levistraussco.benevity.org Open in urlscan Pro
52.5.241.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://s2.bl-1.com/h/cWkSNJM2?url=https://levistraussco.benevity.org/news/1351
Effective URL:
https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
Submission: On August 20 via api (August 20th 2020, 4:22:16 pm UTC) from US

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 52.5.241.201, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is levistraussco.benevity.org.
TLS certificate: Issued by Amazon on July 30th 2020. Valid for: a year.

This is the only time levistraussco.benevity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.161.62.44 35.161.62.44	16509 (AMAZON-02) (AMAZON-02)
1 4	52.5.241.201 52.5.241.201	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	2600:9000:218... 2600:9000:2182:c200:13:1368:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	13.226.156.42 13.226.156.42	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
26	10

1 35.161.62.44 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s2.bl-1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.5.241.201 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-241-201.compute-1.amazonaws.com

levistraussco.benevity.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2182:c200:13:1368:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

sam.benevity.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.156.42 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d1vqaxhr3kntpd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	benevity.org 1 redirects levistraussco.benevity.org sam.benevity.org	267 KB
4	cloudfront.net d1vqaxhr3kntpd.cloudfront.net	153 KB
3	google.com 1 redirects analytics.google.com www.google.com	964 B
3	google-analytics.com 1 redirects www.google-analytics.com	50 KB
3	gstatic.com fonts.gstatic.com	27 KB
2	google.de www.google.de	962 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net	597 B
2	googletagmanager.com www.googletagmanager.com	116 KB
1	googleapis.com fonts.googleapis.com	843 B
1	bl-1.com 1 redirects s2.bl-1.com	547 B
26	10

	Domain	Requested by
6	sam.benevity.org	levistraussco.benevity.org
4	d1vqaxhr3kntpd.cloudfront.net	levistraussco.benevity.org d1vqaxhr3kntpd.cloudfront.net
4	levistraussco.benevity.org	1 redirects sam.benevity.org
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google.de	levistraussco.benevity.org
2	stats.g.doubleclick.net	1 redirects www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	www.googletagmanager.com	levistraussco.benevity.org www.googletagmanager.com
1	www.google.com	1 redirects
1	fonts.googleapis.com	levistraussco.benevity.org
1	s2.bl-1.com	1 redirects
26	12

This site contains no links.

Subject Issuer	Validity	Valid
benevity.org Amazon	`2020-07-30` - `2021-08-30`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
Frame ID: FFBD8CC6D1F87FC76B68418214A9D8AF
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://s2.bl-1.com/h/cWkSNJM2?url=https://levistraussco.benevity.org/news/1351 HTTP 302
https://levistraussco.benevity.org/news/1351 HTTP 302
https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

26
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

615 kB
Transfer

1832 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://s2.bl-1.com/h/cWkSNJM2?url=https://levistraussco.benevity.org/news/1351 HTTP 302
https://levistraussco.benevity.org/news/1351 HTTP 302
https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1916354673&t=pageview&_s=1&dl=https%3A%2F%2Flevistraussco.benevity.org%2Fuser%2Flogin%3Fdestination%3D%252Fnews%252F1351&ul=en-us&de=UTF-8&dt=Login%20%7C%20Giving%20Back%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=539187744&gjid=1691234081&cid=1608860123.1597940520&tid=UA-5484370-3&_gid=352453529.1597940520&_r=1&gtm=2wg8c0TLJFKH&cd2=xl&cd3=landscape&cd4=1x&cd5=2020-08-20T18%3A21%3A59.919%2B02%3A00&cd16=&cd26=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd27=levistraussco.benevity.org&z=1210105522 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5484370-3&cid=1608860123.1597940520&jid=539187744&_gid=352453529.1597940520&gjid=1691234081&_v=j83&z=1210105522 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=1608860123.1597940520&jid=539187744&_v=j83&z=1210105522 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=1608860123.1597940520&jid=539187744&_v=j83&z=1210105522&slf_rd=1&random=257397350

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
levistraussco.benevity.org/user/
Redirect Chain

http://s2.bl-1.com/h/cWkSNJM2?url=https://levistraussco.benevity.org/news/1351
https://levistraussco.benevity.org/news/1351
https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351

10 KB
4 KB

133ms
133ms

Document
text/html

52.5.241.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.241.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-241-201.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9c80dd1e67e003f6c42157e605596fcd0ad1450f2a7eeff1e3b27774860205cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: levistraussco.benevity.org
:scheme: https
:path: /user/login?destination=%2Fnews%2F1351
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 20 Aug 2020 16:21:59 GMT
content-type: text/html; charset=UTF-8
content-length: 3159
server: nginx
cache-control: max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
pragma: no-cache
expires: 0
set-cookie: XSRF-TOKEN=eyJpdiI6IjlFL2VLTHVuWlVPbzYyaGNqMndUeWc9PSIsInZhbHVlIjoiMytLWGFKTVdJT1BwTGtNWHBoMXcreG9zcG1MdmdnaS81KzNGMTJYcmR0eDBoZm1raVdzd2J2V1Y0R0RXL09XcGwxUzd0MTR1WU15ZkFrNlp1bytiK0lNODBvQ3ZKMCtSanlLdW9PcUtCZUpseGF5N0ZSRDRXdTVBa2YzOGJOcHIiLCJtYWMiOiJlZjZhMDQwMWEwNmFkOGQ0NmEzMzg4YmVlMjEyYWZiMjU5YTYzYzRjNmRjZTUyMTU2NjNhMmYxYmFlZmFhZTMwIn0%3D; expires=Sat, 22-Aug-2020 23:54:59 GMT; Max-Age=199980; path=/; secure; samesite=lax laravel_session=eyJpdiI6IllVanMxbS94QTQwRWZCUVlxbkh4V3c9PSIsInZhbHVlIjoiTGxmRHpRNFZodFZRR0o5ODhaSXg0VEwzcGExWEJMWEQzQ09MYW5SMjZhV2FhMU9IdTJvMUR5SkRFa2NhbmRZalNQem9kTHowNnczZmNJMWVCZTE0R0JBRjR1cWZ4WjBrQ3oyY2RHSGRrbjBXamM4Yll0b3E5K3F2ZGc2T0I1QjQiLCJtYWMiOiI5OGExZjY4YzY5MmNhODYxMjk2NTFjYzMzNzQ4MzU3ZTNhOWQzN2JiZDk2MjM2ZDEyMGUyM2U5NDk0OTBlOWY2In0%3D; path=/; secure; httponly; samesite=lax
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-encoding: gzip
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-geolocation-blacklist: no
x-geolocation-whitelist: no_match

Redirect headers

status: 302
date: Thu, 20 Aug 2020 16:21:59 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
last-modified: Thu, 20 Aug 2020 16:21:59 GMT
location: /user/login?destination=%2Fnews%2F1351
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-geolocation-blacklist: no
x-geolocation-whitelist: no_match

GET
H2 200 css
fonts.googleapis.com/ 7 KB
843 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 15:53:00 GMT
server: ESF
date: Thu, 20 Aug 2020 16:21:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Aug 2020 16:21:59 GMT

GET
H2 200 vendors~drupal~drupal-admin~error~login~router~router-admin-6a65e45895dea63e9600.css
sam.benevity.org/spark-dist/css/ 90 KB
12 KB 77ms
11ms Stylesheet
text/css 2600:9000:2182:c200:13:1368:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sam.benevity.org/spark-dist/css/vendors~drupal~drupal-admin~error~login~router~router-admin-6a65e45895dea63e9600.css
Requested by: Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:c200:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1dff39101119d834144555b4153d866d1021c780b6c4c8fa03cb6f9f70ca732

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: VHqytD98k..31HkdLoY1lwna7yw5EkCW
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 00:27:27 GMT
server: AmazonS3
age: 84626
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
date: Wed, 19 Aug 2020 16:51:34 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: NdCz8COVEEoAxmnWOAXaXQQ_tovnmRlMQx0pwPVbPmIdwkn1Tmht7A==
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)

GET
H2 200 login-1dbe9e2f35399062ce2d.css
sam.benevity.org/spark-dist/css/ 136 KB
20 KB 80ms
15ms Stylesheet
text/css 2600:9000:2182:c200:13:1368:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sam.benevity.org/spark-dist/css/login-1dbe9e2f35399062ce2d.css
Requested by: Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:c200:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cff69d537fd248a08342c3e464b832b4397c3b358acef17190122cf049f6b97c

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 19 Aug 2020 18:13:23 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 00:27:27 GMT
server: AmazonS3
age: 79717
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: AT46X1KEIy3gdoME7nlZ7yOg39PCV3WP
status: 200
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DUS51-C1
content-type: text/css
x-amz-cf-id: NOT-seU7apnQJnI7Ikojg0xTewxu-f5dHQMGMMsy5aT_PQWP_GB-Ww==
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)

GET
H/1.1 200
OK whitelabel.css
d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/ 14 KB
3 KB 145ms
40ms Stylesheet
text/css 13.226.156.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg/assets/whitelabel/css/whitelabel.css?m

Requested by

Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.156.42 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

592d20569bdfe6043195e57fedcaa3bda0e6c46b9685e63e4300cc20b23622fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 20 Aug 2020 15:58:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1380
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2256
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Last-Modified: Tue, 18 Aug 2020 00:25:29 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
X-geolocation-blacklist: no
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
Expires: Thu, 03 Sep 2020 15:58:59 GMT
Cache-Control: max-age=1209600
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: 3h_q2douvCfA_e_Twe0_sC1mIX3ZEW-_e7gY2Cp9QGFmGqR074VFWw==
X-geolocation-whitelist: no_match

GET
H/1.1 200
OK whitelabel.css
d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_levistrauss/css/ 22 KB
5 KB 153ms
48ms Stylesheet
text/css 13.226.156.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_levistrauss/css/whitelabel.css?m

Requested by

Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.156.42 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

00011a4621b016a45e0e4eba320ff78cda5b9bcb55db5016fdff1c81f4c39289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 20 Aug 2020 15:58:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1380
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3970
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Origin: *
Last-Modified: Tue, 18 Aug 2020 00:25:33 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
X-geolocation-blacklist: no
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
Expires: Thu, 03 Sep 2020 15:58:59 GMT
Cache-Control: max-age=1209600
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: AO3ppnbxxYFFE9-WFCx3tExuSlazM46aCy2s8HAxBfztIeY6zlEuvw==
X-geolocation-whitelist: no_match

GET
H2 200 runtime-fe705a44f99d209fee6c.js Show response
sam.benevity.org/spark-dist/ 5 KB
3 KB 102ms
38ms Script
application/x-javascript 2600:9000:2182:c200:13:1368:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sam.benevity.org/spark-dist/runtime-fe705a44f99d209fee6c.js
Requested by: Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:c200:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ef621e9028b86fbd0655076cae469ff9b891f659c4198be3393e224f7b76c21

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 1RDMlh6TG5qDvKQWdXTySy2ZKGkUFPaB
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 00:27:27 GMT
server: AmazonS3
age: 84626
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
date: Wed, 19 Aug 2020 16:51:34 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: z9BqgGyz3EDck77IaT2bpErgpbeiaZgwqws8J6HI4Fj2bdiURkPWZQ==
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)

GET
H2 200 vendors~drupal~drupal-admin~error~login~router~router-admin-fb6c1c3f07002c10bc6a.js Show response
sam.benevity.org/spark-dist/ 420 KB
130 KB 95ms
31ms Script
application/x-javascript 2600:9000:2182:c200:13:1368:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sam.benevity.org/spark-dist/vendors~drupal~drupal-admin~error~login~router~router-admin-fb6c1c3f07002c10bc6a.js
Requested by: Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:c200:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 845e24c2006b702b7b064c27d6cf28187764bf82af1cb31bbd0bb2b60c634409

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: KGv9r6zL8Qwj2PEhR4puaT44izvHSpJh
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 00:27:27 GMT
server: AmazonS3
age: 84626
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
date: Wed, 19 Aug 2020 16:51:34 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 8fz031vSJRCczVVAm42vcyYk-g5zeFZ59nXl2PmKlf3pR7hh68VrEw==
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)

GET
H2 200 vendors~drupal~drupal-admin~login~router~router-admin-8482a56e7d164690f764.js Show response
sam.benevity.org/spark-dist/ 152 KB
50 KB 89ms
25ms Script
application/x-javascript 2600:9000:2182:c200:13:1368:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sam.benevity.org/spark-dist/vendors~drupal~drupal-admin~login~router~router-admin-8482a56e7d164690f764.js
Requested by: Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:c200:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e8165ae8feb0bcfde61f65de78b1ba2c4dd06c220bbf069060b3411d7b2812c

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: AkIYMXbhgACSWNx70miM981WM.KuOOZe
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 00:27:27 GMT
server: AmazonS3
age: 84626
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
date: Wed, 19 Aug 2020 16:51:34 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: JXuvtMGOqEUrN-DLnXapMx_LtsQJ_jpL0skRKg1pmglIZdJFxjedwA==
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)

GET
H2 200 login-ca33a1cb6f791ad9db40.js Show response
sam.benevity.org/spark-dist/ 116 KB
29 KB 85ms
21ms Script
application/x-javascript 2600:9000:2182:c200:13:1368:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sam.benevity.org/spark-dist/login-ca33a1cb6f791ad9db40.js
Requested by: Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:c200:13:1368:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 167042c945719cbb099f7704d07b7bc8d860b4778c1603a7c2771b124a6aa2b9

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ecMO3Guub3PNzzTY2QDvflYaDWtZpqkz
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 00:27:27 GMT
server: AmazonS3
age: 84626
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
date: Wed, 19 Aug 2020 16:51:34 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: _dYThKlgSBVjt3Kj_mFhmA3Sqzj5p7yRe6P49D2gwc-yPcjVM99VgA==
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 393 KB
69 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH

Requested by

Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58a4a7278d94f724a3c58b3c87ad379fe7515458199736f6565d51dbb46e244a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 20 Aug 2020 16:21:59 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70644
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 15:32:45 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Aug 2020 16:21:59 GMT

GET
H/1.1 200
OK login-bg.jpg
d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_levistrauss/images/backgrounds/ 138 KB
139 KB 45ms
44ms Image
image/jpeg 13.226.156.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_levistrauss/images/backgrounds/login-bg.jpg

Requested by

Host: d1vqaxhr3kntpd.cloudfront.net
URL: https://d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_levistrauss/css/whitelabel.css?m

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.156.42 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

86d8d9be1c2956cbc1edf6912cc6527cc772cc636c569ff673b80ae7cb626aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_levistrauss/css/whitelabel.css?m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 20 Aug 2020 15:58:59 GMT
Via: 1.1 91528fdf97ef415d04fa66a0fbb562d7.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1380
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 141620
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 18 Aug 2020 00:25:33 GMT
Server: nginx
X-geolocation-blacklist: no
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Thu, 20 Aug 2020 16:58:59 GMT
Cache-Control: max-age=3600
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: endQnSmRFaN5ZSgfHB-fxvGY-bhJ9meX4tmGIlmKsOgJJIq-CYp8fA==
X-geolocation-whitelist: no_match

GET
H/1.1 200
OK logo.png
d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_levistrauss/ 6 KB
7 KB 39ms
38ms Image
image/png 13.226.156.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1vqaxhr3kntpd.cloudfront.net/sites/all/themes/wpg_subthemes/wpg_levistrauss/logo.png?m

Requested by

Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.226.156.42 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ac99a7d285a07b18671b6923457283ff73f4a47dbf9c58b08a40d35ff46cb6f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 20 Aug 2020 15:58:59 GMT
Via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1380
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6172
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 18 Aug 2020 00:25:33 GMT
Server: nginx
X-geolocation-blacklist: no
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Thu, 20 Aug 2020 16:58:59 GMT
Cache-Control: max-age=3600
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
X-Amz-Cf-Id: ISf612JTC6Ktylch41fy8ucNTSy5Scr8ovg9pTzS_XpjoCMkZUx8OA==
X-geolocation-whitelist: no_match

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://levistraussco.benevity.org
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 05:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 644440
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:21:19 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://levistraussco.benevity.org
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 05:13:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 644919
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Fri, 13 Aug 2021 05:13:20 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://levistraussco.benevity.org
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 05:25:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1162574
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 07 Aug 2021 05:25:45 GMT

GET
H2 200 3-dbc0208edfd46cd138c3.css
levistraussco.benevity.org/dist/css/ 925 B
796 B 105ms
105ms Stylesheet
text/css 52.5.241.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://levistraussco.benevity.org/dist/css/3-dbc0208edfd46cd138c3.css

Requested by

Host: sam.benevity.org
URL: https://sam.benevity.org/spark-dist/runtime-fe705a44f99d209fee6c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.241.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-241-201.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a17c315e42aaa6e65309f3044278d9e7299e21bd0b6e5776a32ab36f0903f6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 20 Aug 2020 16:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 387
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Aug 2020 00:25:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
x-geolocation-blacklist: no
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
expires: Thu, 03 Sep 2020 16:21:59 GMT
cache-control: max-age=1209600
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-geolocation-whitelist: no_match

GET
H2 200 3-9111b05dcd24b8407411.js Show response
levistraussco.benevity.org/dist/ 44 KB
17 KB 188ms
187ms Script
application/javascript 52.5.241.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://levistraussco.benevity.org/dist/3-9111b05dcd24b8407411.js

Requested by

Host: sam.benevity.org
URL: https://sam.benevity.org/spark-dist/runtime-fe705a44f99d209fee6c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.241.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-241-201.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9d497247945cc74661c7570108f75b2d0b9bec9b2e1bcd39c2684374cd7cb4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-geolocation-whitelist: no_match
date: Thu, 20 Aug 2020 16:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Aug 2020 00:25:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
x-geolocation-blacklist: no
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
x-robots-tag: noindex, nofollow
expires: Thu, 03 Sep 2020 16:21:59 GMT

GET
H/2+Q/46 200 js Show response
www.googletagmanager.com/gtag/ 123 KB
47 KB 45ms
31ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B76Z4SJJWF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9016e1fb63eac79a13fb390dc992054f642b86f0aa165c92705e002f18908da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 20 Aug 2020 16:21:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47504
x-xss-protection: 0
expires: Thu, 20 Aug 2020 16:21:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLJFKH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6498
date: Thu, 20 Aug 2020 14:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 20 Aug 2020 16:33:41 GMT

GET
H/2+Q/46 200 js Show response
www.google-analytics.com/gtm/ 82 KB
32 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MK4379W&t=gtm3&cid=1608860123.1597940520&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87db9da92679aa5e82203a5156beefff640b77756b676fb42cf640dcea41d247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 20 Aug 2020 16:21:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32030
x-xss-protection: 0
expires: Thu, 20 Aug 2020 16:21:59 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
345 B 34ms
13ms Other
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B76Z4SJJWF&gtm=2oe8c0&_p=1916354673&sr=1600x1200&_gaz=1&ul=en-us&cid=1608860123.1597940520&_s=1&dl=https%3A%2F%2Flevistraussco.benevity.org%2Fuser%2Flogin%3Fdestination%3D%252Fnews%252F1351&dr=&dt=Login%20%7C%20Giving%20Back%20Portal&sid=1597940519&sct=1&seg=0&en=page_view&_fv=2&_ss=1&up.company_name=levistraussco.benevity.org
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B76Z4SJJWF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Aug 2020 16:21:59 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://levistraussco.benevity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
366 B 48ms
16ms Other
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B76Z4SJJWF&cid=1608860123.1597940520&gtm=2oe8c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B76Z4SJJWF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Aug 2020 16:21:59 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://levistraussco.benevity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
492 B 39ms
18ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B76Z4SJJWF&cid=1608860123.1597940520&gtm=2oe8c0&aip=1&z=1641782138

Requested by

Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Aug 2020 16:21:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1916354673&t=pageview&_s=1&dl=https%3A%2F%2Flevistraussco.benevity.org%2Fuser%2Flogin%3Fdestination%3D%252Fnews%252F1351&ul=en-us&de=UT...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5484370-3&cid=1608860123.1597940520&jid=539187744&_gid=352453529.1597940520&gjid=1691234081&_v=j83&z=1210105522
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=1608860123.1597940520&jid=539187744&_v=j83&z=1210105522
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=1608860123.1597940520&jid=539187744&_v=j83&z=1210105522&slf_rd=1&random=257397350

42 B
470 B

39ms
25ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=1608860123.1597940520&jid=539187744&_v=j83&z=1210105522&slf_rd=1&random=257397350

Requested by

Host: levistraussco.benevity.org
URL: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Aug 2020 16:22:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Aug 2020 16:21:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5484370-3&cid=1608860123.1597940520&jid=539187744&_v=j83&z=1210105522&slf_rd=1&random=257397350
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
53 B 13ms
13ms Other
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B76Z4SJJWF&gtm=2oe8c0&_p=1916354673&sr=1600x1200&ul=en-us&cid=1608860123.1597940520&_s=2&dl=https%3A%2F%2Flevistraussco.benevity.org%2Fuser%2Flogin%3Fdestination%3D%252Fnews%252F1351&dr=&dt=Login%20%7C%20Giving%20Back%20Portal&sid=1597940519&sct=1&seg=0&en=scroll&_et=141&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B76Z4SJJWF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levistraussco.benevity.org/user/login?destination=%2Fnews%2F1351
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Aug 2020 16:22:05 GMT
server: Golfe2
status: 204
content-type: text/plain
access-control-allow-origin: https://levistraussco.benevity.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benevity.org/	1970-01-19 11:52:20	Name: _gat_UA-5484370-3 Value: 1
.benevity.org/	1970-01-20 05:23:32	Name: _ga_B76Z4SJJWF Value: GS1.1.1597940519.1.0.1597940519.60
levistraussco.benevity.org/	1969-12-31 23:59:59	Name: laravel_session Value: eyJpdiI6IllVanMxbS94QTQwRWZCUVlxbkh4V3c9PSIsInZhbHVlIjoiTGxmRHpRNFZodFZRR0o5ODhaSXg0VEwzcGExWEJMWEQzQ09MYW5SMjZhV2FhMU9IdTJvMUR5SkRFa2NhbmRZalNQem9kTHowNnczZmNJMWVCZTE0R0JBRjR1cWZ4WjBrQ3oyY2RHSGRrbjBXamM4Yll0b3E5K3F2ZGc2T0I1QjQiLCJtYWMiOiI5OGExZjY4YzY5MmNhODYxMjk2NTFjYzMzNzQ4MzU3ZTNhOWQzN2JiZDk2MjM2ZDEyMGUyM2U5NDk0OTBlOWY2In0%3D
.benevity.org/	1970-01-19 11:53:46	Name: _gid Value: GA1.2.352453529.1597940520
.benevity.org/	1970-01-19 21:22:07	Name: _ga Value: GA1.2.1608860123.1597940520
levistraussco.benevity.org/	1970-01-19 11:55:40	Name: XSRF-TOKEN Value: eyJpdiI6IjlFL2VLTHVuWlVPbzYyaGNqMndUeWc9PSIsInZhbHVlIjoiMytLWGFKTVdJT1BwTGtNWHBoMXcreG9zcG1MdmdnaS81KzNGMTJYcmR0eDBoZm1raVdzd2J2V1Y0R0RXL09XcGwxUzd0MTR1WU15ZkFrNlp1bytiK0lNODBvQ3ZKMCtSanlLdW9PcUtCZUpseGF5N0ZSRDRXdTVBa2YzOGJOcHIiLCJtYWMiOiJlZjZhMDQwMWEwNmFkOGQ0NmEzMzg4YmVlMjEyYWZiMjU5YTYzYzRjNmRjZTUyMTU2NjNhMmYxYmFlZmFhZTMwIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
d1vqaxhr3kntpd.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
levistraussco.benevity.org
s2.bl-1.com
sam.benevity.org
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.226.156.42
2600:9000:2182:c200:13:1368:1500:93a1
2a00:1450:4001:802::200e
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:81f::200e
2a00:1450:4001:820::2008
2a00:1450:4001:824::2004
2a00:1450:400c:c04::9a
35.161.62.44
52.5.241.201
00011a4621b016a45e0e4eba320ff78cda5b9bcb55db5016fdff1c81f4c39289
0e8165ae8feb0bcfde61f65de78b1ba2c4dd06c220bbf069060b3411d7b2812c
167042c945719cbb099f7704d07b7bc8d860b4778c1603a7c2771b124a6aa2b9
2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd
58a4a7278d94f724a3c58b3c87ad379fe7515458199736f6565d51dbb46e244a
592d20569bdfe6043195e57fedcaa3bda0e6c46b9685e63e4300cc20b23622fa
845e24c2006b702b7b064c27d6cf28187764bf82af1cb31bbd0bb2b60c634409
86d8d9be1c2956cbc1edf6912cc6527cc772cc636c569ff673b80ae7cb626aa3
87db9da92679aa5e82203a5156beefff640b77756b676fb42cf640dcea41d247
8ef621e9028b86fbd0655076cae469ff9b891f659c4198be3393e224f7b76c21
9016e1fb63eac79a13fb390dc992054f642b86f0aa165c92705e002f18908da0
9c80dd1e67e003f6c42157e605596fcd0ad1450f2a7eeff1e3b27774860205cf
9d497247945cc74661c7570108f75b2d0b9bec9b2e1bcd39c2684374cd7cb4e4
a17c315e42aaa6e65309f3044278d9e7299e21bd0b6e5776a32ab36f0903f6d4
ac99a7d285a07b18671b6923457283ff73f4a47dbf9c58b08a40d35ff46cb6f1
c1dff39101119d834144555b4153d866d1021c780b6c4c8fa03cb6f9f70ca732
cff69d537fd248a08342c3e464b832b4397c3b358acef17190122cf049f6b97c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

levistraussco.benevity.org Open in urlscan Pro 52.5.241.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

75 %IPv6

10 Domains

12 Subdomains

10 IPs

3 Countries

615 kBTransfer

1832 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

6 Cookies

Security Headers

levistraussco.benevity.org Open in urlscan Pro
52.5.241.201 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

615 kB
Transfer

1832 kB
Size

6
Cookies

26 HTTP transactions
0 data transactions