d3klmnbttazatt.cloudfront.net Open in urlscan Pro
143.204.208.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
Submission: On October 01 via api (October 1st 2018, 7:36:13 pm UTC) from US

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 143.204.208.139, located in Wilmington, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is d3klmnbttazatt.cloudfront.net.
TLS certificate: Issued by DigiCert Global CA G2 on November 22nd 2017. Valid for: a year.

This is the only time d3klmnbttazatt.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	143.204.208.139 143.204.208.139	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	143.204.208.64 143.204.208.64	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
12	5

3 143.204.208.139 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-139.fra53.r.cloudfront.net

d3klmnbttazatt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.208.64 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-64.fra53.r.cloudfront.net

d3klmnbttazatt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cloudfront.net d3klmnbttazatt.cloudfront.net	368 KB
2	google-analytics.com 1 redirects www.google-analytics.com	16 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	179 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	159 B
1	googletagmanager.com www.googletagmanager.com	70 KB
12	6

	Domain	Requested by
9	d3klmnbttazatt.cloudfront.net	d3klmnbttazatt.cloudfront.net
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	www.google.de	d3klmnbttazatt.cloudfront.net
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	d3klmnbttazatt.cloudfront.net
12	6

This site contains links to these domains. Also see Links.

Domain
windows.microsoft.com

Subject Issuer	Validity	Valid
*.cloudfront.net DigiCert Global CA G2	`2017-11-22` - `2018-11-21`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
Frame ID: 7690728B2632706A40FBB63C62A81337
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<(?:link|style)[^>]+sites\/(?:default|all)\/(?:themes|modules)\//i
headers expires /19 Nov 1978/i
env /^Drupal$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<(?:link|style)[^>]+sites\/(?:default|all)\/(?:themes|modules)\//i
headers expires /19 Nov 1978/i
env /^Drupal$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^google_tag_manager$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

12
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

454 kB
Transfer

2067 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://windows.microsoft.com/en-us/internet-explorer/download-ie
Title: upgrade your browser

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.google-analytics.com/r/collect?v=1&_v=j69&aip=1&a=897752282&t=pageview&_s=1&dl=https%3A%2F%2Fd3klmnbttazatt.cloudfront.net%2Fclient_data%2Fimfgiving&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20IMF%20Giving%20Together&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=874130782&gjid=1855372829&cid=132723007.1538422563&tid=UA-5484370-6&_gid=1574829715.1538422563&_r=1&gtm=G9oTLJFKH&cd2=xl&cd3=landscape&cd4=1x&cd5=2018-10-01T19%3A36%3A02.644%2B00%3A00&z=1825219230 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5484370-6&cid=132723007.1538422563&jid=874130782&_gid=1574829715.1538422563&gjid=1855372829&_v=j69&z=1825219230 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-6&cid=132723007.1538422563&jid=874130782&_v=j69&z=1825219230 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-6&cid=132723007.1538422563&jid=874130782&_v=j69&z=1825219230&slf_rd=1&random=1464660030

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request imfgiving Show response
d3klmnbttazatt.cloudfront.net/client_data/ 11 KB
4 KB 425ms
382ms Document
text/html 143.204.208.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.208.139 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-208-139.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

0bfceb7351db8edb544162516d39a2155ef60f405b8a9df5d742d96eb120793a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: d3klmnbttazatt.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 01 Oct 2018 19:36:01 GMT
Server: nginx
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: must-revalidate
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Last-Modified: Mon, 01 Oct 2018 19:21:03 GMT
X-Cache: Error from cloudfront
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
X-Amz-Cf-Id: -VOMeLE53uXgzvZFeeV45ZufTwl9ysBRHD15V_-hM24D3qcVnwW9uw==

GET
H/1.1 200
OK benevity-common-ui.css
d3klmnbttazatt.cloudfront.net/sites/all/modules/benevity/benevity_common_ui/dist/ 20 KB
4 KB 20ms
17ms Stylesheet
text/css 143.204.208.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d3klmnbttazatt.cloudfront.net/sites/all/modules/benevity/benevity_common_ui/dist/benevity-common-ui.css?V

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.208.139 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-208-139.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e23feb6d899eb774bb26fad039a8d9f44984bf2969cfbbf8ceb515e6d99be9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d3klmnbttazatt.cloudfront.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
Connection: keep-alive
Cache-Control: no-cache
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 01 Oct 2018 18:37:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3502
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3550
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 28 Sep 2018 19:52:28 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: r3DsPdGvX5aPMO9M1cc1fFI3BnYw79Uns6X8atJzG2Dqzl55Zy8NiA==
Expires: Mon, 15 Oct 2018 18:37:38 GMT

GET
H/1.1 200
OK css_4d9f0b3da4f4a8f17998d8e00a83602e.css
d3klmnbttazatt.cloudfront.net/client_data/imfgiving.benevity.org/files/css/ 712 KB
111 KB 54ms
33ms Stylesheet
text/css 143.204.208.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving.benevity.org/files/css/css_4d9f0b3da4f4a8f17998d8e00a83602e.css

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.208.139 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-208-139.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

758529d0c8db7824d33890007ea39a9d03fe32c3083a61807c1328e4829caac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d3klmnbttazatt.cloudfront.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
Connection: keep-alive
Cache-Control: no-cache
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 01 Oct 2018 18:38:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3450
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 28 Sep 2018 00:29:07 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: LGDYFgPHsrvc8684mH7sAja55ZsYCDbsrHWLFRciHhxblbgYSsKLiw==
Expires: Mon, 15 Oct 2018 18:38:30 GMT

GET
H/1.1 200
OK whitelabel.css
d3klmnbttazatt.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/ 14 KB
3 KB 43ms
7ms Stylesheet
text/css 143.204.208.64
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d3klmnbttazatt.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/whitelabel.css?V

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.208.64 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-208-64.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d3e979ec05acac09e8d9aa2e3fc23c9b0a30abc600f6a1b768be5ac10b13ca06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d3klmnbttazatt.cloudfront.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
Connection: keep-alive
Cache-Control: no-cache
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 01 Oct 2018 18:37:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3502
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2244
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 28 Sep 2018 19:52:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: _RicAN2wSkxCHDIFhKaRZL-VoBz2m-gaBC4U0a0E3FQFsxVgCJoNQg==
Expires: Mon, 15 Oct 2018 18:37:39 GMT

GET
H/1.1 200
OK whitelabel.css
d3klmnbttazatt.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_imf/css/ 13 KB
3 KB 45ms
9ms Stylesheet
text/css 143.204.208.64
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d3klmnbttazatt.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_imf/css/whitelabel.css?V

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.208.64 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-208-64.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

a0372f30c2f53ae61696bcec77fa8cc852cbc0b82cf35152b837699a7c7143ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d3klmnbttazatt.cloudfront.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
Connection: keep-alive
Cache-Control: no-cache
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 01 Oct 2018 18:37:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3502
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 28 Sep 2018 19:52:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: nzR5NtUKmPZqoZvT6uRk3gwTfkOJiTxVh2vYDVHgOnWr758akPHurQ==
Expires: Mon, 15 Oct 2018 18:37:39 GMT

GET
H/1.1 200
OK js_363e12bbda18495ded16ef1e2a4bfc71.js Show response
d3klmnbttazatt.cloudfront.net/client_data/imfgiving.benevity.org/files/js/ 664 KB
184 KB 437ms
401ms Script
application/javascript 143.204.208.64
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving.benevity.org/files/js/js_363e12bbda18495ded16ef1e2a4bfc71.js

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.208.64 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-208-64.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

79ced397eeaaea4e70e5fc2fc7747d59d218e4b09367af95f6ee0a9ed7e90219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d3klmnbttazatt.cloudfront.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
Connection: keep-alive
Cache-Control: no-cache
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 01 Oct 2018 19:36:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 28 Sep 2018 00:54:20 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
Cache-Control: max-age=1209600
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: xFX40KLCaG0klTxYslshfapLz-Z-DJp_Y3sCmFyqf-9Ezi1mb7d1yg==
Expires: Mon, 15 Oct 2018 19:36:01 GMT

GET
H/1.1 200
OK logo.png
d3klmnbttazatt.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_imf/ 7 KB
8 KB 44ms
8ms Image
image/png 143.204.208.64
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3klmnbttazatt.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_imf/logo.png

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.208.64 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-208-64.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

1507a4da373efb5c8ca22bea6711c022adef4affa2e0838086c0af760370f4c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d3klmnbttazatt.cloudfront.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
Connection: keep-alive
Cache-Control: no-cache
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 01 Oct 2018 18:37:39 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 3502
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7527
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 28 Sep 2018 19:52:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: 3lVWxgHOfdZ7y18EdwyeOqsxF3c5BnyRrg-9PlSG1uRJpYoA22RaRA==
Expires: Mon, 01 Oct 2018 19:37:39 GMT

GET
H/1.1 200
OK loading-bar-sm.gif
d3klmnbttazatt.cloudfront.net/sites/all/modules/benevity_wpg/benevity_wpg_forms/img/ 2 KB
3 KB 26ms
9ms Image
image/gif 143.204.208.64
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d3klmnbttazatt.cloudfront.net/sites/all/modules/benevity_wpg/benevity_wpg_forms/img/loading-bar-sm.gif

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.208.64 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-208-64.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

d10a7957c50299655d1aebb12bce4db031a78c1920a38755504aef40267f0ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: d3klmnbttazatt.cloudfront.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
Connection: keep-alive
Cache-Control: no-cache
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 01 Oct 2018 18:37:39 GMT
Via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 3501
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2248
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 28 Sep 2018 19:52:28 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: Anun3QOfyZjixm7pntUJPQK1NExhEJgwjRMvnQVEODnF-SUBk8eEyA==
Expires: Mon, 01 Oct 2018 19:37:39 GMT

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 536 KB
70 KB 124ms
124ms Script
application/javascript 2a00:1450:4001:817::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

8b8f1066b8d8b3bf5006ca58cff5e092ac8f51f430e71fd3431e1afe2b45cf16

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 01 Oct 2018 19:36:01 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 71383
x-xss-protection: 1; mode=block
expires: Mon, 01 Oct 2018 19:36:01 GMT

GET
H/1.1 200
OK OpenSans-Regular.woff2
d3klmnbttazatt.cloudfront.net/sites/all/themes/wpg/assets/fonts/ 49 KB
50 KB 335ms
335ms Font
text/plain 143.204.208.64
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d3klmnbttazatt.cloudfront.net/sites/all/themes/wpg/assets/fonts/OpenSans-Regular.woff2

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving.benevity.org/files/js/js_363e12bbda18495ded16ef1e2a4bfc71.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.208.64 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-208-64.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://d3klmnbttazatt.cloudfront.net
Accept-Encoding: gzip, deflate
Host: d3klmnbttazatt.cloudfront.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving.benevity.org/files/css/css_4d9f0b3da4f4a8f17998d8e00a83602e.css
Cookie: has_js=1
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving.benevity.org/files/css/css_4d9f0b3da4f4a8f17998d8e00a83602e.css
Origin: https://d3klmnbttazatt.cloudfront.net

Response headers

Date: Mon, 01 Oct 2018 19:36:02 GMT
Via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 50208
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 28 Sep 2018 19:52:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: P5AFtQ6SnIDE1lQo2smEa8AoI6XaVCbPrm46WZgCln4nN8LV3ZQBhQ==
Expires: Mon, 15 Oct 2018 19:36:02 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 39 KB
16 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Sep 2018 23:12:19 GMT
server: Golfe2
age: 7016
date: Mon, 01 Oct 2018 17:39:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16173
expires: Mon, 01 Oct 2018 19:39:06 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j69&aip=1&a=897752282&t=pageview&_s=1&dl=https%3A%2F%2Fd3klmnbttazatt.cloudfront.net%2Fclient_data%2Fimfgiving&ul=en-us&de=UTF-8&dt=Page%20not%20fo...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5484370-6&cid=132723007.1538422563&jid=874130782&_gid=1574829715.1538422563&gjid=1855372829&_v=j69&z=1825219230
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-6&cid=132723007.1538422563&jid=874130782&_v=j69&z=1825219230
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-6&cid=132723007.1538422563&jid=874130782&_v=j69&z=1825219230&slf_rd=1&random=1464660030

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-6&cid=132723007.1538422563&jid=874130782&_v=j69&z=1825219230&slf_rd=1&random=1464660030

Requested by

Host: d3klmnbttazatt.cloudfront.net
URL: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:824::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d3klmnbttazatt.cloudfront.net/client_data/imfgiving
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Oct 2018 19:36:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Oct 2018 19:36:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-6&cid=132723007.1538422563&jid=874130782&_v=j69&z=1825219230&slf_rd=1&random=1464660030
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
d3klmnbttazatt.cloudfront.net/	1970-01-18 19:21:48	Name: _gid Value: GA1.1.1574829715.1538422563
d3klmnbttazatt.cloudfront.net/	1970-01-19 12:51:34	Name: _ga Value: GA1.1.132723007.1538422563
d3klmnbttazatt.cloudfront.net/	1970-01-18 19:20:22	Name: _gat_UA-5484370-6 Value: 1
d3klmnbttazatt.cloudfront.net/	1969-12-31 23:59:59	Name: has_js Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3klmnbttazatt.cloudfront.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
143.204.208.139
143.204.208.64
2a00:1450:4001:817::2004
2a00:1450:4001:817::2008
2a00:1450:4001:817::200e
2a00:1450:4001:824::2003
2a00:1450:400c:c00::9a
0bfceb7351db8edb544162516d39a2155ef60f405b8a9df5d742d96eb120793a
1507a4da373efb5c8ca22bea6711c022adef4affa2e0838086c0af760370f4c3
758529d0c8db7824d33890007ea39a9d03fe32c3083a61807c1328e4829caac9
79ced397eeaaea4e70e5fc2fc7747d59d218e4b09367af95f6ee0a9ed7e90219
8b8f1066b8d8b3bf5006ca58cff5e092ac8f51f430e71fd3431e1afe2b45cf16
a0372f30c2f53ae61696bcec77fa8cc852cbc0b82cf35152b837699a7c7143ab
d10a7957c50299655d1aebb12bce4db031a78c1920a38755504aef40267f0ca5
d3e979ec05acac09e8d9aa2e3fc23c9b0a30abc600f6a1b768be5ac10b13ca06
e23feb6d899eb774bb26fad039a8d9f44984bf2969cfbbf8ceb515e6d99be9fc
e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

d3klmnbttazatt.cloudfront.net Open in urlscan Pro 143.204.208.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

71 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

454 kBTransfer

2067 kBSize

4 Cookies

1 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

d3klmnbttazatt.cloudfront.net Open in urlscan Pro
143.204.208.139 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

454 kB
Transfer

2067 kB
Size

4
Cookies

12 HTTP transactions
0 data transactions