urlscan.io logo urlscan.io
SecurityTrails logo

ebay.benevity.org Open in urlscan Pro
35.173.20.238  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/66s350grm9ma4zn9vjzfypsqd7mm
Effective URL: https://ebay.benevity.org/user/login
Submission: On March 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 35.173.20.238, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ebay.benevity.org.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 23rd 2023. Valid for: 4 months.
This is the only time ebay.benevity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    108.138.7.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-71.fra56.r.cloudfront.net
e35d6127-262a-4995-b12c-2ce48400e089.ct0.app
2    35.173.20.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-20-238.compute-1.amazonaws.com
ebay.benevity.org
7    2600:9000:223c:a800:13:1368:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
sam.benevity.org
2    18.165.185.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-185-227.zrh55.r.cloudfront.net
dj0texei6cl9n.cloudfront.net
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
data.benevity.org
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 benevity.org
ebay.benevity.org
sam.benevity.org — Cisco Umbrella Rank: 105000
data.benevity.org — Cisco Umbrella Rank: 111090
514 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
region1.google-analytics.com — Cisco Umbrella Rank: 2368
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
256 KB
2 cloudfront.net
dj0texei6cl9n.cloudfront.net
48 KB
1 ct0.app
e35d6127-262a-4995-b12c-2ce48400e089.ct0.app — Cisco Umbrella Rank: 918369
483 B
18 5
Domain Requested by
7 sam.benevity.org ebay.benevity.org
3 www.googletagmanager.com ebay.benevity.org
www.googletagmanager.com
2 data.benevity.org www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dj0texei6cl9n.cloudfront.net ebay.benevity.org
2 ebay.benevity.org 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 e35d6127-262a-4995-b12c-2ce48400e089.ct0.app 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
benevity.org
Amazon RSA 2048 M02		 2023-02-23 -
2023-07-01		 4 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
data.benevity.org
GTS CA 1D4		 2023-02-06 -
2023-05-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ebay.benevity.org/user/login
Frame ID: C0A01AF184EA6E1D40A0855156559AB8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | eBay Employee Matching Gifts Program

Page URL History Show full URLs

  1. https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/66s350grm9ma4zn9vjzfypsqd7mm HTTP 302
    https://ebay.benevity.org/search/causes/list?utm_source=view_all_causes&utm_medium=email&utm_campaign=... HTTP 302
    https://ebay.benevity.org/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

63 %
IPv6

5
Domains

8
Subdomains

7
IPs

2
Countries

838 kB
Transfer

2719 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/66s350grm9ma4zn9vjzfypsqd7mm HTTP 302
    https://ebay.benevity.org/search/causes/list?utm_source=view_all_causes&utm_medium=email&utm_campaign=expiring_rewards HTTP 302
    https://ebay.benevity.org/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
ebay.benevity.org/user/
Redirect Chain
  • https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/66s350grm9ma4zn9vjzfypsqd7mm
  • https://ebay.benevity.org/search/causes/list?utm_source=view_all_causes&utm_medium=email&utm_campaign=expiring_rewards
  • https://ebay.benevity.org/user/login
110 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.20.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-20-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bfcae3ab55db7e6e2e0b03da798e1c8f8a0a39ea476d409e46adc31ad11c83a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://ebay.benevity.org
cache-control
max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
content-encoding
gzip
content-length
51959
content-type
text/html; charset=UTF-8
date
Tue, 28 Mar 2023 17:28:51 GMT
expires
0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
https://ebay.benevity.org
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, private
content-type
text/html; charset=UTF-8
date
Tue, 28 Mar 2023 17:28:51 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 28 Mar 2023 17:28:51 GMT
location
https://ebay.benevity.org/user/login
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-b6485c7d606a6822b7f1.css
sam.benevity.org/spark-dist/css/ 		446 B
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/css/vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-b6485c7d606a6822b7f1.css
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a800:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a108023d5c63513c4565e2d2add2efe2fa42c1e316183af9a8078a8e48b4ae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
rcRqNQxKdRGcJxPgKwVS_ROW0qi8_miD
date
Tue, 28 Mar 2023 05:28:57 GMT
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
43196
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
446
last-modified
Fri, 24 Mar 2023 18:31:15 GMT
server
AmazonS3
etag
"9db71b355cd4dca4421fc1521338adfa"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
6TtiQzn2rdT4QqQfQkyUYnG2-w2xXOnurr6Gby6Q56CIzCwpYiXX1w==
login-cea27a22a0925f19c151.css
sam.benevity.org/spark-dist/css/ 		219 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/css/login-cea27a22a0925f19c151.css
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a800:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f771cf86b6a5ec624c278ece21da1ea415a591a7e2e497cbe81e8cda4c1fe241

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
vUSiaBQSHG9JVlSUUwA74vp2IOmFAg7S
content-encoding
gzip
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
date
Tue, 28 Mar 2023 05:35:33 GMT
last-modified
Fri, 24 Mar 2023 18:31:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
42800
x-amz-server-side-encryption
AES256
etag
W/"cdb46943f6e980acfcb86ff00498433e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
_UX00nthgxNWfE56aBOnloS44FH1OObQkJTRT6D3EE7HjCEAkQRO3w==
whitelabel.css
dj0texei6cl9n.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dj0texei6cl9n.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/whitelabel.css?w
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.185.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-185-227.zrh55.r.cloudfront.net
Software
nginx /
Resource Hash
c1e2d7d301dde83da85593e01e9555c715dffc2f8352457318428196b3159bcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 14:49:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
9567
x-cache
Hit from cloudfront
content-length
897
x-xss-protection
1; mode=block
last-modified
Tue, 28 Mar 2023 02:52:41 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
http://ebay.benevity.org
cache-control
max-age=1209600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
1YxdrQHePlrS6NBDGCs2ey2i7Piy_fVd1pJm8-kj88HYxYiXeh0BGQ==
expires
Tue, 11 Apr 2023 14:49:25 GMT
runtime-f620568f706dde10d6ba.js
sam.benevity.org/spark-dist/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/runtime-f620568f706dde10d6ba.js
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a800:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a56239cd1459fbd97fa7f2db1eadd14899a966cb4c860b6bf151879f826f4248

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 14:08:59 GMT
x-amz-version-id
NX2MYZs0wYrGRk1_ZCdinv6ys7kXGBAV
content-encoding
gzip
last-modified
Tue, 28 Mar 2023 13:30:44 GMT
server
AmazonS3
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/"3798330e515f37fe910d7b43e069dafb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
11994
x-amz-replication-status
COMPLETED
x-amz-cf-id
FRwbfC2zmLoIbAoVGlALP1SD1xy5x5pwLfrfNTvKRo7vZ5SrSwlrYw==
vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-b9865a38614dc7b6f5de.js
sam.benevity.org/spark-dist/ 		952 KB
292 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-b9865a38614dc7b6f5de.js
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a800:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf0c393b39b3a3039b68c533d403c3d5f6abfefda633960162d600d31a3dc22c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
_YCm4Lw6rrP0Aj3E3IxZSYdoIY74jJ6d
content-encoding
gzip
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
date
Tue, 28 Mar 2023 01:35:08 GMT
last-modified
Thu, 16 Mar 2023 18:45:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
57232
x-amz-server-side-encryption
AES256
etag
W/"59d39805489304827fdf9a5d02d75f9d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
BWFTFNTmQQRsiT-y2BkkWNpRKa1ExX7pUlsqj-FerE1-6HCzxicOVw==
vendors~drupal~drupal-admin~login~router~router-admin-037382bf4ffec7ea16cf.js
sam.benevity.org/spark-dist/ 		128 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/vendors~drupal~drupal-admin~login~router~router-admin-037382bf4ffec7ea16cf.js
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a800:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2bbe545756db8c641e80852e664c4f147a1e8ffde70f264f6dc1257031b1535

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
i.gUADbZEJjnwD81CB2qEm6q1PcFfVUJ
content-encoding
gzip
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
date
Tue, 28 Mar 2023 02:36:59 GMT
last-modified
Thu, 23 Mar 2023 14:16:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
53514
x-amz-server-side-encryption
AES256
etag
W/"1b25c459a9bb4cbef14cd02f826b666c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
UybR7AmWwSoVQfs_9t6sQmNasLGsbPQ91K5i5oZKY6P22vIZQqrRSg==
login-d41922c39bfad3e81728.js
sam.benevity.org/spark-dist/ 		266 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/login-d41922c39bfad3e81728.js
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a800:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0d3a3818fab3fc0c6fde79ca3c8c3e119b7696283566dcdd88e239fd04e2f5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
PaPBXbBUojkVE6w8v0p9HidTzCz0TrMR
content-encoding
gzip
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
date
Tue, 28 Mar 2023 06:29:01 GMT
last-modified
Thu, 16 Mar 2023 18:45:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
39592
x-amz-server-side-encryption
AES256
etag
W/"4166e1d0a94b22c5596c8179e5ae9b8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
LpVxqo1_apxggYGMIjpetfuN2uHwxcmbOofVQBZcO8YttUUxgn6Aew==
gtm.js
www.googletagmanager.com/ 		455 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66a00eeb0358a0f23e4bddb6246c9a05d8ea9560044e80593f00834c4febc232
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 17:28:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98466
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 16:49:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Mar 2023 17:28:52 GMT
logo.png
dj0texei6cl9n.cloudfront.net/client_data/ebay.benevity.org/files/theme/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dj0texei6cl9n.cloudfront.net/client_data/ebay.benevity.org/files/theme/logo.png?w
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.185.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-185-227.zrh55.r.cloudfront.net
Software
nginx /
Resource Hash
96a8484429e119dbbe0d8bcbcccdb0602dee7282d28628dbe23187c63e98558f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ebay.benevity.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 28 Mar 2023 16:58:06 GMT
x-content-type-options
nosniff
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
1846
x-cache
Hit from cloudfront
content-length
47367
x-xss-protection
1; mode=block
last-modified
Fri, 18 Feb 2022 19:09:04 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
http://ebay.benevity.org
cache-control
max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-amz-cf-id
RVFdjPlXTlfYJbpdNL8MoJ5G00i3k_2jBbAfGC4O5MvFIum12lagjg==
expires
Tue, 28 Mar 2023 17:58:06 GMT
149501e2d559b245a8467df6de84941f.png
sam.benevity.org/spark-dist/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sam.benevity.org/spark-dist/149501e2d559b245a8467df6de84941f.png
Requested by
Host: ebay.benevity.org
URL: https://ebay.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a800:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a39f2171a5dafabe05cadebdf4be8b90b21e7cf1ee9198d4504c65e32b3e050

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
cSEsiRvrbRkQsyHiiiztKwagYLO458Kj
date
Tue, 28 Mar 2023 04:34:35 GMT
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
46458
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14580
last-modified
Fri, 24 Mar 2023 18:31:13 GMT
server
AmazonS3
etag
"38c7ffcf5f86e0cde322b17ed266928b"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
xcCopBEVHjnrXlSOSmcHdb3x87GlGeB0zP6bA4Ck2Vf_4QxcMzrTQA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Mar 2023 16:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5021
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 28 Mar 2023 18:05:11 GMT
js
www.googletagmanager.com/gtag/ 		235 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NNW9PWYWZH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
746193e4563fc8388ab64601cd504f0cd749baa71b24fee6eba71335f08aa903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 17:28:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81869
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Mar 2023 17:28:52 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VMX9WGZMM9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3338ac3496c5c807dfa3f572ee2b84b1bfa12812dec57f1fb53700249251c2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 17:28:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80985
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Mar 2023 17:28:52 GMT
collect
data.benevity.org/g/ 		65 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.benevity.org/g/collect?v=2&tid=G-VMX9WGZMM9&gtm=45je33r0&_p=723234405&cid=823507709.1680024533&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gcsub=region1&_s=1&dl=https%3A%2F%2Febay.benevity.org%2Fuser%2Flogin&sid=1680024532&sct=1&seg=0&dt=Login%20%7C%20eBay%20Employee%20Matching%20Gifts%20Program&en=page_view&_fv=1&_nsi=1&_ss=1&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&ep.content_group=other&ep.h1_tag=Welcome%20to%20eBay%20Employee%20Matching%20Gifts%20Program&ep.nominate_cause_btn_cause_profile=null&up.company_name=ebay.benevity.org&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMX9WGZMM9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 17:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://ebay.benevity.org
cache-control
no-cache
access-control-allow-credentials
true
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NNW9PWYWZH&gtm=45je33r0&_p=723234405&cid=823507709.1680024533&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Febay.benevity.org%2Fuser%2Flogin&sid=1680024532&sct=1&seg=0&dt=Login%20%7C%20eBay%20Employee%20Matching%20Gifts%20Program&en=page_view&_fv=1&_ss=1&ep.company_name=ebay.benevity.org&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&ep.content_group=other&ep.nominate_cause_btn_cause_profile=null&up.company_name=ebay.benevity.org&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNW9PWYWZH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Mar 2023 17:28:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ebay.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=723234405&t=pageview&_s=1&dl=https%3A%2F%2Febay.benevity.org%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%7C%20eBay%20Employee%20Matching%20Gifts%20Program&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEqC~&jid=1054295838&gjid=106406330&cid=823507709.1680024533&tid=UA-5484370-3&_gid=1771100107.1680024533&_r=1&_slc=1&gtm=45He33r0n71TLJFKH&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&cd3=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&cd16=&cd27=ebay.benevity.org&cd37=login&cd72=Welcome%20to%20eBay%20Employee%20Matching%20Gifts%20Program&z=1527155064
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Mar 2023 17:28:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ebay.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
data.benevity.org/g/ 		65 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.benevity.org/g/collect?v=2&tid=G-VMX9WGZMM9&gtm=45je33r0&_p=723234405&cid=823507709.1680024533&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sst.uc=DE&sst.gcsub=region1&_s=2&dl=https%3A%2F%2Febay.benevity.org%2Fuser%2Flogin&sid=1680024532&sct=1&seg=0&dt=Login%20%7C%20eBay%20Employee%20Matching%20Gifts%20Program&en=scroll&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&ep.content_group=other&ep.h1_tag=Welcome%20to%20eBay%20Employee%20Matching%20Gifts%20Program&ep.nominate_cause_btn_cause_profile=null&epn.percent_scrolled=90&_et=8&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMX9WGZMM9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 17:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://ebay.benevity.org
cache-control
no-cache
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dataLayer string| webpackSparkPublicPath object| webpackJsonpSpark function| setImmediate function| clearImmediate object| regeneratorRuntime object| picturefillCFG function| picturefill function| Velocity object| Benevity function| Vue object| VueCompositionAPI function| bootSpark object| options object| errorPage object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

7 Cookies

Domain/Path Name / Value
ebay.benevity.org/ Name: XSRF-TOKEN
Value: eyJpdiI6IitpK1h1cHFoSmkyYkMwRFM2WG1nc3c9PSIsInZhbHVlIjoiend6U0tKTlk1RURqeWo2MGZKSG5nT280ZXJyTTBSZTRvWThJbEQ0TlFYdHhLUmEzOVRiWWpqKzJhaE5tU0dBWTd0V3psc0hNeFNCV1ZkTGNVVlU2cDA5RExkdGRsOE05WURkdlpkWit4bEtVOHF6Y3lnR2NDNHNpa01YOXdrL2wiLCJtYWMiOiIwMWRkYmQxOGY2ODdiODU4YTdkNDEzN2I3OGZjNDA4ZTUxM2UzYjhkMGVlNWQyOGY2Y2IzYmNkNTQ4MmNiOGU0IiwidGFnIjoiIn0%3D
ebay.benevity.org/ Name: laravel_session
Value: eyJpdiI6IndMM2Z3WmZIOWNxMlovT09lbG5UVGc9PSIsInZhbHVlIjoienVjaUl1QzZ0WXpiRGRZS3lWdGM1bjFNMGlOa1dkeXZXVXdqSWpGSi9BMCtsem4zMDJsKzJoVFQ0Y2pWS2o2YTYxTDJTN3dYM3B6UFI4ZGhMRk1DanZ6K2tPcUNVZmY2Vy9iYkJCUDRqWUk4UkdTRytxeTBML0RhVVN6VUp5MFMiLCJtYWMiOiI0OWExODA1Nzk5ODIzNjVlMzJiMTQyZmMzMzBkMTc2MGMyYWZiOWNjMWJkNzMxNDc4OTBmNTU4OTM4OTg5OWNlIiwidGFnIjoiIn0%3D
.benevity.org/ Name: _ga_VMX9WGZMM9
Value: GS1.1.1680024532.1.0.1680024532.0.0.0
.benevity.org/ Name: _ga_NNW9PWYWZH
Value: GS1.1.1680024532.1.0.1680024532.0.0.0
.benevity.org/ Name: _ga
Value: GA1.2.823507709.1680024533
.benevity.org/ Name: _gid
Value: GA1.2.1771100107.1680024533
.benevity.org/ Name: _gat_UA-5484370-3
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data.benevity.org
dj0texei6cl9n.cloudfront.net
e35d6127-262a-4995-b12c-2ce48400e089.ct0.app
ebay.benevity.org
region1.google-analytics.com
sam.benevity.org
www.google-analytics.com
www.googletagmanager.com
108.138.7.71
18.165.185.227
2001:4860:4802:34::15
2001:4860:4802:34::36
2600:9000:223c:a800:13:1368:1500:93a1
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
35.173.20.238
0a108023d5c63513c4565e2d2add2efe2fa42c1e316183af9a8078a8e48b4ae2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
3338ac3496c5c807dfa3f572ee2b84b1bfa12812dec57f1fb53700249251c2a6
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
66a00eeb0358a0f23e4bddb6246c9a05d8ea9560044e80593f00834c4febc232
746193e4563fc8388ab64601cd504f0cd749baa71b24fee6eba71335f08aa903
8a39f2171a5dafabe05cadebdf4be8b90b21e7cf1ee9198d4504c65e32b3e050
96a8484429e119dbbe0d8bcbcccdb0602dee7282d28628dbe23187c63e98558f
a2bbe545756db8c641e80852e664c4f147a1e8ffde70f264f6dc1257031b1535
a56239cd1459fbd97fa7f2db1eadd14899a966cb4c860b6bf151879f826f4248
bfcae3ab55db7e6e2e0b03da798e1c8f8a0a39ea476d409e46adc31ad11c83a1
c1e2d7d301dde83da85593e01e9555c715dffc2f8352457318428196b3159bcd
cf0c393b39b3a3039b68c533d403c3d5f6abfefda633960162d600d31a3dc22c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
f0d3a3818fab3fc0c6fde79ca3c8c3e119b7696283566dcdd88e239fd04e2f5a
f771cf86b6a5ec624c278ece21da1ea415a591a7e2e497cbe81e8cda4c1fe241