diff --git a/api/main.go b/api/main.go
index e43872afc..187af6d80 100644
--- a/api/main.go
+++ b/api/main.go
@@ -11,6 +11,7 @@ import (
 	"mizuserver/pkg/middleware"
 	"mizuserver/pkg/models"
 	"mizuserver/pkg/routes"
+	"mizuserver/pkg/sensitiveDataFiltering"
 	"mizuserver/pkg/tap"
 	"mizuserver/pkg/utils"
 	"os"
@@ -103,9 +104,8 @@ func getTapTargets() []string {
 }
 
 func filterHarHeaders(inChannel <- chan *tap.OutputChannelItem, outChannel chan *tap.OutputChannelItem) {
-	for {
-		message := <- inChannel
-		utils.FilterSensitiveInfoFromHarRequest(message)
+	for message := range inChannel {
+		sensitiveDataFiltering.FilterSensitiveInfoFromHarRequest(message)
 		outChannel <- message
 	}
 }
diff --git a/api/pkg/sensitiveDataFiltering/consts.go b/api/pkg/sensitiveDataFiltering/consts.go
new file mode 100644
index 000000000..09ce6628c
--- /dev/null
+++ b/api/pkg/sensitiveDataFiltering/consts.go
@@ -0,0 +1,10 @@
+package sensitiveDataFiltering
+
+const maskedFieldPlaceholderValue = "[REDACTED]"
+
+//these values MUST be all lower case
+var personallyIdentifiableDataFields = []string{"token", "authorization", "authentication", "cookie", "userid", "password",
+	"username", "user", "key", "passcode", "pass", "auth", "authtoken", "jwt",
+	"bearer", "clientid", "clientsecret", "redirecturi", "phonenumber",
+	"zip", "zipcode", "address", "country", "firstname", "lastname",
+	"middlename", "fname", "lname", "birthdate"}
diff --git a/api/pkg/utils/messageSensitiveDataCleaner.go b/api/pkg/sensitiveDataFiltering/messageSensitiveDataCleaner.go
similarity index 97%
rename from api/pkg/utils/messageSensitiveDataCleaner.go
rename to api/pkg/sensitiveDataFiltering/messageSensitiveDataCleaner.go
index 2fc88ef00..468f01d6a 100644
--- a/api/pkg/utils/messageSensitiveDataCleaner.go
+++ b/api/pkg/sensitiveDataFiltering/messageSensitiveDataCleaner.go
@@ -1,4 +1,4 @@
-package utils
+package sensitiveDataFiltering
 
 import (
 	"encoding/json"
@@ -90,7 +90,7 @@ func filterJsonMap(jsonMap map[string] interface{}) {
 func filterUrl(originalUrl string) string {
 	parsedUrl, err := url.Parse(originalUrl)
 	if err != nil {
-		return originalUrl
+		return fmt.Sprintf("http://%s", maskedFieldPlaceholderValue)
 	} else {
 		if len(parsedUrl.RawQuery) > 0 {
 			newQueryArgs := make([]string, 0)
diff --git a/api/pkg/utils/consts.go b/api/pkg/utils/consts.go
deleted file mode 100644
index fcaf5d5b5..000000000
--- a/api/pkg/utils/consts.go
+++ /dev/null
@@ -1,8 +0,0 @@
-package utils
-
-const maskedFieldPlaceholderValue = "[REDACTED]"
-var personallyIdentifiableDataFields = []string {"token", "authorization", "authentication", "cookie", "userid", "password",
-												 "username", "user", "key", "passcode", "pass", "auth", "authtoken", "jwt",
-												 "bearer", "clientid", "clientsecret", "redirecturi", "phonenumber",
-												 "zip", "zipcode", "address", "country", "firstname", "lastname",
-												 "middlename", "fname", "lname", "birthdate"}