urlscan.io logo urlscan.io
SecurityTrails logo

jhancock.benevity.org Open in urlscan Pro
52.2.45.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jhancock.benevity.org/
Effective URL: https://jhancock.benevity.org/user/login
Submission: On February 23 via manual from HK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 52.2.45.177, located in Mount Laurel, United States and belongs to AMAZON-AES, US. The main domain is jhancock.benevity.org.
TLS certificate: Issued by Amazon on July 30th 2020. Valid for: a year.
This is the only time jhancock.benevity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    52.2.45.177 (Mount Laurel, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-45-177.compute-1.amazonaws.com
jhancock.benevity.org
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2600:9000:2057:f600:13:1368:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
sam.benevity.org
4    13.226.156.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-36.dus51.r.cloudfront.net
d4k8tw8d4eekx.cloudfront.net
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
6 sam.benevity.org jhancock.benevity.org
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 d4k8tw8d4eekx.cloudfront.net jhancock.benevity.org
d4k8tw8d4eekx.cloudfront.net
3 fonts.gstatic.com fonts.googleapis.com
3 jhancock.benevity.org 2 redirects
2 www.googletagmanager.com jhancock.benevity.org
www.googletagmanager.com
1 fonts.googleapis.com jhancock.benevity.org
22 7

This site contains no links.

Subject Issuer Validity Valid
benevity.org
Amazon		 2020-07-30 -
2021-08-30		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://jhancock.benevity.org/user/login
Frame ID: 9970D8BB7439E5727F8C2A03ED2E35BC
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://jhancock.benevity.org/ HTTP 301
    https://jhancock.benevity.org/ HTTP 302
    https://jhancock.benevity.org/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

22
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

794 kB
Transfer

2500 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jhancock.benevity.org/ HTTP 301
    https://jhancock.benevity.org/ HTTP 302
    https://jhancock.benevity.org/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
jhancock.benevity.org/user/
Redirect Chain
  • http://jhancock.benevity.org/
  • https://jhancock.benevity.org/
  • https://jhancock.benevity.org/user/login
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jhancock.benevity.org/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.45.177 Mount Laurel, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-45-177.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f749ec19f7abc713d022f1962387fee2d9ddf1e6539a7e6d5ff1b447f5518ffa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
jhancock.benevity.org
:scheme
https
:path
/user/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 18:43:59 GMT
content-type
text/html; charset=UTF-8
content-length
3619
server
nginx
cache-control
max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
pragma
no-cache
expires
0
set-cookie
XSRF-TOKEN=eyJpdiI6IisyQndXNmUvRFo4M0IxWFoxcUNFVXc9PSIsInZhbHVlIjoidFZoYlJNalk4cU1ZbWNzUm93NzltR1B0TnlnTzJBNXloaVZMelRhT1JoWVNuTWlBQnNueFpiQ3lZeVE3S0xTOGxsRnFvOE11U2hEZm9COHo1ZWJDc3hGVkJwckU1VTREd0ZJeWNvRFdPVnh0enNodllPcHJoNC9EdFRxN3VEbXAiLCJtYWMiOiI5YjJmNjI3ODQ3ZGY0NDgwNjg3OThhNjQyOTAzYTc2MGU0MTdiNzc4NzQzMzNkNDhlM2QzZWNmMWU1YjkwYWRiIn0%3D; expires=Fri, 26-Feb-2021 02:16:59 GMT; Max-Age=199980; path=/; secure; samesite=lax laravel_session=eyJpdiI6IjlFZmpDQnBKVk15STlidU84MGxPZEE9PSIsInZhbHVlIjoibW9NY25jdUN4amphT0NpM2lLQkh2b2l6cVhvVHN4eTlKQlFmUEVybTZjUW9XcytZY20waE9qSFR4VlU4Q3lTNzArZ2VhbTdxU2N1TlR0UnpabEE3L0g2UzFNd3dKNlBCRnl6WFpOY1YyeVkxdjUrTFN5SXNXOUUwWElkVFpBWFUiLCJtYWMiOiJkZGE1ODU4YWRkNWQ5MzQ2MDg0ZDcyZDdhODhhYzUxODQ2ZjUzYzNlMDczMjcyNjQ2MDViM2FhYmQ4ZGE5MTkwIn0%3D; path=/; secure; httponly; samesite=lax
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-encoding
gzip
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
x-geolocation-blacklist
no
x-geolocation-whitelist
no_match

Redirect headers

date
Tue, 23 Feb 2021 18:43:59 GMT
content-type
text/html; charset=utf-8
content-length
0
server
nginx
expires
Sun, 19 Nov 1978 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
last-modified
Tue, 23 Feb 2021 18:43:59 GMT
location
/user/login
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
x-geolocation-blacklist
no
x-geolocation-whitelist
no_match
css
fonts.googleapis.com/ 		6 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5a541b1791ead8e89a519db022a870c11baeb02c0ca5ddec2f213bf848a80b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Feb 2021 17:08:47 GMT
server
ESF
date
Tue, 23 Feb 2021 18:43:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Feb 2021 18:43:59 GMT
vendors~drupal~drupal-admin~error~login~router~router-admin-c695c1ff93e417a64a06.css
sam.benevity.org/spark-dist/css/ 		154 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/css/vendors~drupal~drupal-admin~error~login~router~router-admin-c695c1ff93e417a64a06.css
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f600:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e05934e9f290c7d86b6986b07f94bc10dc89b823ec3d412af7877a71905ba5ad

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Feb 2021 18:52:08 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 07:51:45 GMT
server
AmazonS3
age
85912
etag
W/"9488e4ca205cf247f04d962e653b22dc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
cKSPqDB.To9cERturnFDb4UjpeD.dzfi
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
text/css
x-amz-cf-id
ZMCM7jktH5eswGVqZhxfKAbt_M57ulnzc5kISmFJX4uN6xpMUHUDxQ==
login-00ee93cc11c7df3c6a0f.css
sam.benevity.org/spark-dist/css/ 		141 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/css/login-00ee93cc11c7df3c6a0f.css
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f600:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bebd1b7bfcf67e51c7868ea0005452cf2b560fe1b84e23cbd3ba44890cd002f8

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
81mCANegn0kzvcJbqnwOoMl0uGuUy62H
content-encoding
gzip
etag
W/"13ab7c0fa0dee422ac73679bcb34e219"
last-modified
Thu, 18 Feb 2021 08:24:42 GMT
server
AmazonS3
age
49197
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
date
Tue, 23 Feb 2021 05:04:03 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
_w4Qydq7W5igheG2m8bkne5A-Q2crpYEH_CDm3hoDzG0TrVQzJwo4Q==
whitelabel.css
d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/whitelabel.css?G
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-36.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
92a58a03c227cc9dba93e1e9d6eda3377ef7a4c33b506c180f3b924628165386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 23 Feb 2021 18:43:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
DUS51-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
2253
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Last-Modified
Mon, 22 Feb 2021 07:08:19 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-geolocation-blacklist
no
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
Expires
Tue, 09 Mar 2021 18:43:59 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
2Hcjlni73bQF0smfqHfdP4qObeoLYjfyZsh8iDe3iN0xoiJ0HhAB-g==
X-geolocation-whitelist
no_match
whitelabel.css
d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_john_hancock/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_john_hancock/css/whitelabel.css?G
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-36.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
bf8fc80eb371cd12c6abfa2b1b9ff7ad41de08d9ffbdef2185a8df1992b1c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 23 Feb 2021 18:43:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
DUS51-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
2977
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
Last-Modified
Mon, 22 Feb 2021 07:09:20 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
X-geolocation-blacklist
no
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
Expires
Tue, 09 Mar 2021 18:43:59 GMT
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
y8KsK4xHSkfmhlmAimY_GfXimMC3yrfKM_3-O0z-XdPGjzlOndcZSQ==
X-geolocation-whitelist
no_match
runtime-f7194fdf337cd4a083d3.js
sam.benevity.org/spark-dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/runtime-f7194fdf337cd4a083d3.js
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f600:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f08ab04b176009c2db90dd8bc139b929558651a00709a633f5782e7889e49beb

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Feb 2021 21:01:44 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 20:52:57 GMT
server
AmazonS3
age
78136
etag
W/"cbf4d716142e5a394f4dff29c7865492"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
KktJ1TTAIVeca4mBw_vQ.VYue3jVmGca
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
88EbSY9mMgiH-o_-C1G_KSKvRVUn3ezLsOKWAgnTuUwRVEVfRYGIhw==
vendors~drupal~drupal-admin~error~login~router~router-admin-59bb4390b4bce4e03256.js
sam.benevity.org/spark-dist/ 		937 KB
275 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/vendors~drupal~drupal-admin~error~login~router~router-admin-59bb4390b4bce4e03256.js
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f600:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd9ecefdce8fc52105e29687f4a68f12646e01b1f1fd76f488f0351635037dfd

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Feb 2021 21:01:44 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 20:52:57 GMT
server
AmazonS3
age
78136
etag
W/"967adb1795f6e2330b8e67205b9b74c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
RotX.EmDMCIKzI4fKHn8tOm00fu6rr9v
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
yLr_AhWEsonHuJVV9kW_QEdT1nCf1y0w9baYo0ZaYwpezhI5U8uNOg==
vendors~drupal~drupal-admin~login~router~router-admin-918c295377b310085ff2.js
sam.benevity.org/spark-dist/ 		150 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/vendors~drupal~drupal-admin~login~router~router-admin-918c295377b310085ff2.js
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f600:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fa2027a7ccc95f4380909c2f5b73f9a5b2ad36b3ee5e61f8b6824561460efca

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Feb 2021 21:35:38 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 07:51:45 GMT
server
AmazonS3
age
76102
etag
W/"f39455874837f6aabadadc4b6d6058f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
rujxXj24qFNxC2zw33sii9Ovs0zmklJ8
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
K7Kd0E3qHPJ0spNoO-KeECc_m2Er7eD2K5SJUR-lCgfPlmJPMxt6zA==
login-714df4dce0f317a2c5a0.js
sam.benevity.org/spark-dist/ 		189 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/login-714df4dce0f317a2c5a0.js
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f600:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c973c8cc64dc136a849b79ba29c49a11426909c525c7f3581bbdc57e3ff0ad5d

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 22 Feb 2021 21:01:44 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 20:52:57 GMT
server
AmazonS3
age
78136
etag
W/"584982a6c506a6f5ac9ee6146246c7c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
hGvD.kJoHqL6znx1.vIZP98eMHTnSQAV
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-replication-status
PENDING
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
UQ4DaAzPUFq55r8ZSw2JoE67Szzh7NODjYRyepRQVXDDe5WyyXssaQ==
gtm.js
www.googletagmanager.com/ 		418 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b5064a989134126cba0e920cbf4aa7b0028a59d77bd4c8ea94e8808182d72966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 18:43:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76194
x-xss-protection
0
last-modified
Tue, 23 Feb 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 Feb 2021 18:43:59 GMT
login-bg.jpg
d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_john_hancock/images/backgrounds/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_john_hancock/images/backgrounds/login-bg.jpg
Requested by
Host: d4k8tw8d4eekx.cloudfront.net
URL: https://d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_john_hancock/css/whitelabel.css?G
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-36.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
c01fffbcf6d2fa6ba8d7ba6e6ef44f04b17716e78dc5c423ad8ee917c25997fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_john_hancock/css/whitelabel.css?G
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 23 Feb 2021 18:44:00 GMT
Via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
DUS51-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
148090
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Feb 2021 07:09:20 GMT
Server
nginx
X-geolocation-blacklist
no
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Expires
Tue, 23 Feb 2021 19:44:00 GMT
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
wjBF031xEKdUkQOCI3c9lz4IFlsaJT-MevtShFyoNix-W_b_AQGQRQ==
X-geolocation-whitelist
no_match
logo-login.png
d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_john_hancock/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d4k8tw8d4eekx.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_john_hancock/logo-login.png?G
Requested by
Host: jhancock.benevity.org
URL: https://jhancock.benevity.org/user/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.156.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-36.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
e67d867b2321f64a08ad559607a257c9c0898ee9efd6a78abbda0961d191a27d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 23 Feb 2021 18:44:00 GMT
Via
1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
DUS51-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
6014
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Feb 2021 07:09:20 GMT
Server
nginx
X-geolocation-blacklist
no
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Access-Control-Allow-Origin
*
Expires
Tue, 23 Feb 2021 19:44:00 GMT
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
1ZItPvOpnNgxVGD7zabZR-1u3gtyvknjTu1flxsho-QcFt3Tbk9_iw==
X-geolocation-whitelist
no_match
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jhancock.benevity.org
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 19 Feb 2021 09:18:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:16 GMT
server
sffe
age
379505
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Sat, 19 Feb 2022 09:18:54 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jhancock.benevity.org
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 13:55:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
17333
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Wed, 23 Feb 2022 13:55:06 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://jhancock.benevity.org
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 20 Feb 2021 23:19:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
242680
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sun, 20 Feb 2022 23:19:19 GMT
js
www.googletagmanager.com/gtag/ 		137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NNW9PWYWZH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36350d432fee4bd2875e3c366ea76ee49b070a026de0e3250c1a97cf279eca09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 18:43:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53627
x-xss-protection
0
expires
Tue, 23 Feb 2021 18:43:59 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
3402
date
Tue, 23 Feb 2021 17:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 23 Feb 2021 19:47:17 GMT
js
www.google-analytics.com/gtm/ 		95 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MK4379W&t=gtm5&cid=1773543046.1614105840&aip=true
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8976833e06c21968b2e02d5847e0120a8c56d8054ecd79327441f4095c25cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 18:43:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36454
x-xss-protection
0
expires
Tue, 23 Feb 2021 18:43:59 GMT
collect
www.google-analytics.com/g/ 		0
68 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NNW9PWYWZH&gtm=2oe2a1&_p=2039059471&sr=1600x1200&ul=en-us&cid=1773543046.1614105840&_s=1&dl=https%3A%2F%2Fjhancock.benevity.org%2Fuser%2Flogin&dr=&dt=Login%20%7C%20Signature%20Corps&sid=1614105839&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cookieExpires=34186669&ep.spark_hostname=jhancock.benevity.org&ep.company_name=jhancock.benevity.org&up.company_name=jhancock.benevity.org
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNW9PWYWZH&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Feb 2021 18:44:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jhancock.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=2039059471&t=pageview&_s=1&dl=https%3A%2F%2Fjhancock.benevity.org%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%7C%20Signature%20Corps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1152814268&gjid=621315029&cid=1773543046.1614105840&tid=UA-5484370-3&_gid=406771570.1614105840&_r=1&gtm=2wg2a1TLJFKH&cd2=xl&cd3=landscape&cd4=1x&cd5=2021-02-23T19%3A44%3A00.33%2B01%3A00&cd16=&cd27=jhancock.benevity.org&cd37=login&z=1228065287
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Feb 2021 18:44:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jhancock.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
166 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NNW9PWYWZH&gtm=2oe2a1&_p=2039059471&sr=1600x1200&ul=en-us&cid=1773543046.1614105840&_s=2&dl=https%3A%2F%2Fjhancock.benevity.org%2Fuser%2Flogin&dr=&dt=Login%20%7C%20Signature%20Corps&sid=1614105839&sct=1&seg=0&en=scroll&_et=485&ep.cookieExpires=34186669&ep.spark_hostname=jhancock.benevity.org&ep.company_name=jhancock.benevity.org&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNW9PWYWZH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jhancock.benevity.org/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Feb 2021 18:44:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jhancock.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| doNotTrackEnabled object| dataLayer object| SparkStaticStore object| webpackJsonpSpark function| setImmediate function| clearImmediate object| regeneratorRuntime function| Velocity object| Benevity function| bootSpark object| errorPage object| SparkVuexStore object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_optimize

14 Cookies

Domain/Path Name / Value
.benevity.org/ Name: _ga
Value: GA1.2.1773543046.1614105840
.benevity.org/ Name: _ga_NNW9PWYWZH
Value: GS1.1.1614105839.1.0.1614105839.0
jhancock.benevity.org/user Name: loglevel%3APlugins
Value: SILENT
.benevity.org/ Name: _gid
Value: GA1.2.406771570.1614105840
jhancock.benevity.org/ Name: laravel_session
Value: eyJpdiI6IjlFZmpDQnBKVk15STlidU84MGxPZEE9PSIsInZhbHVlIjoibW9NY25jdUN4amphT0NpM2lLQkh2b2l6cVhvVHN4eTlKQlFmUEVybTZjUW9XcytZY20waE9qSFR4VlU4Q3lTNzArZ2VhbTdxU2N1TlR0UnpabEE3L0g2UzFNd3dKNlBCRnl6WFpOY1YyeVkxdjUrTFN5SXNXOUUwWElkVFpBWFUiLCJtYWMiOiJkZGE1ODU4YWRkNWQ5MzQ2MDg0ZDcyZDdhODhhYzUxODQ2ZjUzYzNlMDczMjcyNjQ2MDViM2FhYmQ4ZGE5MTkwIn0%3D
jhancock.benevity.org/user Name: loglevel%3ASpark
Value: SILENT
jhancock.benevity.org/user Name: loglevel%3ASpark%20service%20provider
Value: SILENT
jhancock.benevity.org/ Name: XSRF-TOKEN
Value: eyJpdiI6IisyQndXNmUvRFo4M0IxWFoxcUNFVXc9PSIsInZhbHVlIjoidFZoYlJNalk4cU1ZbWNzUm93NzltR1B0TnlnTzJBNXloaVZMelRhT1JoWVNuTWlBQnNueFpiQ3lZeVE3S0xTOGxsRnFvOE11U2hEZm9COHo1ZWJDc3hGVkJwckU1VTREd0ZJeWNvRFdPVnh0enNodllPcHJoNC9EdFRxN3VEbXAiLCJtYWMiOiI5YjJmNjI3ODQ3ZGY0NDgwNjg3OThhNjQyOTAzYTc2MGU0MTdiNzc4NzQzMzNkNDhlM2QzZWNmMWU1YjkwYWRiIn0%3D
jhancock.benevity.org/user Name: loglevel%3ACssVarsPonyfill
Value: SILENT
jhancock.benevity.org/user Name: loglevel%3ASvg4Everybody
Value: SILENT
jhancock.benevity.org/user Name: loglevel%3Aa
Value: SILENT
jhancock.benevity.org/user Name: loglevel%3AAxios
Value: SILENT
.benevity.org/ Name: _gat_UA-5484370-3
Value: 1
jhancock.benevity.org/user Name: loglevel%3ABenevity
Value: SILENT

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d4k8tw8d4eekx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
jhancock.benevity.org
sam.benevity.org
www.google-analytics.com
www.googletagmanager.com
13.226.156.36
2600:9000:2057:f600:13:1368:1500:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
52.2.45.177
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fa2027a7ccc95f4380909c2f5b73f9a5b2ad36b3ee5e61f8b6824561460efca
36350d432fee4bd2875e3c366ea76ee49b070a026de0e3250c1a97cf279eca09
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
92a58a03c227cc9dba93e1e9d6eda3377ef7a4c33b506c180f3b924628165386
a5a541b1791ead8e89a519db022a870c11baeb02c0ca5ddec2f213bf848a80b8
b5064a989134126cba0e920cbf4aa7b0028a59d77bd4c8ea94e8808182d72966
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bebd1b7bfcf67e51c7868ea0005452cf2b560fe1b84e23cbd3ba44890cd002f8
bf8fc80eb371cd12c6abfa2b1b9ff7ad41de08d9ffbdef2185a8df1992b1c4fe
c01fffbcf6d2fa6ba8d7ba6e6ef44f04b17716e78dc5c423ad8ee917c25997fa
c973c8cc64dc136a849b79ba29c49a11426909c525c7f3581bbdc57e3ff0ad5d
dd9ecefdce8fc52105e29687f4a68f12646e01b1f1fd76f488f0351635037dfd
e05934e9f290c7d86b6986b07f94bc10dc89b823ec3d412af7877a71905ba5ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67d867b2321f64a08ad559607a257c9c0898ee9efd6a78abbda0961d191a27d
f08ab04b176009c2db90dd8bc139b929558651a00709a633f5782e7889e49beb
f749ec19f7abc713d022f1962387fee2d9ddf1e6539a7e6d5ff1b447f5518ffa
f8976833e06c21968b2e02d5847e0120a8c56d8054ecd79327441f4095c25cea