, must-revalidate
accept-ranges: bytes
expires: Thu, 03 Aug 2023 06:42:26 GMT

GET
H2 200 shared.a588f2c7.js Show response
coloradosecuresavings.vestwell.com/registration/static/js/ 778 KB
241 KB 103ms
103ms Script
application/javascript 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coloradosecuresavings.vestwell.com/registration/static/js/shared.a588f2c7.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9b7a70bc9e44548238d7a4710f466e945dbf09aa8f6f52159ae23cc233850186

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 245128
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx
etag: "1dc09d84-3bd88"
x-frame-options: deny
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-store, no-cache, must-revalidate
accept-ranges: bytes
expires: Thu, 03 Aug 2023 06:42:26 GMT

GET
H2 200 main.806bac60.js Show response
coloradosecuresavings.vestwell.com/registration/static/js/ 122 KB
32 KB 286ms
285ms Script
application/javascript 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coloradosecuresavings.vestwell.com/registration/static/js/main.806bac60.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4c1b016ff077ae8eae6dec4d1b81da389450cd374fd12f30ce6f3606a12e8805

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 31475
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx
etag: "1dc09d84-7af3"
x-frame-options: deny
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-store, no-cache, must-revalidate
accept-ranges: bytes
expires: Thu, 03 Aug 2023 06:42:26 GMT

GET
H2 200 main.b7e96facb4cd7035f7ce.css
coloradosecuresavings.vestwell.com/registration/static/css/ 130 KB
29 KB 305ms
305ms Stylesheet
text/css 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coloradosecuresavings.vestwell.com/registration/static/css/main.b7e96facb4cd7035f7ce.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

292a3f57be17d586318c109702507a1ecc32b272da695eb800c09a075c4971bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 28548
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx
etag: "1dc09d84-6f84"
x-frame-options: deny
content-type: text/css
cache-control: max-age=86400, no-store, no-cache, must-revalidate
accept-ranges: bytes
expires: Thu, 03 Aug 2023 06:42:26 GMT

GET
H2 200 heap-1418109408.js Show response
cdn.heapanalytics.com/js/ 122 KB
39 KB 269ms
223ms Script
application/javascript 13.32.27.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1418109408.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-116.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

748a85482899efc49d41a9570386d1ae44e97e6edd4f72dbc460bc41a5e6ff5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:26 GMT
content-encoding: br
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1e843-B5n15K4ld0Ls9pBqKtDSnBUysds"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qUr7srtNlDq5u3JdtrBo-3JePrTje6C9cM61qpucd0Sv33HLz2K1cA==

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 338ms
107ms Image
image/gif 54.87.207.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1418109408&u=1837072399815564&v=4209756318872239&s=406866464826914&b=web&tv=4.0&z=0&h=%2Fregister%2Femployer&q=%3Futm_source%3Dregistration%26utm_medium%3Demail%26utm_campaign%3Demployer%26utm_content%3Dheader%26utm_source%3Dsendgrid.com%26utm_medium%3Demail%26utm_campaign%3Dwebsite&d=coloradosecuresavings.vestwell.com&us=registration&um=email&uc=header&ua=employer&ts=1690958546808&st=1690958546810

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.207.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-207-254.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 06:42:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 133ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800&display=swap

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/css/main.b7e96facb4cd7035f7ce.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd9ff61e493c5ef913bc749ac6351d9e947c9a415ae0098e6c1812cdded64595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 06:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 06:39:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Aug 2023 06:42:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
558 B 134ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400&display=swap

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/css/main.b7e96facb4cd7035f7ce.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

123f471c58b5cedb78d67b24cfffdaa30a69c7e436410aded09625fa2eca0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 06:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 06:42:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Aug 2023 06:42:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
650 B 136ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono:400&display=swap

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/css/main.b7e96facb4cd7035f7ce.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e602984a721696845784c79ebc0f223e15c24d446fd59b314cbf1f2b4f300e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 06:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 06:42:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Aug 2023 06:42:27 GMT

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@8/ 16 KB
5 KB 86ms
23ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/css/main.b7e96facb4cd7035f7ce.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35152
x-jsd-version: 8.4.7
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230045-FRA, cache-yyz4526-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AABl92tTjo0nOM4lO3F2Te3%2BKD8lius7%2FIWVm7P7ktveOYPTLrs%2FGFsq8bTRHqeXLaFbOPdtKMX5pAmnTAbMkZ8kXrBzTbBMcUAi71gh8GH3Wz8D2NW8Xq7ZI7PDGvj4nmtYg6aFnegzEtUxBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f0457468bf639d9-FRA

GET
H2 200 config Show response
coloradosecuresavings.vestwell.com/api/ 125 B
2 KB 126ms
126ms XHR
application/json 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coloradosecuresavings.vestwell.com/api/config?subdomain=coloradosecuresavings

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/js/shared.a588f2c7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4278534015b2b417716d31110992dfa58529527292af2f6df686285b3a8c4570

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	0, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:27 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-forwarded-proto: https
content-length: 125
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
x-ratelimit-remaining: 99
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate
x-ratelimit-reset: 60
x-ratelimit-limit: 100

GET
H2 200 config Show response
coloradosecuresavings.vestwell.com/api/registration/ 2 KB
5 KB 257ms
257ms XHR
application/json 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coloradosecuresavings.vestwell.com/api/registration/config?domain=coloradosecuresavings&type=sponsor

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/js/shared.a588f2c7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1bccb3446354670ba7df3b3e96fb368e6ccdac7aab2c34abfedc1ad6c15ce7e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	0, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:27 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-forwarded-proto: https
content-length: 2517
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
x-ratelimit-remaining: 99
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate
x-ratelimit-reset: 60
x-ratelimit-limit: 100

GET
H2 200 config Show response
coloradosecuresavings.vestwell.com/api/login/ 113 B
2 KB 135ms
135ms XHR
application/json 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coloradosecuresavings.vestwell.com/api/login/config?subdomain=coloradosecuresavings

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/js/shared.a588f2c7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5f349f2b3e4e3019caf993eba4450d8e6bd0761f31bc87d03ca7b223283dadda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	0, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:27 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-forwarded-proto: https
content-length: 113
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
x-ratelimit-remaining: 98
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate
x-ratelimit-reset: 7
x-ratelimit-limit: 100

GET
H2 200 state Show response
coloradosecuresavings.vestwell.com/api/registration/ 34 B
2 KB 110ms
110ms XHR
application/json 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://coloradosecuresavings.vestwell.com/api/registration/state?domain=coloradosecuresavings&entity=sponsor

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/js/shared.a588f2c7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d67054c5edbba16b9080511c1c2311ec563180e596974c7ca277ccf915b1a9b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	0, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:27 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-forwarded-proto: https
content-length: 34
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
x-ratelimit-remaining: 99
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate
x-ratelimit-reset: 60
x-ratelimit-limit: 100

GET
H2 200 vestwell.webp
coloradosecuresavings.vestwell.com/images/banners/ 55 KB
57 KB 103ms
102ms Image
image/webp 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coloradosecuresavings.vestwell.com/images/banners/vestwell.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

81c98ba7deee55d71e69a6cf1a554500f43e46cd727e76c60b0394e787ce2197

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:27 GMT
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 56488
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 27 Jul 2023 15:29:56 GMT
server: nginx
etag: "64c28d74-dca8"
x-frame-options: deny
content-type: image/webp
cache-control: max-age=315360000, no-store, no-cache, must-revalidate
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 coloradosecuresavings.webp
coloradosecuresavings.vestwell.com/images/registration/ 7 KB
8 KB 103ms
103ms Image
image/webp 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coloradosecuresavings.vestwell.com/images/registration/coloradosecuresavings.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7a7735d6df6cd1510b192b8a1f73352a5ab767e4029bfac024c6db62bfa4b171

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:27 GMT
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 7074
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 27 Jul 2023 15:29:56 GMT
server: nginx
etag: "64c28d74-1ba2"
x-frame-options: deny
content-type: image/webp
cache-control: max-age=315360000, no-store, no-cache, must-revalidate
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 122ms
38ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coloradosecuresavings.vestwell.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:33:52 GMT
x-content-type-options: nosniff
age: 342515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 07:33:52 GMT

GET
H2 200 vestwell.webp
coloradosecuresavings.vestwell.com/images/banners/ 55 KB
57 KB 103ms
103ms Image
image/webp 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coloradosecuresavings.vestwell.com/images/banners/vestwell.webp

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/js/shared.a588f2c7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

81c98ba7deee55d71e69a6cf1a554500f43e46cd727e76c60b0394e787ce2197

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:27 GMT
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 56488
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 27 Jul 2023 15:29:56 GMT
server: nginx
etag: "64c28d74-dca8"
x-frame-options: deny
content-type: image/webp
cache-control: max-age=315360000, no-store, no-cache, must-revalidate
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 coloradosecuresavings.webp
coloradosecuresavings.vestwell.com/images/registration/ 7 KB
8 KB 103ms
103ms Image
image/webp 54.160.9.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://coloradosecuresavings.vestwell.com/images/registration/coloradosecuresavings.webp

Requested by

Host: coloradosecuresavings.vestwell.com
URL: https://coloradosecuresavings.vestwell.com/registration/static/js/shared.a588f2c7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.9.72 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-9-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7a7735d6df6cd1510b192b8a1f73352a5ab767e4029bfac024c6db62bfa4b171

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradosecuresavings.vestwell.com/register/employer?utm_source=registration&utm_medium=email&utm_campaign=employer&utm_content=header&utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 06:42:27 GMT
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 7074
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 27 Jul 2023 15:29:56 GMT
server: nginx
etag: "64c28d74-1ba2"
x-frame-options: deny
content-type: image/webp
cache-control: max-age=315360000, no-store, no-cache, must-revalidate
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| VW object| heap object| webpackChunk_vestwell_frontend_registration function| _

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vestwell.com/	1970-01-20 23:10:36	Name: _hp2_id.1418109408 Value: %7B%22userId%22%3A%221837072399815564%22%2C%22pageviewId%22%3A%224209756318872239%22%2C%22sessionId%22%3A%22406866464826914%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.vestwell.com/	1970-01-20 13:42:40	Name: _hp2_ses_props.1418109408 Value: %7B%22us%22%3A%22registration%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%22header%22%2C%22ua%22%3A%22employer%22%2C%22ts%22%3A1690958546808%2C%22d%22%3A%22coloradosecuresavings.vestwell.com%22%2C%22h%22%3A%22%2Fregister%2Femployer%22%2C%22q%22%3A%22%3Futm_source%3Dregistration%26utm_medium%3Demail%26utm_campaign%3Demployer%26utm_content%3Dheader%26utm_source%3Dsendgrid.com%26utm_medium%3Demail%26utm_campaign%3Dwebsite%22%7D
.vestwell.com/	1970-01-20 13:43:21	Name: Session Value: OrnrpGefVntKDX4%2Fn0OF4eAtuyuBDJlOk41BZBhUCxjZkVcm%2FGGgiJuXwPYURBmkx7Fz%2FHty483p9hsDxq5UVtRYnQco4j2xEkPa%2BGMpUWpfgFKaHDwxodQ06FkbfdWnodUf5XA7OAlMAz8wvWMq3075lb1fY9AsUrRUy%2BcuGIASGyMzxYIftVgYcwCx4D3p6A7R6XF9f7Gl%2FmkvDxH591yb%2BhwF3QfObBZEjdPQSNgPZ8h0k3Lqoyh2%2B6iEzw%3D%3D.PAW3w3aaQSCeTUe%2BRPO6mSpJznkKZZT8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js https://unpkg.com http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
cdn.jsdelivr.net
coloradosecuresavings.vestwell.com
email.sumday.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
13.32.27.116
167.89.115.120
2606:4700::6810:5814
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
54.160.9.72
54.87.207.254
123f471c58b5cedb78d67b24cfffdaa30a69c7e436410aded09625fa2eca0d1f
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
1bccb3446354670ba7df3b3e96fb368e6ccdac7aab2c34abfedc1ad6c15ce7e8
292a3f57be17d586318c109702507a1ecc32b272da695eb800c09a075c4971bc
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
4278534015b2b417716d31110992dfa58529527292af2f6df686285b3a8c4570
4c1b016ff077ae8eae6dec4d1b81da389450cd374fd12f30ce6f3606a12e8805
5f349f2b3e4e3019caf993eba4450d8e6bd0761f31bc87d03ca7b223283dadda
740ee37f568ebbb8103ff3e764327afb4f1ce42ab1bfa17cb879ef3675ab447a
748a85482899efc49d41a9570386d1ae44e97e6edd4f72dbc460bc41a5e6ff5a
7a7735d6df6cd1510b192b8a1f73352a5ab767e4029bfac024c6db62bfa4b171
81c98ba7deee55d71e69a6cf1a554500f43e46cd727e76c60b0394e787ce2197
9b7a70bc9e44548238d7a4710f466e945dbf09aa8f6f52159ae23cc233850186
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd9ff61e493c5ef913bc749ac6351d9e947c9a415ae0098e6c1812cdded64595
d67054c5edbba16b9080511c1c2311ec563180e596974c7ca277ccf915b1a9b8
d7928e95b5decc2d06ff74ae0398f703c964e9f27d5bd7cd3624920f6a41336c
e602984a721696845784c79ebc0f223e15c24d446fd59b314cbf1f2b4f300e96

coloradosecuresavings.vestwell.com Open in urlscan Pro 54.160.9.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

525 kBTransfer

1344 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

coloradosecuresavings.vestwell.com Open in urlscan Pro
54.160.9.72 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

525 kB
Transfer

1344 kB
Size

3
Cookies

20 HTTP transactions
0 data transactions