urlscan.io logo urlscan.io
SecurityTrails logo

westernunionfoundation.benevity.org Open in urlscan Pro
52.2.45.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://westernunionfoundation.benevity.org/
Effective URL: https://westernunionfoundation.benevity.org/user/login
Submission: On January 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 26 HTTP transactions. The main IP is 52.2.45.177, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is westernunionfoundation.benevity.org.
TLS certificate: Issued by Amazon on July 30th 2020. Valid for: a year.
This is the only time westernunionfoundation.benevity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    52.2.45.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-45-177.compute-1.amazonaws.com
westernunionfoundation.benevity.org
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2600:9000:206f:4a00:13:1368:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
sam.benevity.org
4    65.9.71.229 (Seattle, United States)

ASN16509 (AMAZON-02, US)
d2zvf6vpj533b5.cloudfront.net
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.146 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Domain Requested by
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
westernunionfoundation.benevity.org
6 sam.benevity.org westernunionfoundation.benevity.org
4 d2zvf6vpj533b5.cloudfront.net westernunionfoundation.benevity.org
d2zvf6vpj533b5.cloudfront.net
3 fonts.gstatic.com fonts.googleapis.com
2 bam-cell.nr-data.net js-agent.newrelic.com
2 www.googletagmanager.com westernunionfoundation.benevity.org
www.googletagmanager.com
2 westernunionfoundation.benevity.org 1 redirects
1 js-agent.newrelic.com westernunionfoundation.benevity.org
1 fonts.googleapis.com westernunionfoundation.benevity.org
26 9

This site contains no links.

Subject Issuer Validity Valid
benevity.org
Amazon		 2020-07-30 -
2021-08-30		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-12-28 -
2021-05-07		 4 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://westernunionfoundation.benevity.org/user/login
Frame ID: 2CFBA8EE4F5494FD095BD0FD635E09C6
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://westernunionfoundation.benevity.org/ HTTP 302
    https://westernunionfoundation.benevity.org/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

26
Requests

100 %
HTTPS

60 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

918 kB
Transfer

2559 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://westernunionfoundation.benevity.org/ HTTP 302
    https://westernunionfoundation.benevity.org/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
westernunionfoundation.benevity.org/user/
Redirect Chain
  • https://westernunionfoundation.benevity.org/
  • https://westernunionfoundation.benevity.org/user/login
21 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.45.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-45-177.compute-1.amazonaws.com
Software
nginx /
Resource Hash
17e80c23b5565db754a59c8a2748a67414a2cbf5dfba9dae63a3351f6a9a837c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
westernunionfoundation.benevity.org
:scheme
https
:path
/user/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 10:07:16 GMT
content-type
text/html; charset=UTF-8
content-length
7453
server
nginx
cache-control
max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
pragma
no-cache
expires
0
set-cookie
XSRF-TOKEN=eyJpdiI6InEvbGJJeDErd3l3YkNlU0JaWk1ENFE9PSIsInZhbHVlIjoiYitoRXpkbEg2cjNRc05QYTdOell3SVpSQzdwWFdTWGJQSE9IdWttaFJJWFJJc1VlTFdtRnM3SHhaQi9adDVyck8yMGtzdUIyaU1hcUp3NUwyMmRoYjZRNS93RE9mN1FLdTYyTGZFQ3VhM1VFc1NGalBlMllPUTdTcm44VzNjdXkiLCJtYWMiOiJkMTcwMDVmZWVjYTcwYzFmYmE2ZjlkMTA4OTBmNTY0ZGU1YzE2OWM0YjMzNTU5MmM1ZDkxMWU5MmFlYTY4OTU1In0%3D; expires=Sat, 16-Jan-2021 17:40:16 GMT; Max-Age=199980; path=/; secure; samesite=lax benevity_spark_jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJHaXZpbmcgZm9yIEJldHRlciIsImlhdCI6MTYxMDYxODgzNiwibmJmIjoxNjEwNjE4ODM2LCJleHAiOjE2MTA2MjI0MzYsImp0aSI6IkdpdmluZyBmb3IgQmV0dGVyLmM4YTM0Yjc3OWYzMTY2M2M0OTVhNjU4MSIsImNpZCI6IjJCTVBBSDRaTFkiLCJ0ZW5hbnQiOiJ3ZXN0ZXJudW5pb25mb3VuZGF0aW9uIiwidWlkIjoiMCIsInJvbGVzIjp7IjEiOiJhbm9ueW1vdXMgdXNlciJ9fQ.6AHFl3VWkYky0rQTL0GVI1agNxo5HGWoy2ljnNwyXJE; expires=Thu, 14-Jan-2021 11:07:16 GMT; Max-Age=3600; path=/; secure; samesite=lax laravel_session=eyJpdiI6IjFURUw3R0JoLzM1SWdUMnRLOG9vSkE9PSIsInZhbHVlIjoiTkZlTWpDUTNHTlBQa1djMnFGaHpORzRQWFNCanZhVzhuUkVpek5PMldUNklwWjQyNFJMWmNrK1FhZml0U0gyMTlqMGNNdnR1ak8weUZFUnhEZVVCR1o4K1VTZ29ENzFUejhRb3pjSnlxczc5WVo1ZE56ZnVEdHVEdWo2b3luY2QiLCJtYWMiOiI0YmRlMjMwMmM4ODY2NGRhNWUwMWFlNGY1OWY0NGVjNzViMWI0MDIxNDMxYWM4MDgzZWFlNjFmMWM4NGEzNTg5In0%3D; path=/; secure; httponly; samesite=lax
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-encoding
gzip
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
x-geolocation-blacklist
no
x-geolocation-whitelist
no_match

Redirect headers

date
Thu, 14 Jan 2021 10:07:16 GMT
content-type
text/html; charset=utf-8
content-length
0
server
nginx
expires
Sun, 19 Nov 1978 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
last-modified
Thu, 14 Jan 2021 10:07:16 GMT
location
/user/login
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
x-geolocation-blacklist
no
x-geolocation-whitelist
no_match
css
fonts.googleapis.com/ 		6 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5a541b1791ead8e89a519db022a870c11baeb02c0ca5ddec2f213bf848a80b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 08:46:44 GMT
server
ESF
date
Thu, 14 Jan 2021 10:07:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Jan 2021 10:07:16 GMT
vendors~drupal~drupal-admin~error~login~router~router-admin-644a6a74253698c61d82.css
sam.benevity.org/spark-dist/css/ 		131 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/css/vendors~drupal~drupal-admin~error~login~router~router-admin-644a6a74253698c61d82.css
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40d37469ca40b5e9f3adada304de5b6784dfa24156df2117c9d1ffec1a7cbfea

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 13 Jan 2021 18:02:57 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 21:59:26 GMT
server
AmazonS3
age
57860
etag
W/"ebda6aa3c777c06df88bd05bdafe565c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
aJnEVTF5FtGwI96Aq15.NfgfdEq4BLlu
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-C1
content-type
text/css
x-amz-cf-id
OvRuKp63PmhP2l1ynN9ISNPCkgcX2lBDW_c_xeK9GCaotAMZzxHBIA==
login-155a6301c41ae4a729bb.css
sam.benevity.org/spark-dist/css/ 		141 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/css/login-155a6301c41ae4a729bb.css
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f4fa0a48275e67af0b68662453b5846972c36b42c5b7f6a7b88cff2ec7a2bb9

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
lUN_DktObrJH4nWg2CwgzRa6M8kyt.08
content-encoding
gzip
etag
"1f4854a578e7e304fe2fb6b92823776c"
last-modified
Tue, 12 Jan 2021 00:04:28 GMT
server
AmazonS3
age
78167
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
date
Wed, 13 Jan 2021 12:24:30 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
jCIt6HRNWJXf7BqNhljCXFlduenkKZph0Ac7RwyPflzKSNOyXVOn4A==
whitelabel.css
d2zvf6vpj533b5.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2zvf6vpj533b5.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/whitelabel.css?B
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.229 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6ac7f9c3040fcdc2ff1ae663085862c61b4b9b959345aab4c181eaed5677f7c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 13 Jan 2021 05:56:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
101463
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2225
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Last-Modified
Tue, 12 Jan 2021 00:01:22 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-geolocation-blacklist
no
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
Expires
Wed, 27 Jan 2021 05:56:13 GMT
Cache-Control
max-age=1209600
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
eDUvmWmFxtdVRKoO6vBoFKpH4emAlhuGVwZs5KlG5vx_Ucsgh6a9FQ==
X-geolocation-whitelist
no_match
whitelabel.css
d2zvf6vpj533b5.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_wuf/css/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2zvf6vpj533b5.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_wuf/css/whitelabel.css?B
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.229 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3f21ea037d384a8137a72f6d29f4cf53f810a19098c42afe11ff36b6fe88ce1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 13 Jan 2021 05:56:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
101463
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4190
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Last-Modified
Tue, 12 Jan 2021 00:01:31 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-geolocation-blacklist
no
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Via
1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
Expires
Wed, 27 Jan 2021 05:56:13 GMT
Cache-Control
max-age=1209600
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
evf0azrDPHnYXkd1anGZFPtOASmKGxbyEXw1Ay0Hk9ynyQru3XvZAg==
X-geolocation-whitelist
no_match
runtime-71014ba3d0957e4a7f90.js
sam.benevity.org/spark-dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/runtime-71014ba3d0957e4a7f90.js
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4db9d8c8f6f260851c5b314aac4faaa0c3ec154d490c711b9dd1991edbbb8f03

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
I35Z7OhXnv3fJATHMHDyYhCTQgkf5NID
content-encoding
gzip
etag
"9a68524a729a2af7b565aa8d84d91049"
last-modified
Tue, 12 Jan 2021 21:59:26 GMT
server
AmazonS3
age
39657
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
date
Wed, 13 Jan 2021 23:06:20 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
plNABWnSX1HNnRYp4NI4zpTgiQ50UyvxPrv_fKxxdssttxwQsbPKKw==
vendors~drupal~drupal-admin~error~login~router~router-admin-ee58a306fcedcb0f38c8.js
sam.benevity.org/spark-dist/ 		860 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/vendors~drupal~drupal-admin~error~login~router~router-admin-ee58a306fcedcb0f38c8.js
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e9874a9fbc8966b4e19c6031ed1a5b8c40805769a154a769b40ba053b87f909

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 13 Jan 2021 17:59:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 21:59:26 GMT
server
AmazonS3
age
58058
etag
W/"12cf6d16eceae9564533c7731f32e1bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
2TJ2tGdVkMppbtZI5QlOzjnXG6PnxVEc
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
a0xv-fv9W7ZPc7E3bk8HdvRHBBGZYIe6lg2sr1KTi12W3oZ7AqKRvg==
vendors~drupal~drupal-admin~login~router~router-admin-4b406b6d7912f83d4edd.js
sam.benevity.org/spark-dist/ 		149 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/vendors~drupal~drupal-admin~login~router~router-admin-4b406b6d7912f83d4edd.js
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cb05fdb7980e8f2098d55478f2635cd44f986f1ce6a9a8776d0fd9a5b18e6a8

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
2cU_X0gah.nslr.q4BXD_kmYKYWDZcak
content-encoding
gzip
etag
"0b049702984198028c445dba68397301"
last-modified
Tue, 12 Jan 2021 00:04:28 GMT
server
AmazonS3
age
39657
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
date
Wed, 13 Jan 2021 23:06:20 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
_C0NKVHa_6gSf8sJyTWC3neN9KAbtnVrNmdkSSbtRESAbbqTCSSaMQ==
login-23980df135a068d2d102.js
sam.benevity.org/spark-dist/ 		187 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/login-23980df135a068d2d102.js
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caef88707a072bb4982f4fcf86647e15868c53fca38b5c5b9c8e80bd34240a7d

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 13 Jan 2021 12:09:44 GMT
content-encoding
gzip
last-modified
Tue, 12 Jan 2021 21:59:26 GMT
server
AmazonS3
age
79053
etag
W/"03b3b1dcb0aa197d14c1fafcd41f447a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
V1rILyBOHrhVCGbGEIKbdxaN2mgdggIV
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
z6DRehdpHlxsKW8bx09qO-QZ_hUbjC05AKY4inwrSEtlpOowBrttqg==
gtm.js
www.googletagmanager.com/ 		407 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
546804fe7f8efce80d1e26fa86a5aba7b84a9cca64ebb09b14c36787bd7321ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 10:07:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75192
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Jan 2021 10:07:16 GMT
login-bg.png
d2zvf6vpj533b5.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_wuf/images/backgrounds/ 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2zvf6vpj533b5.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_wuf/images/backgrounds/login-bg.png
Requested by
Host: d2zvf6vpj533b5.cloudfront.net
URL: https://d2zvf6vpj533b5.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_wuf/css/whitelabel.css?B
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.229 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
25f3e2a90c62e6d6f1ec75fa45e9453eea53bfa5a31798e50bc7adb3ad245573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2zvf6vpj533b5.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_wuf/css/whitelabel.css?B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 10:07:16 GMT
Via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
279351
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 12 Jan 2021 00:01:31 GMT
Server
nginx
X-geolocation-blacklist
no
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Access-Control-Allow-Origin
*
Expires
Thu, 14 Jan 2021 11:07:16 GMT
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
PY2mUVzWKVp_Mk2KLmF49J0DjZBcEz-HekSW5MVjYRUS5mdnasFAoQ==
X-geolocation-whitelist
no_match
wpg_wuf_logo.png
d2zvf6vpj533b5.cloudfront.net/client_data/westernunionfoundation.benevity.org/files/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2zvf6vpj533b5.cloudfront.net/client_data/westernunionfoundation.benevity.org/files/wpg_wuf_logo.png?B
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.229 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
10beda9110797e063a59ffd735f38f66db63bb3b88ba1f12c625b36c98d1b4d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
3032
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
12580
X-XSS-Protection
1; mode=block
X-geolocation-blacklist
no
Last-Modified
Wed, 26 Jun 2019 16:51:11 GMT
Server
nginx
Date
Thu, 14 Jan 2021 09:16:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Expires
Thu, 14 Jan 2021 10:16:44 GMT
Cache-Control
max-age=3600
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
QtmDpwGIEUmz3l-3c4SwTwpqBwielYW4ZOCDSd-esurssgaW8NnUDg==
X-geolocation-whitelist
no_match
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://westernunionfoundation.benevity.org
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 12:48:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
age
76715
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Thu, 13 Jan 2022 12:48:41 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://westernunionfoundation.benevity.org
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 21:30:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
563783
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Fri, 07 Jan 2022 21:30:53 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://westernunionfoundation.benevity.org
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 19:09:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
53886
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 13 Jan 2022 19:09:10 GMT
js
www.googletagmanager.com/gtag/ 		131 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W2357HJE7E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6739a2a6e2c03fd76768abe4e2f18065f14424e1902cf459026dd3de05898f99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 10:07:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51442
x-xss-protection
0
expires
Thu, 14 Jan 2021 10:07:16 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2135
date
Thu, 14 Jan 2021 09:31:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 14 Jan 2021 11:31:41 GMT
js
www.google-analytics.com/gtm/ 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MK4379W&t=gtm5&cid=1417359270.1610618837&aip=true
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9e711c702221675a7227cee9f0e1673509c633a7bf769ddb8e9543d021465b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 10:07:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36394
x-xss-protection
0
expires
Thu, 14 Jan 2021 10:07:16 GMT
collect
www.google-analytics.com/g/ 		0
352 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W2357HJE7E&gtm=2oebu0&_p=1516377373&sr=1600x1200&ul=en-us&cid=1417359270.1610618837&_s=1&dl=https%3A%2F%2Fwesternunionfoundation.benevity.org%2Fuser%2Flogin&dr=&dt=Login%20%7C%20Giving%20for%20Better&sid=1610618836&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cookieExpires=34186669&ep.anonymizeIp=true&ep.spark_hostname=westernunionfoundation.benevity.org&ep.company_name=westernunionfoundation.benevity.org&up.company_name=westernunionfoundation.benevity.org
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W2357HJE7E&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 10:07:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://westernunionfoundation.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1516377373&t=pageview&_s=1&dl=https%3A%2F%2Fwesternunionfoundation.benevity.org%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%7C%20Giving%20for%20Better&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEADQAAAAC~&jid=331323624&gjid=1789115752&cid=1417359270.1610618837&tid=UA-5484370-3&_gid=10739977.1610618837&_r=1&gtm=2wgbu0TLJFKH&cd2=xl&cd3=landscape&cd4=1x&cd5=2021-01-14T11%3A07%3A16.948%2B01%3A00&cd16=&cd27=westernunionfoundation.benevity.org&cd37=login&z=1583789151
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 10:07:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://westernunionfoundation.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=1516377373&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwesternunionfoundation.benevity.org%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%7C%20Giving%20for%20Better&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Google%20Optimize&ea=jk2DhDK2QqyvthgLir7gmA&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=1417359270.1610618837&tid=UA-5484370-3&_gid=10739977.1610618837&gtm=2wgbu0TLJFKH&z=1178456761
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jan 2021 10:11:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
86127
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
nr-1194.min.js
js-agent.newrelic.com/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1194.min.js
Requested by
Host: westernunionfoundation.benevity.org
URL: https://westernunionfoundation.benevity.org/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 10:07:17 GMT
content-encoding
gzip
x-amz-request-id
68D2702B1B1EE73B
x-cache
HIT
content-length
10625
x-amz-id-2
9oyQbEkprcwib4d82Y4NKXXqMpIfI9WwmhGg4zKHf7A66Ie1EiBa+52W3blMTdZkaSL1gYyz7m4=
x-served-by
cache-hhn4053-HHN
last-modified
Wed, 06 Jan 2021 22:25:50 GMT
server
AmazonS3
x-timer
S1610618837.477817,VS0,VE0
etag
"4f5c23cba20072ede6a543efb2f986c3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4688
11dde5b023
bam-cell.nr-data.net/1/ 		57 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/11dde5b023?a=304620537&v=1194.94d5a62&to=MVFUY0YCWBcEVUZZWwgbd1RAClkKSlpdV10I&rst=1665&ck=1&ref=https://westernunionfoundation.benevity.org/user/login&ap=47&be=647&fe=1554&dc=915&perf=%7B%22timing%22:%7B%22of%22:1610618835847,%22n%22:0,%22r%22:1,%22re%22:476,%22f%22:476,%22dn%22:476,%22dne%22:476,%22c%22:476,%22ce%22:476,%22rq%22:477,%22rp%22:639,%22rpe%22:640,%22dl%22:642,%22di%22:915,%22ds%22:915,%22de%22:917,%22dc%22:1555,%22l%22:1555,%22le%22:1555%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=807&fcp=939&at=HRZXFQ4YSxk%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1194.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 10:07:17 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
CF-Ray
61168c96bbae10bd-CPH
cf-request-id
07a1f63238000010bdf58b4000000001
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
86 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W2357HJE7E&gtm=2oebu0&_p=1516377373&sr=1600x1200&ul=en-us&cid=1417359270.1610618837&_s=2&dl=https%3A%2F%2Fwesternunionfoundation.benevity.org%2Fuser%2Flogin&dr=&dt=Login%20%7C%20Giving%20for%20Better&sid=1610618836&sct=1&seg=0&en=scroll&_et=515&ep.cookieExpires=34186669&ep.anonymizeIp=true&ep.spark_hostname=westernunionfoundation.benevity.org&ep.company_name=westernunionfoundation.benevity.org&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W2357HJE7E&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 10:07:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://westernunionfoundation.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11dde5b023
bam-cell.nr-data.net/events/1/ 		24 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/11dde5b023?a=304620537&v=1194.94d5a62&to=MVFUY0YCWBcEVUZZWwgbd1RAClkKSlpdV10I&rst=11665&ck=1&ref=https://westernunionfoundation.benevity.org/user/login
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1194.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://westernunionfoundation.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 14 Jan 2021 10:07:27 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://westernunionfoundation.benevity.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
61168cd50af810bd-CPH
Content-Length
24
cf-request-id
07a1f65921000010bdca9a8000000001

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| doNotTrackEnabled object| dataLayer object| SparkStaticStore object| webpackJsonpSpark function| setImmediate function| clearImmediate object| regeneratorRuntime function| Velocity object| Benevity function| bootSpark object| errorPage object| SparkVuexStore object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_optimize

7 Cookies

Domain/Path Name / Value
.benevity.org/ Name: _gat_UA-5484370-3
Value: 1
.benevity.org/ Name: _ga
Value: GA1.2.1417359270.1610618837
westernunionfoundation.benevity.org/ Name: laravel_session
Value: eyJpdiI6IjFURUw3R0JoLzM1SWdUMnRLOG9vSkE9PSIsInZhbHVlIjoiTkZlTWpDUTNHTlBQa1djMnFGaHpORzRQWFNCanZhVzhuUkVpek5PMldUNklwWjQyNFJMWmNrK1FhZml0U0gyMTlqMGNNdnR1ak8weUZFUnhEZVVCR1o4K1VTZ29ENzFUejhRb3pjSnlxczc5WVo1ZE56ZnVEdHVEdWo2b3luY2QiLCJtYWMiOiI0YmRlMjMwMmM4ODY2NGRhNWUwMWFlNGY1OWY0NGVjNzViMWI0MDIxNDMxYWM4MDgzZWFlNjFmMWM4NGEzNTg5In0%3D
westernunionfoundation.benevity.org/ Name: benevity_spark_jwt
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJHaXZpbmcgZm9yIEJldHRlciIsImlhdCI6MTYxMDYxODgzNiwibmJmIjoxNjEwNjE4ODM2LCJleHAiOjE2MTA2MjI0MzYsImp0aSI6IkdpdmluZyBmb3IgQmV0dGVyLmM4YTM0Yjc3OWYzMTY2M2M0OTVhNjU4MSIsImNpZCI6IjJCTVBBSDRaTFkiLCJ0ZW5hbnQiOiJ3ZXN0ZXJudW5pb25mb3VuZGF0aW9uIiwidWlkIjoiMCIsInJvbGVzIjp7IjEiOiJhbm9ueW1vdXMgdXNlciJ9fQ.6AHFl3VWkYky0rQTL0GVI1agNxo5HGWoy2ljnNwyXJE
.benevity.org/ Name: _ga_W2357HJE7E
Value: GS1.1.1610618836.1.0.1610618836.0
.benevity.org/ Name: _gid
Value: GA1.2.10739977.1610618837
westernunionfoundation.benevity.org/ Name: XSRF-TOKEN
Value: eyJpdiI6InEvbGJJeDErd3l3YkNlU0JaWk1ENFE9PSIsInZhbHVlIjoiYitoRXpkbEg2cjNRc05QYTdOell3SVpSQzdwWFdTWGJQSE9IdWttaFJJWFJJc1VlTFdtRnM3SHhaQi9adDVyck8yMGtzdUIyaU1hcUp3NUwyMmRoYjZRNS93RE9mN1FLdTYyTGZFQ3VhM1VFc1NGalBlMllPUTdTcm44VzNjdXkiLCJtYWMiOiJkMTcwMDVmZWVjYTcwYzFmYmE2ZjlkMTA4OTBmNTY0ZGU1YzE2OWM0YjMzNTU5MmM1ZDkxMWU5MmFlYTY4OTU1In0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
d2zvf6vpj533b5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
sam.benevity.org
westernunionfoundation.benevity.org
www.google-analytics.com
www.googletagmanager.com
151.101.114.110
162.247.243.146
2600:9000:206f:4a00:13:1368:1500:93a1
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2008
2a00:1450:4001:816::200e
2a00:1450:4001:821::2003
2a00:1450:4001:821::200a
52.2.45.177
65.9.71.229
04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cb05fdb7980e8f2098d55478f2635cd44f986f1ce6a9a8776d0fd9a5b18e6a8
10beda9110797e063a59ffd735f38f66db63bb3b88ba1f12c625b36c98d1b4d8
17e80c23b5565db754a59c8a2748a67414a2cbf5dfba9dae63a3351f6a9a837c
25f3e2a90c62e6d6f1ec75fa45e9453eea53bfa5a31798e50bc7adb3ad245573
3f21ea037d384a8137a72f6d29f4cf53f810a19098c42afe11ff36b6fe88ce1b
40d37469ca40b5e9f3adada304de5b6784dfa24156df2117c9d1ffec1a7cbfea
4db9d8c8f6f260851c5b314aac4faaa0c3ec154d490c711b9dd1991edbbb8f03
546804fe7f8efce80d1e26fa86a5aba7b84a9cca64ebb09b14c36787bd7321ae
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6739a2a6e2c03fd76768abe4e2f18065f14424e1902cf459026dd3de05898f99
6ac7f9c3040fcdc2ff1ae663085862c61b4b9b959345aab4c181eaed5677f7c1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9e9874a9fbc8966b4e19c6031ed1a5b8c40805769a154a769b40ba053b87f909
9f4fa0a48275e67af0b68662453b5846972c36b42c5b7f6a7b88cff2ec7a2bb9
a5a541b1791ead8e89a519db022a870c11baeb02c0ca5ddec2f213bf848a80b8
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
caef88707a072bb4982f4fcf86647e15868c53fca38b5c5b9c8e80bd34240a7d
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d9e711c702221675a7227cee9f0e1673509c633a7bf769ddb8e9543d021465b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b