firstenergy.benevity.org Open in urlscan Pro
52.22.162.156  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response firstenergy.benevity.org/user/	109 KB 52 KB	2105ms 1823ms	Document text/html	52.22.162.156 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.22.162.156 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-22-162-156.compute-1.amazonaws.com Software nginx / Resource Hash 08246c1e6c3f2d91d92bbe01d0ede73993dd7d8380c54e53c94534ff6d0ea5a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin https://firstenergy.benevity.org cache-control max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private content-encoding gzip content-length 51869 content-type text/html; charset=UTF-8 date Tue, 28 Feb 2023 06:24:18 GMT expires 0 pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-frame-options SAMEORIGIN x-geolocation-blacklist no x-geolocation-whitelist no_match x-robots-tag noindex, nofollow x-xss-protection 1; mode=block
GET H2	200	vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-b6485c7d606a6822b7f1.css sam.benevity.org/spark-dist/css/	446 B 884 B	144ms 9ms	Stylesheet text/css	2600:9000:21f3:e400:13:1368:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sam.benevity.org/spark-dist/css/vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-b6485c7d606a6822b7f1.css Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e400:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0a108023d5c63513c4565e2d2add2efe2fa42c1e316183af9a8078a8e48b4ae2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id 3qE9Qu.wGiLRfpB00P2HDqYXWdiuIRLT date Tue, 28 Feb 2023 05:01:46 GMT via 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 age 7352 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 446 last-modified Thu, 23 Feb 2023 18:29:40 GMT server AmazonS3 etag "9db71b355cd4dca4421fc1521338adfa" vary Accept-Encoding content-type text/css accept-ranges bytes x-amz-cf-id QSYtxGApfBZP3n_QjwWVC1-avR1kKD7uwkr9Oyl-gT9UkuRni_Y2SA==
GET H2	200	login-62e0b09d84676c4bc96f.css sam.benevity.org/spark-dist/css/	218 KB 33 KB	146ms 12ms	Stylesheet text/css	2600:9000:21f3:e400:13:1368:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sam.benevity.org/spark-dist/css/login-62e0b09d84676c4bc96f.css Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e400:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 98bacd9c9b33fa7dcac7945ca8c64300d4b05d51769d8924ea4a2f4db3e3dea3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id CVLIqq6rJenNw80q1kgU4YyoXsdU4Lh8 content-encoding gzip via 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront) date Mon, 27 Feb 2023 22:25:48 GMT last-modified Thu, 23 Feb 2023 18:29:40 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 29465 x-amz-server-side-encryption AES256 etag W/"4e0cbcafffe57a584b83ff96e0cf3e19" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-replication-status COMPLETED x-amz-cf-id FaSIDDOzlnpbYPcoAApEKka6y-ARaAaKOw_P77Y0cwPox8S67-0lHg==
GET H2	200	whitelabel.css sam.benevity.org/themes/wpg_first_energy/css/	16 KB 3 KB	580ms 446ms	Stylesheet text/css	2600:9000:21f3:e400:13:1368:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sam.benevity.org/themes/wpg_first_energy/css/whitelabel.css?N Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e400:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d2df2ffee1f00a251a2e6887b10b481a1a2862223138e7f1fb72ab9360c29bd6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 06:24:20 GMT x-amz-version-id af1irWDiWFTgVuCSGVoMfmQ9GX1jykZH content-encoding gzip last-modified Wed, 07 Dec 2022 22:21:58 GMT server AmazonS3 via 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 etag W/"c014e5e913d928ed763f99b7569d724d" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/css x-amz-replication-status COMPLETED x-amz-cf-id ZSybfzAi7a8aT67OBUzXZDrj8B_Nnx-c1GlYRvi5FHESLnWxJ0Wg3w==
GET H2	200	runtime-d64f64ae86b26e80f438.js Show response sam.benevity.org/spark-dist/	13 KB 6 KB	153ms 19ms	Script application/javascript	2600:9000:21f3:e400:13:1368:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sam.benevity.org/spark-dist/runtime-d64f64ae86b26e80f438.js Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e400:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 63d1e13df15e671975d4ee6450621a897f11e863a0031c8b377c6e482aec20e7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id 8Mgp5FqFad46OwXzWTnhsYxOKKny.7vt content-encoding gzip via 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront) date Tue, 28 Feb 2023 01:35:37 GMT last-modified Thu, 23 Feb 2023 18:29:40 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 17322 x-amz-server-side-encryption AES256 etag W/"11b8914c0ad1660fc33107ac8a044d18" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-replication-status COMPLETED x-amz-cf-id 2UoRWWezSSC415zgPTOJ6c4ZAb8X1Ir5aETPrurJK-UaroDsECzwdg==
GET H2	200	vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-1ac5d8f0e1bcb336f558.js Show response sam.benevity.org/spark-dist/	949 KB 293 KB	154ms 20ms	Script application/javascript	2600:9000:21f3:e400:13:1368:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sam.benevity.org/spark-dist/vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-1ac5d8f0e1bcb336f558.js Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e400:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 03a44e1909c92526e4c05b305b2b0e3008e25d75b3be780820178831b47aec94 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id uRmg1AlRo3wyr3en.Ymq7hihvUeOTnDe content-encoding gzip via 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront) date Mon, 27 Feb 2023 22:09:22 GMT last-modified Thu, 23 Feb 2023 18:29:40 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 29850 x-amz-server-side-encryption AES256 etag W/"b6c084176ca860b2d31a1bc9b149b4b8" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-replication-status COMPLETED x-amz-cf-id ijtzdMjY00qre0yTHVwDtJlC-kuk9vkyBTzsl4ieyjzF892pIhAk3Q==
GET H2	200	vendors~drupal~drupal-admin~login~router~router-admin-0a20e43d540d73d168fc.js Show response sam.benevity.org/spark-dist/	128 KB 43 KB	172ms 38ms	Script application/javascript	2600:9000:21f3:e400:13:1368:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sam.benevity.org/spark-dist/vendors~drupal~drupal-admin~login~router~router-admin-0a20e43d540d73d168fc.js Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e400:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a9453839630ae7d6d76deb9726226b26fc95180981f452fc0a9e7b1bdca806b9 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 18:20:39 GMT x-amz-version-id d8rxdWUEm0vq9YCeQ2aOKRocumProCZC content-encoding gzip last-modified Thu, 23 Feb 2023 18:29:40 GMT server AmazonS3 via 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 etag W/"f7f03726cab1f537b59c8e84cd7e8ada" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript age 43419 x-amz-replication-status COMPLETED x-amz-cf-id TxZSJwKwX8AbFkIJv1DPeWSbIB6-gN5-6SrQ4E7Sva_wTdoMiQTvzQ==
GET H2	200	login-9171357df80d295d5fa2.js Show response sam.benevity.org/spark-dist/	258 KB 69 KB	168ms 34ms	Script application/javascript	2600:9000:21f3:e400:13:1368:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sam.benevity.org/spark-dist/login-9171357df80d295d5fa2.js Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e400:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3c90123d956d2694e0b9c36c3c5bd58903378071390a52245175aef9cb641a7b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id uoDdQk6h7ESz7kl5q9zehuT5tb2ILMIz content-encoding gzip via 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront) date Mon, 27 Feb 2023 22:25:48 GMT last-modified Thu, 23 Feb 2023 18:29:40 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 29465 x-amz-server-side-encryption AES256 etag W/"30f22386148a38ea603dab96bc1f5645" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-replication-status COMPLETED x-amz-cf-id MShhnjQcphmiiuX3zPSlwG_3ejZnGMydl8hDAmPGoJdvp-azqF_UAw==
GET H2	200	gtm.js Show response www.googletagmanager.com/	450 KB 96 KB	668ms 56ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b87a2c6fe17b4e3883699be52fd3ab950ad43714c4d60a723640958e9ca5b732 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 06:24:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 98319 x-xss-protection 0 last-modified Tue, 28 Feb 2023 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 28 Feb 2023 06:24:20 GMT
GET H2	200	login-bg.png sam.benevity.org/themes/wpg_first_energy/images/backgrounds/	2 MB 2 MB	623ms 622ms	Image image/png	2600:9000:21f3:e400:13:1368:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sam.benevity.org/themes/wpg_first_energy/images/backgrounds/login-bg.png Requested by Host: sam.benevity.org URL: https://sam.benevity.org/themes/wpg_first_energy/css/whitelabel.css?N Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e400:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 89d06dc0577dc632308d2cd856982ba971a2a2b587d9cab91a6b7a880a2e0411 Request headers accept-language de-DE,de;q=0.9 Referer https://sam.benevity.org/themes/wpg_first_energy/css/whitelabel.css?N User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 06:24:20 GMT x-amz-version-id ELeU_gkNG5DBhl7cMAAKShFg3zy7_a9w via 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront) last-modified Wed, 07 Dec 2022 22:21:58 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "f658ffc9052ba7ccc1cbaaddc0d9b4de" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png x-amz-replication-status COMPLETED accept-ranges bytes content-length 2234546 x-amz-cf-id wMcQyegsjgPE1oCBwIQfEoZ7Qe58fGprIB4mCFSoms892kGitQo-OQ==
GET H2	200	logo.png dya9bljs3vviu.cloudfront.net/client_data/firstenergy.benevity.org/files/theme/	5 KB 5 KB	997ms 420ms	Image image/png	13.32.11.220 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dya9bljs3vviu.cloudfront.net/client_data/firstenergy.benevity.org/files/theme/logo.png?N Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.11.220 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-11-220.vie50.r.cloudfront.net Software nginx / Resource Hash 27100d9cc606607cd877e630b935390b3d3470b12d4027f8d480cd2e6ae73120 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://firstenergy.benevity.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-geolocation-whitelist no_match date Tue, 28 Feb 2023 06:24:20 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 485f9ba84065b3ff587a6c536942e6c0.cloudfront.net (CloudFront) x-amz-cf-pop VIE50-C2 x-cache Miss from cloudfront content-length 4924 x-xss-protection 1; mode=block last-modified Mon, 28 Jun 2021 21:34:58 GMT server nginx x-geolocation-blacklist no x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin http://firstenergy.benevity.org cache-control max-age=3600 accept-ranges bytes x-robots-tag noindex, nofollow x-amz-cf-id wcO5vlZlU9LI3QYy64I6a0t9EK51R4S4Ur843yJCGPxuMkCw8BldEA== expires Tue, 28 Feb 2023 07:24:20 GMT
GET H2	200	149501e2d559b245a8467df6de84941f.png sam.benevity.org/spark-dist/	14 KB 15 KB	14ms 14ms	Image image/png	2600:9000:21f3:e400:13:1368:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sam.benevity.org/spark-dist/149501e2d559b245a8467df6de84941f.png Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e400:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8a39f2171a5dafabe05cadebdf4be8b90b21e7cf1ee9198d4504c65e32b3e050 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 27 Feb 2023 07:22:17 GMT x-amz-version-id 5GboTmFCmS5mPG1t5jLvgIw_uvphkFWS via 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront) last-modified Thu, 23 Feb 2023 18:29:39 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 82923 etag "38c7ffcf5f86e0cde322b17ed266928b" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png x-amz-replication-status COMPLETED accept-ranges bytes content-length 14580 x-amz-cf-id WJKC_uZ5tjFuXiCis60Vhl6b5FqMAe56zu8MGfapM-fRcnjCQadupg==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	89ms 24ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 28 Feb 2023 06:14:50 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 570 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Tue, 28 Feb 2023 08:14:50 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	233 KB 80 KB	40ms 39ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NNW9PWYWZH&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9d3f450a75a831d66c02f17918341646cf1ec1cb9b6d7193a9505dd87e42f89a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 06:24:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81373 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 28 Feb 2023 06:24:20 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	223 KB 78 KB	29ms 29ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VMX9WGZMM9&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ca79dff53cd076c02b921b210ec66aff9bf7103cbb8f1434a592184912d6a50e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 06:24:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79519 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 28 Feb 2023 06:24:20 GMT
GET H2	200	collect Show response data.benevity.org/g/	65 B 267 B	196ms 129ms	XHR text/plain	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.benevity.org/g/collect?v=2&tid=G-VMX9WGZMM9&gtm=45je32m0&_p=1130025639&cid=2139710301.1677565460&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&_s=1&dl=https%3A%2F%2Ffirstenergy.benevity.org%2Fuser%2Flogin&sid=1677565460&sct=1&seg=0&dt=Login%20%7C%20FirstEnergy%27s%20Community%20Impact%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&ep.content_group=other&ep.h1_tag=Welcome%20to%20FirstEnergy%27s%20Community%20Impact%20Portal&ep.nominate_cause_btn_cause_profile=null&up.company_name=firstenergy.benevity.org&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VMX9WGZMM9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 06:24:20 GMT content-encoding gzip x-content-type-options nosniff via 1.1 google vary Accept-Encoding content-type text/plain access-control-allow-origin https://firstenergy.benevity.org cache-control no-cache access-control-allow-credentials true
POST H2	204	collect region1.google-analytics.com/g/	0 251 B	64ms 18ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-NNW9PWYWZH&gtm=45je32m0&_p=1130025639&cid=2139710301.1677565460&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Ffirstenergy.benevity.org%2Fuser%2Flogin&sid=1677565460&sct=1&seg=0&dt=Login%20%7C%20FirstEnergy%27s%20Community%20Impact%20Portal&en=page_view&_fv=1&_ss=1&ep.company_name=firstenergy.benevity.org&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&ep.content_group=other&ep.h1_tag=Welcome%20to%20FirstEnergy%27s%20Community%20Impact%20Portal&ep.nominate_cause_btn_cause_profile=null&up.company_name=firstenergy.benevity.org&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36 Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Tue, 28 Feb 2023 06:24:20 GMT server Golfe2 content-type text/plain access-control-allow-origin https://firstenergy.benevity.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 214 B	21ms 20ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1130025639&t=pageview&_s=1&dl=https%3A%2F%2Ffirstenergy.benevity.org%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%7C%20FirstEnergy%27s%20Community%20Impact%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEqC~&jid=912424008&gjid=730064013&cid=2139710301.1677565460&tid=UA-5484370-3&_gid=1438544075.1677565460&_r=1&_slc=1&gtm=45He32m0n71TLJFKH&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&cd3=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&cd16=&cd27=firstenergy.benevity.org&cd37=login&cd72=Welcome%20to%20FirstEnergy%27s%20Community%20Impact%20Portal&z=862168047 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 28 Feb 2023 06:24:20 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://firstenergy.benevity.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect Show response data.benevity.org/g/	65 B 151 B	438ms 438ms	XHR text/plain	2001:4860:4802:32::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.benevity.org/g/collect?v=2&tid=G-VMX9WGZMM9&gtm=45je32m0&_p=1130025639&cid=2139710301.1677565460&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&_s=2&dl=https%3A%2F%2Ffirstenergy.benevity.org%2Fuser%2Flogin&sid=1677565460&sct=1&seg=0&dt=Login%20%7C%20FirstEnergy%27s%20Community%20Impact%20Portal&en=scroll&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&ep.content_group=other&ep.h1_tag=Welcome%20to%20FirstEnergy%27s%20Community%20Impact%20Portal&ep.nominate_cause_btn_cause_profile=null&epn.percent_scrolled=90&_et=6&richsstsse Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VMX9WGZMM9&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 28 Feb 2023 06:24:21 GMT content-encoding gzip x-content-type-options nosniff via 1.1 google vary Accept-Encoding content-type text/plain access-control-allow-origin https://firstenergy.benevity.org cache-control no-cache access-control-allow-credentials true
POST H2	204	collect region1.google-analytics.com/g/	0 45 B	19ms 18ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-NNW9PWYWZH&gtm=45je32m0&_p=1130025639&cid=2139710301.1677565460&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=https%3A%2F%2Ffirstenergy.benevity.org%2Fuser%2Flogin&sid=1677565460&sct=1&seg=0&dt=Login%20%7C%20FirstEnergy%27s%20Community%20Impact%20Portal&en=scroll&ep.company_name=firstenergy.benevity.org&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36&ep.content_group=other&ep.h1_tag=Welcome%20to%20FirstEnergy%27s%20Community%20Impact%20Portal&ep.nominate_cause_btn_cause_profile=null&epn.percent_scrolled=90&_et=9 Requested by Host: firstenergy.benevity.org URL: https://firstenergy.benevity.org/user/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Tue, 28 Feb 2023 06:24:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://firstenergy.benevity.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dataLayer string| webpackSparkPublicPath object| webpackJsonpSpark function| setImmediate function| clearImmediate object| regeneratorRuntime object| picturefillCFG function| picturefill function| Velocity object| Benevity function| Vue object| VueCompositionAPI function| bootSpark object| options object| errorPage object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data boolean| __piiRedact string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			firstenergy.benevity.org/	1970-01-20 10:02:45	Name: XSRF-TOKEN Value: eyJpdiI6InRwVGw4S3lBbXZwdGdTMFBNWm9PR2c9PSIsInZhbHVlIjoiLzlhNzNvQUJuOFB0VzZOSzJtbjducTJiWCs1cEVyRnhqdzVHeXRBZjVHMnNqNTJDOUVPMVRvaGdCcTFVQy81RWI5b0poV0kvaHpWb2YzUkZaUGhPbGJjL05mRjY2ZDlmVTRtdEc5c2tldndZMmJ3Z25SS3ZuK3NaQmJlOG1MaG8iLCJtYWMiOiJhOTUzMjgzY2UyZDk5NWQwMTlhNTgzZDczY2Y5YjZhNjg2OTI4OTk1ZWI1ZGI5MjRmNjI2NmZiNDk2YzVmMzNmIiwidGFnIjoiIn0%3D
			firstenergy.benevity.org/	1969-12-31 23:59:59	Name: laravel_session Value: eyJpdiI6IndkdGxISVc1ZDN6YUJORnMvaXJMQ0E9PSIsInZhbHVlIjoiWEYwKzdxZUt4bGo0dFk5VEVydy91elNHZ1Z1UkVKS3JpRjZ1MDlYOTFZSElkeU9hb1RuL0doSGJZMTU1em5weklmVXZOV3hoSXhLbERwa3c3Y29hbzFBcDZONW4zeTUxYlN5cm5GMlgyL2oxMFMreHZMM0NHbS9WdnZhZ3B3bTUiLCJtYWMiOiI3MzBiM2I0YmU2ZDYwODdhZGQ5N2Y0NmI3YWY5M2IxZWQzZDY1YmNjNWE4MTZlM2YwNDNhMzA1ZmFiYWUxOGFlIiwidGFnIjoiIn0%3D
			.benevity.org/	1970-01-20 19:21:01	Name: _ga_VMX9WGZMM9 Value: GS1.1.1677565460.1.0.1677565460.0.0.0
			.benevity.org/	1970-01-20 19:21:01	Name: _ga_NNW9PWYWZH Value: GS1.1.1677565460.1.0.1677565460.0.0.0
			.benevity.org/	1970-01-20 19:21:01	Name: _ga Value: GA1.2.2139710301.1677565460
			.benevity.org/	1970-01-20 10:00:51	Name: _gid Value: GA1.2.1438544075.1677565460
			.benevity.org/	1970-01-20 09:59:25	Name: _gat_UA-5484370-3 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data.benevity.org
dya9bljs3vviu.cloudfront.net
firstenergy.benevity.org
region1.google-analytics.com
sam.benevity.org
www.google-analytics.com
www.googletagmanager.com
13.32.11.220
2001:4860:4802:32::15
2001:4860:4802:32::36
2600:9000:21f3:e400:13:1368:1500:93a1
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2008
52.22.162.156
03a44e1909c92526e4c05b305b2b0e3008e25d75b3be780820178831b47aec94
08246c1e6c3f2d91d92bbe01d0ede73993dd7d8380c54e53c94534ff6d0ea5a1
0a108023d5c63513c4565e2d2add2efe2fa42c1e316183af9a8078a8e48b4ae2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
27100d9cc606607cd877e630b935390b3d3470b12d4027f8d480cd2e6ae73120
3c90123d956d2694e0b9c36c3c5bd58903378071390a52245175aef9cb641a7b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
63d1e13df15e671975d4ee6450621a897f11e863a0031c8b377c6e482aec20e7
89d06dc0577dc632308d2cd856982ba971a2a2b587d9cab91a6b7a880a2e0411
8a39f2171a5dafabe05cadebdf4be8b90b21e7cf1ee9198d4504c65e32b3e050
98bacd9c9b33fa7dcac7945ca8c64300d4b05d51769d8924ea4a2f4db3e3dea3
9d3f450a75a831d66c02f17918341646cf1ec1cb9b6d7193a9505dd87e42f89a
a9453839630ae7d6d76deb9726226b26fc95180981f452fc0a9e7b1bdca806b9
b87a2c6fe17b4e3883699be52fd3ab950ad43714c4d60a723640958e9ca5b732
ca79dff53cd076c02b921b210ec66aff9bf7103cbb8f1434a592184912d6a50e
d2df2ffee1f00a251a2e6887b10b481a1a2862223138e7f1fb72ab9360c29bd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c