urlscan.io logo urlscan.io
SecurityTrails logo

carefirst.benevity.org Open in urlscan Pro
3.215.65.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/02d59h6rps4zb7msm008yhd6enyw
Effective URL: https://carefirst.benevity.org/user/login
Submission: On June 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 3.215.65.55, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is carefirst.benevity.org.
TLS certificate: Issued by Amazon RSA 2048 M01 on May 3rd 2023. Valid for: a year.
This is the only time carefirst.benevity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.145.122 16509 (AMAZON-02)
1 2 3.215.65.55 14618 (AMAZON-AES)
6 2600:9000:223... 16509 (AMAZON-02)
2 13.224.194.141 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
8 151.101.130.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
27 9
1    13.32.145.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-122.cdg50.r.cloudfront.net
e35d6127-262a-4995-b12c-2ce48400e089.ct0.app
2    3.215.65.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-65-55.compute-1.amazonaws.com
carefirst.benevity.org
6    2600:9000:223c:ce00:13:1368:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
sam.benevity.org
2    13.224.194.141 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-141.fra2.r.cloudfront.net
d2jojoowplblp2.cloudfront.net
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)
data.benevity.org
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
8    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
10 benevity.org
carefirst.benevity.org
sam.benevity.org — Cisco Umbrella Rank: 145447
data.benevity.org — Cisco Umbrella Rank: 159370
487 KB
8 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 535
25 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
region1.google-analytics.com — Cisco Umbrella Rank: 1623
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
257 KB
2 cloudfront.net
d2jojoowplblp2.cloudfront.net
12 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 331
471 B
1 ct0.app
e35d6127-262a-4995-b12c-2ce48400e089.ct0.app — Cisco Umbrella Rank: 367610
513 B
27 7
Domain Requested by
8 js-agent.newrelic.com carefirst.benevity.org
6 sam.benevity.org carefirst.benevity.org
3 www.googletagmanager.com carefirst.benevity.org
www.googletagmanager.com
2 region1.google-analytics.com www.googletagmanager.com
2 data.benevity.org www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 d2jojoowplblp2.cloudfront.net carefirst.benevity.org
2 carefirst.benevity.org 1 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 e35d6127-262a-4995-b12c-2ce48400e089.ct0.app 1 redirects
27 10

This site contains no links.

Subject Issuer Validity Valid
benevity.org
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
data.benevity.org
GTS CA 1D4		 2023-06-05 -
2023-09-03		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://carefirst.benevity.org/user/login
Frame ID: 95225C61DA79888593EF28F297ABDB4E
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | CareFirst

Page URL History Show full URLs

  1. https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/02d59h6rps4zb7msm008yhd6enyw HTTP 302
    https://carefirst.benevity.org/cause/840-566047886/project/4CF4VTHX8X?utm_source=inactive_ineligible_cause&... HTTP 302
    https://carefirst.benevity.org/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

803 kB
Transfer

2785 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/02d59h6rps4zb7msm008yhd6enyw HTTP 302
    https://carefirst.benevity.org/cause/840-566047886/project/4CF4VTHX8X?utm_source=inactive_ineligible_cause&utm_medium=email&utm_campaign=cancelled_donation HTTP 302
    https://carefirst.benevity.org/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
carefirst.benevity.org/user/
Redirect Chain
  • https://e35d6127-262a-4995-b12c-2ce48400e089.ct0.app/r/02d59h6rps4zb7msm008yhd6enyw
  • https://carefirst.benevity.org/cause/840-566047886/project/4CF4VTHX8X?utm_source=inactive_ineligible_cause&utm_medium=email&utm_campaign=cancelled_donation
  • https://carefirst.benevity.org/user/login
135 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.65.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-65-55.compute-1.amazonaws.com
Software
/
Resource Hash
740a0de7de87b3df952fc970bb4d14a88292d448c4dcdaa5adbfe0940319356c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://carefirst.benevity.org
cache-control
max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 15:55:58 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
https://carefirst.benevity.org
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, private
content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 15:55:57 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Wed, 28 Jun 2023 15:55:57 GMT
location
https://carefirst.benevity.org/user/login
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-b6485c7d606a6822b7f1.css
sam.benevity.org/spark-dist/css/ 		446 B
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/css/vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-b6485c7d606a6822b7f1.css
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ce00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a108023d5c63513c4565e2d2add2efe2fa42c1e316183af9a8078a8e48b4ae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
pgp4Y0tCua1L7f5fAKVrAbjzWb4_TZym
date
Wed, 28 Jun 2023 15:25:32 GMT
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1828
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
446
last-modified
Thu, 22 Jun 2023 14:12:53 GMT
server
AmazonS3
etag
"9db71b355cd4dca4421fc1521338adfa"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
4s5B911sGfq3SB37jb1EsYjWNsa6BSDJvjxtBLLwHxzH3F9mCUd90w==
login-9c2e2e4a34ce2eab02e0.css
sam.benevity.org/spark-dist/css/ 		285 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/css/login-9c2e2e4a34ce2eab02e0.css
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ce00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c3860b98e5185510c83a062a9dc694430e5c4d8d8a7368810539da492ce9f7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
wBWDBMbyTufkOj_a6fkFW2OraZcPUFI7
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Tue, 27 Jun 2023 18:18:44 GMT
last-modified
Tue, 20 Jun 2023 15:50:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
77836
x-amz-server-side-encryption
AES256
etag
W/"c61a0f035d38540f78552f707caf140e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
Uc0lpaYvqwy38_9ZBb5qwoGQX95IEN2dnM3wPLttqcHbjMixmv2XSQ==
whitelabel.css
d2jojoowplblp2.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2jojoowplblp2.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/whitelabel.css?W
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-141.fra2.r.cloudfront.net
Software
/
Resource Hash
c1e2d7d301dde83da85593e01e9555c715dffc2f8352457318428196b3159bcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 28 Jun 2023 10:01:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
21298
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
897
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 26 Jun 2023 14:42:11 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
http://carefirst.benevity.org
Cache-Control
max-age=1209600
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
ur4PmXIWhQTifdRTfYyYuRxAYHPHuJjiqmkapb42y0TXTvL0ZMYRxA==
Expires
Wed, 12 Jul 2023 10:01:01 GMT
gtm.js
www.googletagmanager.com/ 		362 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f82160dae5b38dc4ffe8590937bb9b1b0986343f8a5ceca28de92dfc70e8b520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 15:55:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87281
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Jun 2023 15:55:59 GMT
runtime-38c243e5443534851247.js
sam.benevity.org/spark-dist/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/runtime-38c243e5443534851247.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ce00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a408ec3cb6cdcfa8583d88acd0dfe853cfb6ad309b59c9a1366b20052cd899bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
cT48mWdg8FJ0ykCXztYudrw3UGFLI1My
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Tue, 27 Jun 2023 17:46:12 GMT
last-modified
Mon, 26 Jun 2023 16:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
79788
x-amz-server-side-encryption
AES256
etag
W/"a648f617cf9e1d679bea2541c6b2f738"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
hun8gNe372Eio_mUCkEJ30srUWn-YJ_WNL9iEZndROE5ToeVs3zB2w==
vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-f4970c9689734781fa03.js
sam.benevity.org/spark-dist/ 		846 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/vendors~ci-portal~drupal~drupal-admin~error~login~router~router-admin-f4970c9689734781fa03.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ce00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b90566aab09c044ad0d6151ca04f31e452f341e7e0a63a10e7cfe9b2d1e3ae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
FjVvbTSDRMn72cBi68tvJCCYEnOJd2f_
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 04:17:31 GMT
last-modified
Tue, 20 Jun 2023 15:50:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
42231
x-amz-server-side-encryption
AES256
etag
W/"9bcd470da72a74e6aea0910c072a0781"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
aDsGztnL-K9WuquiMiZMRPsoAjR3MCs_uSpRjd6lvqHh9ASD-BShFw==
vendors~drupal~drupal-admin~login~router~router-admin-0ae33f4a1be468f5c24a.js
sam.benevity.org/spark-dist/ 		126 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/vendors~drupal~drupal-admin~login~router~router-admin-0ae33f4a1be468f5c24a.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ce00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42802377e2224b9338a933efc242cf6067144c139d533f8d4d52f441a33fbe38

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
85S6ccbLBaASuZpxLgk8Oy1BV1JASALH
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Wed, 28 Jun 2023 04:17:31 GMT
last-modified
Thu, 22 Jun 2023 14:12:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
42231
x-amz-server-side-encryption
AES256
etag
W/"34aac6c7870772fc0974ca884ccc6499"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
0772K3Kx5Hz8QKX_U0qG0T8O58CICbCWFJI9JeqTI8fq9IGIxGU-tA==
login-b477608df8e869642879.js
sam.benevity.org/spark-dist/ 		393 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sam.benevity.org/spark-dist/login-b477608df8e869642879.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ce00:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2e675fb05bcc184bb89c88c37dd37dda007131a90ae3bae37eeced17b68b0b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
5LXEt.spBM.cPFwOXz2LLvh1yMvxM6Nb
content-encoding
gzip
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
date
Tue, 27 Jun 2023 17:46:30 GMT
last-modified
Mon, 26 Jun 2023 16:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
79769
x-amz-server-side-encryption
AES256
etag
W/"7a124f8343d45167844ca733b36dc3c3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
VsBwTalleu6oiKd5KCV8TlXyK39wQXbhrz56A67XnWZhMDbKsWsvQw==
logo.png
d2jojoowplblp2.cloudfront.net/client_data/carefirst.benevity.org/files/theme/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2jojoowplblp2.cloudfront.net/client_data/carefirst.benevity.org/files/theme/logo.png?W
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-141.fra2.r.cloudfront.net
Software
/
Resource Hash
c7038e2febdcda29e048c6c078a723e6677470bcf1f0e52970ffbbeb5d67f960
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carefirst.benevity.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 28 Jun 2023 15:25:06 GMT
X-Content-Type-Options
nosniff
Via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
1853
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
10158
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 28 Jun 2021 21:34:29 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
http://carefirst.benevity.org
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
YOrs4pFIfOUSyaTPMoTooyRAh_YQ7CFhwX6bIZuN-rfSPmehnJzYAA==
Expires
Wed, 28 Jun 2023 16:25:06 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 15:04:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3078
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 28 Jun 2023 17:04:41 GMT
js
www.googletagmanager.com/gtag/ 		255 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NNW9PWYWZH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c874db7e9b30df93507227569cc41bb6a46fad195140bb7aba30d0f73fbd823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 15:55:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88854
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Jun 2023 15:55:59 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VMX9WGZMM9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
78da2283afcda56e91ce33c8548f5263c3e8058abd779a0cfb3578d5023507d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 15:55:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86351
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Jun 2023 15:55:59 GMT
collect
www.google-analytics.com/j/ 		3 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1691753119&t=pageview&_s=1&dl=https%3A%2F%2Fcarefirst.benevity.org%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=Login%20%7C%20CareFirst&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAEqC~&jid=1559689101&gjid=1313443052&cid=1108236402.1687967760&tid=UA-5484370-3&_gid=1993811932.1687967760&_r=1&_slc=1&gtm=45He36q0n71TLJFKH&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&cd3=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&cd16=&cd27=carefirst.benevity.org&cd37=login&cd72=Welcome%20to%20CareFirst&z=1800198235
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 15:55:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://carefirst.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
data.benevity.org/g/ 		65 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.benevity.org/g/collect?v=2&tid=G-VMX9WGZMM9&gtm=45je36q0&_p=1691753119&cid=1108236402.1687967760&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.ngs=1&sst.etld=google.de&sst.gcsub=region1&ngs=1&_s=1&dl=https%3A%2F%2Fcarefirst.benevity.org%2Fuser%2Flogin&sid=1687967759&sct=1&seg=0&dt=Login%20%7C%20CareFirst&en=page_view&_fv=1&_ss=1&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&ep.content_group=other&ep.h1_tag=Welcome%20to%20CareFirst&ep.nominate_cause_btn_cause_profile=null&up.company_name=carefirst.benevity.org&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMX9WGZMM9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 15:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://carefirst.benevity.org
cache-control
no-cache
access-control-allow-credentials
true
collect
region1.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NNW9PWYWZH&gtm=45je36q0&_p=1691753119&cid=1108236402.1687967760&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dl=https%3A%2F%2Fcarefirst.benevity.org%2Fuser%2Flogin&sid=1687967759&sct=1&seg=0&dt=Login%20%7C%20CareFirst&en=page_view&_fv=1&_ss=1&ep.company_name=carefirst.benevity.org&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&ep.content_group=other&ep.nominate_cause_btn_cause_profile=null&up.company_name=carefirst.benevity.org&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNW9PWYWZH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 15:55:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://carefirst.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-api.d1647fbb-1.235.0.min.js
js-agent.newrelic.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.d1647fbb-1.235.0.min.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
928d99d484efe9f20001fe0174e3347806989f534ec020ed2522e3ce5615e38d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
PGx68fBemYK57.2UTlf_G7ch3pUyoCTv
content-encoding
gzip
via
1.1 varnish
date
Wed, 28 Jun 2023 15:55:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
CQ6SM332C3HD866D
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1421
x-amz-id-2
WuNZPXVQbOLmtPM+zBKXnizPHVcP2FYBaGxUdjQqADPztZoRz/Kmz/uQlDTLKlOAloIqp3rRK0A=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 20 Jun 2023 20:09:41 GMT
server
AmazonS3
x-timer
S1687967760.738570,VS0,VE0
etag
"183fa36ece8fcbbc903243ccb0afa0e9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3047
860.e997904f-1.235.0.min.js
js-agent.newrelic.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/860.e997904f-1.235.0.min.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c82d14f968f93df57674479a67bf2fb0dc32b64afbeb6c509cae5dc6ae2381f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
sUb0oAFSUge4mZLwGJwT_rzmsxJnvqEB
content-encoding
gzip
via
1.1 varnish
date
Wed, 28 Jun 2023 15:55:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
CQ6XYGJRGFGPNYQA
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5275
x-amz-id-2
cT06Qvonteb3ID8BpPNYFwhPC2sMVbTLqFQ9bkLthFeEf8+5lqkHpPGXdU7SleF9YPlT++2v5aw=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 20 Jun 2023 20:09:41 GMT
server
AmazonS3
x-timer
S1687967760.738302,VS0,VE0
etag
"5f8f767cf1bda85c34af0dacc0622d4f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3039
session-manager.2a64278a-1.235.0.min.js
js-agent.newrelic.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session-manager.2a64278a-1.235.0.min.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
BZkWMpEwsOZuYqIlvS4C.QETPn3AglYd
content-encoding
gzip
via
1.1 varnish
date
Wed, 28 Jun 2023 15:55:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
HZW2G30BGRNNN4TS
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
677
x-amz-id-2
Sxl+8++Y1u/GFQtzg7EzgdTWYK7rr+d8fE3nlXg5xLcrbcjgyRncVPpV9R+BFNe6M0Rm2KS//dA=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 20 Jun 2023 20:09:41 GMT
server
AmazonS3
x-timer
S1687967760.738280,VS0,VE0
etag
"a097cb2068fb2d63e521cacf139c921d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2306
lazy-feature-loader.0ba331d7-1.235.0.min.js
js-agent.newrelic.com/ 		1 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-feature-loader.0ba331d7-1.235.0.min.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de82d3f1b1bd63a9117fcd54ca0a2cb7d9a5e1d294e9d0c67166500e47d683f3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
kqNen_b1zcbOI7SyHGNKYG._1v1cXBiu
content-encoding
gzip
via
1.1 varnish
date
Wed, 28 Jun 2023 15:55:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
N1SD7H903P5Q22T7
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
436
x-amz-id-2
Wh3ZZJ5jB1Gg31wjMrY2DoN+0p09HJogmWSRbyLPVxRml0QnnmpATIQb5EaV3pnhuMK1mAwHZS8=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 20 Jun 2023 20:09:41 GMT
server
AmazonS3
x-timer
S1687967760.804521,VS0,VE0
etag
"8d1984f1b5a2b054e6fbe6c9c886193d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2998
148.03807465-1.235.0.min.js
js-agent.newrelic.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/148.03807465-1.235.0.min.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1c9a859fe4f1eedc6f90b7c399d8a358dc93ff23c7a9c420e85bafd6ef50a64
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
mDm_lN1BZVH2jPuTvP8RgDwAdg9JNOCQ
content-encoding
gzip
via
1.1 varnish
date
Wed, 28 Jun 2023 15:55:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
N1SDECHWP5PTTN5D
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3209
x-amz-id-2
1TTnWkxad5cjD1hoxvPgSZItBvlRosmaPIA+/ffw5r8WKVQ/l4deQg+b2znpLk7ulepqhqQ79V8=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 20 Jun 2023 20:09:41 GMT
server
AmazonS3
x-timer
S1687967760.933437,VS0,VE0
etag
"35f2c02180f390df3c795c872bcd7e41"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2268
page_view_event-aggregate.a7935af6-1.235.0.min.js
js-agent.newrelic.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.a7935af6-1.235.0.min.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f126f1b7ce191cf1a80f1dee6a2bbfa9fee141340e4ef9cc3b683fda9ac588d8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
iSz7800SnmJ3Lz40oo.gR_eRsbNM3wY9
content-encoding
gzip
via
1.1 varnish
date
Wed, 28 Jun 2023 15:55:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
N1SB1756BM88ZF6A
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4116
x-amz-id-2
sLXktn+URmDXsUO+k1hjrF0R5d9TfLmODEVN0dMWOSbiBA+UVp2aY/Rz1DnPuoPDgTBp1aYPPig=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 20 Jun 2023 20:09:41 GMT
server
AmazonS3
x-timer
S1687967760.934367,VS0,VE0
etag
"17ee92570a5dd947879416128fe6fa35"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2267
page_view_timing-aggregate.1c78d061-1.235.0.min.js
js-agent.newrelic.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.1c78d061-1.235.0.min.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cc22f48470a0a4efa956daa4bf294039262d6e67d1f334c5c69aef46c277607
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
ONOhcsdtj24uD13zUbxHsdKusbQBhxx7
content-encoding
gzip
via
1.1 varnish
date
Wed, 28 Jun 2023 15:55:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
N1SBJ5GTQ6D61GGJ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5448
x-amz-id-2
iZNp8QDKT5F2bM/JHNRUJefLVFKK7Z5gDZ1txk0ELfU1S1Zg91RaoJfVkEelN5xpqQ3xpM1DCd0=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 20 Jun 2023 20:09:41 GMT
server
AmazonS3
x-timer
S1687967760.934045,VS0,VE0
etag
"5c4172c97936d3532e8f1d2e2a9579f2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1306
metrics-aggregate.7ece083a-1.235.0.min.js
js-agent.newrelic.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.7ece083a-1.235.0.min.js
Requested by
Host: carefirst.benevity.org
URL: https://carefirst.benevity.org/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55e1407e5ec63b06d024a1badf14b8f7c6eacdead13d9407ffcc5e18502224b5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
QEARPx5T2d1YDGdgs6LZVWFi.ZeJwkAi
content-encoding
gzip
via
1.1 varnish
date
Wed, 28 Jun 2023 15:55:59 GMT
strict-transport-security
max-age=300
x-amz-request-id
N1S2PKNPWEDDX1PY
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2956
x-amz-id-2
bmCsouFbfVfFoQ0rHzg2QuJYXWtdRqyrfbw4h99bVKz5EAXRojak/LwD9sjNvNCKjO6qOJNHd44=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 20 Jun 2023 20:09:41 GMT
server
AmazonS3
x-timer
S1687967760.935676,VS0,VE0
etag
"efb4026fb6f7446f879ec5aee982bd11"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2257
NRBR-b25025cc14dfab0fe08
bam.nr-data.net/1/ 		40 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRBR-b25025cc14dfab0fe08?a=141382190&v=1.235.0&to=MVFUY0YCWBcEVUZZWwgbd1RAClkKSlpdV10I&rst=3365&ck=0&s=98bd0631cafaf151&ref=https://carefirst.benevity.org/user/login&ap=131&be=2399&fe=652&dc=552&at=HRZXFQ4YSxk%3D&perf=%7B%22timing%22:%7B%22of%22:1687967756613,%22n%22:0,%22f%22:1352,%22dn%22:1352,%22dne%22:1352,%22c%22:1352,%22s%22:1352,%22ce%22:1352,%22rq%22:1352,%22rp%22:2399,%22rpe%22:2602,%22di%22:2949,%22ds%22:2949,%22de%22:2950,%22dc%22:3049,%22l%22:3049,%22le%22:3051%7D,%22navigation%22:%7B%7D%7D&fp=2571&fcp=2571
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.d1647fbb-1.235.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 28 Jun 2023 15:56:00 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://carefirst.benevity.org
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
7de71e0458c13a4a-FRA
Content-Length
40
collect
data.benevity.org/g/ 		65 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.benevity.org/g/collect?v=2&tid=G-VMX9WGZMM9&gtm=45je36q0&_p=1691753119&cid=1108236402.1687967760&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sst.uc=DE&sst.ngs=1&sst.etld=google.de&sst.gcsub=region1&ngs=1&_s=2&dl=https%3A%2F%2Fcarefirst.benevity.org%2Fuser%2Flogin&sid=1687967759&sct=1&seg=0&dt=Login%20%7C%20CareFirst&en=scroll&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&ep.content_group=other&ep.h1_tag=Welcome%20to%20CareFirst&ep.nominate_cause_btn_cause_profile=null&epn.percent_scrolled=90&_et=66&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VMX9WGZMM9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 15:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://carefirst.benevity.org
cache-control
no-cache
access-control-allow-credentials
true
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NNW9PWYWZH&gtm=45je36q0&_p=1691753119&cid=1108236402.1687967760&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&dl=https%3A%2F%2Fcarefirst.benevity.org%2Fuser%2Flogin&sid=1687967759&sct=1&seg=0&dt=Login%20%7C%20CareFirst&en=scroll&ep.company_name=carefirst.benevity.org&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&ep.content_group=other&ep.nominate_cause_btn_cause_profile=null&epn.percent_scrolled=90&_et=63
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NNW9PWYWZH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Jun 2023 15:56:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://carefirst.benevity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA object| dataLayer string| webpackSparkPublicPath object| webpackJsonpSpark object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| Velocity object| Benevity function| setImmediate function| clearImmediate function| Vue object| VueCompositionAPI object| regeneratorRuntime function| bootSpark object| options object| sparkVueObjects object| errorPage object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

7 Cookies

Domain/Path Name / Value
carefirst.benevity.org/ Name: XSRF-TOKEN
Value: eyJpdiI6Im5HUUZPM0VRWHJURHIzZ2tYRHdQR2c9PSIsInZhbHVlIjoidTJyUDhGZ0xDUnF3NWpaNURkZmdwLytQc2E5RjQ4YjkwR3V2MVFSZHQvWFVoSTg2NEhla0RmYkJqVG1jRHM2aHliYzFtckhubTAvVUVHbkx5dWE4WlNOUjA0dkRSVjk4ZHgyUTdtS1NleDdDM2FDNVlhYk9Vc3JxU2hMVmx1WEwiLCJtYWMiOiI2NmMwMTZhMTgzOTRlZGEzMDIyNDJkMjAyNjg1ZmQ2MjI1YWYyNGUxOTJiMDhkOTdmNmNlNjQxNmJjMjNmYjYwIiwidGFnIjoiIn0%3D
carefirst.benevity.org/ Name: laravel_session
Value: eyJpdiI6IitCNkF2dVc2dUl6cWpnYmRIeGhmWFE9PSIsInZhbHVlIjoiUUhRUmVFaWY3WTI5enZ0R1EvZ0hRTDFEZ1pSaTFEcU5QVmFPaGFnNnhHQngyMnNRSTU5SUFRMFNCT2lNK1RLRkFpSi96STJ1eFpUU0pEK0JLMjc1WkhGVU8zOCt4WEhET2QxUXdteG5FKzZPTGN6VDNKaVA2QUlCc3BlejZuVk0iLCJtYWMiOiI1ZDIyMTJjODJiNjI2MTc3MGNhNjViNGZkMmUxZjAzNjdkMDU5NjhlN2EzMTg1ZjE0YmU2N2M4OGIyYmRhZWI4IiwidGFnIjoiIn0%3D
.benevity.org/ Name: _gid
Value: GA1.2.1993811932.1687967760
.benevity.org/ Name: _gat_UA-5484370-3
Value: 1
.benevity.org/ Name: _ga
Value: GA1.1.1108236402.1687967760
.benevity.org/ Name: _ga_VMX9WGZMM9
Value: GS1.1.1687967759.1.0.1687967759.0.0.0
.benevity.org/ Name: _ga_NNW9PWYWZH
Value: GS1.1.1687967759.1.0.1687967759.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
carefirst.benevity.org
d2jojoowplblp2.cloudfront.net
data.benevity.org
e35d6127-262a-4995-b12c-2ce48400e089.ct0.app
js-agent.newrelic.com
region1.google-analytics.com
sam.benevity.org
www.google-analytics.com
www.googletagmanager.com
13.224.194.141
13.32.145.122
151.101.130.137
162.247.241.14
2001:4860:4802:34::36
2001:4860:4802:38::15
2600:9000:223c:ce00:13:1368:1500:93a1
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2008
3.215.65.55
0a108023d5c63513c4565e2d2add2efe2fa42c1e316183af9a8078a8e48b4ae2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
42802377e2224b9338a933efc242cf6067144c139d533f8d4d52f441a33fbe38
55e1407e5ec63b06d024a1badf14b8f7c6eacdead13d9407ffcc5e18502224b5
6b90566aab09c044ad0d6151ca04f31e452f341e7e0a63a10e7cfe9b2d1e3ae3
6c82d14f968f93df57674479a67bf2fb0dc32b64afbeb6c509cae5dc6ae2381f
6c874db7e9b30df93507227569cc41bb6a46fad195140bb7aba30d0f73fbd823
740a0de7de87b3df952fc970bb4d14a88292d448c4dcdaa5adbfe0940319356c
78da2283afcda56e91ce33c8548f5263c3e8058abd779a0cfb3578d5023507d7
7c3860b98e5185510c83a062a9dc694430e5c4d8d8a7368810539da492ce9f7c
928d99d484efe9f20001fe0174e3347806989f534ec020ed2522e3ce5615e38d
9cc22f48470a0a4efa956daa4bf294039262d6e67d1f334c5c69aef46c277607
a408ec3cb6cdcfa8583d88acd0dfe853cfb6ad309b59c9a1366b20052cd899bd
c1e2d7d301dde83da85593e01e9555c715dffc2f8352457318428196b3159bcd
c7038e2febdcda29e048c6c078a723e6677470bcf1f0e52970ffbbeb5d67f960
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
d1c9a859fe4f1eedc6f90b7c399d8a358dc93ff23c7a9c420e85bafd6ef50a64
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de82d3f1b1bd63a9117fcd54ca0a2cb7d9a5e1d294e9d0c67166500e47d683f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
f126f1b7ce191cf1a80f1dee6a2bbfa9fee141340e4ef9cc3b683fda9ac588d8
f2e675fb05bcc184bb89c88c37dd37dda007131a90ae3bae37eeced17b68b0b7
f82160dae5b38dc4ffe8590937bb9b1b0986343f8a5ceca28de92dfc70e8b520