stateautospark.benevity.org Open in urlscan Pro
54.209.195.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://stateautospark.benevity.org/volunteer/12317
Effective URL:
https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
Submission: On March 06 via manual (March 6th 2019, 4:03:58 pm UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 54.209.195.131, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is stateautospark.benevity.org.
TLS certificate: Issued by Amazon on September 25th 2018. Valid for: a year.

This is the only time stateautospark.benevity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	54.209.195.131 54.209.195.131	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
7	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
19	7

3 54.209.195.131 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-209-195-131.compute-1.amazonaws.com

stateautospark.benevity.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.98.110 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

drqsqmqky0lla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.69 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

drqsqmqky0lla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9a (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	cloudfront.net drqsqmqky0lla.cloudfront.net	1 MB
4	google-analytics.com 1 redirects www.google-analytics.com	35 KB
3	benevity.org 1 redirects stateautospark.benevity.org	7 KB
2	doubleclick.net 1 redirects stats.g.doubleclick.net	318 B
2	googletagmanager.com www.googletagmanager.com	82 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	190 B
19	7

	Domain	Requested by
10	drqsqmqky0lla.cloudfront.net	stateautospark.benevity.org drqsqmqky0lla.cloudfront.net
4	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
3	stateautospark.benevity.org	1 redirects stateautospark.benevity.org
2	stats.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	stateautospark.benevity.org www.googletagmanager.com
1	www.google.de	stateautospark.benevity.org
1	www.google.com	1 redirects
19	7

This site contains no links.

Subject Issuer	Validity	Valid
benevity.org Amazon	`2018-09-25` - `2019-10-25`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
Frame ID: 966CE077818DFA8CFDE5875A428C0B24
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://stateautospark.benevity.org/volunteer/12317 HTTP 302
https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317 Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<(?:link|style)[^>]+sites\/(?:default|all)\/(?:themes|modules)\//i
headers expires /19 Nov 1978/i
env /^Drupal$/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<(?:link|style)[^>]+sites\/(?:default|all)\/(?:themes|modules)\//i
headers expires /19 Nov 1978/i
env /^Drupal$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
env /^google_tag_manager$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

19
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

1515 kB
Transfer

3109 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stateautospark.benevity.org/volunteer/12317 HTTP 302
https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=1861396716&t=pageview&_s=1&dl=https%3A%2F%2Fstateautospark.benevity.org%2Fuser%2Flogin%3Fdestination%3D%2Fvolunteer%2F12317&ul=en-us&de=UTF-8&dt=Login%20%7C%20State%20Auto%20For%20Good&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=1588876025&gjid=1607235275&cid=520261573.1551888222&tid=UA-5484370-3&_gid=128731798.1551888222&_r=1&gtm=2wg241TLJFKH&cd2=xl&cd3=landscape&cd4=1x&cd5=2019-03-06T16%3A03%3A41.701%2B00%3A00&cd16=&cd17=pageview&z=781234004&cd18=490 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5484370-3&cid=520261573.1551888222&jid=1588876025&_gid=128731798.1551888222&gjid=1607235275&_v=j73&z=781234004 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=520261573.1551888222&jid=1588876025&_v=j73&z=781234004 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=520261573.1551888222&jid=1588876025&_v=j73&z=781234004&slf_rd=1&random=1782062769

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
stateautospark.benevity.org/user/
Redirect Chain

https://stateautospark.benevity.org/volunteer/12317
https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

11 KB
4 KB

254ms
253ms

Document
text/html

54.209.195.131
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.195.131 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-209-195-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e322c094c2bcc375da6265d10dc6f552ce05cfb0f1b113d0312b077feaa0ce7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: stateautospark.benevity.org
:scheme: https
:path: /user/login?destination=%2Fvolunteer%2F12317
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
cookie: SESS1099448db9734bbb0133c5e1bf708f79=606003b247713ef0bc3e23fb70a430ff
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 06 Mar 2019 16:03:40 GMT
content-type: text/html; charset=utf-8
content-length: 3382
server: nginx
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
last-modified: Wed, 06 Mar 2019 16:03:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

status: 302
date: Wed, 06 Mar 2019 16:03:40 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: SESS1099448db9734bbb0133c5e1bf708f79=606003b247713ef0bc3e23fb70a430ff; expires=Fri, 29-Mar-2019 19:37:00 GMT; Max-Age=2000000; path=/; domain=.stateautospark.benevity.org; secure; HttpOnly
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
last-modified: Wed, 06 Mar 2019 16:03:40 GMT
location: /user/login?destination=%2Fvolunteer%2F12317
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK css_771fcb1634aeadaa614dd9354ef84322.css
drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/css/ 744 KB
115 KB 848ms
796ms Stylesheet
text/css 143.204.98.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/css/css_771fcb1634aeadaa614dd9354ef84322.css

Requested by

Host: stateautospark.benevity.org
URL: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.110 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-110.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6cc45147fdfde95c12214cefa7a44d8406fda298150d174cb3efeb344fe979b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 16:03:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 28 Feb 2019 22:19:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: 5wf0Z8rvfPYt6MHO-s0zXoA2FEm3eQfmsIXrTKbDx_nAxG0G362m8A==
Expires: Wed, 20 Mar 2019 16:03:41 GMT

GET
H/1.1 200
OK whitelabel.css
drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/ 14 KB
3 KB 459ms
407ms Stylesheet
text/css 143.204.98.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/whitelabel.css?L

Requested by

Host: stateautospark.benevity.org
URL: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.110 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-110.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

aa2d964d24c2ccd41b648dd877f2ff260ccf61c019e038a08b0ebd742e955b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 16:03:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 2210
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Mar 2019 18:42:28 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: nY5szPTbJ6PkDkFkntacneoGqJBpl1_cviHaY0jrSvqI454cWrkyvA==
Expires: Wed, 20 Mar 2019 16:03:40 GMT

GET
H/1.1 200
OK whitelabel.css
drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_state_auto/css/ 26 KB
5 KB 464ms
412ms Stylesheet
text/css 143.204.98.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_state_auto/css/whitelabel.css?L

Requested by

Host: stateautospark.benevity.org
URL: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.110 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-110.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

5f8561f8879885c91264189e5b8c1c694b885ef4bbf7d9ec7a79c8590e5b3a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 16:03:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 4331
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Mar 2019 18:43:06 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: zIJ-fWkBEY3wn1fdWVjUnVQq_hoaYzO_q--ON6Vh0FwBJojWzI5fsg==
Expires: Wed, 20 Mar 2019 16:03:40 GMT

GET
H/1.1 200
OK js_92197608f8997da3be62ccd9daf782e0.js Show response
drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/js/ 676 KB
187 KB 576ms
524ms Script
application/javascript 143.204.98.110
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/js/js_92197608f8997da3be62ccd9daf782e0.js

Requested by

Host: stateautospark.benevity.org
URL: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.110 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-110.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d854de3145ef2fb5d5df666a985a90b10c8140bfcd8a1d366b033fab4272799f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 16:03:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 28 Feb 2019 22:19:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Cache-Control: max-age=1209600
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: 48pRlXFwmPc7XCvD-xHwsqdfIZRZttprK-1RzGcU9lfhfkdyVmnveQ==
Expires: Wed, 20 Mar 2019 16:03:40 GMT

GET
H/1.1 200
OK loading-bar-sm.gif
drqsqmqky0lla.cloudfront.net/sites/all/modules/benevity_wpg/benevity_wpg_forms/img/ 2 KB
3 KB 475ms
424ms Image
image/gif 143.204.98.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://drqsqmqky0lla.cloudfront.net/sites/all/modules/benevity_wpg/benevity_wpg_forms/img/loading-bar-sm.gif

Requested by

Host: stateautospark.benevity.org
URL: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.110 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-110.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d10a7957c50299655d1aebb12bce4db031a78c1920a38755504aef40267f0ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 16:03:40 GMT
Via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 2248
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Mar 2019 18:42:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: UHAGKx9Xj0nDA8-Z2_iCte0DsDv2HS-Hzpnp6bZK3tqLluH6cTSWCQ==
Expires: Wed, 06 Mar 2019 17:03:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 384 KB
52 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:816::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH

Requested by

Host: stateautospark.benevity.org
URL: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

67cbb7d36aa40eaa46c4b5d564fdb2d9c1393274cb9961be43d0f7341414f132

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 16:03:41 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 52657
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 16:03:41 GMT

GET
H/1.1 200
OK OpenSans-Regular.woff2
drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg/assets/fonts/ 49 KB
50 KB 152ms
102ms Font
text/plain 143.204.98.69
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg/assets/fonts/OpenSans-Regular.woff2

Requested by

Host: drqsqmqky0lla.cloudfront.net
URL: https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/js/js_92197608f8997da3be62ccd9daf782e0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.69 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-69.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/css/css_771fcb1634aeadaa614dd9354ef84322.css
Origin: https://stateautospark.benevity.org

Response headers

Date: Wed, 06 Mar 2019 16:03:41 GMT
Via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 50208
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Mar 2019 18:42:28 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: GZc1xIo7cXXV9gtS4A1_AzcDVXj99B23vbbnAin12I2GDQxmnjESjw==
Expires: Wed, 20 Mar 2019 16:03:41 GMT

GET
H/1.1 200
OK login-bg.jpg
drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_state_auto/images/backgrounds/ 912 KB
912 KB 163ms
161ms Image
image/jpeg 143.204.98.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_state_auto/images/backgrounds/login-bg.jpg

Requested by

Host: drqsqmqky0lla.cloudfront.net
URL: https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/js/js_92197608f8997da3be62ccd9daf782e0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.110 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-110.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d9481376b69094f1226ba6c36de1097f7afc26b1c9226e2cef24857e0d9927aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_state_auto/css/whitelabel.css?L
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 16:03:41 GMT
Via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 933510
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Mar 2019 18:43:06 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: Gd7-iRd0pj7oAllMChZgzAOMq59aPVH1c0fJScmQk07NosHsN3oDlQ==
Expires: Wed, 06 Mar 2019 17:03:41 GMT

GET
H/1.1 200
OK logo.png
drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_state_auto/ 14 KB
14 KB 132ms
131ms Image
image/png 143.204.98.110
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_state_auto/logo.png?L

Requested by

Host: drqsqmqky0lla.cloudfront.net
URL: https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/js/js_92197608f8997da3be62ccd9daf782e0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.110 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-110.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e6742be1a91a32637c1de395ee5397608adccab14932fbeb8266feffd70e2553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 06 Mar 2019 16:03:41 GMT
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14095
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Mar 2019 18:43:06 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=3600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: mhxrSRkeYqxkMiwhHcSks1dtrB0HYyjcUEbSt4TU1cC9zd0XZhchXA==
Expires: Wed, 06 Mar 2019 17:03:41 GMT

GET
H/1.1 200
OK OpenSans-Light.woff2
drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg/assets/fonts/ 50 KB
51 KB 410ms
386ms Font
text/plain 143.204.98.69
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg/assets/fonts/OpenSans-Light.woff2

Requested by

Host: drqsqmqky0lla.cloudfront.net
URL: https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/js/js_92197608f8997da3be62ccd9daf782e0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.69 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-69.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

d968e6eda7694f6f7c6ea8ca16848d3d7be3eb9ec87665060dbb20122073497d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/css/css_771fcb1634aeadaa614dd9354ef84322.css
Origin: https://stateautospark.benevity.org

Response headers

Date: Wed, 06 Mar 2019 16:03:41 GMT
Via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 51464
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Mar 2019 18:42:28 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: nD0TMuv5wyZDDLfJQcjmNq1ILUPu97dkbKE62W2vPAUMrvszYtyn8A==
Expires: Wed, 20 Mar 2019 16:03:41 GMT

GET
H/1.1 200
OK OpenSans-SemiBold.woff2
drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg/assets/fonts/ 51 KB
51 KB 142ms
119ms Font
text/plain 143.204.98.69
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://drqsqmqky0lla.cloudfront.net/sites/all/themes/wpg/assets/fonts/OpenSans-SemiBold.woff2

Requested by

Host: drqsqmqky0lla.cloudfront.net
URL: https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/js/js_92197608f8997da3be62ccd9daf782e0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.98.69 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-98-69.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f2656bb8849b600bf5ce5bce404d547d88032d77e17964a37bfb700ab35f1973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://drqsqmqky0lla.cloudfront.net/client_data/stateautospark.benevity.org/files/css/css_771fcb1634aeadaa614dd9354ef84322.css
Origin: https://stateautospark.benevity.org

Response headers

Date: Wed, 06 Mar 2019 16:03:41 GMT
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 52044
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Mar 2019 18:42:28 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: PyuLp6v5UGfJk3Jd6lVsYKGww6fPWvszvfbPh7ehlpvEOG3nRCkMCg==
Expires: Wed, 20 Mar 2019 16:03:41 GMT

GET
H2 200 loading-bar-sm.gif
stateautospark.benevity.org/sites/all/modules/benevity_wpg/benevity_wpg_forms/img/ 2 KB
2 KB 107ms
106ms Image
image/gif 54.209.195.131
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stateautospark.benevity.org/sites/all/modules/benevity_wpg/benevity_wpg_forms/img/loading-bar-sm.gif

Requested by

Host: stateautospark.benevity.org
URL: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.209.195.131 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-54-209-195-131.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d10a7957c50299655d1aebb12bce4db031a78c1920a38755504aef40267f0ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sites/all/modules/benevity_wpg/benevity_wpg_forms/img/loading-bar-sm.gif
pragma: no-cache
cookie: has_js=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: stateautospark.benevity.org
referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
:scheme: https
:method: GET
Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 16:03:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2019 18:42:25 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/gif
status: 200
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2248
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 17:03:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 1074
date: Wed, 06 Mar 2019 15:45:47 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Wed, 06 Mar 2019 17:45:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
30 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:816::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B76Z4SJJWF

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

3454b76927d6f782c23d7fa88eaa9e225697a9d4b72265eb45ceab37b30dce8d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 16:03:41 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 30857
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 16:03:41 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 48 KB
18 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MK4379W&t=gtm2&cid=520261573.1551888222&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

a25b68cca461c7919fe9a248fbfa0659a9ed04ebfc6effca476efcb1034989e7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Mar 2019 16:03:41 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 18155
x-xss-protection: 1; mode=block
expires: Wed, 06 Mar 2019 16:03:41 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
130 B 14ms
13ms Other
image/gif 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect?v=2&tid=G-B76Z4SJJWF&gtm=2oe241&_p=1861396716&sr=1600x1200&cid=520261573.1551888222&ul=en-us&_s=1&en=page_view&_fv=1&_ss=1&sid=1551888221&sct=1&seg=0&dl=https%3A%2F%2Fstateautospark.benevity.org%2Fuser%2Flogin%3Fdestination%3D%252Fvolunteer%252F12317&dr=&dt=Login%20%7C%20State%20Auto%20For%20Good

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B76Z4SJJWF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
Origin: https://stateautospark.benevity.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 06 Mar 2019 16:03:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://stateautospark.benevity.org
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
stats.g.doubleclick.net/ 35 B
155 B 14ms
14ms Other
image/gif 2a00:1450:400c:c0a::9a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/collect?v=2&tid=G-B76Z4SJJWF&cid=520261573.1551888222&gtm=2oe241&aip=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B76Z4SJJWF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
Origin: https://stateautospark.benevity.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 06 Mar 2019 16:03:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://stateautospark.benevity.org
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=1861396716&t=pageview&_s=1&dl=https%3A%2F%2Fstateautospark.benevity.org%2Fuser%2Flogin%3Fdestination%3D%2Fvolunteer%2F12317&ul=en-us&de...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5484370-3&cid=520261573.1551888222&jid=1588876025&_gid=128731798.1551888222&gjid=1607235275&_v=j73&z=781234004
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=520261573.1551888222&jid=1588876025&_v=j73&z=781234004
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=520261573.1551888222&jid=1588876025&_v=j73&z=781234004&slf_rd=1&random=1782062769

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=520261573.1551888222&jid=1588876025&_v=j73&z=781234004&slf_rd=1&random=1782062769

Requested by

Host: stateautospark.benevity.org
URL: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stateautospark.benevity.org/user/login?destination=%2Fvolunteer%2F12317
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Mar 2019 16:03:41 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Mar 2019 16:03:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=520261573.1551888222&jid=1588876025&_v=j73&z=781234004&slf_rd=1&random=1782062769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benevity.org/	1970-01-19 08:34:34	Name: _ga Value: GA1.2.520261573.1551888222
.benevity.org/	1970-01-19 16:36:00	Name: _ga_B76Z4SJJWF Value: GS1.1.1551888221.1.0.1551888221.0
.benevity.org/	1970-01-18 23:04:48	Name: _gat_UA-5484370-3 Value: 1
.benevity.org/	1970-01-18 23:06:14	Name: _gid Value: GA1.2.128731798.1551888222
stateautospark.benevity.org/	1969-12-31 23:59:59	Name: has_js Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drqsqmqky0lla.cloudfront.net
stateautospark.benevity.org
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
143.204.98.110
143.204.98.69
2a00:1450:4001:806::2003
2a00:1450:4001:815::2004
2a00:1450:4001:816::2008
2a00:1450:4001:81f::200e
2a00:1450:400c:c0a::9a
54.209.195.131
3454b76927d6f782c23d7fa88eaa9e225697a9d4b72265eb45ceab37b30dce8d
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
5f8561f8879885c91264189e5b8c1c694b885ef4bbf7d9ec7a79c8590e5b3a4c
67cbb7d36aa40eaa46c4b5d564fdb2d9c1393274cb9961be43d0f7341414f132
6cc45147fdfde95c12214cefa7a44d8406fda298150d174cb3efeb344fe979b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a25b68cca461c7919fe9a248fbfa0659a9ed04ebfc6effca476efcb1034989e7
aa2d964d24c2ccd41b648dd877f2ff260ccf61c019e038a08b0ebd742e955b2a
d10a7957c50299655d1aebb12bce4db031a78c1920a38755504aef40267f0ca5
d854de3145ef2fb5d5df666a985a90b10c8140bfcd8a1d366b033fab4272799f
d9481376b69094f1226ba6c36de1097f7afc26b1c9226e2cef24857e0d9927aa
d968e6eda7694f6f7c6ea8ca16848d3d7be3eb9ec87665060dbb20122073497d
e322c094c2bcc375da6265d10dc6f552ce05cfb0f1b113d0312b077feaa0ce7b
e56451053236d0609126126105fb30ab407aa253673309b791c9e2cb58b274d3
e6742be1a91a32637c1de395ee5397608adccab14932fbeb8266feffd70e2553
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2656bb8849b600bf5ce5bce404d547d88032d77e17964a37bfb700ab35f1973

stateautospark.benevity.org Open in urlscan Pro 54.209.195.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

63 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

1515 kBTransfer

3109 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

stateautospark.benevity.org Open in urlscan Pro
54.209.195.131 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

1515 kB
Transfer

3109 kB
Size

5
Cookies

19 HTTP transactions
0 data transactions