www.benefitsspark.com Open in urlscan Pro
52.49.198.28  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.benefitsspark.com/	17 KB 6 KB	144ms 35ms	Document text/html	52.49.198.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.benefitsspark.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.49.198.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-198-28.eu-west-1.compute.amazonaws.com Software openresty / Resource Hash 3034f5a0fd07f1aeab839ac38958fc3a557a7d54fda461b5a6f4258b86fc83e2 Request headers :method GET :authority www.benefitsspark.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server openresty date Tue, 13 Apr 2021 13:01:31 GMT content-type text/html content-length 5609 content-encoding gzip via 1.1 varnish, 1.1 varnish accept-ranges bytes age 626 x-served-by cache-dca17724-DCA, cache-dub4343-DUB x-cache HIT, HIT x-cache-hits 1, 1 x-timer S1618318891.059885,VS0,VE0 vary Accept-Encoding x-cluster-name eu-west-1-prod-eks-15
GET H2	200	benefitsspark.5c9fa07ea.css assets.website-files.com/604bd494ff8c7222e2a97aca/css/	83 KB 15 KB	451ms 417ms	Stylesheet text/css	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 71959be914ceacbafd280528ac94fee19f22ba59a68c51ba6389d38c11f255b1 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT content-encoding gzip last-modified Fri, 19 Mar 2021 18:49:15 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "a219f603adf01eb11b38f7fd632d85e7" x-cache Miss from cloudfront x-amz-version-id 3IKZK3NMwv7TJKDGQxPYU69Ku8RvuxDO via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) cache-control max-age=84600, must-revalidate accept-ranges bytes content-type text/css content-length 15089 x-amz-cf-id AZ8Ekj9NU98_WozJmdYWldim4unvSY64aAezRKIWp8y6R-39msVxrQ==
GET H2	200	js Show response www.googletagmanager.com/gtag/	128 KB 49 KB	34ms 33ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-4EN8SEE87N Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 306d0a7a0122806d66af2b71c57a295dba0a1430382f23856852b209d9f8c417 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:31 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50336 x-xss-protection 0 expires Tue, 13 Apr 2021 13:01:31 GMT
GET H2	200	6051039f9bf87034d914d856_benefits-spark-logo-white-2x-p-500.png assets.website-files.com/604bd494ff8c7222e2a97aca/	11 KB 11 KB	406ms 404ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6051039f9bf87034d914d856_benefits-spark-logo-white-2x-p-500.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5fcc34877b1b26888ee2da4a0cb31770fc7b425963af7f8d267095d678fadcba Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 19:14:42 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "b897f2265052c6b8b76e47d815eae7ab" x-cache Miss from cloudfront x-amz-version-id GvLsJCPEY1zW3XLlAZe5UvS8NTZ5o3yC cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 11315 x-amz-cf-id eQ7roCU7nIJW70Vg3tVW9V8VBiJk7xtJ9zNnpRUzKSB4WSy9zWszsQ==
GET H2	200	6050cbe2370acb539725a3d3_Quotes%20(1).png assets.website-files.com/604bd494ff8c7222e2a97aca/	866 B 1 KB	419ms 416ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6050cbe2370acb539725a3d3_Quotes%20(1).png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79acfd4250d469e2b463a350268b99049a9728fefe117f645945f8b32ff4c913 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 15:16:51 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "889c00369095a4aaa00cbf32e6c61e55" x-cache Miss from cloudfront x-amz-version-id 06LdcpKMuPisgT7JPprEtzJ22uAinUat cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 866 x-amz-cf-id wzZgb_oSSodQaHES6FWFirLXCFaJW2q1jot29qCORb1wqlGGfTFqgg==
GET H2	200	6050cbefa13292811fec1a85_Emily%2520Munroe-p-500.png assets.website-files.com/604bd494ff8c7222e2a97aca/	90 KB 91 KB	498ms 496ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6050cbefa13292811fec1a85_Emily%2520Munroe-p-500.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f5a0979d0f938cb8ab124e9aeafa3d76131a692d159f7f16d7d3000e729772e3 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 15:17:05 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "6e87f00c3a09f83a84cce31bcbb105b0" x-cache Miss from cloudfront x-amz-version-id 7nCCofaZxOejvfVz60FxdYcT8OKOjxnY cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 92249 x-amz-cf-id QbBV4LjmNIPx2Gj4-fx7QDuHxoHCDqQngzj0BRBhfo9_5Y0iy9DzEg==
GET H2	200	6050cbf0a132923c30ec1a8b_Jeff%2520Dobro-p-500.png assets.website-files.com/604bd494ff8c7222e2a97aca/	87 KB 88 KB	434ms 432ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6050cbf0a132923c30ec1a8b_Jeff%2520Dobro-p-500.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bfba666f3bea8d9b5ff7097a150937c755b52bc93a64479264c10a2752c52ea0 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 15:17:05 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "4bb2aa3ad87f447c57c393e93d243005" x-cache Miss from cloudfront x-amz-version-id PNN2V02kaPGd6y_fJvy.yk5IYMwdslew cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 89192 x-amz-cf-id c1OzjrSBjAeZeL6kDCIAyLW3WPgJYHPfnaMJXqJHbEFP9C3xg3S5_w==
GET H2	200	6050cbf0a132927840ec1ab3_Josh%20Smith%20(1).png assets.website-files.com/604bd494ff8c7222e2a97aca/	136 KB 137 KB	165ms 164ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6050cbf0a132927840ec1ab3_Josh%20Smith%20(1).png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4f6f2ee6ccd7df9e1530223aa29cbc2bf920563d7f05bfd336202c3527f607f1 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 15:17:08 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "129480b0698e9ae76936c4405844e419" x-cache Miss from cloudfront x-amz-version-id Jwai_J2OXzH0p3xbr.8mmFIOR3I1ZNvd cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 139729 x-amz-cf-id j4zX7H7jgIaUouFyWk7eFq8_xw3iqSK5MBiVExYzIBwSRk-EXCQ64Q==
GET H2	200	6050cbf0a132927cc1ec1abf_Allie%2520Skoly-p-500.png assets.website-files.com/604bd494ff8c7222e2a97aca/	86 KB 87 KB	151ms 150ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6050cbf0a132927cc1ec1abf_Allie%2520Skoly-p-500.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 000cefa9c3adaeb4e9abb3bde8870623219134fef9c6a698f6a4f19b069e68d5 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 15:17:05 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "23656b0d8cca17da5d5c6e2cdee2bdf8" x-cache Miss from cloudfront x-amz-version-id QrKNULZeDZbz.gg3zIFLn6X3V67hykJK cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 88075 x-amz-cf-id qefFefkFbvUqfqSz8F5ZB1H50ls5ktH2ihac3n4DhboPrSKuGqOruA==
GET H2	200	forms2.min.js Show response app-ab20.marketo.com/js/forms2/js/	204 KB 69 KB	47ms 25ms	Script application/x-javascript	104.16.94.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app-ab20.marketo.com/js/forms2/js/forms2.min.js Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55 Security Headers Name Value Strict-Transport-Security max-age=63113904 X-Content-Type-Options nosniff Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 3873 strict-transport-security max-age=63113904 cf-request-id 096cebb09b00004e3254a0c000000001 last-modified Wed, 10 Mar 2021 20:12:10 GMT server cloudflare etag "2580374-33187-5bd344826ba80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 63f4e22dcbdf4e32-FRA expires Tue, 13 Apr 2021 17:01:31 GMT
GET H2	200	60511f177d64894f8b9fa41d_benefits-spark-logo-color-footer-2x.png assets.website-files.com/604bd494ff8c7222e2a97aca/	40 KB 40 KB	417ms 415ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/60511f177d64894f8b9fa41d_benefits-spark-logo-color-footer-2x.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 26dac0f1d3244d98b514aa86e9d3e0d00518a9f57cda28f39e5250cdfaea58c7 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 21:11:52 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "49e2447b79151951cb5ce9587f2361d5" x-cache Miss from cloudfront x-amz-version-id HDjKiK95tJ8eOKxSMY8c5VRjiRXJ4IF_ cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 40628 x-amz-cf-id RA4bG516Bmwk65sxiPfh9fk3OVicX_sfE5v8563_Kw8zATEVLqGbqQ==
GET H2	200	605249251662974381417898_benefits-spark-icon-social-linkedin-2x.png assets.website-files.com/604bd494ff8c7222e2a97aca/	2 KB 3 KB	406ms 405ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/605249251662974381417898_benefits-spark-icon-social-linkedin-2x.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c7aadc454dccafc9b70afea11286e403fd031ffa17999b78e3460b591fb05674 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Wed, 17 Mar 2021 18:23:35 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "a448ad6ccf9fc53271e9f39a0885d45a" x-cache Miss from cloudfront x-amz-version-id Q9M.mvF391XUPqrTyFuZ8wcuKSrOreht cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 2186 x-amz-cf-id T6IKz7llyFGaCVBQUtX0eFPhwbEBF_Eff7P_EbyhPEhAHrW32T6c_Q==
GET H2	200	60524926f6055f0a122b35d6_benefits-spark-icon-social-twitter-2x.png assets.website-files.com/604bd494ff8c7222e2a97aca/	3 KB 3 KB	145ms 144ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/60524926f6055f0a122b35d6_benefits-spark-icon-social-twitter-2x.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 877dbd26d048cd82e65dedbe869b877fa915c51019324f929b883cb4f9cbf926 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Wed, 17 Mar 2021 18:23:35 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "163f1dc9445124f4637319baff470302" x-cache Miss from cloudfront x-amz-version-id yROUbLN8AX6qk0PXcskJXyTlTjueKqi4 cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 2718 x-amz-cf-id 7KdEdtp5ecLlzpZqVqGK8TjWHcfk0tjkXDwrpUzdu5xHaXq-yJ-kOg==
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 31 KB	452ms 401ms	Script application/javascript	13.225.84.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=604bd494ff8c7222e2a97aca Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-117.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Origin https://www.benefitsspark.com Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:32 GMT content-encoding gzip last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=84600, must-revalidate x-cache Miss from cloudfront x-amz-cf-id XpIG4nMkBsXCbwuHq35k92pxdOmc6hREDVCluLA_WG9JkIEPfBnEUw== via 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
GET H2	200	benefitsspark.05e97a8b3.js Show response assets.website-files.com/604bd494ff8c7222e2a97aca/js/	178 KB 55 KB	413ms 413ms	Script text/javascript	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/js/benefitsspark.05e97a8b3.js Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 98b46ff476b9da3f487135afb571ad30241bbfad22522f2e74ff9c6a1490d795 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT content-encoding gzip last-modified Fri, 19 Mar 2021 18:49:15 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "4458362acc1ff3d96225c9aa0c12af09" x-cache Miss from cloudfront x-amz-version-id fjKyGBitNmVRZ82qvldbBIKgh1rY3BA4 via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) cache-control max-age=84600, must-revalidate accept-ranges bytes content-type text/javascript content-length 55425 x-amz-cf-id bx07mfOapWTca4Ycj5ARHMFye8JqG2R3AAHZEI0znzrEc2FGhnCWOA==
GET H2	200	605105d8f2005490c6d56eb7_403024148-edited-v3%20(1).jpg assets.website-files.com/604bd494ff8c7222e2a97aca/	71 KB 71 KB	169ms 168ms	Image image/jpeg	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/605105d8f2005490c6d56eb7_403024148-edited-v3%20(1).jpg Requested by Host: assets.website-files.com URL: https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bd39338c92dd785166b52daf1c41db93c891a73097210748ed4ce88141f18e5c Request headers Referer https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 19:24:10 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "fc7c07634986af7a9f151adc7ae8049a" x-cache Miss from cloudfront x-amz-version-id WAYITPHvOkypannutD.OMMNVeLnVZQzV cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/jpeg content-length 72637 x-amz-cf-id kLP7-Chr-8HcmnosPhYcJi4tXXjjlPFMoosswKZzN5wXOv-o0BOexA==
GET H2	200	6050f16a28d633bad0c29d22_NeueHaasGrotTextRound-55Roman-Web.woff2 assets.website-files.com/604bd494ff8c7222e2a97aca/	29 KB 30 KB	452ms 425ms	Font application/octet-stream	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6050f16a28d633bad0c29d22_NeueHaasGrotTextRound-55Roman-Web.woff2 Requested by Host: assets.website-files.com URL: https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e19d3c418dd8b0e50544d009dda3b2aece7adad7fb96f53c72e7db1b0118f9ae Request headers Origin https://www.benefitsspark.com Referer https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop DUS51-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 30161 last-modified Tue, 16 Mar 2021 17:56:59 GMT server AmazonS3 etag "40d008c57cc57052858d1fc1efcd0d4c" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id JiVsi2SQn0O.peR42KKPG3A9e8S8GX_A access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type application/octet-stream x-amz-cf-id qpjZaRKHUg61xorIL9XLd6Las5dhPS4K_KOEUKvKW0rnkVCp_4BB-w==
GET H2	200	6050ef42e7430ee168b73202_NeueHaasGrotDispRound-75Bold-Web.woff2 assets.website-files.com/604bd494ff8c7222e2a97aca/	29 KB 29 KB	167ms 140ms	Font application/octet-stream	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6050ef42e7430ee168b73202_NeueHaasGrotDispRound-75Bold-Web.woff2 Requested by Host: assets.website-files.com URL: https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 07a894451d64c9369b8377b0a70c4fbb632d8a066058f0cb261152eb857fcd20 Request headers Origin https://www.benefitsspark.com Referer https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop DUS51-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 29333 last-modified Tue, 16 Mar 2021 17:55:23 GMT server AmazonS3 etag "362e53df04665ca7e02bf4e66506fe89" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id f4QESL2PCnDD84M8xKG0u1D5gW9UL_Qm access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type application/octet-stream x-amz-cf-id Jyn7cQ_hip9aNaMrcy-dZqHwZmcIR_YxDSVXbH9syGGs5UIevxovng==
GET H2	200	6050f16a28d6337563c29d23_NeueHaasGrotTextRound-75Bold-Web.woff2 assets.website-files.com/604bd494ff8c7222e2a97aca/	31 KB 31 KB	452ms 425ms	Font application/octet-stream	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6050f16a28d6337563c29d23_NeueHaasGrotTextRound-75Bold-Web.woff2 Requested by Host: assets.website-files.com URL: https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0efd5c752d5e5025e35306ffc54092a6553eeb35e1ba57ff9671e5f68b43c7e8 Request headers Origin https://www.benefitsspark.com Referer https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop DUS51-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 31457 last-modified Tue, 16 Mar 2021 17:56:59 GMT server AmazonS3 etag "7bd0df6b3848dce9f8f69f688bbbdbe5" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id SOAvqv9gYV21xCtxWTQI5ZcF1Ot_ltuY access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type application/octet-stream x-amz-cf-id w4Tk3xF53RQ8AkK9WuBXzUqIrqb7hP_Rsrjq4XGEcyc9CSwR9cAa9w==
GET H2	200	6050f1091895d382f494401e_NeueHaasGrotDispRound-45Light-Web.woff2 assets.website-files.com/604bd494ff8c7222e2a97aca/	27 KB 28 KB	174ms 148ms	Font application/octet-stream	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/6050f1091895d382f494401e_NeueHaasGrotDispRound-45Light-Web.woff2 Requested by Host: assets.website-files.com URL: https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 71de2f297e97cef5c8e60a0dd57051a499527feae1525e940af40920cb84b812 Request headers Origin https://www.benefitsspark.com Referer https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:32 GMT via 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-pop DUS51-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 28145 last-modified Tue, 16 Mar 2021 17:55:23 GMT server AmazonS3 etag "b84978795b503dde35b48b731176cf52" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id bVrTojn5sQtLMMrHyxvtxvwG56YKoo12 access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type application/octet-stream x-amz-cf-id cgTzcifLvxKNufTnQ17AIpqygxhFMhEpxTdw5gfmsIYt5WngrTPJag==
GET H2	200	5af5fb5a0695834a3cb015ba_artemis-icon.png assets.website-files.com/5af5fb5a0695832732b0148f/	19 KB 19 KB	11ms 10ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/5af5fb5a0695832732b0148f/5af5fb5a0695834a3cb015ba_artemis-icon.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8e65ff1543b09a094ff9b8efdd04ac032c78efe68a62f63f3f35bf8ef3d81f6a Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 06:55:40 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Fri, 11 May 2018 20:21:52 GMT server AmazonS3 age 21952 etag "1d541e7f8e1aa64d2b70c4e7d8dadf83" x-cache Hit from cloudfront x-amz-version-id wHHhigS7k1j.NAaZjzlVXc8Dp7PwL.uR cache-control max-age=31536000, must-revalidate x-amz-cf-pop DUS51-C1 accept-ranges bytes content-type image/png content-length 18992 x-amz-cf-id oafnHQwucZQiBajtS_LCqLJpC6zZ9WUg_7l_WZmKK9r_aesv_J4QOA==
GET H2	200	5af5fb5a069583e57db01579_logo-artemis-solo-blue.png assets.website-files.com/5af5fb5a0695832732b0148f/	19 KB 19 KB	12ms 11ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/5af5fb5a0695832732b0148f/5af5fb5a069583e57db01579_logo-artemis-solo-blue.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3dfdffdd497ec5a4172eee2e2f8f5a1d7e9dfd515bcbe86e8fd7a5a723134e29 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 06:55:40 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Fri, 11 May 2018 20:21:50 GMT server AmazonS3 age 21952 etag "ef46dbc591a9415ded957de4997bcc66" x-cache Hit from cloudfront x-amz-version-id ATUIR50suQRkuUFhSGfKxtjFVr0Ju7G. cache-control max-age=31536000, must-revalidate x-amz-cf-pop DUS51-C1 accept-ranges bytes content-type image/png content-length 19057 x-amz-cf-id VpB7I6tFAlmn5Iic7UXHuUh1g1jAUA0ihD-t0fY5M8lQRo8etIYwQw==
GET H2	200	60512f36a2853824fc1c81ea_benefits-spark-icon-watermark-2x-p-500.png assets.website-files.com/604bd494ff8c7222e2a97aca/	9 KB 9 KB	430ms 429ms	Image image/png	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/60512f36a2853824fc1c81ea_benefits-spark-icon-watermark-2x-p-500.png Requested by Host: www.benefitsspark.com URL: https://www.benefitsspark.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 693dcf5dee37da9961e3bdca0b51701540c863184c7ccc41a13ff226afb147e4 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:33 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 22:20:41 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "be9ce8307b488b97d2a6e6c0d4332d51" x-cache Miss from cloudfront x-amz-version-id 2IPuns9NFWI_DtDxG6L.wW9qsoTv6TSl cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 9078 x-amz-cf-id 0XDk6PkM6ISi5TDSzV62Bys-z9QxpNvGNzlAUizVcGYR_BZh2l-EcQ==
GET H2	200	getForm Show response app-ab20.marketo.com/index.php/form/	6 KB 2 KB	409ms 402ms	Script application/javascript	104.16.94.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app-ab20.marketo.com/index.php/form/getForm?munchkinId=234-VGB-321&form=1612&url=https%3A%2F%2Fwww.benefitsspark.com%2F&callback=jQuery112407992427540830995_1618318891926&_=1618318891927 Requested by Host: app-ab20.marketo.com URL: https://app-ab20.marketo.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d4c3b36405d1359915491c02fa5cc358c8b8585596c8fdc50466908cb8bb609 Security Headers Name Value Strict-Transport-Security max-age=63113904 X-Content-Type-Options nosniff Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:32 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cached false strict-transport-security max-age=63113904 cf-ray 63f4e232bfd74e32-FRA cf-request-id 096cebb3af00004e322cbd7000000001
GET H2	200	60511f03e29b9fba6fad8ec2_benefits-spark-footer-2880x700-dark.jpg assets.website-files.com/604bd494ff8c7222e2a97aca/	79 KB 79 KB	425ms 424ms	Image image/jpeg	2600:9000:2182:7800:11:3b84:d200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.website-files.com/604bd494ff8c7222e2a97aca/60511f03e29b9fba6fad8ec2_benefits-spark-footer-2880x700-dark.jpg Requested by Host: assets.website-files.com URL: https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 97c250ae3d4bbd04bced83dbd2573ba27698abe1630c58d40a8980bcc4f15d92 Request headers Referer https://assets.website-files.com/604bd494ff8c7222e2a97aca/css/benefitsspark.5c9fa07ea.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 13 Apr 2021 13:01:33 GMT via 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront) last-modified Tue, 16 Mar 2021 21:11:32 GMT server AmazonS3 x-amz-cf-pop DUS51-C1 etag "b51debc4d889cabfdb4261202de83d2f" x-cache Miss from cloudfront x-amz-version-id 5T_HKige3Uuer6k34YEdf0phhGtpXEUe cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/jpeg content-length 80786 x-amz-cf-id fR0Dmd8OulhfXkEZwVd-TDMROtpAJkJKnPJVhNyQdVGgCzKvz5F_YA==
POST H2	204	collect www.google-analytics.com/g/	0 175 B	13ms 13ms	Other text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-4EN8SEE87N&gtm=2oe3v0&_p=703099961&sr=1600x1200&ul=en-us&cid=1000935434.1618318892&_s=1&dl=https%3A%2F%2Fwww.benefitsspark.com%2F&dt=Benefits%20Spark%20Virtual%20Conference%20by%20Artemis%20Health&sid=1618318892&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=false Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-4EN8SEE87N Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 13 Apr 2021 13:01:32 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.benefitsspark.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	forms2.css app-ab20.marketo.com/js/forms2/css/	13 KB 3 KB	23ms 23ms	Stylesheet text/css	104.16.94.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app-ab20.marketo.com/js/forms2/css/forms2.css Requested by Host: app-ab20.marketo.com URL: https://app-ab20.marketo.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a Security Headers Name Value Strict-Transport-Security max-age=63113904 X-Content-Type-Options nosniff Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:32 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 3190 vary Accept-Encoding content-length 2623 cf-request-id 096cebb54500004e32ff365000000001 last-modified Wed, 10 Mar 2021 20:12:10 GMT server cloudflare etag "258037b-3437-5bd344826ba80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63113904 content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 63f4e2353d804e32-FRA expires Tue, 13 Apr 2021 17:01:32 GMT
GET H2	200	forms2-theme-plain.css app-ab20.marketo.com/js/forms2/css/	828 B 510 B	18ms 18ms	Stylesheet text/css	104.16.94.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app-ab20.marketo.com/js/forms2/css/forms2-theme-plain.css Requested by Host: app-ab20.marketo.com URL: https://app-ab20.marketo.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa Security Headers Name Value Strict-Transport-Security max-age=63113904 X-Content-Type-Options nosniff Request headers Referer https://www.benefitsspark.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:32 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 2324 vary Accept-Encoding content-length 246 cf-request-id 096cebb54500004e324d1a9000000001 last-modified Wed, 10 Mar 2021 20:12:10 GMT server cloudflare etag "de04ea-33c-5bd344826ba80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=63113904 content-type text/css cache-control public, max-age=14400 accept-ranges bytes cf-ray 63f4e2353d824e32-FRA expires Tue, 13 Apr 2021 17:01:32 GMT
GET H2	200	XDFrame Show response app-ab20.marketo.com/index.php/form/ Frame 7B33	2 KB 883 B	134ms 134ms	Document text/html	104.16.94.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app-ab20.marketo.com/index.php/form/XDFrame Requested by Host: app-ab20.marketo.com URL: https://app-ab20.marketo.com/js/forms2/js/forms2.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fcf65bf8f14b6ac631570b233c75ea83f12e581737a6c6aff54b0e962eba01a Security Headers Name Value Strict-Transport-Security max-age=63113904 X-Content-Type-Options nosniff Request headers :method GET :authority app-ab20.marketo.com :scheme https :path /index.php/form/XDFrame pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.benefitsspark.com/ accept-encoding gzip, deflate, br accept-language en-US cookie __cf_bm=84a2b54edc94deab1b1495919f43f473a454d5af-1618318891-1800-AWUd0J8XzfaYIcZGxycxgfzKi/g4fDmCDuTjzK1nTohlyvNDrauW1hLDObUpn0hYwU+RWzcOnPWwGDjz7rfmc5U= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.benefitsspark.com/ Response headers date Tue, 13 Apr 2021 13:01:32 GMT content-type text/html; charset=utf-8 content-length 651 set-cookie __cfduid=d8662db7fb6403c30f8d5db3528b2728b1618318892; expires=Thu, 13-May-21 13:01:32 GMT; path=/; domain=.app-ab20.marketo.com; HttpOnly; SameSite=Lax BIGipServerab20web-nginx-app_https=!xo3sF0t/6rne7Q/aIvODocHezid2Pa6q62bVcJWpBn/fMUqFh8Pp8QKd+liIUGdcalm2JQw2A7t6wSI=;Path=/;Version=1;Secure;Httponly cache-control max-age=3600 strict-transport-security max-age=63113904 x-content-type-options nosniff vary Accept-Encoding content-encoding gzip cf-cache-status DYNAMIC cf-request-id 096cebb57700004e32499d1000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 63f4e2358e174e32-FRA
GET H2	200	forms2.min.js Show response app-ab20.marketo.com/js/forms2/js/ Frame 7B33	204 KB 68 KB	20ms 20ms	Script application/x-javascript	104.16.94.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app-ab20.marketo.com/js/forms2/js/forms2.min.js Requested by Host: app-ab20.marketo.com URL: https://app-ab20.marketo.com/index.php/form/XDFrame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55 Security Headers Name Value Strict-Transport-Security max-age=63113904 X-Content-Type-Options nosniff Request headers Referer https://app-ab20.marketo.com/index.php/form/XDFrame User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:01:32 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 3874 strict-transport-security max-age=63113904 cf-request-id 096cebb60600004e32fb282000000001 last-modified Wed, 10 Mar 2021 20:12:10 GMT server cloudflare etag "2580374-33187-5bd344826ba80" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 63f4e236683f4e32-FRA expires Tue, 13 Apr 2021 17:01:32 GMT

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| MktoForms2 object| google_tag_data object| gaGlobal function| $ function| jQuery function| tram object| Webflow function| onYouTubeIframeAPIReady object| jQuery112407992427540830995

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.app-ab20.marketo.com/	1970-01-19 17:32:00	Name: __cf_bm Value: 84a2b54edc94deab1b1495919f43f473a454d5af-1618318891-1800-AWUd0J8XzfaYIcZGxycxgfzKi/g4fDmCDuTjzK1nTohlyvNDrauW1hLDObUpn0hYwU+RWzcOnPWwGDjz7rfmc5U=
			.benefitsspark.com/	1970-01-20 11:03:10	Name: _ga Value: GA1.1.1000935434.1618318892
			.benefitsspark.com/	1970-01-20 11:03:10	Name: _ga_4EN8SEE87N Value: GS1.1.1618318892.1.0.1618318892.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-ab20.marketo.com
assets.website-files.com
d3e54v103j8qbb.cloudfront.net
www.benefitsspark.com
www.google-analytics.com
www.googletagmanager.com
104.16.94.80
13.225.84.117
2600:9000:2182:7800:11:3b84:d200:93a1
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
52.49.198.28
000cefa9c3adaeb4e9abb3bde8870623219134fef9c6a698f6a4f19b069e68d5
014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55
07a894451d64c9369b8377b0a70c4fbb632d8a066058f0cb261152eb857fcd20
0efd5c752d5e5025e35306ffc54092a6553eeb35e1ba57ff9671e5f68b43c7e8
1fcf65bf8f14b6ac631570b233c75ea83f12e581737a6c6aff54b0e962eba01a
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
26dac0f1d3244d98b514aa86e9d3e0d00518a9f57cda28f39e5250cdfaea58c7
3034f5a0fd07f1aeab839ac38958fc3a557a7d54fda461b5a6f4258b86fc83e2
306d0a7a0122806d66af2b71c57a295dba0a1430382f23856852b209d9f8c417
3dfdffdd497ec5a4172eee2e2f8f5a1d7e9dfd515bcbe86e8fd7a5a723134e29
4f6f2ee6ccd7df9e1530223aa29cbc2bf920563d7f05bfd336202c3527f607f1
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5d4c3b36405d1359915491c02fa5cc358c8b8585596c8fdc50466908cb8bb609
5fcc34877b1b26888ee2da4a0cb31770fc7b425963af7f8d267095d678fadcba
693dcf5dee37da9961e3bdca0b51701540c863184c7ccc41a13ff226afb147e4
71959be914ceacbafd280528ac94fee19f22ba59a68c51ba6389d38c11f255b1
71de2f297e97cef5c8e60a0dd57051a499527feae1525e940af40920cb84b812
79acfd4250d469e2b463a350268b99049a9728fefe117f645945f8b32ff4c913
877dbd26d048cd82e65dedbe869b877fa915c51019324f929b883cb4f9cbf926
8e65ff1543b09a094ff9b8efdd04ac032c78efe68a62f63f3f35bf8ef3d81f6a
97c250ae3d4bbd04bced83dbd2573ba27698abe1630c58d40a8980bcc4f15d92
98b46ff476b9da3f487135afb571ad30241bbfad22522f2e74ff9c6a1490d795
bd39338c92dd785166b52daf1c41db93c891a73097210748ed4ce88141f18e5c
bfba666f3bea8d9b5ff7097a150937c755b52bc93a64479264c10a2752c52ea0
c7aadc454dccafc9b70afea11286e403fd031ffa17999b78e3460b591fb05674
e19d3c418dd8b0e50544d009dda3b2aece7adad7fb96f53c72e7db1b0118f9ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5a0979d0f938cb8ab124e9aeafa3d76131a692d159f7f16d7d3000e729772e3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d