retirepathva.vestwell.com
Open in
urlscan Pro
54.165.33.118
Public Scan
Effective URL: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
Submission: On June 20 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 13th 2023. Valid for: a year.
This is the only time retirepathva.vestwell.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.123.54 167.89.123.54 | 11377 (SENDGRID) (SENDGRID) | |
10 | 54.165.33.118 54.165.33.118 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 18.173.154.74 18.173.154.74 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
2 | 100.26.118.119 100.26.118.119 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
24 | 7 |
ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net
email.sumday.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-33-118.compute-1.amazonaws.com
retirepathva.vestwell.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-74.muc50.r.cloudfront.net
cdn.heapanalytics.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-118-119.compute-1.amazonaws.com
heapanalytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
vestwell.com
retirepathva.vestwell.com |
330 KB |
5 |
heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 2741 heapanalytics.com — Cisco Umbrella Rank: 2317 |
226 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80 |
2 KB |
2 |
gstatic.com
fonts.gstatic.com |
63 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379 |
17 KB |
1 |
sumday.com
1 redirects
email.sumday.com |
306 B |
0 |
auryc.com
Failed
client-api.auryc.com Failed |
|
24 | 7 |
Domain | Requested by | |
---|---|---|
10 | retirepathva.vestwell.com |
retirepathva.vestwell.com
|
3 | fonts.googleapis.com |
retirepathva.vestwell.com
|
3 | cdn.heapanalytics.com |
retirepathva.vestwell.com
cdn.heapanalytics.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | heapanalytics.com |
retirepathva.vestwell.com
|
1 | cdn.jsdelivr.net |
retirepathva.vestwell.com
|
1 | email.sumday.com | 1 redirects |
0 | client-api.auryc.com Failed |
cdn.heapanalytics.com
|
24 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.vestwell.com Go Daddy Secure Certificate Authority - G2 |
2023-06-13 - 2024-07-14 |
a year | crt.sh |
cdn.heapanalytics.com Amazon RSA 2048 M02 |
2023-02-21 - 2023-08-27 |
6 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
heapanalytics.com Amazon RSA 2048 M02 |
2022-12-09 - 2024-01-07 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
Frame ID: 94C1AB8585CB6C916CE58018496010C5
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Exempt My Company / VestwellPage URL History Show full URLs
-
http://email.sumday.com/ls/click?upn=YfcPWIiaMRuj2ml0mY-2BdUoSaYg0iodCMVL1eCa4n23TkXUJtqXr-2BY6MgAEX...
HTTP 302
https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website Page URL
Detected technologies
Heap (Analytics) ExpandDetected patterns
- heap-\d+\.js
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://email.sumday.com/ls/click?upn=YfcPWIiaMRuj2ml0mY-2BdUoSaYg0iodCMVL1eCa4n23TkXUJtqXr-2BY6MgAEXoC3ypPXbZxFGgLf1gcxG8VNoyjL-2Bl-2FDawHUuV8mHVYu7UqWVFRcYnuojMI4L-2Fc-2BSUyu-2BSQkTBbqyl0TQ-2BZyeW2xMzJg-3D-3DjjXd_iJkNvLaX-2FTnVL58YXdvFajr7Jnh9ftVMF3Q0idOgeEAMIz9ediD4UCzC5KGRWnHM5d0JmETEeQjCE2yDurlZi3PZjU7ESzXT5dEQrPBZYK6K-2FLi6BvrRh1lC68v8-2Fi3hSuG5YLFFjg8dkB3A1Qml-2FVkQbwsQWlOGqu3k9zA9VLRli0QhI-2F3KZ-2BjkXlm6A3Zs-2BzAURdtOqvpbyxnk9ZOCKKVKzJ6NNkrSLcQuH6iONE8NllN443hrKYnn7-2FxXExXqckSwKDAFczs0xeXnBkn3iokwG0pWPF6ktJ3NdEYyFZEkFwHrYEKqGLBb3UFqRfA7hH6IglL84MbXNPBXadb-2BBRZGF2afea54fkR-2ByEm6yQ1gEb-2FL3PkkHdz-2FJ8X7H1XU7T1PWWQvfU3tEHswhS9S2A-3D-3D
HTTP 302
https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
exempt
retirepathva.vestwell.com/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.0ea47e31.js
retirepathva.vestwell.com/registration/static/js/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.38020f4b.js
retirepathva.vestwell.com/registration/static/js/ |
774 KB 241 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.679f7a92.js
retirepathva.vestwell.com/registration/static/js/ |
163 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.a6547fbeaa798abdd905.css
retirepathva.vestwell.com/registration/static/css/ |
130 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-1418109408.js
cdn.heapanalytics.com/js/ |
123 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.js
cdn.heapanalytics.com/js/replay/6918-Main-prod-heap/ |
9 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 772 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 894 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 650 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@8/ |
16 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
releasesettings
client-api.auryc.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
auryc.lib.js
cdn.heapanalytics.com/js/replay/libs/latest/ |
684 KB 182 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
siteconfig
client-api.auryc.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 261 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
retirepathva.vestwell.com/api/ |
125 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
retirepathva.vestwell.com/api/registration/ |
2 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
retirepathva.vestwell.com/api/ |
125 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
state
retirepathva.vestwell.com/api/registration/ |
25 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
whitelabel
retirepathva.vestwell.com/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
retirepathva.webp
retirepathva.vestwell.com/images/registration/ |
3 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- client-api.auryc.com
- URL
- https://client-api.auryc.com/releasesettings?lib=Web
- Domain
- client-api.auryc.com
- URL
- https://client-api.auryc.com/siteconfig?lib=web
- Domain
- retirepathva.vestwell.com
- URL
- https://retirepathva.vestwell.com/api/whitelabel
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| VW object| heap string| __AURYC_JSLIB_PATH__ object| aurycReadyCb object| auryc object| aurycEventPropertiesCb boolean| aurycInit number| aurycLoadedTime object| aurycJsLibConfig function| launchAurycEventMarker object| aurycBehaviorAPI object| aurycRecordAPI object| aurycFeedbackAPI object| webpackChunk_vestwell_frontend_registration function| _5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.vestwell.com/ | Name: userty.core.p.0cbfcf Value: __2VySWQiOiI3ODNjZDBhNTEyNjJjNzBlNzdjNjNiODE0YWYzODJiOSJ9eyJ1c |
|
.vestwell.com/ | Name: _hp2_ses_props.1418109408 Value: %7B%22us%22%3A%22sendgrid.com%22%2C%22um%22%3A%22email%22%2C%22ua%22%3A%22website%22%2C%22ts%22%3A1687268955198%2C%22d%22%3A%22retirepathva.vestwell.com%22%2C%22h%22%3A%22%2Fexempt%22%2C%22q%22%3A%22%3Futm_source%3Dsendgrid.com%26utm_medium%3Demail%26utm_campaign%3Dwebsite%22%7D |
|
.vestwell.com/ | Name: Session Value: OFxVxryI%2Bi%2F93gbCy5%2BFo5rNIwhXPd5PqiuRHGq52eciloT2PE%2BLRBqacVuuQpvTPF18btarNPSFCaAFCEYOqN5TVcmaSY2AbeLvk%2F6a5LoNYAel6DbiXKwr5CWsw5qecrbKXyQyrEXAIk2ykMO48TZQKRURWZVkhxvLVJdsybyihBZw2rOkMcDYwO9aUUo%2FP7vlL0Lc%2FxwE%2BKzczBTSx8VOKLOqGgGmCGH0d6xQOvbFJBxfkorDB31SsGZTuQ%3D%3D.AFVqOhE%2BniBQxk8LSYgwcuxqM%2BrqXRVE |
|
.vestwell.com/ | Name: _hp2_id.1418109408 Value: %7B%22userId%22%3A%227191533671237074%22%2C%22pageviewId%22%3A%22383049961020160%22%2C%22sessionId%22%3A%221475888849960038%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D |
|
.vestwell.com/ | Name: userty.core.s.0cbfcf Value: __SI6MTY4NzI3MDc1NTI3OSwic2lkIjoiZWZjMDI5YzcxMWJkMzA2MzM2ZTMzZTM1MzcwNWVhZWYiLCJzdCI6MTY4NzI2ODk1NTI3OSwicHYiOjIsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9In0=eyJzZ |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws: |
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
X-Content-Type-Options | nosniff |
X-Frame-Options | deny |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.heapanalytics.com
cdn.jsdelivr.net
client-api.auryc.com
email.sumday.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
retirepathva.vestwell.com
client-api.auryc.com
retirepathva.vestwell.com
100.26.118.119
167.89.123.54
18.173.154.74
2a00:1450:4001:828::2003
2a00:1450:4001:831::200a
2a04:4e42::485
54.165.33.118
123f471c58b5cedb78d67b24cfffdaa30a69c7e436410aded09625fa2eca0d1f
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
1c1bd8161a4a9efeba0195f58b0c7d7f646a4dd537e3814fb825c8a9083d3f0e
26dfafacda7210ba7ed8bb4ff03444d761cae05ab86400211f456d1eb6996783
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
4278534015b2b417716d31110992dfa58529527292af2f6df686285b3a8c4570
4368ec068f560fd35e5cd4b59aac60bd65acdd54b3ec980d3ecddd499e038a90
57c211728d3e9d3ff8af2d303d379bdf4d3c906d7db46b2e04713b3ef24eac01
851f380741343f78fee59eb421f476fe3d653a05628c53acd1c89d5afd050447
9a48c1d575474aef8ee86b22d64ef41aff9a5c916c21b6fe5c7f95e785eb2f6f
9e478998b48ebf32f3b8d191bb120a213ad1dcb1c84a5d635e48756ac6708eb9
b82211f18e0fec9bf77af0c2b0d1a41b105da881c24f424dcd8f42ad83fd6ecf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd9ff61e493c5ef913bc749ac6351d9e947c9a415ae0098e6c1812cdded64595
d7928e95b5decc2d06ff74ae0398f703c964e9f27d5bd7cd3624920f6a41336c
da17b75b8aed5c49442ccd20045196442ede8bf066af837c7522eeae8aef7d75
da7d79611f507480d0183108cfbe7439a449a0dcfb2c76f9adf7ed6deb900576
e602984a721696845784c79ebc0f223e15c24d446fd59b314cbf1f2b4f300e96