retirepathva.vestwell.com Open in urlscan Pro
54.165.33.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.sumday.com/ls/click?upn=YfcPWIiaMRuj2ml0mY-2BdUoSaYg0iodCMVL1eCa4n23TkXUJtqXr-2BY6MgAEXoC3ypPXbZxFGgLf1gcxG...
Effective URL:
https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
Submission: On June 20 via manual (June 20th 2023, 1:49:20 pm UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 54.165.33.118, located in United States and belongs to AMAZON-AES, US. The main domain is retirepathva.vestwell.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 13th 2023. Valid for: a year.

This is the only time retirepathva.vestwell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.54 167.89.123.54	11377 (SENDGRID) (SENDGRID)
10	54.165.33.118 54.165.33.118	14618 (AMAZON-AES) (AMAZON-AES)
3	18.173.154.74 18.173.154.74	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	100.26.118.119 100.26.118.119	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
24	7

1 167.89.123.54 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x54.outbound-mail.sendgrid.net

email.sumday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.165.33.118 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-33-118.compute-1.amazonaws.com

retirepathva.vestwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.154.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-74.muc50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.26.118.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-118-119.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	vestwell.com retirepathva.vestwell.com	330 KB
5	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2741 heapanalytics.com — Cisco Umbrella Rank: 2317	226 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	2 KB
2	gstatic.com fonts.gstatic.com	63 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	17 KB
1	sumday.com 1 redirects email.sumday.com	306 B
0	auryc.com Failed client-api.auryc.com Failed
24	7

	Domain	Requested by
10	retirepathva.vestwell.com	retirepathva.vestwell.com
3	fonts.googleapis.com	retirepathva.vestwell.com
3	cdn.heapanalytics.com	retirepathva.vestwell.com cdn.heapanalytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	heapanalytics.com	retirepathva.vestwell.com
1	cdn.jsdelivr.net	retirepathva.vestwell.com
1	email.sumday.com	1 redirects
0	client-api.auryc.com Failed	cdn.heapanalytics.com
24	8

This site contains no links.

Subject Issuer	Validity	Valid
*.vestwell.com Go Daddy Secure Certificate Authority - G2	`2023-06-13` - `2024-07-14`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2023-02-21` - `2023-08-27`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
Frame ID: 94C1AB8585CB6C916CE58018496010C5
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exempt My Company / Vestwell

Page URL History Show full URLs

http://email.sumday.com/ls/click?upn=YfcPWIiaMRuj2ml0mY-2BdUoSaYg0iodCMVL1eCa4n23TkXUJtqXr-2BY6MgAEX... HTTP 302
https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website Page URL

Detected technologies

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

24
Requests

88 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

638 kB
Transfer

1986 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.sumday.com/ls/click?upn=YfcPWIiaMRuj2ml0mY-2BdUoSaYg0iodCMVL1eCa4n23TkXUJtqXr-2BY6MgAEXoC3ypPXbZxFGgLf1gcxG8VNoyjL-2Bl-2FDawHUuV8mHVYu7UqWVFRcYnuojMI4L-2Fc-2BSUyu-2BSQkTBbqyl0TQ-2BZyeW2xMzJg-3D-3DjjXd_iJkNvLaX-2FTnVL58YXdvFajr7Jnh9ftVMF3Q0idOgeEAMIz9ediD4UCzC5KGRWnHM5d0JmETEeQjCE2yDurlZi3PZjU7ESzXT5dEQrPBZYK6K-2FLi6BvrRh1lC68v8-2Fi3hSuG5YLFFjg8dkB3A1Qml-2FVkQbwsQWlOGqu3k9zA9VLRli0QhI-2F3KZ-2BjkXlm6A3Zs-2BzAURdtOqvpbyxnk9ZOCKKVKzJ6NNkrSLcQuH6iONE8NllN443hrKYnn7-2FxXExXqckSwKDAFczs0xeXnBkn3iokwG0pWPF6ktJ3NdEYyFZEkFwHrYEKqGLBb3UFqRfA7hH6IglL84MbXNPBXadb-2BBRZGF2afea54fkR-2ByEm6yQ1gEb-2FL3PkkHdz-2FJ8X7H1XU7T1PWWQvfU3tEHswhS9S2A-3D-3D HTTP 302
https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request exempt Show response
retirepathva.vestwell.com/
Redirect Chain

http://email.sumday.com/ls/click?upn=YfcPWIiaMRuj2ml0mY-2BdUoSaYg0iodCMVL1eCa4n23TkXUJtqXr-2BY6MgAEXoC3ypPXbZxFGgLf1gcxG8VNoyjL-2Bl-2FDawHUuV8mHVYu7UqWVFRcYnuojMI4L-2Fc-2BSUyu-2BSQkTBbqyl0TQ-2BZyeW...
https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

3 KB
2 KB

359ms
93ms

Document
text/html

54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

26dfafacda7210ba7ed8bb4ff03444d761cae05ab86400211f456d1eb6996783

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1186
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
content-type: text/html; charset=utf-8
date: Tue, 20 Jun 2023 13:49:14 GMT
etag: "648cc7b3-4a2"
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Fri, 16 Jun 2023 20:36:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
x-forwarded-proto: https
x-frame-options: deny
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 133
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Jun 2023 13:49:14 GMT
Location: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 runtime.0ea47e31.js Show response
retirepathva.vestwell.com/registration/static/js/ 2 KB
3 KB 92ms
92ms Script
application/javascript 54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://retirepathva.vestwell.com/registration/static/js/runtime.0ea47e31.js

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d7928e95b5decc2d06ff74ae0398f703c964e9f27d5bd7cd3624920f6a41336c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 1284
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Jun 2023 20:36:03 GMT
server: nginx
etag: "648cc7b3-504"
x-frame-options: deny
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-store, no-cache, must-revalidate
expires: Wed, 21 Jun 2023 13:49:15 GMT

GET
H2 200 shared.38020f4b.js Show response
retirepathva.vestwell.com/registration/static/js/ 774 KB
241 KB 183ms
183ms Script
application/javascript 54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://retirepathva.vestwell.com/registration/static/js/shared.38020f4b.js

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

da17b75b8aed5c49442ccd20045196442ede8bf066af837c7522eeae8aef7d75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 245239
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Jun 2023 20:36:03 GMT
server: nginx
etag: "648cc7b3-3bdf7"
x-frame-options: deny
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-store, no-cache, must-revalidate
expires: Wed, 21 Jun 2023 13:49:15 GMT

GET
H2 200 main.679f7a92.js Show response
retirepathva.vestwell.com/registration/static/js/ 163 KB
39 KB 257ms
256ms Script
application/javascript 54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://retirepathva.vestwell.com/registration/static/js/main.679f7a92.js

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

da7d79611f507480d0183108cfbe7439a449a0dcfb2c76f9adf7ed6deb900576

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 38504
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Jun 2023 20:36:03 GMT
server: nginx
etag: "648cc7b3-9668"
x-frame-options: deny
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-store, no-cache, must-revalidate
expires: Wed, 21 Jun 2023 13:49:15 GMT

GET
H2 200 main.a6547fbeaa798abdd905.css
retirepathva.vestwell.com/registration/static/css/ 130 KB
29 KB 93ms
93ms Stylesheet
text/css 54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://retirepathva.vestwell.com/registration/static/css/main.a6547fbeaa798abdd905.css

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9e478998b48ebf32f3b8d191bb120a213ad1dcb1c84a5d635e48756ac6708eb9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 28538
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Jun 2023 20:36:03 GMT
server: nginx
etag: "648cc7b3-6f7a"
x-frame-options: deny
content-type: text/css
cache-control: max-age=86400, no-store, no-cache, must-revalidate
expires: Wed, 21 Jun 2023 13:49:15 GMT

GET
H2 200 heap-1418109408.js Show response
cdn.heapanalytics.com/js/ 123 KB
39 KB 147ms
114ms Script
application/javascript 18.173.154.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1418109408.js

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-74.muc50.r.cloudfront.net

Software

nginx / Express

Resource Hash

1c1bd8161a4a9efeba0195f58b0c7d7f646a4dd537e3814fb825c8a9083d3f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:48:22 GMT
content-encoding: br
via: 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: MUC50-P3
age: 53
x-powered-by: Express
etag: W/"1ecd8-m6lYdgR37zuej4OUm8s5B//f4gc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FE6Pj5LtG9XhPhjvqk92BqYxXE_ClvmL-izB2e7vQsw1CRbDlvnf-g==

GET
H2 200 container.js Show response
cdn.heapanalytics.com/js/replay/6918-Main-prod-heap/ 9 KB
5 KB 18ms
17ms Script
application/javascript 18.173.154.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/6918-Main-prod-heap/container.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/heap-1418109408.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-74.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 851f380741343f78fee59eb421f476fe3d653a05628c53acd1c89d5afd050447

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: BudfvEatxEad9qwpLyT_ppAmwyipoMzB
content-encoding: gzip
via: 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront)
date: Tue, 20 Jun 2023 12:49:34 GMT
x-amz-cf-pop: MUC50-P3
age: 5676
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4249
last-modified: Fri, 16 Jun 2023 12:10:39 GMT
server: AmazonS3
etag: "0e56f4e967833d6c8b96e9464d98621a"
content-type: application/javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-amz-cf-id: q32pqhPlwwkOD540w_qhZjUS1u3AUteGsHAw7okRsqQKlfnCzOAF2g==

GET
H2 200 css
fonts.googleapis.com/ 9 KB
772 B 47ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800&display=swap

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/registration/static/css/main.a6547fbeaa798abdd905.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd9ff61e493c5ef913bc749ac6351d9e947c9a415ae0098e6c1812cdded64595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 13:49:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 13:49:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
894 B 45ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400&display=swap

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/registration/static/css/main.a6547fbeaa798abdd905.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

123f471c58b5cedb78d67b24cfffdaa30a69c7e436410aded09625fa2eca0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 13:49:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 13:49:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
650 B 46ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono:400&display=swap

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/registration/static/css/main.a6547fbeaa798abdd905.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e602984a721696845784c79ebc0f223e15c24d446fd59b314cbf1f2b4f300e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Jun 2023 13:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 13:49:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jun 2023 13:49:15 GMT

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@8/ 16 KB
17 KB 40ms
8ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/registration/static/css/main.a6547fbeaa798abdd905.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 20 Jun 2023 13:49:15 GMT
x-content-type-options: nosniff
age: 2937
x-jsd-version: 8.4.7
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16493
x-served-by: cache-fra-etou8220072-FRA
x-jsd-version-type: version
etag: W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET releasesettings
client-api.auryc.com/ 0
0

GET
H3 200 auryc.lib.js Show response
cdn.heapanalytics.com/js/replay/libs/latest/ 684 KB
182 KB 8ms
8ms Script
application/javascript 18.173.154.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/replay/6918-Main-prod-heap/container.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-74.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b82211f18e0fec9bf77af0c2b0d1a41b105da881c24f424dcd8f42ad83fd6ecf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: kq50p.QYHLgcw9o.chHQhyaUrxYv_toN
content-encoding: gzip
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
date: Tue, 20 Jun 2023 03:51:34 GMT
age: 35866
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 185842
last-modified: Mon, 05 Jun 2023 21:15:04 GMT
server: AmazonS3
etag: "ce4a20f307637105751f1b89ceb3379e"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: U6tV7BhJ1G_tMIcYmKOWIWEa-84K1-mGfvL8GQTAlvhDlbM-xt0_dQ==

GET siteconfig
client-api.auryc.com/ 0
0

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 289ms
93ms Image
image/gif 100.26.118.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1418109408&u=7191533671237074&v=5683438945124333&s=1475888849960038&b=web&tv=4.0&z=0&h=%2Fexempt&q=%3Futm_source%3Dsendgrid.com%26utm_medium%3Demail%26utm_campaign%3Dwebsite&d=retirepathva.vestwell.com&us=sendgrid.com&um=email&ua=website&ts=1687268955198&sch=1200&scw=1600&st=1687268955317

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.26.118.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-26-118-119.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 13:49:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 config Show response
retirepathva.vestwell.com/api/ 125 B
2 KB 123ms
123ms XHR
application/json 54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://retirepathva.vestwell.com/api/config?subdomain=retirepathva

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/registration/static/js/shared.38020f4b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4278534015b2b417716d31110992dfa58529527292af2f6df686285b3a8c4570

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	0, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
accept-language: de-DE,de;q=0.9
x-trace: JtEA3EVz4sacgH3unGRIZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:49:15 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-forwarded-proto: https
content-length: 125
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
x-ratelimit-remaining: 96
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate
x-ratelimit-reset: 36
x-ratelimit-limit: 100

GET
H2 200 config Show response
retirepathva.vestwell.com/api/registration/ 2 KB
4 KB 212ms
212ms XHR
application/json 54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://retirepathva.vestwell.com/api/registration/config?domain=retirepathva&type=sponsor

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/registration/static/js/shared.38020f4b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4368ec068f560fd35e5cd4b59aac60bd65acdd54b3ec980d3ecddd499e038a90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	0, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:49:15 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-forwarded-proto: https
content-length: 2359
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
x-ratelimit-remaining: 99
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate
x-ratelimit-reset: 60
x-ratelimit-limit: 100

GET
H2 200 config Show response
retirepathva.vestwell.com/api/ 125 B
2 KB 120ms
120ms XHR
application/json 54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://retirepathva.vestwell.com/api/config?subdomain=retirepathva

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/registration/static/js/shared.38020f4b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4278534015b2b417716d31110992dfa58529527292af2f6df686285b3a8c4570

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	0, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:49:15 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-forwarded-proto: https
content-length: 125
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
x-ratelimit-remaining: 94
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate
x-ratelimit-reset: 1
x-ratelimit-limit: 100

GET
H2 200 state Show response
retirepathva.vestwell.com/api/registration/ 25 B
2 KB 97ms
97ms XHR
application/json 54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://retirepathva.vestwell.com/api/registration/state?domain=retirepathva&entity=sponsorExemption

Requested by

Host: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/registration/static/js/shared.38020f4b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9a48c1d575474aef8ee86b22d64ef41aff9a5c916c21b6fe5c7f95e785eb2f6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, deny
X-Xss-Protection	0, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://retirepathva.vestwell.com/exempt?utm_source=sendgrid.com&utm_medium=email&utm_campaign=website
accept-language: de-DE,de;q=0.9
x-trace: 9f6DqkPv2N28V5d6vn9OI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:49:15 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests, default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubdomains;
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
x-forwarded-proto: https
content-length: 25
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN, deny
x-ratelimit-remaining: 99
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
cache-control: no-store, no-cache, must-revalidate
x-ratelimit-reset: 60
x-ratelimit-limit: 100

GET whitelabel
retirepathva.vestwell.com/api/ 0
0

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://retirepathva.vestwell.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 14:32:22 GMT
x-content-type-options: nosniff
age: 429413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 14:32:22 GMT

GET
H2 200 retirepathva.webp
retirepathva.vestwell.com/images/registration/ 3 KB
4 KB 93ms
92ms Image
image/webp 54.165.33.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://retirepathva.vestwell.com/images/registration/retirepathva.webp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.33.118 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-33-118.compute-1.amazonaws.com

Software

nginx /

Resource Hash

57c211728d3e9d3ff8af2d303d379bdf4d3c906d7db46b2e04713b3ef24eac01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/register/exempt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:49:15 GMT
content-security-policy: default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://*.vestwell.com https://*.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains;
x-forwarded-proto: https
content-length: 3144
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Jun 2023 20:31:59 GMT
server: nginx
etag: "648cc6bf-c48"
x-frame-options: deny
content-type: image/webp
cache-control: max-age=315360000, no-store, no-cache, must-revalidate
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 92ms
92ms Image
image/gif 100.26.118.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1418109408&u=7191533671237074&v=383049961020160&s=1475888849960038&b=web&tv=4.0&z=2&h=%2Fregister%2Fexempt&d=retirepathva.vestwell.com&t=Exempt%20My%20Company%20%2F%20Vestwell&ts=1687268955956&pr=%2Fexempt&sp=us&sp=sendgrid.com&sp=um&sp=email&sp=ua&sp=website&sp=ts&sp=1687268955198&sp=d&sp=retirepathva.vestwell.com&sp=h&sp=%2Fexempt&sp=q&sp=%3Futm_source%3Dsendgrid.com%26utm_medium%3Demail%26utm_campaign%3Dwebsite&sch=1200&scw=1600&st=1687268955956

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.26.118.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-26-118-119.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://retirepathva.vestwell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 13:49:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://retirepathva.vestwell.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:16:09 GMT
x-content-type-options: nosniff
age: 401586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 22:16:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: client-api.auryc.com
URL: https://client-api.auryc.com/releasesettings?lib=Web

Domain: client-api.auryc.com
URL: https://client-api.auryc.com/siteconfig?lib=web

Domain: retirepathva.vestwell.com
URL: https://retirepathva.vestwell.com/api/whitelabel

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vestwell.com/	1970-01-20 22:17:08	Name: userty.core.p.0cbfcf Value: __2VySWQiOiI3ODNjZDBhNTEyNjJjNzBlNzdjNjNiODE0YWYzODJiOSJ9eyJ1c
.vestwell.com/	1970-01-20 12:41:10	Name: _hp2_ses_props.1418109408 Value: %7B%22us%22%3A%22sendgrid.com%22%2C%22um%22%3A%22email%22%2C%22ua%22%3A%22website%22%2C%22ts%22%3A1687268955198%2C%22d%22%3A%22retirepathva.vestwell.com%22%2C%22h%22%3A%22%2Fexempt%22%2C%22q%22%3A%22%3Futm_source%3Dsendgrid.com%26utm_medium%3Demail%26utm_campaign%3Dwebsite%22%7D
.vestwell.com/	1970-01-20 12:41:52	Name: Session Value: OFxVxryI%2Bi%2F93gbCy5%2BFo5rNIwhXPd5PqiuRHGq52eciloT2PE%2BLRBqacVuuQpvTPF18btarNPSFCaAFCEYOqN5TVcmaSY2AbeLvk%2F6a5LoNYAel6DbiXKwr5CWsw5qecrbKXyQyrEXAIk2ykMO48TZQKRURWZVkhxvLVJdsybyihBZw2rOkMcDYwO9aUUo%2FP7vlL0Lc%2FxwE%2BKzczBTSx8VOKLOqGgGmCGH0d6xQOvbFJBxfkorDB31SsGZTuQ%3D%3D.AFVqOhE%2BniBQxk8LSYgwcuxqM%2BrqXRVE
.vestwell.com/	1970-01-20 22:09:06	Name: _hp2_id.1418109408 Value: %7B%22userId%22%3A%227191533671237074%22%2C%22pageviewId%22%3A%22383049961020160%22%2C%22sessionId%22%3A%221475888849960038%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.vestwell.com/	1969-12-31 23:59:59	Name: userty.core.s.0cbfcf Value: __SI6MTY4NzI3MDc1NTI3OSwic2lkIjoiZWZjMDI5YzcxMWJkMzA2MzM2ZTMzZTM1MzcwNWVhZWYiLCJzdCI6MTY4NzI2ODk1NTI3OSwicHYiOjIsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9In0=eyJzZ

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cdn.heapanalytics.com/js/replay/6918-Main-prod-heap/container.js(Line 5) Message: Refused to connect to 'https://client-api.auryc.com/releasesettings?lib=Web' because it violates the following Content Security Policy directive: "connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:".
security	error	URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js(Line 5) Message: Refused to connect to 'https://client-api.auryc.com/siteconfig?lib=web' because it violates the following Content Security Policy directive: "connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:".
security	error	URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js(Line 5) Message: Refused to create a worker from 'blob:https://retirepathva.vestwell.com/8f59355f-72e3-445e-a59d-84f5bd3a4666' because it violates the following Content Security Policy directive: "child-src 'self'". Note that 'worker-src' was not explicitly set, so 'child-src' is used as a fallback.
security	error	URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js(Line 5) Message: Refused to create a worker from 'blob:https://retirepathva.vestwell.com/aec53fce-e015-4990-acd9-0d1369d55543' because it violates the following Content Security Policy directive: "child-src 'self'". Note that 'worker-src' was not explicitly set, so 'child-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: gap: ws: https://cdn.plaid.com https://ekr.zdassets.com https://static.zdassets.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://heapanalytics.com https://cdn.heapanalytics.com http://cdn.plaid.com https://widget.intercom.io https://js.intercomcdn.com https://static.zdassets.com https://fonts.googleapis.com/ http://cdnjs.cloudflare.com https://www.google-analytics.com/analytics.js http://cdn.quilljs.com http://cdn.jsdelivr.net; frame-src http://fast.wistia.com https://cdn.plaid.com/; img-src 'self' data: https://.vestwell.com https://.zendesk.com https://d2gx1ajsvrvamt.cloudfront.net https://heapanalytics.com; style-src 'self' 'unsafe-inline' https://heapanalytics.com https://fonts.googleapis.com http://cdnjs.cloudflare.com https://use.typekit.net https://p.typekit.net http://cdn.quilljs.com https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com http://cdnjs.cloudflare.com https://use.typekit.net; child-src 'self'; connect-src 'self' https://heapanalytics.com https://*.zendesk.com https://ekr.zdassets.com https://api-iam.intercom.io/messenger/web/ping https://api-iam.intercom.io/messenger/web/metrics https://api.gusto-demo.com data: gap: ws:
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
cdn.jsdelivr.net
client-api.auryc.com
email.sumday.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
retirepathva.vestwell.com
client-api.auryc.com
retirepathva.vestwell.com
100.26.118.119
167.89.123.54
18.173.154.74
2a00:1450:4001:828::2003
2a00:1450:4001:831::200a
2a04:4e42::485
54.165.33.118
123f471c58b5cedb78d67b24cfffdaa30a69c7e436410aded09625fa2eca0d1f
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
1c1bd8161a4a9efeba0195f58b0c7d7f646a4dd537e3814fb825c8a9083d3f0e
26dfafacda7210ba7ed8bb4ff03444d761cae05ab86400211f456d1eb6996783
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
4278534015b2b417716d31110992dfa58529527292af2f6df686285b3a8c4570
4368ec068f560fd35e5cd4b59aac60bd65acdd54b3ec980d3ecddd499e038a90
57c211728d3e9d3ff8af2d303d379bdf4d3c906d7db46b2e04713b3ef24eac01
851f380741343f78fee59eb421f476fe3d653a05628c53acd1c89d5afd050447
9a48c1d575474aef8ee86b22d64ef41aff9a5c916c21b6fe5c7f95e785eb2f6f
9e478998b48ebf32f3b8d191bb120a213ad1dcb1c84a5d635e48756ac6708eb9
b82211f18e0fec9bf77af0c2b0d1a41b105da881c24f424dcd8f42ad83fd6ecf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd9ff61e493c5ef913bc749ac6351d9e947c9a415ae0098e6c1812cdded64595
d7928e95b5decc2d06ff74ae0398f703c964e9f27d5bd7cd3624920f6a41336c
da17b75b8aed5c49442ccd20045196442ede8bf066af837c7522eeae8aef7d75
da7d79611f507480d0183108cfbe7439a449a0dcfb2c76f9adf7ed6deb900576
e602984a721696845784c79ebc0f223e15c24d446fd59b314cbf1f2b4f300e96

retirepathva.vestwell.com Open in urlscan Pro 54.165.33.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

88 %HTTPS

43 %IPv6

7 Domains

8 Subdomains

7 IPs

2 Countries

638 kBTransfer

1986 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

5 Cookies

4 Console Messages

Security Headers

Indicators

retirepathva.vestwell.com Open in urlscan Pro
54.165.33.118 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

88 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

638 kB
Transfer

1986 kB
Size

5
Cookies

24 HTTP transactions
0 data transactions